70 Android Hacking & Security Tools For Hackers

Android Hacking & Security Tools For Hackers

This is probably the best collection of Android hacking & security tools you will ever find.

Yes, you read that right. I have included 70 android hacking & security tools in this list. And I will continue to update this article as I find more android tools.

Here is the biggest collection of android hacking tools:

  • I2P

I2P Logo

I2P is a very good tool for anonymizing your connections to your destination. Yes, it is just like Tor, but much better. That is, if you want to hide your IP without losing much of your connection speed, I2P is the best option. I'm not saying that the I2P can make you completely anonymous on the web. But it definitely can provide you an extra layer of protection.

  • RouterCheck

RouterCheck Logo

RouterCheck is an android app for protecting your home router from attackers. It allows you to scan the router for vulnerabilities and dangerous configurations. RouterCheck not only helps to detect and fix router vulnerabilities but also protects (indirectly) all the devices connected to your router.

  • Fing

Fing Logo

Fing is a simple tool for network analysis. It can evaluate your network security levels, detect intruders and resolve network issues. It displays almost all the network details such as the number of devices connected, device MAC addresses and manufacturers, IP addresses, NetBIOS names, and Bonjour info.

  • Packet Sender

Packet Sender Logo

Packet Sender is an open-source tool for sending and receiving TCP and UDP packets. Whenever you want to test your network, you can use Packet Sender to create and send custom data packets.

  • ProxyDroid

ProxyDroid Logo

ProxyDroid is an android app that allows you to set a proxy on your android device. That is, it can help you to hide your actual IP address, bypass internet censorship and prevent web monitoring. I like this app very much because of its user-friendly interface.

  • AppUse

AppUse Logo

AppUse is a virtual machine that you can use to test android mobile application security. It contains a custom Android ROM loaded with hooks that were placed at the right places inside the runtime for easy application control, observation, and manipulation. It has everything a pentester needs to run and test target applications - an Android emulator, development tools, the required SDKs, decompilers, disassemblers, etc.

  • JADX

JADX Screenshot

JADX is a decompiler that you can use to produce Java source code from Android Dex and Apk files.

  • Appie

Appie Screenshot

Appie is a portable Android Pentesting Environment that you can use on any windows based machine without using a Virtual Machine(VM) or dualboot. It has a lot of tools such as Android Debug Bridge, Apktool, AndroBugs Framework, AndroGuard, Androwarn, Atom, ByteCodeViewer, Burp Suite, Drozer, dex2jar, Eclipse IDE with Android Developer Tools, Introspy, Analyzer, Java Debugger, jadx, Jd-Gui, Pidcat, SQLite Database Browser, SQLmap, Volatility Framework, Mozilla Firefox with some security addons, Owasp GoatDroid, and InsecureBank-v2.

  • Kali Linux NetHunter

Kali Linux NetHunter Nexus Devices

Kali Linux NetHunter is the first ever Open Source Android penetration testing platform for Nexus devices. It supports Wireless 802.11 frame injection, one-click MANA Evil Access Point setups, HID keyboard (Teensy like attacks), as well as BadUSB MITM attacks.

In short, Kali Linux is now at the tip of your fingers!

  • Nipper

Nipper Logo

Nipper is an android tool for analyzing the security of CMS websites (WordPress, Drupal, Joomla, Blogger, Magento, Concrete5, VBulletin). It has a lot of modules that you can use to gather information about a specific URL.

Here is the list of modules in Nipper:
  • Detect & CMS Version: Detects and identifies the version and CMS system.
  • DNS Lookup: Get the DNS information from a URL.
  • IP ports Nmap SERVER: Scan the ports of a website.
  • Users Enumeration: Enumeration WordPress user.
  • Plugins Enumeration: Enumeration of WordPress Plugins.
  • Find CMS Core Exploit: Search core vulnerabilities in CMS.
  • Find Exploit DB: search exploit-db.com vulnerabilities.
  • CloudFlare Solve: Identify the true IP address.
  • Identification of Theme: detects and identifies the WordPress theme of a website.
  • Detection of CMS Advanced.
  • Brute Force Attack (WordPress).

