Dealing with Mobile Device Security in 2019
One of the biggest issues that have arisen with the adoption of mobile devices has been the security and piracy of data. This blog explores 20+ tips for Mobile Device Security.
In today’s connected world, the average person possesses at least four mobile devices. In fact, some individuals use their smartphone to replace traditional platforms. This is possible because mobile devices in the past few years have increased in power, capability, and flexibility.
There is an increasingly diverse range of devices deserving of the “mobile” moniker besides smartphones, though. They include fitness trackers, smart-watches, and even virtual-reality devices.
People rely on these devices to give them information about the world around them, and the devices allow for the recording and tracking of vast sums of data that were just not possible to gather and record in the past.
Because this data is being collected for mobile devices, stored on mobile devices, and even being uploaded to a cloud system, attackers have increasingly turned their attention to mobile devices and their information.
As a pentester, you need to know how mobile devices function and the issues they introduce to the workplace or any other environment they exist within. The reality is that mobile devices will continue to appear in ever-increasing numbers and will need to be considered by any competent pentester.
In this blog, you’ll learn to:
Recognize what constitutes a mobile device
Understand the features to expect from a mobile device
Recognize the security issues specific to the mobile platforms
Recognizing Current-Generation Mobile Devices
Mobile devices have evolved dramatically over the past decade. Gone are the days of bulky and underpowered as well as underdelivering devices. The forerunner of the current mobile device, the T-Mobile Sidekick, debuted in 2002 in the United States.
This device, while underpowered and with limited features compared to today’s smartphones, represented the beginning of the contemporary style of mobile devices that have had such a huge impact on the world today.
The mobile devices that appeared over the next several years up to the current day started with the introduction of smartphones from manufacturers such as Samsung, Nokia, and Ericsson as well as many others.
Though the available devices increased in power and capability over the years, it took Apple in 2007 to debut its popular iPhone to bring the mobile market to the masses.
It also accelerated the development of more advanced smartphones in different forms from the many vendors that exist today. From 2007 through 2016, Apple has sold millions of iPhones worldwide to an eager public looking to adopt the latest technology.
Since then, many other vendors have released their own spin on the smartphone paradigm, which has resulted in not only different types of hardware but different operating systems in the form of Android, BlackBerry, and even Windows Mobile.
In addition to smartphones, a popular tablet market exists. Before 2000 tablets were bulky and underpowered compared to what we would consider a useful tablet today. It wasn’t until the year 2010 with the introduction of the iPad from Apple that the public started to embrace the technology as a whole.
The iPad showed that a tablet could be very small and lightweight, have a decent battery life, and have a broad range of features that didn’t exist in previous models and forms.
As smartphones and tablets evolved, so did the operating systems that powered and ran these devices along the way. In particular, Google’s Android operating system has evolved dramatically and continues to do so.
The open source nature of the Android operating system allows developers to fine-tune and tweak as well as enhance the operating system to run on other devices, including wearable devices, heads-up displays, and even cable boxes, just to name a few.
Mobile OS Versions and Models
One of the biggest issues that have arisen with the adoption of mobile devices has been the security of data, especially when used in the workplace. The vendors that manufacture the devices, as well as their operating systems, have found many ways to deal with security issues while still retaining usable and functional devices.
The ability to use techniques like encryption, permissions and different forms of authentication have all been integrated and adopted by device manufacturers, with differing degrees of success along the way.
Vendors have had to sort out is what is the proper balance between security and the usability of a device. An environment can be made more secure, but that security tends to result in a device that is a little less easy to use.
On the flipside, a device that is easier to use tends to do so by sacrificing some level of security along the way.
For example, a device that wishes to use encryption to protect its data will typically require the user to implement passwords and other features on the device that will require users to enter a set of credentials before they can use the device.
Since most users find this to be an annoyance, they may choose to forgo passwords as well as encryption in order to be able to pick up their device and use it immediately. Of course, choosing this option will result in the device being less secure than it would be otherwise.
