Wednesday, 26. October 2011
ExploitMe Mobile - Android
The application contains both mobile web and mobile programming defects and we've outlined a set of labs and solutions online to guide you. This tool will help both mobile QA and mobile web developers to learn the kinds of weaknesses that exist in the mobile app space.

Download
http://securitycompass.github.com/AndroidLabs

Permalink

 


Monday, 17. October 2011
BlueStacks - Android
BlueStacks allows users to run Android OS apps on Windows PCs with instant switching between the two.

Features of BlueStacks

Play Android apps fast and full-screen
Push your favorite apps from your Android phone to your PC using BlueStacks Cloud Connect
Run 10 pre-loaded apps “out of the box”
Install up to 26 more of your favorite apps
May not work fast on older netbooks and tablets
Available now for Win7, and it’s Free

Download
http://cdn.bluestacks.com/public/2002/BlueStacks_AppPlayer_Alpha.msi

Permalink

 


Monday, 5. September 2011
AVG Mobilation Pro for Android
AVG Mobilation pro for Android 1.6 and later is a comprehensive security app that combats virus and malware attacks.

Download
http://www.chip.de/downloads/AVG-Anti-Virus-Pro-Android-App-Vollversion_51286690.html

Permalink

 


Thursday, 1. September 2011
Analysing Android .Apk Files With Agnitio

Permalink

 


Wednesday, 17. August 2011
Faceniff - Web sniff - Android


Downlpoad app
http://faceniff.ponury.net/

Permalink

 


Wednesday, 3. August 2011
Android Trojan records phone calls - Android
A Trojan spying on your conversations

Source
http://community.ca.com/blogs/securityadvisor/archive/2011/08/01/a-trojan-spying-on-your-conversations.aspx

Permalink

 


Wednesday, 27. July 2011
APKinspector analysis tool - Android
The GUI tool for static analysis of Android malware is ready for an alpha release.

Download
https://bitbucket.org/ryanwsmith/apkinspector/downloads

Permalink

 


Wednesday, 13. July 2011
ZeuS trojan attacks Android
Several AV vendors report that, after targeting Symbian, BlackBerry and Windows Mobile devices, a variant of the ZeuS online banking trojan now also infects Android smartphones and will upload any TANs that arrive via SMS text message to a server. If they have control of victims' PCs as well as their smartphones, criminals are then able to bypass the mobile TAN system and make fraudulent transactions from their victims' accounts.

According to Kaspersky, the Android variant of ZeuS-in-the-Mobile (ZitMo) is more simple than the version for Symbian, which appeared in September 2010, and the Windows variant that followed. ZitMo for Android does not require any digital certificates and is injected by manual download of an alleged security extension from a company called Trusteer. Once installed, the trojan masquerades as an online banking activation app.

While this means that a variant of the ZeuS trojan now exists for most modern mobile and open platforms, there is no need for users to panic. For example, in none of the cases can the malware be injected into a device via a security hole when visiting a web page. Criminals always need to persuade users, in more or less ingenious ways, to download and install a specially crafted file onto their smartphones. Users who are certain that they won't fall for such tricks can continue to live without a virus scanner for their smartphones.

Permalink

 


Monday, 11. July 2011
viaExtract - Forensic tool for Android devices released
Key Features

An easy-to-use interface for data acquisition, analysis and reporting
Searching and sorting acquired data, plus printing to PDF
Pre-configured VM runs on Linux, Windows or Mac
Logical recovery of call logs, contacts, browser history, SMS/MMS and more
Forensically sound, proven technology
Purchase includes 1 year of updates and support, with many planned enhancements coming soon


Download Demo!
https://viaforensics.com/register/?p=viaextract-demo%2Caccess

Permalink

 


Android Botnet : Command and Control Channel over SMS
Shmoocon 2011 Smartphone Botnets over SMS Demo from Georgia Weidman. Compiling instructions are simple and straight forward. Please follow these:

Compile with arm-gcc with the -static flag set
Copy to anywhere on the underlying OS that is writable (/data/ is good).
Rename /dev/smd0/ to /dev/smd0real/
Start the bot application
Kill the radio application (ps | grep rild)
The radio will automatically respawn and now the bot proxy will be working

More interesting stuff such as the botnet structure, possible infection methods are presented by the author in here slides that can be found here.

PDF
http://www.grmn00bs.com/GeorgiaW_Smartphone_Bots_SLIDES_Shmoocon2011.pdf

Download
http://www.grmn00bs.com/botPoCrelease-android.c

http://vimeo.com/19372118

Permalink