zANTI : The power of Backtrack now on your android

Posted In News - By K.C. On Sunday, September 2nd, 2012 With 4 Comments

Android Network Toolkit also known as zANTI is the most comprehensive and refined pentest tool for android by Zimperium. Zimperium is founded by white hat hacker Itzhack ‘Zuk’ Avraham and also have Kevin Mitnick on there team! They also had recently held the Pentester’s WorldCup.

zAnti still comes with a token type credit system that allows you to access the more advanced features, but you can still see the power of zAnti with the free version. They also maintain a zScore system of points.

When you login into zANTI, it maps your entire network. When I selected my PC to sniff out of the list, it showed all websites being visited and also there cookies. Definitely ARP (Address Resolution Protocol) cache poisoning was going on here.

A quick look at my PCs client’s ARP Table showed that zAnti was successful at MITM attack! Also it switched its MAC address for the client gateway. This effectively put the phone in between my router and the wired PC Client so it could sniff out all the network traffic!

It also has a Nmap menu where you can run several levels of Nmap based scanning to attempt to detect OS version and service identification.

These various pentest options include:

  • Network Map
  • Port Discovery
  • Packet Manipulation
  • Sniffer
  • MITM (Man in the Middle filters)
  • DoS (Pentest DoS vulnerabilities)
  • Password Complexity Audit
  • Penetrate CSE to check server/desktop vulnerabilty
Android pentest zANTI

The tool is really refined and we did some major penetration testing (also can detect Java vulnerability) with it and didn’t find any bugs in it even with a low specs Samsung Galaxy Y(Will soon test it on the Nexus 7)! This tool is clearly the best ROOT tool for android hackers. We also tested various other Android penetration testing tools like DroidSheep, AnDOSid, FaceNiff and many others but none were as powerful as zANTI. We rated zANTI 5 stars :

5 stars by Hack Planet

 Get zANTI : (Root needed; Android 2.1+) Also private beta testing is going to begin for the apps iOS version!

Displaying 4 Comments
Have Your Say

  1. Smith says:

    Amazing tool. Truly deserves 5 stars!!

  2. Thanks for sharing!! Great review on zANTI :)

  3. Loraine says:

    It depends on how it was siengd. MD5 is broken (i.e. I could copy a signature on an existing executable if it uses a siengd MD5 hash).The Security Now podcast at had some information on SSSL certificates! siengd by MD5 being forged.

  4. Yui says:

    In most cases no, but it is always a safe and good prcaitce to have it installed. If you run MAC bootcamp or parallels with Windows, it is a definite Yes because what happens in Windows can cross over into the Mac Operating System. MAC is only a manufacturer name, not the operating system. In most cases it will not affect the operating system, but there is always a change that one may have an effect.

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

WP Socializer Aakash Web