Making the situation more complex is the race between vendors to add more features and more capabilities to give themselves an edge over their competitors. As a list of features has grown over the years in these mobile devices, the tendency to add more convenience features over security or at least make security emphasis has appeared.
In the current mobile device market, four mobile operating systems are available for the consumer to choose from when selecting a device. These four major operating systems are Google’s Android, Apple’s iOS, BlackBerry, and Windows Mobile for Microsoft.
Of these four operating systems, the two that are the most widely used and encountered are Google’s Android and Apple’s iOS. Apple’s iOS is found on Apple devices exclusively and is thus customized and tweaked for that manufacturer’s own environment.
In the case of Android, we have a system that is ready to customize and tweak to essentially any type of environment given the knowledge and time to do so. Of these two, Google’s Android is the leading mobile OS in the marketplace.
Threats to Mobile Devices
When looking at these two mobile operating systems, you will notice some similarities between the two, at least in concept if not implementation and the types of threats that a mobile device will encounter are going to be the same even if the device that encounters them is different.
With this in mind, it’s important to take a look at some of these issues so that you can understand the goals the developers had in mind when doing their job.
Some of the most basic security concerns on mobile devices involve the following:
Malware This is an area that is not unknown to anyone who uses a computing device nowadays because it is so common to encounter malware and its mischief. Malware is known to cause monetary damages in the form of lost
BlackBerry and Windows Mobile will not be discussed in this blog because they are less popular. The likelihood of encountering these devices is quite low given the overall number of devices in the marketplace.
productivity, stolen information, and other cybercrimes of varying forms along the way. Borrowing from the lessons that have been learned from the traditional desktop market, developers of mobile systems sought to secure their systems and harden them against the threat of malware.
Resource and Service Availability Abuse The intentional use or misuse of resources on any given device or environment has been a long-standing issue in the traditional technology market and is one that has continued on to the mobile device market as well.
A misbehaving application or poorly designed piece of software can easily render the hardware or software ineffective or unstable and thus not desirable to the consumer.
In addition, using the misbehaving software on a mobile device can mean what few resources are available can be quickly exhausted, which in some cases means that battery power itself could be consumed rapidly and thus render the whole device an expensive paperweight until the battery can be recharged.
Malicious and Unintentional Data Loss If there’s anything that malware has taught us, it’s that malicious data loss is definitely a problem in the form of identity theft or other appropriation of information.
Additionally, the loss of information via carelessness or misuse of a device by the consumer is a very real issue and thus developers took steps to ensure that data was safeguarded against both malicious and accidental loss.
Of course, there are many more types of threats and issues that a mobile device can and will encounter, but to keep things simple we will focus on these key areas.
However, it is safe to say that many of the issues that you may have encountered in your own experience, or even the ones encountered and discussed in this blog, are ones that can easily be moved over to a mobile environment and cause problems for the consumer of these devices.
Goals of Mobile Security
When vendors design a device, they have many goals in mind in terms of features and capabilities as well as other areas. All these goals are taken into account in order to make their device better as well as differentiate it from those of their competitors.
While we won’t worry too much about usability features, we will focus on the security features and what may motivate developers to include such security features on their devices where applicable.
Keep in mind at the highest level of this discussion that the overall goal is to protect the security of a consumer’s data and minimize the risk of threats and vulnerabilities on any given device. The vendors’ approaches to this have varied dramatically in many cases, but the overall goals have remained the same.
So, what are the security goals of most mobile device vendors? There are five areas where effective security measures need to be developed for any given mobile device. Not all mobile devices address all five of these concerns, but the more of these points that are addressed, the more secure the device.
Let’s dive right in and talk about these five points a little bit and then apply them later when we review the different system architectures in both Android and iOS.
The first area that a device manufacturer will attempt to address in order to make a more secure mobile device is that of access control.
