How To: Securely Hardening Android Device

Gh0ster

Feb 28th, 2015

14.34 KB

________.__ _______ __

/ _____/| |__ \ _ \ _______/ |_ ___________

/ \ ___| | \/ /_\ \ / ___/\ __\/ __ \_ __ \

\ \_\ \ Y \ \_/ \\___ \ | | \ ___/| | \/

\______ /___| /\_____ /____ > |__| \___ >__|

\/ \/ \/ \/ \/

.::Android Security Hardening::.

=================================

/This guide was created to help you to securely configure your Android device to
stop spying and eavesdropping from various companies and government agencies. I
hope this guide helps you along the path to becoming truly Anonymous. Enjoy!

.::[Rooting]::.

=================

/It is strongly suggested that you root your device ASAP because it will give
you plenty of awesome things like modifying system files, installing pirated
apps, running any other mobile OS [Like CynogenMod], running root privilege
apps, spoofing IMEI, ESN and MEID IDs and much more.

/To root your device you will need the devices system drivers and a pre-made
root kit. There are plenty of ways to root your android. I suggest you head over
to http://forum.xda-developers.com.

.::[Security Hardening]::.

============================
/First, you need to enable Developer Options on your device if you haven't done
so already. To do this go into

-> Settings -> About Device -> Tap Build Number or Kernel Version OR Baseband
Version. Its different for every Android OS.

Settings -> Lock Screen -> Pattern/PIN -> ON

Settings -> Security -> Device Encryption -> ON

Settings -> Security -> SD Card Encryption -> ON

Settings -> Security -> Unknown Sources -> OFF

Settings -> Security -> Passwords Visible -> OFF

Settings -> Desktop Backup Password -> ON

Settings -> Security -> Password -> USB Debugging -> OFF

Settings -> Developer Options -> Do Not Keep Activities -> ON

Settings -> Developer Options -> Limit Background Processes -> At Most 2
Processes

Settings -> My Device -> Power Saving Mode -> ON

Settings -> My Device -> Voice Control -> OFF

Settings -> Accessibility -> Google Subtitles [CC] -> OFF

Settings -> Accessibility -> Samsung Subtitles [CC] -> OFF

Settings -> Date and Time -> Automatic Date and Time -> OFF

.::[Network Hardening]::.

===========================

/Make sure you check these off, prevents location tracking and bluetooth MITM
attacks and spoofs location in apps.

Settings -> Connections -> Bluetooth -> OFF

Settings -> Connections -> NFC -> OFF

Settings -> Connections -> S Beam -> OFF

Settings -> Connections -> Nearby Devices -> OFF

Settings -> Connections -> Screen Mirroring -> OFF

Settings -> Connections -> Tethering and Mobile Hotspot -> OFF

Settings -> Accounts & Sync -> OFF

Settings -> Location Services -> OFF

Settings -> My Device -> Smart Screen -> OFF

Settings -> Developer Options -> Allow Mock Locations -> ON

/It is highly recommended that you run a VPN service on your device, as it will
guarantee anonymous communication. You can configure VPN access by adding its
certificates to the root [/] filesystem of the device. Either internal storage
or SD Card. If your device does not have VPN configuration you can use the
OpenVPN apps to do this.

.::[Applications]::.

=====================

/These applications will need to be configured after installation.

/The ones marked with "**" are essential for privacy and security. Also note
some apps listed here MUST be configured! I added a "Configuration" section
under the apps that need to be.

**SuperSU

Download: https://play.google.com/store/apps/details?
id=eu.chainfire.supersu&hl=en

Description: SuperSU allows for advanced management of Superuser access rights

for all the apps on your device that need root. SuperSU has been built from the
ground up to counter a number of problems with other Superuser access management
tools.

**DroidWall

Download: https://code.google.com/p/droidwall/

Description: Blocks all incoming and outgoing packets from your apps.

Configuration: Be sure to disable all system applications and other applications

that may eat up your network bandwidth speed.

