18 Best Hacking Apps For Android [Free] 2020


Today we’ll explore the best ethical Hacking Apps For Android hacking tools used by Worldwebcourse.onlione

Best Hacking Apps For Android [Free] 2020

Android is the world’s most popular operating system and Best Hacking Apps For Android in 2020 its userbase consists of many ethical hacking enthusiasts as well. This has also inspired different developers to create useful ethical hacking apps for Android.

To help out our readers who are interested in performing penetration testing and forensics via their Android smartphones, we’ve curated a list of top and free tools for 2020 that one can use on their rooted as well as non-rooted devices. Our list includes popular Wi-Fi and phone hacking apps like Hackode, zANTI, Shark for Root, etc.

You can find the list of apps and their category in the table below. Further down in the article, I’ve mentioned the pros and cons of these hacker apps as per my own experience and industry reviews. I’ve also provided the relevant download links to help you get started in no time. If you’re looking for similar tools for Windows, Linux, macOS, and iPhone do check out our dedicated lists:

  • Hacking tools for Windows, macOS, Linux
  • iPhone hacking apps and tools

Hacking Apps For Rooted & Non-Rooted Android

  1. AndroRAT
  2. Hackode
  3. zANTI
  4. FaceNiff
  5. Shark for Root
  6. Droidsheep
  7. DroidBox
  8. Nmap
  9. SSHDroid
  10. Wi-Fi Kill
  11. Kali Linux NetHunter
  12. Fing
  13. Wireshark
  14. SQLNinja
  15. Wapiti
  16. Maltego
  17. Reaver
  18. Ettercap

just for educational purposes. We don’t support the use of any tool to indulge in unethical purposes.

18 Best Hacking Apps For Android Phones in 2020

1. AndroRAT


AndroRAT stands for Android and RAT (Remote Administrative Tools). This top free hacking tool was released a long time ago as a client/server application. The app aims to give you control of the Android system remotely and fetch the information from it. This Android app runs as a service right after the boot. So, a user doesn’t need to interact with the service. The app provides you the ability to trigger the server connection by a call or SMS.

The features in this useful Android hacking app include collecting information like contacts, call logs, messages, and location. The app also allows you to remotely monitor received message and state of the phone, making a phone call and sending texts, taking pictures from the camera, opening URL in the default browser, etc.

  • Get contacts (and all their information)
  • Do vibrate the phone
  • Get call logs
  • Open an URL in the default browser
  • Get all messages
  • Send a text message
  • Location by GPS/Network
  • Do a toast
  • Monitoring received messages in live
  • Streaming video (for activity based client only)
  • Monitoring phone state in live (call received, call sent, call missed..)
  • Stream sound from the microphone (or other sources..)
  • Take a picture from the camera

Best Hacking Apps For Android in 2020

2. Hackode


The second entry on our list of top hacking Android apps for 2020 is Hackode. It is an app that is basically a collection of multiple tools for ethical hackers, IT specialists, and penetration testers. In the app, there are three modules — Reconnaissance, Scanning, Security Feed — available in the application.

With this app, you get functionalities like Google hacking, SQL Injection, MySQL Server, Whois, Scanning, DNS lookup, IP, MX Records, DNS Dif, Security RSS Feed, Exploits, etc. It’s a great Android hacking app to start with and it doesn’t ask for your private information to operate.

This Application contains different tools like:

  • Reconnaissance
  • Google Hacking
  • Google Dorks
  • Whois
  • Scanning
  • Ping
  • Traceroute
  • DNS lookup
  • IP
  • MX Records
  • DNS Dig
  • Exploits
  • Security RSS Feed

This Application is still in the beta version. We will be releasing soon its full version with some better tools and utilities. Stay tuned for more updates.

3. zANTI

zANTI is a reputed Best Hacking Apps For Android in 2020 suite from Zimperium. This software suite comes with multiple tools that are widely used for penetration testing purposes. This mobile penetration testing toolkit allows security researchers to scan a network easily. This toolkit allows IT administrators to simulate an advanced hacking environment to detect multiple malicious techniques.

zANTI could be called an app that brings the power of Backtrack on your Android device. As soon as you login into zANTI, it maps the entire network and sniffs the websites being visited along with their cookies — thanks to ARP cache poisoning on devices.