Access control on a mobile device in concept is similar to the way it would be on a regular operating system or a server operating system, meaning that access is granted or denied based on a series of permissions and rules that describe what level of access is in place for any specific group or individual.
When properly implemented, access control can strictly regulate interaction that could be had with any system resource, application, an item of data, hardware, and other components of a system.
In practice, access control should strive to be in a default state where no individual or group can perform any action unless they are explicitly or implicitly granted the ability to do so, resulting in a stronger system overall.
The next area that vendors try to address, and have been addressing over the past 15 years in various operating systems in many different forms, is that of digital signing. Digital signing is a process where an item such as software can be validated as having come from a certain source and therefore is authentic.
This is an absolutely invaluable feature to have on modern operating systems and platforms because it can ensure that software or other items that come from a third party are indeed authentic and have not been altered, hopefully meaning that the chance of compromising the security or stability the system is minimized.
In practice, digital signing has done precisely this for software; many applications are signed by the developer of the application, which provides a means of asserting the origin and authenticity of software.
It is also used to sign device drivers in modern operating systems to ensure that a device driver comes from a valid source and is not something a third party may have created and is trying to get installed on your system so they can potentially cause harm.
A critical component of mobile devices has been that of device encryption. Encryption is a mechanism that you can use to protect data from being disclosed to those who do not have the authorization to view it. Encryption also ensures that data has not been altered by a party not authorized to do so.
While encryption is not designed to prevent a device from getting stolen or being searched by a third party, it provides a safeguard against anyone who is not the owner of the device from viewing data and potentially getting access to secrets that they shouldn’t have access to in the first place.
It’s also worth mentioning that encryption in mobile devices can be a legal issue; some industries have legal regulations placed upon them, and the same regulations could require certain types and levels of encryption are put in place as part of normal security measures.
Isolation has also proven to be an important and significant part of device security over the last handful of years because it can dramatically improve the stability of a device and the security of various processes on a system.
Isolation works by limiting access to any one application or process to any other application or resource to preserve the stability and other elements on a system. In some ways, isolation is a form of access control, but this type of access control doesn’t apply to human beings as much as it applies to applications that are running on any given system.
Finally, one really important area of device security is the use of permissions to provide granular access to system resources. By using a permission-based model, you can implement a system where only the actions needed by a user to perform a specific task are granted.
Nothing else is granted to avoid providing too much access to users and potentially risking the stability and security of the device itself.
Again, why these may not be all the areas that device manufacturers might strive to protect when developing their device and their operating system model, they do represent some of the key areas that almost all vendors have to take into consideration.
Working with Android OS
The first mobile OS we will address is Google’s Android operating system. This operating system is coming up on its 15th birthday in 2018; it was originally developed and released in 2003 by a company called Android Inc.
Android Inc. didn’t stay independent for too long, and it was later purchased by Google with the idea that the brainpower that developed Android come to work for Google and help improve the OS for the new range of Nexus and Android-powered devices that Google was endorsing and supporting to be released on the market.
When the operating system was first envisioned, the idea was to have an operating system that was open source, secure, stable, flexible, and easy for third parties to develop applications for.
When first released all the way up to the current day, the Android OS has met these goals to varying degrees and has become the leading OS on mobile devices of all types.
Consumers flock to the Android OS because it is feature-rich, powerful, and free.
Another attractive feature of this OS is that it is based quite heavily on the Linux operating system (with Security-Enhanced Linux Kernel [SELinux]), so for those who are familiar with Linux on other platforms, these skills and knowledge can be moved quite easily over to this new mobile environment.
Over the last decade, Android has evolved substantially to include support for an even greater number of devices and just about every major service of any consequence online, such as file sharing services, cloud services, social networking, and even third-party authentication services. Android 7 is scheduled to be released in 2017.
So, how does Android deal with the five essential points that a secure mobile operating system should be able to deliver? Android scores quite high compared to iOS; it is able to offer support in the form of numerous features for all five of the key areas whereas the iOS systems do not.
