F.H.C - FORENSIC LIVE CD IMAGER

Forensic Hard Copy, is a Linux distribution, bootable CD (LiveCD), exclusively created to automate and speed up the copy of the storage devices. These procedures of copy are commonly in use in computer forensics. In computer science is orthodox practice, acquire data from the offending media in order to protect them from any alteration or damage, then later analyze the identical copy. The project was created to meet the operational needs of the police involved in investigations, the technical consultants (CTU) and part IT(CTU), ensuring the durability and the use of evidence in computer science criminal trial.


Has been used open source software, open-source scripts and to give all users the ability to understand, if necessary, the actual operation of the software in the process of copying or image acquisition. The process has been automated through a script-wizard that guides you step by step in the copy of a support. The new release has a 2.6.32 kernel which has a wide compatibility with controllers and disks. The recognition is done through media connections IDE, SATA, Firewire and USB, so you can also copy data to external media to the machine being analyzed.

Download F.H.C

Read More

OWASP - Droid Fusion

OWASP Droid Fusion is a platform for android mobile or any other mobile for doing Malware Analysis, Development, Application Pentesting and Forensics. You can use it in any mobile security research, and if you have Droid Fusion, you don’t need to worry about finding tools. There are more then 60 tools and scripts and it is free.

Tool Features

º SBFlash
º Heimdall CLI
º Heimdall Gui
º Fastboot

Android Exploitation

º Mercury
º Android Framework For Exploitation
º Smartphone Pentest Framework
º Metasploit

Pentest Application

º Burpsuite
º Wireshark
º Zap
º Ettermap
º W3af
º Zenmap

Device Forensic

º Aflogical
º Dc 3dd
º iPhone Backup Analyzer
º Scalpel
º Sleuthkit

Miscellaneous

º Android Kitchen
º Android Bruteforce
º iPhone Bruteforce
º Fastboot
º HconSTF
º Arduino IDE
º Record my desktop

Download Droid Fusion

Read More

Android Pentest Tools - Bugtroid

Bugtroid is an innovative tool developed by the team of Bugtraq-Team. The main features of this apk, is that it has more than 200 Android and Linux tools (PRO) for pentesting and forensics through its Smarthphone or tablet. It has a menu categorized according to the nature of the tool may find


º Anonymity
º Search People
º Audit for frequencies 802.11 (Wireless and Bluetooth)
º Mapping Networks
º Remote
º DDOS
º Sniffers
º Pentesting
º Security
º Examiner
º Web Analysis
º Cryptography
º Brute Force
º Antivirus
º System

From the application menu you can:


º Check the information on the tool.
º Install the application.
º Uninstall the Application.
º Run the Application (PRO)


Also paragraph settings available, which will serve to manage and install certain requirements for the proper functioning of the tools as well as other fnciones:


º Set wallpaper
º Install the minimum requirements for running the tools
º Install shortcuts on the desktop (PRO)
º Install shortcuts Console (PRO)
º Installation of interpreters: Perl, Python, Ruby, PHP and Mysql (PRO)

Download Bugtroid

Read More

SPF - Smartphone Pentest Framework

The product of a DARPA Cyber Fast Track grant, the Smartphone Pentest Framework is an open source security tool, designed to aid in assessing the security posture of smartphones in an environment. SPF Version 0.1 contains remote attacks, client side attacks, social engineering attacks, and post exploitation, targeting smartphone devices.

SPF is an on going project with plans in the works for support for additional devices, more modules in each attack vector category, integration with existing tools such as Metasploit and SET, etc.

Download SPF

Read More

Revenssis - Smartphone Pentest Suite

Nicknamed as the “Smartphone Version of Backtrack”, Revenssis Penetration Suite is a set of all the useful types of tools used in Computer and Web Application security. Tools available in it include: Web App scanners, Encode/Decode & Hashing tools, Vulnerability Research Lab, Forensics Lab, plus the must-have utilities (Shell, SSH, DNS/WHOIS Lookup, Traceroute, Port Scanner, Spam DB Lookup, Netstat… etc). All these fitting in an application approx. 10MB (post installation).


Features 

º All Web Vulnerability Scanners including:
º SQL injection scanner
º XSS scanner
º DDOS scanner
º CSRF scanner
º SSL misconfiguration scanner
º Remote and Local File Inclusion (RFI/LFI) scanners
º Useful utilities such as:
º WHOIS lookup, IP finder, Shell, SSH, Blacklist lookup tool, Ping tool,
º Forensic tools (in imlementation) such as malware analyzers, hash crackers, network           sniffer, ZIP/RAR password finder, social engineering toolset, reverse engineering tool
º Vulnerability research lab (sources include: Shodan vulnerability search engine,                   ExploitSearch, Exploit DB, OSVDB and NVD NIST
º Self scan and Defence tools for your Android phone against vulnerabilities
º Connectivity Security Tools for Bluetooth, Wifi and Internet. (NFC, Wifi Direct and USB in     implementation)

Download Revenssis

Read More

Reverse engineering - Androguard

Androguard is mainly a tool written in python to play with :

º Dex/Odex (Dalvik virtual machine) (.dex) (disassemble, decompilation),
º APK (Android application) (.apk),
º Android’s binary xml (.xml),
º Android Resources (.arsc).

