6 Mobile Hacking Tools that Security Professionals Should Know Of

Smartphones have permeated into every modern person’s life, and many of the daily tasks we used to perform on a computer are now getting done on our iPhones and Androids (and 2.8% of us apparently still use the Windows phones). Checking emails, accessing social media sites, chatting with friends, shopping, banking, and much more, all part of our lives via our smartphone.

It should come as no surprise that hackers are migrating to smartphones as well. Not just can they easily hack your smartphone, they can easily hack your smartphone from their smartphone. Gone are the days you could safely connect to a hotspot in Starbucks and enjoy your coffee and time online with a peace of mind. The danger might now lurk in anyone’s pocket. Take, for example, the recent news of users being able to crash friends’ WhatsApp app just by sending a text message.

Here are a few apps that any security-conscious person should be aware of:

dSploit – A professional network analysis and penetration tool. Features include: WiFi cracking, port scanner, trace, vulnerability finder, packet forger, password sniffer, session hijacker, script injection, and more.

DroidSheep – A tool for security analysis in wireless networks. Features include: capturing cookies, stealing logins to social networks, and more.

zANTI – A mobile penetration testing toolkit. Aimed at penetration testers and security professionals, but it can be abused by hackers, as well. Features include: vulnerability finder, download interception, MITM, packet editor, redirection HTTP, and more.

FaceNiff – An app used for hijacking sessions. Can sniff and intercept access to social media sites, including Facebook, Twitter, Youtube, Amazon, and others.

AnDOSid – An app designed for “security professionals only.” This app allows the user to carry out DDoS attacks directly from their smartphone.

Low Orbit Ion Cannon – Similar to AnDOSid, LOIC is a network stress testing and denial-of-service attack open-source app.

These are only the tip of an iceberg, there is a sea of similar apps out there, with majority not being hard to find. How can you protect yourself?

  • Avoid using WiFi hotspots, especially in public places.
  • Install the DroidSheep Guard. It helps protect your phone against attacks such as DroidSheep, FaceNiff, and other session hijackers.
  • Visit only HTTPS websites
  • Log off websites when finished