Now does this really mean the Android system is more secure than iOS? All it means is that Android OS does support the five areas discussed here in this blog, and thus in this context, this means we have a potentially more secure operating system over its competitor.
Boosting the security of the Android OS just a little bit further is the fact that developers and consumers both have their own ways of interacting with the system, with one being more secure than the other. Android was developed with the consumer market in mind, and thus the interface presented is simple for a first-time user.
However, developers can enable special modes on the system and secret menus on the system that will allow them to perform actions that the regular users of the system will not see. Because the developer tools are hidden from a regular user, users avoid causing harm to the system itself.
Rooting on Android
What about when a regular user decides that they want to do more with the system than the restrictions in place on the device will allow? Well, this involves a process known as rooting, which is designed to increase the level of access to any user to an extreme degree.
After rooting is completed, the user of a system has nearly unlimited access to anything in the system they want to interact with, with essentially no restrictions.
Why this may sound like a good idea, it is definitely not a good idea for most because the average user can very quickly get themselves in trouble by attempting something on a system that would normally trigger an alert or just block their actions.
When rooting is in place, the user will no longer get the volume of warnings or blockages that they did before. They could harm the system itself without any warning.
What exactly is rooting in the context of an Android device? Well, the simplest explanation is that rooting involves running a processor script on an Android device, and if the execution of this application works as planned, the device should be unlocked and rooted, meaning that the user or whoever has the device is able to do whatever they want whenever they want.
It is because of the power unleashed by rooting a device that the process should only be undertaken by those who are experienced and knowledgeable enough to avoid negatively impacting the security of a device.
Fortunately, the process of rooting is not the easiest process to undertake. It requires some research and some effort to perform in the first place. The amount of effort and knowledge required to root the device will vary depending on the device in question, however.
It is also important to note that improperly or incorrectly rooting a device can not only have a negative impact on security but also result in a device that is completely inoperable or “bricked” in some cases.
[Note: You can free download the complete Office 365 and Office 2019 com setup Guide.]
Playing in a Sandbox
The design of Android is not that much different from that of other operating systems. While it is true that Android is made up of a collection of processes and components just like other operating systems, there are differences in how they are implemented within the device and the operating system itself.
Android uses a design called a sandbox that emphasizes the isolation of components and processes. Each component that runs within the Android environment is designed to be as self-contained as possible and only communicate with each other in very specific means using specific processes to control and limit how the interactions can occur.
The result of this design is that processes and components are strictly controlled and isolated except in cases where they specifically have a reason to communicate; even then the communication is controlled in order to prevent potential security and stability issues.
While we won’t get into the hard-core technical details of how this is done—that is something for the developer to research—it is worthwhile to mention that isolation and to a certain degree, access control is built right in this system at the process level.
In terms of access control and limiting access to not just data but components on the system itself, let’s take a moment to discuss the kernel of the Android operating system.
The kernel of an operating system represents the “heart” of the whole system and is responsible for scheduling resources, controlling input-output, as well as controlling other essential components and resources on the system. In the case of Android, this is no different.
In an Android system the kernel, for all intents and purposes, is the only piece of the system that gets root access and is, therefore, able to perform any operation or function that it needs to.
The result of this design means that a kernel is able to do what it needs to in order to keep the system running and functioning properly, which is exactly what you would want to have the kernel be able to do in order to function properly, as limited access to such an essential part of the system would not work properly.
Of course, anything that is not specifically the kernel will run with some lesser degree of access depending on a specific function and role within the framework of the system.
Let’s talk about some other components of the Android operating system just briefly:
Application Runtime (ART) One of the components of the Android operating system that was introduced in version 5 (and has since been part of all later additions) is the Android application runtime (ART). This component was implemented to replace the older Dalvik runtime present in previous versions of the operating system.
Essentially what this component does is allow applications to run in a virtual machine environment within Android. This is not an unusual situation for those who are familiar with the Java environment, which uses a similar strategy for running applications within its system.