The various modules in the app are network mapping, port discovery, sniffing, packet manipulation, DoS, MITM, and more.

take a look at things you can do with zANTI:

  • Change device’s MAC address.
  • Create a malicious WiFi hotspot.
  • Hijack HTTP sessions.
  • Capture downloads.
  • Modify HTTP requests and responses.
  • Exploit routers.
  • Audit passwords.
  • Check a device for shellshock and SSL poodle vulnerability.

4. FaceNiff


FaceNiff is a top Android hacking app that allows you to intercept and sniff your WiFi network traffic. This tool is widely used to snoop into people’s Facebook, Twitter, and other social media websites using your Android device. This hacker-favorite tool steals cookies from the Wi-Fi network and gives an attacker unauthorized access to the victim’s account.

FaceNiff is developed by Bartosz Ponurkiewicz — the same developer who wrote Firesheep for Firefox hacking on the desktop.

FaceNiff supports following services:

  • FaceBook
  • Twitter
  • YouTube
  • Amazon
  • VKontakte
  • Tumblr
  • MySpace
  • Tuenti
  • StudiVZ MeinVZ
  • Blogger
  • Nasza-Klasa

What is FaceNiff?

FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to. It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK) It’s kind of like Firesheep for android.

What is DroidSheep?

DroidSheep is an android tool developed by Andreas Koch for security analysis in wireless networks. It is basically a session hijacking tool that allows hackers to capture session cookies over the wireless network. That means you can sniff and capture the web session profiles of a person who is on the same network.

What is zANTI?

zANTI is a penetration testing toolkit developed by Zimperium Mobile Security for cybersecurity professionals. Basically, it allows you to simulate malicious attacks on a network.

What is zANTI APK?

zANTI™ is a mobile penetration testing toolkit that lets security managers assess the risk level of a network with the push of a button. … zANTI™ mirrors the methods a cyber-attacker can use to identify security holes within your network.

What is DroidSheep?

DroidSheep is an android tool developed by Andreas Koch for security analysis in wireless networks. It is basically a session hijacking tool that allows hackers to capture session cookies over the wireless network. That means you can sniff and capture the web session profiles of a person who is on the same network.

5. Shark for Root


Shark for Root is an advanced tool for security experts and hackers. This tool works as a traffic snipper and works on Wi-Fi, 3G, and FroYo tethered mode. One can also use the tcpdump command for this free hacking app for rooted Android devices.

Best Hacking Apps For Android in 2020

6. Droidsheep


Droidsheep is an effective hacking app developed for security analysts interested in playing with Wi-Fi networks. The app has the ability to hijack web session profiles over a network and it works with almost all services and websites.

As you fire up the Droidsheep app, it acts as a router that monitors and intercepts all the Wi-Fi network traffic and fetches the profiles of active sessions. With this app, one can sniff Facebook, LinkedIn, Twitter, and other social media accounts.

DroidSheep Guard, another version of the app, helps you to detect ARP-Snooping on the networks i.e. the attacks by FaceNiff, Droidsheep, and other software.

Find the APK/Download link of Droidsheep app here — Droidsheep

world web course
Best Hacking Apps For Android in 2020

7. DroidBox


DroidBox is an app that offers dynamic analysis of Android applications. Using the app, one can get a wide range of results about the hashes for the APK package, network traffic, SMS and phone calls, information leaks via different channels etc.

This top Android hacking application also gives you the ability to visualize the behavior of an Android app package.


What is DroidBOX?

dropbox is a small computer running a version of the Android OS (like many smartphones). The advantage is that it is more open-ended since you can install any app that you can on a phone.

How do I use DroidBOX?

First, (with your DroidBOX and TV already turned on, in Android if you have a dual boot device), click the Settings icon on your DroidBOX’s home screen (normally one or two cogs). Click the Advanced tab, then the Miracast entry. Click on Definition Settings and change it to HD

Is DroidBOX any good?

