The most complete and advanced IT security professional toolkit on Android.
The Android OS must have a BusyBox full installation with every utility installed (not the partial installation). If you do not have busybox already, you can get it here or here (note cSploit does not endorse any busybox installer, these are just two we found).
Map your local network
Fingerprint hosts’ operating systems and open ports
Add your own hosts outside the local network
Integrated Metasploit framework RPCd
Search hosts for known vulnerabilities via integrated Metasploit daemon
Adjust exploit settings, launch, and create shell consoles on exploited systems
Forge TCP/UDP packets
Perform man in the middle attacks (MITM) including:
Image, text, and video replacement– replace your own content on unencrypted web pages
password sniffing ( with common protocols dissection )
Capture pcap network traffic files
Real time traffic manipulation to replace images/text/inject into web pages
DNS spoofing to redirect traffic to different domain
Break existing connections
Redirect traffic to another address
Session Hijacking– listen for unencrypted cookies and clone them to take Web session
My final goal is to write an application that is able to:
– enumerate local hosts
– find vulnerabilities
– find exploits for these vulnerabilities
– use those exploits to gain access to the target
– crack wifi passwords
– install backdoors for later access settings
Thanks to the new core, cSploit will be easily portable.
Basically it can run on any UNIX-based system, but for now only Android is supported. When I reach a beta-state version I will consider working on iOS, OSX, GTK+ and QT.