Introducing Apple Invites, a new app that brings people together for life’s special moments



hacking apps :: Article Creator

8 Best Hacking Apps For Android

4G network icon

Robert Triggs / Android Authority

Android Authority doesn't condone the use of hacking apps for unethical purposes.

Hacking has a lot of positive use cases. You can use it to test the security of your network or see if someone is stealing your Wi-Fi. Hollywood romanticizes hacking when it's a reasonably mundane activity. In most cases, you're staring at a screen while a script or software does the heavy lifting. Additionally, the vast majority deal with network security more than anything else.

You can't crack someone's Facebook password with an Android app. There are some excellent options for those who want a first-hand experience with the topic. Here are the best hacking apps for Android. Many hacking apps break Google Play Store policies, so most are only available as APK downloads. Learn how to install APKs here.

It's also worth noting that many of these apps are designed for older versions of Android. We wouldn't recommend installing these on your daily driver anyway, but they're better suited for older project Android phones.

The best hacking apps for Android

cSploit is one of the more powerful hacking apps for Android. It's a network tool that can do a bunch of stuff. It includes the Metasploit framework out of the box and can do things like man-in-the-middle attacks, forge TCP and UDP packets, etc. It's primarily useful for checking out security vulnerabilities on networks. The app is quite powerful but also comes with some drawbacks. You need a rooted device to use this app.

Importantly, it hasn't been updated since January 2016 — a decade ago — so be sure you know what you're signing up for when grabbing this app. The developers no longer maintain the app, and it won't work on newer Android versions.

DroidSheep is a network sniffer for Wi-Fi networks. You open the app, and it starts sniffing network activity. You can intercept Internet activity, including social media, web browsing, etc. The user interface is a bit basic and difficult to read if you're not used to this sort of thing. However, it worked in our testing and showed me all the active sessions on my Wi-Fi network.

Hackode is another networking toolkit with a bunch of neat and scary tools. You can get a lot of basic info like Whois info, port scanning, traceroute, DNS and IP searches, and more. It specializes in penetration testing and other such things. Like most, the user interface is super basic and occasionally difficult to read. However, you get a lot of info from the app, including WiFi passwords and such.

Kali NetHunter

Price: Free

Kali NetHunter is a neat app but only available on a few devices. It was initially for the Nexus 5 and 7 devices, but you can use it on more modern machines. The app includes many functions, including wireless injection and AP mode, and it can use HID keyboard attacks. The app runs as an overlay on your device and picks up Internet traffic. It may not work for your device, but Nexus 5 devices are cheap on eBay if you want to try it.

Network Mapper

Price: Free

Network Mapper is a rare hacking app on the Google Play Store. This app serves as a frontend for the Nmap scanner. You install the app, and you get the Nmap scanner process. It lets you check out open ports, protocols, hosts, services, and other details about any network you connect. The app scans for you, so it's a hands-off experience. Hit the button to check out the official wiki where there is also a download link.

NetX Network Tools Pro

Price: $2.99

NetX is a network analysis tool that can pull down a bunch of information. Some of the info it can get includes IP address, MAC address, Bonjour Name, NetBIOS name, Domain, mobile network provider, signal strength, subnet mask, gateway, DNS, etc. You get the idea. This one even saves devices previously detected on the network in case they come back again. It won't let you hack anything, but it can give you the information needed to do penetration testing or other network testing. It's also reasonably inexpensive.

WiFiKiLL Pro lets you control the network your device is on. It does this by shutting down access to the network by blocking packets headed for that device over the web. The app lets you see everybody connected to the network, the data transfer rates for each device, and the names of each device. That's it. The app only does those two things. The app's blocking capabilities don't always work, but at worst, it can double as a monitor to see if anyone's stealing your Wi-Fi. There are several other apps like this on the Play Store. If you're wary about that, search for Wi-Fi kill apps there to see its competitors.

zAnti is an older penetration tool. It scans networks and gives security managers a snapshot of potential network vulnerabilities. Of course, that means it can provide it to anyone who needs it and has the app. It scans a network and then pulls down some information about the web, including potential exploits. The app can also check for vulnerabilities like brute force attacks, man-in-the-middle attacks, and DNS attacks. It's from the good ol' days of 2015, so it may not work on newer devices.


How All Your IPhone Apps Could Be Hacked At Once

Almost every app on the iPhone relies heavily on Apple's built-in security.

Almost every app on the iPhone relies heavily on Apple's built-in security.

LAS VEGAS (CNNMoney) -- The iPhone's baked-in security has improved dramatically over the past few years, which is great for Apple fans.

In a weird way, it's good for hackers too.