Features:


º Map and manipulate DEX/ODEX/APK/AXML/ARSC format into full Python objects,
º Diassemble/Decompilation/Modification of DEX/ODEX/APK format,
º Decompilation with the first native (directly from dalvik bytecodes to java source codes)         dalvik decompiler (DAD),
º Access to the static analysis of the code (basic blocks, instructions, permissions (with           database from http://www.android-permissions.org/) …) and create your own static               analysis tool,
º Analysis a bunch of android apps,
º Analysis with ipython/Sublime Text Editor,
º Diffing of android applications,
º Measure the efficiency of obfuscators (proguard, …),
º Determine if your application has been pirated (plagiarism/similarities/rip-off indicator),
º Check if an android application is present in a database (malwares, goodwares ?),
º Open source database of android malware (this opensource database is done on my free     time, of course my free time is limited, so if you want to help, you are welcome !),
º Detection of ad/open source librairies (WIP),
º Risk indicator of malicious application,
º Reverse engineering of applications (goodwares, malwares),
º Transform Android’s binary xml (like AndroidManifest.xml) into classic xml,
º Visualize your application with gephi (gexf format), or with cytoscape (xgmml format), or       PNG/DOT output,
º Integration with external decompilers (JAD+dex2jar/DED/…)

Downlaod Androguard

Read More

ASEF - Android Security Evaluation Framework

ASEF

Have you ever looked at your Android applications and wondered if they are watching you as well? Whether it’s a bandwidth-hogging app, aggressive adware or even malware, it would be interesting to know if they are doing more than what they are supposed to and if your personal information is exposed. Is there really a way to automatically evaluate all your apps – even hundreds of them – to harvest their behavioral data, analyze their run pattern, and at the same time provide an interface to facilitate a vast majority of evolving security tests with most practical solutions?

Android Security Evaluation Framework (ASEF) performs this analysis while alerting you about other possible issues. It will make you aware of unusual activities of your apps, will expose vulnerable components and help narrow down suspicious apps for further manual research. ASEF is an Open Source tool for scanning Android Devices for security evaluation. Users will gain access to security aspects of android apps by using this tool with its default settings.

Download ASEF

Read More

Android Pentest Tools - drozer

drozer

drozer (formerly Mercury) is the leading security testing framework for Android.

drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps' IPC endpoints and the underlying OS.

drozer provides tools to help you use, share and understand public Android exploits. It helps you to deploy a drozer Agent to a device through exploitation or social engineering. Using weasel (MWR's advanced exploitation payload) drozer is able to maximise the permissions available to it by installing a full agent, injecting a limited agent into a running process, or connecting a reverse shell to act as a Remote Access Tool (RAT).


drozer is open source software, maintained by MWR InfoSecurity, and can be downloaded from:

mwr.to/drozer

Download drozer

Read More

Framework - Android Device Testing (dtf)

About

The Android Device Testing Framework ("dtf") is a data collection and analysis framework to help individuals answer the question: "Where are the vulnerabilities on this mobile device?" Dtf provides a modular approach and built-in APIs that allows testers to quickly create scripts to interact with their Android devices. By default, dtf does not include any modules, but a collection of testing modules is made available on the Cobra Den website (www.thecobraden.com/projects/dtf/). These modules allow testers to obtain information from their Android device, process this information into databases, and then start searching for vulnerabilities (all without requiring root privileges). These modules help you focus on changes made to AOSP components such as applications, frameworks, system services, as well as lower-level components such as binaries, libraries, and device drivers. In addition, you'll be able to analyze new functionality implemented by the OEMs and other parties to find vulnerabilities.


Prerequisites

To use dtf, you will need at least the following:

º JRE 1.7
º Python 2.6 or higher
º A true Bash shell (no Dash!!!), with general purpose Linux utilities (sed, awk, etc.)
º sqlite3
º The Android SDK


Using DTF

For details on getting started with dtf, check out the documentation over at the www.thecobraden.com/projects/dtf/.

Licenses

Dtf is licensed under the Apache License, Version 2.0, but contains additional code from other projects. Check the NOTICE file for additional projects and licensing.

Download Android Device Testing Framework

Read More