The DroidBOX T8-S is a well-made and reasonably powerful device with benchmark scores slightly better than the specs would suggest. It also comes with some nice, unique features that include a mobile app that, in terms of functionality, is a rival for those from the major TV manufacturers.

Find the APK/Download link of this free phone hacking app here — DroidBox

Best Hacking Apps For Android in 2020

8. Nmap


One of the most popular network scanning apps for desktop can also be used on the Android operating system. Nmap works on both non-rooted and rooted phones. If you are a beginner Android hacker, this hacking app is a must-have.


What is Nmap used for?

Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks

Is it illegal to use nmap?

While civil and (especially) criminal court cases are the nightmare scenario for Nmap users, these are very rare. After all, no United States federal laws explicitly criminalize port scanning. … Of course, this does not make port scanning illegal.

What is Nmap command?

Nmap, or Network Mapper, is an open-source Linux command-line tool for network exploration and security auditing. With Nmap, server administrators can quickly reveal hosts and services, search for security issues, and scan for open ports

Who uses nmap?

Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks

Best Hacking Apps For Android in 2020

9. SSHDroid


SSHDroid is an SSH server implementation developed for Android that allows you to connect your Android device to a PC and run commands like ‘terminal’ and ‘ADB shell’ and edit files. It provides extra security later when you are connecting to a remote machine.

The app provides features like shared-key authentication, WiFi autostart whitelist, extended notification control, etc,

10. Wi-Fi Kill


Wi-Fi Kill is a great hacking tool for rooted Android devices. Using this tool, one can disable a device’s internet connection if it’s connected to your network. In reality, it blocks the packet data going to a device. Thanks to its simple interface, any novice user can use this Android hacking app. Find the apk for this tool using the link given below

11. Kali Linux NetHunter


Kali Linux NetHunter is the first open-source penetration testing platform for Android-powered Nexus devices and OnePlus One. It supports Wireless 802.11 frame injection, HID keyboard, 1-click MANA Evil Access Point setups, BadUSB MITM attacks. etc.


What is Kali Linux NetHunter?

The Kali Linux NetHunter project is the first Open Source Android penetration testing platform for Nexus devices, created as a joint effort between the Kali community member “BinkyBear” and Offensive Security.

What is the use of Kali Linux NetHunter?

The Kali NetHunter is an Android ROM overlay that includes a robust Mobile Penetration Testing Platform. … The overlay includes a custom kernel, a Kali Linux chroot, and an accompanying Android application, which allows for easier interaction with various security tools and attacks.

What is the difference between Kali Linux and Kali NetHunter?

The primary difference between the two flavors is, Kali Linux is used in desktop computers or laptops(dual boot or by a virtual box) whereas kali nethunter is used in mobiles.

12. Fing Network Scanner


This popular network scanner app for Android is used by hackers and security professionals to discover which devices are connected to the internet, map devices, locate security risks, find intruders, solve network problems, etc. It comes with more than a dozen free network tools for making your job easier.


What is fing network scanner?

With over 20 million downloads, Fing is the number 1 free network scanner for Android and iOS. The app allows you to quickly and easily scan any network you are connected to in order to see what other devices are also connected

13. Wireshark

Wireshark is free open-source software that allows you to analyze network traffic in real-time. Thanks to its sniffing technology, Wireshark is widely known for its ability to detect security problems in any network, as well as for its effectiveness in solving general networking problems.

While sniffing the network, you’re able to intercept and read results in a human-readable format, which makes it easier to identify potential problems (such as low latency), threats, and vulnerabilities.

Main features:

  • Saves analysis for offline inspection
  • Packet browser
  • Powerful GUI
  • Rich VoIP analysis
  • Inspects and decompresses gzip files
  • Reads other capture file-formats including Sniffer Pro, tcpdump (libpcap), Microsoft network monitor, Cisco Secure IDS iplog, etc.
  • Supported ports and network devices: Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI.
  • Protocol decryption includes but not limited to IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
  • Exports results to XML, PostScript, CSV, or plain text

Wireshark supports up to 2000 different network protocols, and is available on all major operating systems including:

  • Linux
  • Windows
  • Mac OS X
  • FreeBSD, NetBSD, OpenBSD


Is it illegal to use Wireshark?