  • zANTI

zANTI Logo

zANTI is one of the best penetration testing toolkits for android. It can help you to uncover authentication, backdoor, and brute-force attacks, DNS and protocol-specific attacks and rogue access points in seconds.

Note: This toolkit will change the SELinux configuration on your device to run certain commands, so if you are going to use this toolkit, please use it on a dedicated device. Otherwise, some apps may take advantage of lessened security setting for malicious purposes.

  • Radare

Radare Logo

Radare is a portable framework for reverse engineering and analyzing binaries. The radare project started in February of 2006 aiming to provide a Free and simple command line interface for a hexadecimal editor supporting 64-bit offsets to make searches and recover data from hard disks. Now it is one of the best open-source reverse engineering frameworks that you can use to do many things including forensic analysis on filesystems, software patching, vulnerability fixing, software exploitation, etc.

  • Drozer

Drozer Logo

Drozer is a comprehensive security audit and attack framework for Android. It allows you to interact with the Dalvik VM, other apps’ IPC endpoints, and the underlying OS. With Drozer, you can greatly reduce the time taken for Android security assessments by automating tedious and time-consuming tasks.

It runs both in Android emulators and on real devices. And, it does not require USB debugging or other development features to be enabled.

  • Passera

Passera Logo

Passera is a simple android app that turns any entered text into a strong password. This tool is for people who understand the need to have strong unique passwords for each website.

  • aNmap

aNmap Logo

aNmap is the android version of the Nmap; meaning, you can use this app to identify open ports and services, operating system versions, types of packet filters/firewalls, and other characteristics.

It is one of the must-have tools for hackers!

  • Hooker

Hooker Android

Hooker is an open-source project for dynamic analyses of Android applications. It has a lot of tools and applications that you can use to automatically intercept and modify any API calls made by a targeted application. 

It also has a set of python scripts is also provided to automatize the execution of analysis to collect any API calls made by a set of applications.

Note: Android-Hooker is a proof of concept relying on the Substrate framework. That means Hooker cannot work if Substrate is not correctly installed on your device.

  • Intercepter-NG

Intercepter-NG Logo

Intercepter-NG is an android app for intercepting and analyzing WiFi network traffic. It is very easy to use. It can intercept communications, and analyze data packets. hijack sessions, SSL Strip connections, and monitor the target's web activities.

  • Orbot

Orbot Logo

Orbot is an android app developed by the Tor Project for internet freedom and privacy. It allows you to hide your real IP address by bouncing your communications around a distributed network of relays run by volunteers all around the world.

Orbot is not just Tor, it also contains LibEvent and a lightweight web proxy server -"Polipo".

And, in rooted devices, it allows you to transparently torify all of the TCP traffic on your Android device.

  • APKinspector

APKinspector Logo

APKinspector is a powerful tool for android application analysts and reverse engineers. It can help you analyze the app permissions, Dalvik codes, Smali codes, Java codes, APK information and call graph.

  • OWASP GoatDroid

OWASP GoatDroid Logo

OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. GoatDroid requires minimal dependencies and is ideal for both Android beginners as well as more advanced users.

Currently, it has two applications: FourGoats, a location-based social network, and Herd Financial, a mobile banking application.

  • AndroRat

AndroRat Logo

AndroRat is a remote administration tool for android (thus the name AndroRAT). This tool allows you to access the target's contacts, call logs, messages, and location details remotely.

Some other interesting functionalities of AndroRat:
  • Live monitoring of received messages.
  • Live monitoring of the device state (call received, call sent, call missed.).
  • Take pictures using the camera.
  • Stream sound.
  • Stream video.
  • Do a toast.
  • Send text messages.
  • Give call.
  • Open a URL in the default browser.
  • Vibrate the phone.
You can even use this tool to hack the target's online accounts.

