Offensive Security, the security training company behind Kali Linux, the popular Debian-based OS designed for digital forensics and penetration testing, and Kali community member “BinkyBear” have created another great tool for pentesters: NetHunter.
“NetHunter is a Android penetration testing platform for Nexus devices built on top of Kali Linux,” the company explained on the tool’s official website. “Of course, you have all the usual Kali tools in NetHunter as well as the ability to get a full VNC session from your phone to a graphical Kali chroot.”
But the NetHunter OS also has additional features like pre-programmed HID Keyboard attacks (turns the device and its OTG USB cable into a pre-programmed keyboard), BadUSB Man In The Middle attacks, one-click MANA Evil Access Point setups (for performing Wi-Fi AP and MitM attacks), and so on.
This is only the beginning, they say, as they hope to add new features with the help of the community.
Those wishing to test NetHunter can do so immediately, as the tool is open source and free to use. The only thing that they must have to make it work as it should is a Google Nexus device (5, 7 or 10).
The tool currently does not work well on non-Nexus Android devices, because it’s designed to exploit specific kernel sources the team managed to get from Google.
“It is possible to build ‘rootfs’ NetHunter images only, which don’t include our custom kernel, so features like HID, Wi-Fi injection, and BadUSB will not work, and in general, ‘Your Mileage May Vary’, they explained. “We do not provide support for this though, so you’re on your own.”