Generally speaking, Wireshark is a tool. A tool can be used legally, and it can be used illegally. There is nothing intrinsically illegal about the tool itself. … Meanwhile, if you use Wireshark as a network administrator to troubleshoot your network, that would almost certainly not be

What type of tool is Wireshark?

Wireshark is an open-source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer, or sniffer.

How do I detect Wireshark on a network?

You can’t detect a fully passive sniffer on the network, with “fully passive” meaning that the PC running Wireshark (or any other sniffing software) uses a network card with its TCP/IP stack disabled. That way the card will only listen and never talk, so you can’t spot it on the network.

14. SQLNinja

SQLNinja is another SQL vulnerability scanner bundled with Kali Linux distribution. This tool is dedicated to target and exploit web apps that use MS SQL Server as the backend database server. Written in Perl, SQLNinja is available in multiple Unix distros where the Perl interpreter is installed, including:

  • Linux
  • Mac OS X & iOS
  • FreeBSD

SQLninja can be run in different types of modes such as:

  • Test mode
  • Verbose mode
  • Fingerprint remote database mode
  • Brute force attack with a word list
  • Direct shell & reverse shell
  • Scanner for outbound ports
  • Reverse ICMP Shell
  • DNS tunneled shell

15. Wapiti

Wapiti is a free open-source command-line based vulnerability scanner written in Python. While it’s not the most popular tool in this field, it does a good job of finding security flaws in many web applications.

Using Wapiti can help you to discover security holes including:

  • XSS attacks
  • SQL injections
  • XPath injections
  • XXE injections
  • CRLF injections
  • Server side request forgery

Other features include:

  • Runs in verbose mode
  • Ability to pause and resume scans.
  • Highlights vulnerabilities found inside the terminal
  • Generates reports and export into HTML, XML, JSON, and TXT
  • Activates and deactivates multiple attack modules
  • Removes parameters from certain URLs
  • Excludes URLs during an attack
  • Bypasses SSL certificate verification
  • URL extractor from javascript
  • Timeout configuration for large scans
  • Sets custom user-agent and HTTP headers

16. Maltego

Maltego is the perfect tool for intel gathering and data reconnaissance while you’re performing the first analysis of your target.

In this case, it can be used to correlate and determine relationships between people, names, phone numbers, email addresses, companies, organizations, and social network profiles.

Along with online resources like Whois data, DNS records, social networks, search engines, geolocation services, and online API services it can also be used to investigate the correlation between internet-based infrastructures including:

  • Domain names
  • DNS servers
  • Netblocks
  • IP addresses
  • Files
  • Web Pages

Main features include:

  • GUI-based interface
  • Analyzes up to 10.000 entities per graph
  • Extended correlation capabilities
  • Data sharing in real time
  • Correlated data graphics generator
  • Exports graphs to GraphML
  • Generates entity lists
  • Can copy and paste information

This application is available for Windows, Linux, and Mac OS, and the only software requirement is to have Java 1.8 or greater installed.


What is maltego used for?

Maltego is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet.

Is maltego legal to use?

Maltego Disclaimer: The company clarifies that their software may not be used for unlawful actions: “You are not limited in how you can use the software but you can’t use it for unlawful actions (including collecting email addresses for sending spam).

world web course-logo

17. Reaver

Reaver is a great open-source alternative to Aircrack-ng that allows you to audit the security of any Wifi with WPA/WPA2 passkeys. It uses brute force Wifi attack techniques like Pixie dust attacks to crack Wifi-protected setups through common Wifi flaws and vulnerabilities.

Depending on how well-configured the router-level Wifi security is, it can take between 3 to 10 hours to get an effective brute-force cracking result.