  • DroidSQLi

DroidSQLi Logo

DroidSQLi is an android app that you can use to launch SQL injection attacks on a target URL. This is a fully automated tool, you don't need to know any complex technical information to use this app, anybody can use it, it's that simple.

It supports the following injection techniques:
  • Normal injection.
  • Blind injection.
  • Time-based injection.
  • Error-based injection.

  • Smartphone Pentest Framework (SPF)

Bulb Security Logo

Smartphone Pentest Framework is an open-source tool designed to aid in assessing the security posture of smartphones in an environment. Currently, it contains remote attacks, client-side attacks, social engineering attacks, and post-exploitation, targeting smartphone devices.

  • Android Data Extractor Lite (ADEL)

Android Data Extractor Lite (ADEL) Logo

ADEL is a forensic tool that allows you to dump selected SQLite database files from Android devices and extract the contents stored within the dumped files. The first version requires a modification of the kernel and the adb daemon. But now, you do not need to modify those things, because now the ADEL makes use of a custom recovery image based on the Clockworkmod-Recovery.

  • Dexter

Dexter Screenshot

Dexter is a free tool for malware analysis and code auditing. It allows you to extract as much information as possible from android applications and display them in various different views. 

Here are some of its key features:
  • Free and interactive environment.
  • Flexible tagging system - Annotate and tag everything in your analysis
  • Collaboration - share your analysis results easily with your co-workers.
  • An API for automated processing or extending.



aWPVSCAN is a free android tool for finding security weaknesses within WordPress installations. It is very easy to use, and no technical knowledge is necessary.

It can also help you to enumerate plugins, themes, authors, and Timthumbs files.

  • DNSChef

DNSChef Logo

DNSChef is a highly configurable DNS proxy  (a.k.a Fake DNS) for Penetration Testers and Malware Analysts. This tool is mainly used for application network traffic analysis.

It can be used to fake requests for "somecrappysite.com" to point to a local machine for termination or interception instead of a real host somewhere on the Internet.

Unlike most of the DNS proxies, DNSChef is capable of forging responses based on inclusive and exclusive domain lists, supporting multiple DNS record types, matching domains with wildcards, proxying true responses for nonmatching domains, defining external configuration files, IPv6, and many other things.

  • Revenssis

Revenssis Logo

Revenssis is a fully featured network, wireless and web app pentesting suite. It is also called the "Smartphone Version of Backtrack" because it has almost all the useful tools in the Backtrack distributions.

It has almost all the web app vulnerability scanners, forensic tools, vulnerability research tools, self-scan, and defense tools. And, some useful utilities such as WHOIS lookup, IP finder, Shell, SSH, Blacklist lookup tool, Ping tool and etc.

  • PenTBox

PenTBox Logo

PenTBox is a multiplatform security framework written in Ruby. It has a lot of tools such as Base64 & Decoder, Multi-Digest, Hash Password Cracker, Secure Password Generator, Net DoS Tester, TCP port scanner, Honeypot, Fuzzer, DNS and Host gathering tool, MAC address geolocation tool, and an HTTP Bruteforce tool.

  • WiFi Kill Pro

WiFi Kill Pro Logo

WifiKill Pro is a lightweight android application that allows you to disable internet connection for any device on a WiFi network. It doesn't terminate the internet connection, it just blocks the packet data to the device.

  • DroidSheep

DroidSheep Logo

DroidSheep is a session hijacking tool developed by Andreas Koch for hackers. It can capture session cookies over a WiFi network. That means this tool can help you to hijack any unencrypted web sessions!

  • Android Privacy Guard

Android Privacy Guard Logo

Android Privacy Guard is an open-source security tool that you can use to encrypt, decrypt and sign files and email messages by using a public/private key pair. It also allows you to encrypt individual files without a public/private key pair by relying on symmetric encryption and a strong passphrase.

