O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Learning zANTI2 for Android Pentesting

Book Description

Dive into the world of advanced network penetration tests to survey and attack wireless networks using your Android device and zANTI2

About This Book

  • Understand the basics of wireless penetration testing and its importance
  • Learn the techniques to perform penetration testing on your wireless networks, such as scanning, detecting vulnerabilities in your victim, and then attacking
  • This simple and intriguing guide takes a step-by-step approach that will help you get to grips with network pentesting using just your Android device and zANTI2

Who This Book Is For

The book is intended for those who want to know more about network penetration tests and have no prior experience, as well as for those who are experienced in network systems and are curious to discover more about this topic. Since zANTI2 features an extremely intuitive and easy to control interface, it doesn't require any special skills.

What You Will Learn

  • Understand the importance of penetration testing throughout systems
  • Take a run through zANTI2's interface and understand the requirements to the app
  • Perform advanced scanning/network mapping and discover the various types of scans used on a target
  • Discover and remotely connect to open ports on a target, thereby accessing a target's files and folders remotely
  • Detect vulnerabilities on a target, learn how to remotely exploit them, and discover ways to protect your self from these exploits
  • Understand what an MITM attack is and how it works, and apply this knowledge to perform attacks on network targets
  • Learn to hijack sessions, identify victim's passwords, replace images on websites, inject scripts, and more
  • Use this knowledge to protect yourself from all of the attacks you will study

In Detail

A penetration test is one of the most important methods to secure a network or any individual machine. Having knowledge of these methods can enable a user to protect himself/herself from any kinds of attacks. Penetration tests can also be used to discover flaws or loop holes in one's security system, which if not fixed, can be exploited by an unwanted entity.

This book starts off with an introduction to what penetration testing is, and how it can be performed on Android using zANTI2. Once you are aware of the basics, we move on to teach you the different types of scans that can be performed to search for targets. You will then learn how to connect to open ports and intrude into an unsecured computer. From here you will explore vulnerabilities and their usage, including ShellShock and SSL Poodle vulnerability.

When connected to an open network, a user is susceptible to password and session hijacking, and a number of other cyber attacks. The book therefore ends with one of the main aspects of cyber security: the Man in the Middle attack. You will get to know everything about the MITM attack, how it works, and how one can be protected against it.

Style and approach

The book follows a step-by-step approach with each of the parts explained in an easy-to-follow style. Most of the methods showcased can be tried out immediately on almost any network.

Table of Contents

  1. Learning zANTI2 for Android Pentesting
    1. Table of Contents
    2. Learning zANTI2 for Android Pentesting
    3. Credits
    4. About the Author
    5. About the Reviewers
    6. www.PacktPub.com
      1. Support files, eBooks, discount offers, and more
        1. Why subscribe?
        2. Free access for Packt account holders
    7. Preface
      1. What this book covers
      2. What you need for this book
      3. Who this book is for
      4. Conventions
      5. Reader feedback
      6. Customer support
        1. Errata
        2. Piracy
        3. Questions
    8. 1. Introducing Android Pentesting with zANTI2
      1. Penetration testing
        1. Getting to know the dark side of Android
      2. zANTI2
        1. Mac Changer
        2. zTether
        3. RouterPWN
        4. Cloud reports
        5. The Wi-Fi monitor
        6. The HTTP server
        7. Nmap scan
        8. Operative actions
        9. Password complexity audit
      3. Zetasploit
      4. Summary
    9. 2. Scanning for Your Victim
      1. Network discovery
      2. Open or closed?
      3. Scan types
      4. Run script
      5. Intense scan
        1. OS detection
      6. Device type
      7. Running
      8. OS CPE
      9. OS Details
      10. Network distance
      11. Uptime guess
      12. TCP sequence prediction
      13. IP ID sequence generation
      14. Ping scan
      15. Quick scan and OS detection
      16. Quick traceroute
      17. Slow comprehensive scan
      18. IP/ICMP scan
      19. Script execution
        1. Auth
        2. Broadcast
        3. Brute
        4. Citrix
        5. Database
        6. Discovery
        7. DNS
        8. Geolocation
          1. Protocol
        9. Info
      20. Brute-force scripts
        1. Broadcast scripts
        2. Info scripts
        3. Intrusive scripts
      21. Summary
    10. 3. Connecting to Open Ports
      1. Open ports
      2. Connecting to open ports
      3. Cracking passwords
      4. Microsoft-DS port connection
      5. A remote desktop connection
      6. Summary
    11. 4. Vulnerabilities
      1. A vulnerability
      2. Reverse engineering
      3. Shellshock
      4. SSL Poodle
      5. Zetasploit exploits
      6. Summary
    12. 5. Attacking – MITM Style
      1. Man in the middle?
        1. ARP spoofing
      2. MITM attacks through zANTI2
        1. Logged requests
        2. ZPacketEditor
        3. SSL Strip
        4. HTTP redirection
        5. Replacing images
        6. Capture/intercept downloads
        7. Insert HTML
      3. Summary
    13. Index