With the "bring your own device" phenomenon in full-swing, Apple (AAPL, Fortune 500) has been successful at getting its iPhones and iPads into the hands of Fortune 500 companies and even many government agencies, including the White House and the U.S. Military. To make those sales, Apple had to update its iOS mobile operating system with some of the industry's most robust security features.

That had a nasty unintended consequence: Many app developers no longer put their own safeguards in place, relying instead almost exclusively on Apple to ensure the security of their applications.

With thousands of apps in the iTunes App store all featuring the same exact security features, one single vulnerability could have a domino effect.

0:00 /2:22How hackers can take over your iPhone

"Security is now an afterthought for many app developers," said Jonathan Zdziarski, senior forensic scientist at viaForensics, in a presentation at the Black Hat cybersecurity conference in Las Vegas on Thursday. "That means if you hack one, you can hack them all."

Apple declined to comment.

The tech giant made its first official appearance at Black Hat this year with a session on iOS's security features, but the dry presentation was little more than a public reading of a white paper Apple recently released. Presenter Dallas De Atley, Apple's platform security team manager, took no questions after his talk and quickly escaped out a side door.

A few rooms away, Zdziarski simultaneously delivered his workshop on "The Dark Art of iOS Application Hacking."

The scenarios Zdziarski outlined are scary, but they're also far-fetched.

To hack all the apps on your phone, a hacker would need to: 1) steal your iPhone, which isn't so hard, and 2) discover and exploit an iOS vulnerability before Apple does. That's proven to be very hard. It has happened before -- most notably when serial Apple hacker Charlie Miller found a way to sneak a rogue app into Apple's fiercely guarded iTunes store. (When he publicized the hack, Apple yanked his developer license.)

Still, so-called "zero day exploits" on iOS have been extremely rare.

Related story: Your eyeballs are hackers' next target

"This isn't Chicken Little and the sky is falling," Zdziarski told CNNMoney. "But the message is if you don't add your own security to your app, you're highly susceptible."

To illustrate, Zdziarski live-demonstrated some of the vulnerabilities of a few popular iOS apps that don't add much more security above Apple's baked-in protections.

A bug in PayPal's app, for instance, allows a hacker to place malicious code in a stolen iPhone and get all the log-in information that a user enters. It's unlikely. The hacker would need about 20 minutes with the iPhone to do it before handing the phone back to the owner. But the point is it's possible -- and it shouldn't be.

PayPal, a subsidiary of eBay (EBAY, Fortune 500), said it is investigating the issue.

"The security of our users is a top priority for PayPal," the company said in a statement. "One of the benefits of using PayPal on a mobile device is that a user's financial information is stored in the cloud and not on his or her device. Therefore, even if a device is compromised a user's financial information is inaccessible."

One vulnerable spot is Apple's lack of password confirmations any time a user returns to an app they've previously logged into. In one demo, Zdziarski tweaked an app's code and entered, "userIsLogged: 1." That "1" means "true" in this case, and the app was tricked into thinking the user had been properly identified.

Zdziarski's end goal wasn't to call out Apple, PayPal or any company in particular, he said. Rather, it was simply to warn developers not to be lazy when dealing with security in their iPhone apps.

"Apple has good security," Zdziarski said. "Just don't rely entirely upon it."

-- CNNMoney tech editor Stacy Cowley contributed reporting to this article. 


Color App Hack Lets You Spy On Anyone's Photos Anywhere

The photo and video stream of Color CEO Bill Nguyen, which security researcher Chris Wysopal... [+] accessed in seconds by spoofing his iPad's location.

For anyone sketched out by the privacy implications of Color, the highly hyped, highly funded, and highly public iOS and Android social media app that launched last week, now would be a good time to ratchet your creep-o-meter up another notch or two.

Within hours of Color's release last Thursday, security researcher and Veracode chief technology officer Chris Wysopal wrote on Twitter that with "trivial geolocation spoofing" the authentication model of Color is "broken."

Over the weekend, he put that idea to the test. Using a jailbroken iPad and an app called FakeLocation, Wysopal was able to set his device's location to anywhere in the world. Launching Color a moment later, he found, as predicted, that he could see all the photos of any person at that location. "This only took about five minutes to download the FakeLocation app and try a few locations where I figured there would be early adopters who like trying out the latest apps," Wysopal wrote to me in an email. "No hacking involved."

Wysopal is based in New York, but he sent me photos that he grabbed by hopping between Harvard, MIT, NYU, and then to Color's headquarters in Palo Alto, California, where he accessed the photo and video stream of Color's chief executive Bill Nguyen. Wysopal's screenshot of Nguyen's photo stream is pictured above.