As a matter of fact, most Android applications are written in the Java language, which many people are familiar with from using applications on the web or other situations.
Google Play A major benefit of the Android operating system is that whatever isn’t present in the operating system as it ships from the manufacturer can be added later on.
The default, and preferred, way to add applications within the Android operating system is to use the popular Google Play service, which is a store where users can download applications for free or for a minor fee and install them into the operating system.
The user no longer has to keep backup copies of media or store the apps on a USB device; they can simply use a Google account, associate the applications with that account, and then download them as needed—for example, if they move to a new device or reset their current device and have to reset it.
Over-the-Air (OTA) Update Another huge benefit of the Android operating system is the ability to provide updates. Updates are an essential part of any operating environment;
Android updates can be anything from a minor download all the way up to an update for the whole operating system.
Android updates are delivered using what is known as over-the-air (OTA) strategy or over the Web using wireless capability such as Wi-Fi.
Because updates by default are delivered automatically (or the user is prompted to download and install them), it tends to be much more likely that a device will be kept up-to-date than in previous operating systems.
During its lifetime Android has proven to be a flexible, powerful, and highly customizable operating system that operates effectively cross-platform.
Building a Custom Droid
The Android operating system that is provided by default from Google has proven to be adept at providing a good experience for the user. However, Android is not going to address the needs of most pentesters because it does not have enough of the system accessible or available to allow for effective testing.
So, as a pentester, you will typically have to do a few more things to make the system usable for your particular needs. To do this, there are some options available to you for customizing the system.
The first option is to take the stock operating system that ships with the device and then root it. Since this process opens up the system and allows anything to be done with the device, it means that you will be able to perform more actions and even install apps on the system that wouldn’t run without root access.
This is a fairly straightforward option to employ; however, it still means that you must seek out your own tools to perform the pentesting process, which is going to be a challenge in most cases because there are so many.
Second, you could resort to an off-the-shelf option in the form of a preconfigured operating system such as Kali Linux NetHunter. This operating system is the cousin of the well-known Kali operating system, which is also used for pentesting, but on non-mobile environments.
To install this operating system, all a potential user has to do is go to Penetration Testing and Ethical Hacking Linux Distribution and download the installation utility.
On Windows, this is a wizard that users click through to answer some questions; then with the device plugged into the desktop or laptop via USB, they only need to hit Finish and let the wizard install and configure the device with their new operating system.
Additionally, a huge benefit with this option is that over 1,000 tools ship with the OS by default, meaning that a proven portfolio of tools is available and ready to use without having to invest large amounts of time searching for useful or functional tools.
Of course, there are other operating systems that can also be used for pentesting and that are security minded, but they are too numerous to list within this blog.
However, if you are curious about different options as far as Android-based pentesting distributions, a Google search can yield lots of results so that you can do your homework and see which is suitable for your use.
Working with Apple iOS
The second most popular mobile operating system available today is Apple’s iOS system.
iOS has proven to be popular because it is easy to use, learn, and navigate by anyone who wishes to pick up a device and start using it. iOS, much like Android, is able to be run on both tablets in the form of Apple’s own iPad as well as the iPhone.
But no other devices outside of the Apple environment will run this operating system (which is not like Android, even though it shares similar heritage through its basis on Unix).
Unlike Android, which is able to address all of the five points that were mentioned earlier, Apple’s iOS is only able to cover four of the core points for a secure mobile operating system as defined previously.
Apple’s iOS is able to provide some form of protection and control in the areas of Access control, such as passwords and account lockout and even permissions
Digital signing of applications, which means that applications installed through sources such as Apple’s own store have been verified and vetted to ensure that they are quality and come from an authentic source Application of encryption.
