Book Image

Learning zANTI2 for Android Pentesting

By : Miroslav Vitula
Book Image

Learning zANTI2 for Android Pentesting

By: Miroslav Vitula

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Learning zANTI2 for Android Pentesting
Miroslav Vitula
Aug, 2015 | 134 pages
No titles found
Table of Contents (12 chapters)
Learning zANTI2 for Android Pentesting
Learning zANTI2 for Android Pentesting
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introducing Android Pentesting with zANTI2
Introducing Android Pentesting with zANTI2
Penetration testing
zANTI2
Zetasploit
Summary
2
Scanning for Your Victim
Scanning for Your Victim
Network discovery
Open or closed?
Scan types
Run script
Intense scan
Device type
Running
OS CPE
OS Details
Network distance
Uptime guess
TCP sequence prediction
IP ID sequence generation
Ping scan
Quick scan and OS detection
Quick traceroute
Slow comprehensive scan
IP/ICMP scan
Script execution
Brute-force scripts
Summary
3
Connecting to Open Ports
Connecting to Open Ports
Open ports
Connecting to open ports
Cracking passwords
Microsoft-DS port connection
A remote desktop connection
Summary
4
Vulnerabilities
Vulnerabilities
A vulnerability
Reverse engineering
Shellshock
SSL Poodle
Zetasploit exploits
Summary
5
Attacking – MITM Style
Attacking – MITM Style
Man in the middle?
MITM attacks through zANTI2
Summary
Index
Index

About the Reviewers

Manish Chauhan was born in Sunder Nagar, a small town in Himachal Pradesh. Since his childhood days, he has had a great interest in technology, and he always wanted to be a developer. This was his childhood dream and he worked hard on it during his schooldays. He studied the C and Java languages neglecting his studies and so scored fewer marks in all subjects. He lost interest in the outer world and was in love with the digital world. After his matriculation, he did his polytechnic diploma in computer science, but left it and planned to complete HSC because it was hindering his childhood dream. At this point of time, he has finished +2 and is now pursuing further education from Emblem Education. He owns two websites and one android app, which are exclusively designed and developed by him. These sites and app are named The Hacker. You can find his blogs at www.ThaHacker.in.

Jack Miller has been working on a YouTube channel called JackkTutorials since September 2011 covering programming, hacking and security, and game servers. Since 2011, he has accumulated over 4 million video views worldwide. His hacking and security tutorials have been very popular on his YouTube channel, which has led to further exploration in the subject and more videos covering topics such as Kali Linux, Burp Suite, Wireshark, SSLStrip, and zANTI.

Jack has also worked on other books in the past with Packt Publishing, such as Kali Linux Network Scanning Cookbook, Kali Linux CTF Blueprints, and many more, and hopes to continue doing so in the future and expand his knowledge.

Fatih Ozavci is a security researcher and a principal security consultant with Sense of Security. He is the author of Viproy VoIP Penetration Testing Kit and MBFuzzer Mobile Application MITM Fuzzertool. Fatih has discovered several previously unknown security vulnerabilities and design flaws in Unified Communications, IMS, IPTVMDM, and SAP-integrated mobile application environments for his customers. He has completed several unique penetration testing services and commercial trainings during his career of more than 15 years. He also handled project lead role for several penetration testing and security research projects in Europe and the APAC area. His current research is based on attacking mobile VoIP clients, VoIP service-level vulnerabilities, mobility security testing, hardware hacking, and MDM analysis. Fatih has presented his VoIP and mobile research at HITB Singapore 2015 , BlackHat USA 2014 , DefCon 23, 22, and 21, Cluecon 2013, and Ruxcon 2013. Also, he has provided VoIP and mobility security trainings at the Defcon 23, AusCert 2014, Kiwicon 2015, and Troopers 2015 events. Refer to his homepage: http://viproy.com/fozavci.

Vincent "BetaBugish" Swarte is a Full Stack developer. He is self-employed (http://www.vinsert.nl) and a freelancer for Ridemi (http://www.ridemi.nl) and ArosaMedia.

I am grateful to Gaia, my beautiful girlfriend, for being in my life and being patient with me working over time. I am also grateful to Alex, my dad, for bringing me into the 'magical' world of computers at an early age and Heidi, my mother, for taking great care of me in the early stages of my life.

Previous Section
Next Chapter