  • Totally Free VPN

Totally Free VPN Logo

Totally Free VPN is a wonderful proxy app with a lot of high-speed proxy servers. It's totally free and super fast. Totally Free VPN is very efficient at hiding your IP address from unwanted websites and services. so I would say it is a must-have security tool for an android device.

Note: If you are looking for the best free proxy or VPN app for your android device, check out this article: 10 Best Free Proxy/VPN Apps For Android.

  • Mock Locations

GPS Logo

Mock Locations is a free android app that allows you to spoof the device location in seconds. It can simulate GPS routes, set breakpoints, set variable speeds, and simulate closed routes. In short, it is one of the best GPS spoofer apps in the play store.

Here is the list of the best free GPS spoofer android apps: 10 Best Free GPS Spoofer Apps For Android

  • SDelete

SDelete Logo
You probably know that the deleted files can be recovered, so don't just delete files, destroy them. SDelete is such a tool that you can use to destroy files beyond recovery. It supports two different wiping algorithms: US DoD 5220.22-M,  NIST 800–88.

It also allows you to create your own shredding patterns!

  • ChameleMAC

ChameleMAC Logo

ChameleMAC is an android app that you can use to change your MAC address. You know, this app can be used to get free WiFi (from your neighbor or public WiFi spot).

If this app is not working for you, read How To Change (spoof) MAC Address on Android. That article contains 3 different methods to change your MAC address. 

  • Tor Browser

Tor Browser Android Logo

If you care about your privacy, you should not use normal browsers, you should use the Tor Browser to browse the web. Because it can give you more protection and security. 

Tor Browser has the ability to block trackers and its multi-layered encryption ensures real anonymity for the users.

  • Servers Ultimate

Servers Ultimate Logo

Servers Ultimate is a powerful app that can turn your android device into a multipurpose server. It allows you to run Caddy, CVS, DC Hub, DHCP, UPnP, DNS, DDNS, eDonkey, Email (POP3 / SMTP), FTP Proxy, FTP, FTPS, FTPES, Flash Policy, Git, Gopher, HTTP Snoop, ICAP, IRC Bot, IRC, ISCSI, Icecast, Lighttpd, LPD, Load Balancer, MQTT, Memcached, MongoDB, MySQL, NFS, Node.js, NTP, NZB Client, Napster, Nginx, PHP, PXE, Port Forwarder, RTMP, Remote Control, Rsync, SIP, SMB/CIFS, SMPP, SMS, Socks, SFTP, SSH, Server Monitor, Styx, Syslog, TFTP, Telnet, Time, Torrent Client, Torrent Tracker, Trigger, USB/IP, Unison, UPnP Port Mapper, VNC, VPN, Wake On Lan, Web, WebDAV, WebSocket, X11 and/or XMPP server on your android device.

  • WIBR


WIBR is an android app that you can use to break into a password-protected (weak) WiFi network. It is actually a brute-forcer that allows you to perform a dictionary attack on the target. 

  • pulWiFi

pulWiFi Logo

pulWiFi is an android app that shows the default passwords for wireless networks of some routers. It supports the following networks.
  • Some D-Link routers
  • Some Huawei routers
  • Some InfoStrada routers

  • Penetrate Pro

Penetrate Pro Logo

Penetrate pro is an excellent app for decoding WEP/WPA WiFi keys. It supports the following routers.
  • Routers based on Thomson: Thomson, Infinitum, BBox, DMax, Orange, SpeedTouch, BigPond, O2Wireless, Otenet.
  • DLink
  • Eircom
  • Pirelli Discus
  • Verizon FiOS (only some routers)
  • Fastweb (Pirelli & Telsey)
  • Jazztel_XXXX and WLAN_XXXX
  • Tecom
  • Infostrada
  • SkyV1

  • Router Brute Force

Router Brute Force Logo

Let's assume, you have free WiFi, and you want to take control of that wireless network. What do you do?

Obviously, you need router login credentials. If you can't steal those from the admin, you should use the Router Brute Force app. Because it can crack the router passwords very efficiently.