Which means that applications can communicate using encrypted traffic and that data stored on the device can be encrypted as well as Isolation, which is a core element of iOS just as it is with Android;
processes and applications are restricted as to how they can communicate with one another, thus reducing the chances of stability and security problems in general
Something that is worthwhile to point out is that, unlike Android, Apple’s iOS is set up and designed to only allow applications that originate from Apple’s own store to be installed on a device.
As for security and quality goes, this ensures that only safe and stable applications make their way onto a device, and anything that doesn’t meet the standards or hasn’t been vetted through Apple’s own process of validation will not get installed.
But you’ve probably run into someone at some point who’s had applications running on their own device that don’t originate from Apple’s own store. So where do these applications originate from, and how do they get installed on a device that should not allow them to be installed by design? This is known as jailbreaking.
Jailbreaking Apple’s iOS
In a nutshell, jailbreaking is the process of rooting, except that it is used on an Apple iOS-based device.
When a device undergoes the jailbreaking process, it allows that specific device to lift the limitations on running non-Apple-approved applications and other types of software, thereby allowing the device owner to install whatever they want from wherever they got it.
In practice, this is an attractive option for many device owners because it eliminates these barriers and allows them to take full control of their device.
Of course, much like on Android, this does present a problem because it becomes entirely possible for applications that don’t come from Apple’s own store to be installed, and therefore security or stability can be compromised.
Thus, jailbreaking should be attempted only by those who
Understand the risks of jailbreaking a device
Know how to keep themselves out of trouble when they install unvalidated software
Are aware of the implications of performing certain actions
And, as a footnote to the story, jailbreaking, much like rooting, is the quickest way to avoid a warranty, so this is another point to keep in mind when undertaking either of these operations.
Finding Security Holes in Mobile Devices
Mobile devices are convenient, but they also introduce their own set of security holes that can also be exploited by a pentester. Like many security problems, many can be avoided with a good dose of common sense and due care.
Risks incurred by installing software from unknown or unverified sources can be limited by doing research about what is being installed.
Also, installing software such as antimalware is helpful because it can blunt the risks associated with getting malware such as viruses, worms, spyware, and other nastiness on a system.
So what are some other problems that present themselves as risks to the mobile platform that can be exploited as well as mitigated, depending on whether you are a pentester or a device owner? Let’s look at a few that present themselves as obvious issues.
Cracking Mobile Passwords
The protection offered by passwords is something that is well documented and well understood in the computing and technology industry. However, there are still many cases where passwords are created improperly, meaning that they are too short, don’t use the full range of characters, or violate other complexity requirements.
In the mobile environment, another problem presents itself: more often than not, there is an utter lack of a password on a device. Many users of mobile devices are still in the habit of not setting up a password; they see it as an unnecessary obstacle to being able to pick up their device and simply swipe their finger or tap a button and be able to start using it.
The perception is that the convenience of being able to use the device right away versus having to take a moment or two to tap in a password is a good trade-off. Amplifying the danger of a lack of password is the fact that a lost device can be accessed without any challenge whatsoever.
Considering that a mobile device is very easy to lose, this is a huge risk.
Finding Unprotected Networks
One of the problems with mobile devices is the tendency for users to connect to unprotected or unknown wireless networks. There are many reasons why a mobile user might choose to connect to a network that they don’t know or don’t control.
For instance, one of them a smartphone user might think that, rather than use the precious bits of data that all but those on unlimited data plans have to worry about, why not use an unlimited Wi-Fi connection instead?
Although the motivation makes sense, the danger of connecting to an unknown wireless network is huge. It is entirely possible that connecting to an unknown wireless network can lead to identity theft, privacy loss, or the loss of data and other forms.
Thus users of mobile devices should avoid attaching to unknown or uncontrolled wireless access points if at all possible. However, if there is no other option, then it’s a good idea for users to make use of any one of a number of VPN services on the Internet to encrypt and protect their information.
Encountering Bring Your Own Device (BYOD)
BYOD has been a trend that has seen an upswing in the amount of support by both companies and their employees over the past half-dozen years or so, so you need to be aware of how this system works and how it may impact your testing.