Until recently, the original Reaver version was hosted at Google Cloud. After the release version of version 1.6, a forked community edition was launched in Github.

Build-time dependencies

  • build-essential
  • libpcap-dev

Runtime-time dependencies

  • pixiewps (required for pixiedust attack)

It runs well on most Linux distributions.

18. Ettercap

Ettercap is a network interceptor and packet sniffer for LAN networks. It supports active and passive scans as well as various protocols, including encrypted ones such as SSH and HTTPS.

Other capabilities include network and host analysis (like OS fingerprint), as well as network manipulation over established connections — which makes this tool great for testing man-in-the-middle attacks.

Main features

  • Active and passive protocol analysis
  • Filters based on IP source and destination, Mac and ARP addresses
  • Data injection into established connections
  • SSH and HTTPS encryption-based protocols
  • Sniffs remote traffic over GRE tunnel
  • Extensible with plugins
  • Protocol supports include Telnet, FTP, Imap, Smb, MySQL, LDAP, NFS, SNMP, HTTP, etc.
  • Determines OS name and version
  • Able to kill established LAN connections
  • DNS Hijacking


Does Reaver still work?

It used to do its charm till the mid of last year i.e. 2015 but with the advent of new routers that come with improved technology and lock-out defenders, reaver remains at bay now. … While no results at all against another router on both distros.

What is a WPS attack?

WPS Pin Attack. This is a convenient feature that allows the user to configure a client device against a wireless network by simultaneously pressing a button on both the access point and the client device (the client-side “button” is often in software) at the same time.

  1. Florentino says

    What’s up to every body, it’s my first pay a quick visit of this blog; this web site consists of awesome and in fact good data designed for readers.|

  2. Francisco says

    There’s certainly a great deal to learn about this subject. I like all of the points you have made.|

  3. Anton says

    I do trust all the ideas you’ve offered in your post. They’re very convincing and can definitely work. Still, the posts are very quick for newbies. Could you please lengthen them a little from subsequent time? Thanks for the post.|

  4. Lucien says

    Hey, I think your blog might be having browser compatibility issues. When I look at your blog in Opera, it looks fine but when opening in Internet Explorer, it has some overlapping. I just wanted to give you a quick heads up! Other then that, superb blog!|

  5. Rosalee says

    Spot on with this write-up, I really believe that this website needs a great deal more attention. I’ll probably be back again to read through more, thanks for the advice!|

  6. Vena says

    Excellent post. I was checking continuously this weblog and I am impressed! Extremely useful information specially the final phase 🙂 I take care of such info much. I was looking for this particular info for a long time. Thank you and best of luck. |

  7. Daniel says

    Thank you for the good writeup. It in fact was a amusement account it. Look advanced to far added agreeable from you! However, how can we communicate?|

  8. Michael says

    You actually make it seem so easy with your presentation but I find this matter to be really something that I think I would never understand. It seems too complicated and extremely broad for me. I’m looking forward for your next post, I’ll try to get the hang of it!|

  9. Shanta says

    Wow, this post is pleasant, my younger sister is analyzing these things, so I am going to inform her.|

  10. Vita says

    Heya i’m for the first time here. I came across this board and I find It really useful & it helped me out much. I hope to give something back and help others like you aided me.|

  11. Valarie says

    It’s very easy to find out any topic on web as compared to textbooks, as I found this piece of writing at this website.|

  12. Salome says

    Hmm it looks like your blog ate my first comment (it was extremely long) so I guess I’ll just sum it up what I had written and say, I’m thoroughly enjoying your blog. I too am an aspiring blog blogger but I’m still new to the whole thing. Do you have any tips for rookie blog writers? I’d certainly appreciate it.|

  13. Julianna says

    Very nice article, exactly what I needed.|

  14. Isa says

    Hi there, simply turned into alert to your weblog via Google, and located that it is really informative. I’m going to be careful for brussels. I’ll be grateful in the event you proceed this in future. Numerous other folks can be benefited out of your writing. Cheers!|

  15. Denver says

    Keep on working, great job!|

Leave A Reply

Your email address will not be published.