Wysopal points out how useful that combination might be for paparazzi hoping to jump into exclusive locations anywhere in the world. "Which celeb nightclub do you want to spy on," writes Wysopal, "The Box, Bungalow 8, Soho Grand?"

FakeLocation allows you to jump to MIT's campus in a second.

When I reached Color spokesman John Kuch, he answered with Color's usual line on privacy: That it has never claimed to offer any. "It is all public, and we've been very clear about that from the very beginning. Within the app, there's already functionality to look through the entire social graph. Very few people will probably do what you're saying, but all the pictures, all the comments, all the videos are out there for the public to see."

(A relevant aside: As my privacy-focused colleague Kashmir Hill points out, that's me and her in the image used on Color's homepage and in the app store. No one ever asked our permission to use the photo. Not much of a privacy violation there, given that we were doing an early test of the app with Color's execs, but a funny example of how Color thinks--or doesn't--about privacy.)

Color does, of course make everything public. But to access someone's photos, a user generally has to be in the same geographic vicinity as another user, or cross paths with someone else who is connected to that user. With Wysopal's trick, we can all start looking at Bill Nguyen's photos immediately.

Color's founders have talked about adding a functionality called something like "peeking," which would allow users to jump into a location or a user's photostreams. But that peek would likely be limited in time and require the approval of whoever's stream the user jumped into, Color's staff has said.

Wysopal's trick, on the other hand, functions as an unrestricted peek anywhere without that permission. He suggests that one fix for the problem would be to track how quickly users travel between locations. Jumping between Boston, New York, and Palo Alto in a few seconds isn't physically possible, so perhaps Color could track that sort of quick hopping to "detect obvious geo-spoofers," Wysopal writes.

But given Color's attitude about privacy, it's not clear they'll want to add that safeguard. Don't be surprised if this "everything-is-public" startup sees universal photo and video peeking as a feature, not a bug.





Comments

Post a Comment

Popular posts from this blog

ZLUDA v2 Released For Drop-In CUDA On Intel Graphics - Phoronix

Image
One of many interesting and original open-source projects to be started in 2020 was ZLUDA, an open-spurce drop-in CUDA implementation for Intel graphics. ZLUDA - developed independent of Intel and NVIDIA - is built atop Intel's oneAPI Level Zero interface (hence the name, ZLUDA) and allows for unmodified CUDA applications to run on Intel UHD/Xe Graphics hardware with near-native performance. Well, that's the goal at least but with the initial ZLUDA release were a number of support limitations. Out today is ZLUDA Version 2 that has been focused on ensuring it works well with the Geekbench CUDA test cases as an interesting stressor for CUDA on Intel graphics. Additionally, the Microsoft Windows support for ZLUDA has been improved while continuing to provide first-rate Linux support. ZLUDA Version 2 implements more host-side functions, a number of bugs have been fixed, I/O performance improvements, support for creating traces of CUDA kernel executions, and other enhancements for...
Read more

7 Ways to Remove an External USB Drive in Windows 11 - MUO - MakeUseOf

Image
Many users utilize USB flash drives (sticks) to store files and transfer them between PCs. Of course, you can always remove such drives from USB ports without ejecting them first. However, you might corrupt data on your USB stick if you don't safely remove it. To forestall potential file corruption, you should eject USB sticks and external hard drives. There are numerous ways you can select to eject a USB flash drive before removing it. Here are several alternative methods for safely removing USB drives on Windows 11 PCs. 1. How to Eject an External USB Drive via the System Tray Windows 11's system tray displays a Safely Remove Hardware and Eject Media icon whenever you've inserted a USB stick or other external hard drive. Right-click that icon to open a context menu for it, which includes an Eject option. Select the Eject option there, and proceed to remove the drive when the Safely Remove Hardware icon has disappeared. ...
Read more

Google chrome crashed and now laptop is running very slowly. Malware? - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Image
Hello, My Huawei laptop is not very old and has been working perfectly until yesterday. Google Chrome crashed and now it takes longer to start up, and neither chrome or Microsoft edge work properly (very slow and keep buffering). My avast anti virus has not found anything when I scanned, but I can't think what else the problem can be. I tried some of the steps in the post about a slow computer not being a malware problem but nothing changed, and since I don't have very much installed on my laptop I don't think it can be a problem with memory. Any help in fixing this would be very much appreciated. I have attached my log here; Rachel Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-04-2022 Ran by Rachel (administrator) on LAPTOP-AJP0U36V (HUAWEI BOHB-WAX9) (17-04-2022 16:11:18) Running from C:\Users\Rachel\Downloads Loaded Profiles: Rachel Platform: Microsoft Windows 10 Home Single Language Version 21H2 19044.1645 (X64) Language: ...
Read more