The simple concept behind this practice is that the employees of a company will supply their own computers and equipment when they are hired by a company.
The company itself will own and maintain a network, as well as all the backend equipment required to support that network, such as servers, email, and other common infrastructure items. But employees will plug their equipment into this company-supplied and -maintained network.
The current corporate environment that employs the system of operation for its employees and their own technology typically leads to a situation where individuals bring in their devices in the form of notebooks and tablets or even desktops in some cases.
Once these devices are brought on premises, the employee will plug them into the company’s own network, and provided everything checks out in the form of having the latest protection and patches and other items in place, they will be allowed to access the network fully as required to do their particular job.
As good as this practice seems, there are still some flaws that can emerge with the system, and these are the flaws that you should be aware of as a pentester. They can represent points of opportunity for you to be successful in gaining access to the network itself.
Leading the charge on security, or weakening security, in this case, is the fact that maintaining a secure environment with all these devices brought in by employees is tough considering the potential for a diverse client environment.
Equipment that is not owned by a company can be difficult to manage and monitor as well as applying patches and support to so many diverse platforms.
A company may choose to place some limits on the type of equipment that employees can purchase or use in their environment, and will typically make policies clear as to what steps should be taken (such as implementing antimalware and other security measures).
Even with such policies and practices in place, IT departments by necessity will have to be extra vigilant about the security issues that can appear in such environments.
Choosing Tools to Test Mobile Devices
Pentesting mobile devices share a lot of commonalities with pentesting using traditional devices. The techniques are very similar if not exactly the same, the concepts are the same in just about every case, and many of the same tools that are present in non-mobile environments are present in the mobile environment as well.
When looking at the pentesting process with a mobile device, the process itself is identical so you won’t have to adapt to a brand-new process. The phases of reconnaissance all the way through the post-exploitation phase will look the same. The main differences are the platform being used (in this case, a mobile device) and perhaps some of the tools that you use.
Initially, when mobile devices were introduced, the number of tools that could be used for pentesting was quite limited. Many of the tools were designed to do network troubleshooting and perhaps look for wireless networks, but not much more beyond that.
However, as time has moved forward more tools have become available and have created the potential for pentesters to build a highly customized set of tools that are tailored to their own liking.
If you are using NetHunter to serve as your pen-test environment, you can avoid the issues involved with hunting down and verifying your own tools. It is also possible that you may choose to employ a preconfigured pen-test environment such as NetHunter and also install your own choice of tools on top of this platform.
In any case, the potential to highly customize the mobile environment to your own needs is advantageous to you as a pentester.
The following list of tools illustrates some of the items that are available to you as a pentester to use within the mobile environment, but it’s not an exhaustive list by any means. It is only meant to introduce you to some of the possibilities for tools that exist for performing pentesting.
IPTools by NetworkByte is a collection of tools used to provide information about different properties of the network, such as routing information, DNS settings, IP configuration, and more.
Mobile Nmap, by Gao Feng, is just like the name implies: a mobile version of the powerful nmap port and network scanner.
Shark for Root, by Elviss Kuštans, is essentially a scaled-down version of Wireshark for Android.
Session Hijacking Tools
Droidsheep, by Andrew Koch, works as a session hijacker for nonencrypted sites and allows you to save cookies, files, and sessions for later analysis.
FaceNiff is an Android app that allows you to sniff and intercept web session profiles over Wi-Fi networks.
SSLStrip, by NotExists, is an app used to target SSL-enabled sessions and strips off the protective SSL layer allowing for viewing of protected data.
SandroProxy an Android app used to route traffic through a preselected proxy to allow for covering up of obfuscating attacks. Psiphon is not really a proxy tool but a VPN technology that can be used to protect traffic to and from a mobile device.
Orbot is a free proxy app that empowers other apps to use the Internet more securely.
Orweb is a browser specifically designed to work with Orbot and is free.
Incognito is a web browser built for private browsing.