zImperium’s zAnti is a quick and simple Android based app that you can use to test your network security. Want network scanning, Man-in-the-Middle (MITM) attacks, exploit capability and reporting features all from your Droid table or phone? Then look no further.
If you liked the previous version (called Anti) then you will love this update. zAnti seems to be smoother and easier to use than its predecessor. zAnti still comes with a token type credit system that allows you to access the more advanced features, but like the first one, you can still see the power of zAnti with the free version.
So how does it work?
Once you start the App, you will be asked to login. Then zAnti does a quick scan of available Wi-Fi networks and asks which one you want to test. Just select the network and zAnti does a quick scan and shows all the available hosts on the network.
Found a target that looks interesting? Just select it and with a quick swipe of the finger and you reach the Action menu. From here you can perform several different attacks including sniffing and exploit attempts. Swipe again and you come to the Nmap menu where you have the option to run several levels of nmap based scanning to attempt to detect OS version and service identification. Swipe once more and you will come to a comment page where you can write notes about the target.
In a test, I ran zAnti on my 7″ Polaroid Android Tablet. Within a few seconds I had a complete list of all the machines on my network. Selecting one of my Windows 7 systems from the menu I performed a deeper nmap scan. The scan found no open ports, and it could not provide much information about the client. But by switching to the Action menu I choose the sniffer option:
Within seconds I was viewing a list of all the webpages that my Windows 7 wired client was visiting, remotely on my droid tablet! Obviously some type of ARP (Address Resolution Protocol) cache poisoning was going on here.
A quick look at the Windows 7 client’s ARP Table showed that zAnti successfully performed a man-in-the-middle attack on the client. And sure enough, switched its MAC address for the client gateway. This effectively put the wireless Droid in between my router and the wired Windows 7 Client so it could sniff all the network traffic!
Even though you need to buy credits to do the more advanced attacks and Pentest reporting features, Free zAnti is a fun, sleek, uber-cool tool to add to the security toolbox. And if you need the advanced features, the support will help the company create even more feature rich programs in the future (zImperium is also working on some interesting looking mobile defense projects).
Did I mention they have a beta program from an iOS based version? 🙂