  • RouterPWN

RouterPWN Logo

RouterPWN is a router security audit tool for penetration testers. This is actually a web-based tool that contains a compilation of ready-to-run local and remote exploits. You can use it offline for local exploitation without an internet connection.

  • AnDOSid

AnDOSid Logo

AnDOSid is a powerful denial-of-service attack tool for pen-testers and security researchers. Please don't use it to attack servers that you don't own, otherwise, you might end up in jail.

  • OFS Doser

OFS Doser Logo

OFS Doser is also a denial of service attack tool, but this one works in a different way. It can only crash a PHP or Java server that has the "HashDoS" vulnerability. 

  • Hash Decrypt

Hash Decrypt Logo

Hash Decrypt is a powerful tool that allows you to crack/decrypt a hash. It uses the dictionary attack to crack hashes. This tool supports 10 different hash functions such as MD2, MD4, MD5, SHA1, SHA-256, SHA-384, SHA-512, Tiger, RIPEMD-128 and RIPEMD-160.

  • Cryptonite

Cryptonite Logo

Cryptonite is an open-source application for file encryption. It is fully compatible with all EncFS features. The app works on both rooted and non-rooted devices.

  • CrypticSMS

CrypticSMS Logo

CrypticSMS can encrypt / decrypt SMS messages. It supports AES cipher, Backwards cipher, Caesar cipher, DES cipher, Hill cipher, Monoalphabetic cipher, Morse Code cipher, Playfair cipher, Reverse Alphabet cipher, Triple DES cipher, and Vignere cipher.

  • GT Recovery

GT Recovery Logo

GT Recovery is an android app that you can use to recover any deleted file you want on android. This app supports mainstream volume formats such as FAT, EXT3, and EXT4.

  • WiFinspect

WiFinspect Logo

WiFinspect is a security audit tool that allows you to monitor the networks you own or have permission. It has the following functions:
  • Network Information
  • UPnP Device Scanner
  • Host Discovery
  • Network Sniffer
  • Pcap Analyzer (three options)
  • PCI DSS (Version 2) Menu
  • Access Point Default Password Test 
  • Access Point Security Test 
  • Access Point Scanner
  • Internal Network Vulnerability Scanner 
  • External Network Vulnerability Scanner
  • Host Information
  • Port Scan
  • Host Vulnerability Scan
  • Traceroute
  • Ping

  • Nessus

Nessus Logo

Nessus is a powerful vulnerability scanner that you can use to detect vulnerabilities in your network. It uses Nessus Attack Scripting Language to describe individual threats and potential attacks.

  • Find People Search

Find People Search Logo

Find People Search is an android app that allows you to find whoever you want. Unfortunately, the search is limited to the United States only.

If you want to search the whole world, check out the article "3 Best Free Android Apps For People Search (a.k.a Social Search)".

  • AppLock

AppLock Logo

AppLock is one of the best android apps to protect your files, calls, apps, and settings from unauthorized access. It is one of the must-have security tools for an android device.

If you want to see the best android apps for locking apps and files, check out this article: Best Free Lock Android Apps.

  • NoRoot Firewall

NoRoot Firewall Logo

NoRoot Firewall is a good firewall app that has many useful features. Unlike most firewall apps, it doesn't require root access. It allows you to create filter rules based on IP address, hostname, or domain name. That is, you can allow or deny only specific connections of an app.

  • Bleep

Bleep Logo

Bleep is a secure messaging app from BitTorrent Inc. It is a peer-to-peer chat client; meaning it doesn't have a server to store your conversations, all messages are stored locally on your device. And, Bleep's end-to-end encryption makes sure that the messages are completely private.

If you want to know more about Bleep, read 4 Best Secure Messaging Apps Android.

  • DroidSheep Guard

DroidSheep Guard Logo

DroidSheep Guard is a tool to protect your android device from all ARP-Based attacks. It runs silently on the device and monitors the ARP-Table. When it detects a suspicious entry in your device's ARP-Table, it will pop up and warn you.

