Tutorials

Use your Mobile phone to start Basic Pentesting

Android, the most popular operating system in mobile. Android gives tons of options from customizing user experience to install apps as per your needs. Some are done by rooting the android device & some are available for non-rooting android device. We will show you an android application which gives basic functionality to start pentesting from your mobile phones. This testing involves basic network utilities like: checking the web application destination IP address, trace routing any website, Whois query, dnslookup, netcat & many other features which are mostly required in network/ website basic pentesting. According to ethical hacking researcher of international institute of cyber security network manager can be a handy app for starting very basic pentesting. Now we will show on how to use this app:

Home Screen
  • Network Manager APK shows basic IP details.
Network Manager APK
  • Network Manager gives tons of features for diagnosing any local network.
Network Manager Features
  • Starting with Universal Scanner. This scanner gives options like IP lookup, DNS Lookup, SSL/TLS Analyzer, Ports Scanner, Whois, Trace route.
Network Manager – Universal Scanner
  • We have scanned hack.me for showing that how network manager works. For gathering basic info of any website, user can use universal scanner.
  • Such information can be used in information gathering phase of pentesting.
  • Gathering details with whois.
Whois Details
  • Whois is the first step to know any information about any URL. It gives information about website registration details, hosting domain etc.
  • Network manager gives an option to connect using SSH.
  • For testing we have connected with Linux system. For connection, enter the username & password.
SSH-Connection
  • Click on connect as you click on connect, it will open terminal session.
SSH-Connection-Established
  • SSH can be used for accessing any server from any location.
  • Checking the speedtest with network manager.
Check the Speedtest
  • Checking the speedtest before using it gathering information can be helpful.
  • Using the Web Crawler in network manager. This will crawl much information until stopped.
Web-Crawler
  • Web crawler which is required for finding bugs in any website. Website crawler shows the all the external, internal links & even shows the images, files & scripts which are found in website crawling.
  • Find the arp cache. This helps to know how many users are connected on the network.
ARP_Cache
  • Above shows the connected users with their MAC addresses. Attacker can gather mac addresses from the network. And can be used in ARP-poisoning attacks.
  • Checking the url before opening it on the browser. Network manager
URL Check Safe Browsing
  • Above shows that hackthissite.org is safe to visit. For checking any suspicious URL. Users can use URL check safe browsing.
  • Analyzing SSL – Checking whether URL is secured with SSL or not.
SSL Analyzer
  • Above shows the SSL certificate version with SSL Cipher.
  • Another option is Port scanner, which shows the open ports of the target URL. Certifiedhacker.com is used for testing.
Port Scanner
  • Above shows the open ports of the certifiedhacker.com. The more ports are open, the more website can be vulnerable.
  • IP calculator can also be used to gives info on how many users can be handled by an network.
IP Calculator
  • Above screenshot refers 254 are available addresses.

To Top

Pin It on Pinterest

Share This