Use your mobile phone to begin basic pentesting

Android is the most popular OS in mobile devices and offers multiple options to maximize the experience of the user. According to specialists in ethic hacking, a lot of changes on the devices can be made after rooting the device, although a smartphone with Android without root is also functional. Next, we will see an app from Android that works as a basic pentesting software.

By using this software, it is possible to execute some networks scanning tasks like: verify the destination IP adress of the website, track the router of any website, consulting Whois, dnslookup, netcat and many other features of pentesting. According to experts in ethical hacking from the International Institute of Cyber Security (IICS) Network Manager can be very useful to begin pentesting.

  • To do the tests we will use a Xiaomi Redmi Note 4 – Android 7.0 Nougat
  • Download the app in:
  • This app also has a pay version, but the free version is also useful.
  • Simply download and install Network Manager
  • After that, click in the icon of Network Manager



























Network Manager shows basic details of IP





























Network Manager offers a lot of functions to diagnose any kind of local net



























Beginning with Universal Scanner. This scannner offers options like the searching of IP, searching of DNS, SSL/TLS analyzer, port scanners, Whois, Traceroute.














  • We have scanned to show how the red administrator works. To gather basic information in any web site, you can use Universal Scanner.
  • This information can use the phase of information compilation of pentesting
  • Gather details with Whois.




























  • Whois is the first step to know any kind of information about any URL. It gives information about the register details of the website, the hosting domain etc
  • Network Manager offers an option to connect though SSH
  • For the tests we have connected with the Linux system. For the connection, write the username and password.





























Click in connect, after that, the session will begin on the terminal.














  • SSH can be used to access to any server from any location
  • Checking of the net administrator’s speed.




























Verify the network’s speed

  • Can be useful to verify the speed before using Nwtwork Manager to gather information
  • Use the Web Crawler in the network administrator. This will track a lot of information until it stops.








Web Crawler

  • Web Tracker that is required to find errors in any website. The tracker of websites shows every external links, internal ones and even the images.
  • Find the arp cache. This helps to know how many users are connected to the network.










ARP_ Cache

  • Up there it is shown the connected users with their MAC adress. The attacker can gather MAC adresses from the net and can be used to poisonus attacks through ARP.
  • Verify the URL before opening it in the browser.
















SSL Analysis

  • Up there it is shown the version of the SSL certification with SSL Cipher
  • Oher option is the port scanner, that shows the open ports ti the destination URL. is used to make tests, said the experts in ethic hacking.















Port Scanning

  • Up there it is shown the open ports if The more open ports it has, the more vulenrable the site is.
  • The IP calculator can be also used to give information about how many users can handle a network.




Deja un comentario