  • DroidSniff

DroidSniff Logo

DroidSniff does the exact same thing as the "DroidSheep" app. Both apps can sniff and hijack http traffic! Consider DroidSniff as an alternative.

  • Shark For Root

Shark For Root Logo

It is an android version of Wireshark, an open-source packet analyzer. This app is purely based on tcpdump, so you can use  tcpdump commands on this app.

  • Faceniff

Faceniff Logo

Faceniff is a simple android app that allows you to sniff and intercept web session profiles over the WiFi network. Unlike most sniffer apps, it only supports some specific services. They are,
  • FaceBook
  • Twitter
  • Youtube
  • Amazon
  • VKontakte
  • Tumblr
  • MySpace
  • Tuenti
  • MeinVZ/StudiVZ
  • blogger
  • Nasza-Klasa

  • ARPSpoof

ARPSpoof Logo

ARPSpoof is an open-source tool for network auditing. It redirects the packets on the local network by broadcasting spoofed ARP messages. ARPSpoof displays the packets, but it doesn't save them.

If you want to analyze the packets, you should install tcpdump.

  • Network Spoofer

Network Spoofer Logo

Network spoofer is an android app that allows you to intercept and modify the WiFi network traffic. It is a powerful tool that can be used to perform multiple spoofs such as blue ball machine, YouTube video change, change text, custom image change, custom redirect, Man-in-the-Middle and etc.

  • Piik

Piik Logo

Piik is an android app that can extract and display images from unencrypted network traffic. It works by performing a man-in-the-middle attack against the target network. You already knew that, right? But you probably don't know how PiiK exactly works, so now I'm going to tell you that.
First, PiiK poisons the ARP cache on the router to redirect all the network traffic through your android device. Then it analyzes the network traffic in real time for img tags and then displays the images.
Got it?

  • ConnectBot

ConnectBot Logo

ConnectBot is an open-source Secure Shell (SSH) client that can manage simultaneous SSH sessions, create secure tunnels, and copy/paste between other applications.

  • CSploit

CSploit Logo

CSploit is a new and improved version of dSploit. It can map your local network, fingerprint hosts' operating systems and open ports, forge TCP/UDP packets, perform all kinds of man-in-the-middle attacks, and many other things. You can say it is one of the best penetration testing suites available for free.

  • Malwarebytes Anti-Malware

Malwarebytes Anti-Malware Logo

It is one of the best anti-malware apps you can get. Its behavior-based scanning can detect malware that is not in any malware database. If you are not using Galaxy y or something, install an antivirus app on your device, it will protect your device from malware.

  • Bluebox Security Scanner

Bluebox Security Scanner Logo

Bluebox Security Scanner is a vulnerability scanner that you can use to determine If your system is vulnerable or patched to any of the "Fake ID" or "Master Key" security flaws. It also displays the applications that are trying to maliciously take advantage of any of the 'Master Key' security flaws.

  • QARK (Quick Android Review Kit)


QARK is a vulnerability scanner that is capable of creating "Proof-of-Concept" deployable APKs and/or ADB commands and exploiting many of the vulnerabilities it finds. It is completely free and very easy to use.

  • Photo Exif Editor

Photo Exif Editor Logo

Photo Exif Editor is a forensic-cum-privacy tool. This tool can extract, edit, or remove the Exif data of image files.

  • LiME (Linux Memory Extractor)

LiME is a Loadable Kernel Module that can capture memory of Linux-based devices, such as Android. It supports acquiring memory either to the file system of the device or over the network. It also minimizes its interaction between user and kernel space processes during acquisition, which allows it to produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition.

  • MobSF (Mobile Security Framework)

MobSF Logo

MobSF is an open-source app that is capable of performing static and dynamic analysis on android or iOS apps.

That's all guys, I hope you liked this list. If you did, please share this article with your friends and followers.

No comments

Powered by Blogger.