Learning zANTI2 for Android Pentesting电子书

Learning zANTI2 for Android Pentesting

Table of Contents

Learning zANTI2 for Android Pentesting

Credits

About the Author

About the Reviewers

www.PacktPub.com

Support files, eBooks, discount offers, and more

Why subscribe?

Free access for Packt account holders

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Errata

Piracy

Questions

1. Introducing Android Pentesting with zANTI2

Penetration testing

Getting to know the dark side of Android

zANTI2

Mac Changer

zTether

RouterPWN

Cloud reports

The Wi-Fi monitor

The HTTP server

Nmap scan

Operative actions

Password complexity audit

Zetasploit

Summary

2. Scanning for Your Victim

Network discovery

Open or closed?

Scan types

Run script

Intense scan

OS detection

Device type

Running

OS CPE

OS Details

Network distance

Uptime guess

TCP sequence prediction

IP ID sequence generation

Ping scan

Quick scan and OS detection

Quick traceroute

Slow comprehensive scan

IP/ICMP scan

Script execution

Auth

Broadcast

Brute

Citrix

Database

Discovery

DNS

Geolocation

Protocol

Info

Brute-force scripts

Broadcast scripts

Info scripts

Intrusive scripts

Summary

3. Connecting to Open Ports

Open ports

Connecting to open ports

Cracking passwords

Microsoft-DS port connection

A remote desktop connection

Summary

4. Vulnerabilities

A vulnerability

Reverse engineering

Shellshock

SSL Poodle

Zetasploit exploits

Summary

5. Attacking – MITM Style

Man in the middle?

ARP spoofing

MITM attacks through zANTI2

Logged requests

ZPacketEditor

SSL Strip

HTTP redirection

Replacing images

Capture/intercept downloads

Insert HTML

Summary

Index