Mobile Security & Enterprise Mobility Blog

The New zANTI: Mobile Penetration & Security Analysis Toolkit

zANTI is an easy to use penetration testing and a security analysis toolkit.

With zANTI you can simulate real-world, commonly-used malicious cyberattack techniques.
Using zANTI, you will quickly discover unsafe elements in your networks, and in your devices that are connected to those networks.
Using zANTI, you will understand unsafe conditions on your devices in three layers: OS, applications and actual device usage.

For more information, and to download zANTI 3.0 for free, please go to:
https://www.zimperium.com/zanti-mobile-penetration-testing

zAnti is an android application that will run with a rooted permission on a Android phone with “permissive” SElinux.

At the highest level, zANTI lets testers know:

  • Who is, or was, connected to their network.
  • What isn’t safe on the network of connected devices.
  • What isn’t safe in network settings.
  • What isn’t safe within applications.
  • What isn’t safe in your device usage.
  • Where extra cyber protection is needed.

The latest version, zANTI 3.0, includes the real-world, commonly-used cyberattack technique capabilities that enable penetration testers to perform multiple operations, as outlined in the bullets and screenshots below.

 

Scan Your Network

Conduct network scans, in different levels, to identify connected devices and their details:

Get Detailed Information

  • Device name, model and manufacturer
  • Device OS and OS version
  • Device open ports, network IP and MAC address
  • Endpoint User-Agents

Check for Weak Points

Identify vulnerabilities by:

  • Scanning without the device being exploited

 

  • Matching known OS details

Simulate Attack Patterns

Conduct Man In the Middle (MITM) attacks in order:

  • Identify device properties that won’t be identified by scanning
  • Monitor decrypted data sent by the web browsers and the device application

Test With In-depth Attack Methods

Test/perform other MITM actions, e.g.,

  • Session Hijacking
  • User and password Phishing attempts
  • Browsing redirection
  • SSL stripping
  • Image replacement

Reveal Exploits

Enter the router management console in one click, if the username and password is not strong enough.

1-Click Reports

Producing scanning reports and enable to store and share them for each scanned network.


I would like to thank Adam Alioa for his continuous help on the zANTI project.

zANTI, because in order to be safe, you need to know where you are vulnerable…