Enable Root Browser, RomToolBox, Wireless Tether, DroidWall, Busy Box, SuperSU
and any other relevant Application.
**Root Explorer

Download: https://code.google.com/p/p500/downloads/detail?
name=Root%20Explorer%20%282.19%29.apk

Description: Accesses your devices root system files.

**OpenVPN

Link: https://play.google.com/store/apps/details?id=de.blinkt.openvpn

Description: OpenVPN is a client software to connect to an OpenVPN server and

not a free VPN software.

**OpenVPN Installer

Download: https://play.google.com/store/apps/details?
id=de.schaeuffelhut.android.openvpn.installer

Description: OpenVPN Installer will try to install OpenVPN [2.1.1] in

/system/xbin or /system/bin. Your mileage might vary depending on your device.

**OpenVPN Settings

Download: https://play.google.com/store/apps/details?
id=de.schaeuffelhut.android.openvpn

Description: UI similar to Wi-Fi settings; Restart tunnel when connectivity

changes [e.g. from wifi to 3G]; Start on boot; Passphrase; DNS; Script-Security;
Write and View Log File; Open Source [GPLv3].

**OpenVPN Connect

Download: https://play.google.com/store/apps/details?id=net.openvpn.openvpn

Description: OpenVPN Connect is the official full-featured Android VPN client

for the OpenVPN Access Server, Private Tunnel VPN and OpenVPN community.

Wireless Tether

Download: https://code.google.com/p/android-wifi-tether/

Description: This program enables tethering via wifi for rooted devices.

**Call Control

Download: https://play.google.com/store/apps/details?
id=com.flexaspect.android.everycallcontrol

Description: Call Control is full featured call blocker that's super easy to use
and is a trusted call blocker by more than 10M users to block unwanted calls and
texts. Calls are blocked silently without you ever knowing someone called.

**RomToolBox

Download: https://play.google.com/store/apps/details?
id=com.jrummy.liberty.toolbox

Description: ROM Toolbox combines all the great root apps into one monster app
with a beautiful and easy to use interface. ROM Toolbox has every tool you need
to make your Android device fast and customized to your liking.

**BusyBox

Download: https://play.google.com/store/apps/details?id=stericson.busybox

Description: This is the only installer that is ad free and requires no internet
permission.

**NoBloat

Link: https://play.google.com/store/apps/details?
id=com.tvkdevelopment.nobloatfree

Description: NoBloat lets you delete unwanted apps that come per-installed with
your device.

**ORBot

Download: https://play.google.com/store/apps/details?id=org.torproject.android

Description: Orbot is a free proxy app that empowers other apps to use the
internet more securely. Orbot uses Tor to encrypt your Internet traffic and then
hides it by bouncing through a series of computers around the world.

**RedPhone

Download: https://play.google.com/store/apps/details?
id=org.thoughtcrime.redphone&hl=en

Description: This application will encrypt your voice calls if both users are is
running it.

F-Droid

Download: https://f-droid.org/

Description: F-Droid is an installable catalog of FOSS (Free and Open Source

Software) applications for the Android platform. The client makes it easy to
browse, install, and keep track of updates on your device.
Aptiode

Download: http://m.aptoide.com/installer?lang=EN

Description: A free market place to download pirated and cracked apps.

**Xabber

Download: https://f-droid.org/repository/browse/?
fdfilter=xabber&fdid=com.xabber.androiddev

Description: Xabber is a full Java implementation of XMPP, and supports both OTR
and Tor. Its UI is a bit more streamlined than Guardian Project's ChatSecure,
and it does not make use of any native code components (which are more
vulnerable to code execution exploits than pure Java code). Unfortunately, this
means it lacks some of ChatSecure's nicer features, such as push-to-talk voice
and file transfer.

Configuration: Go into settings and check the following.

Notifications -> Message text in Notifications -> Off (notifications can be read
by other apps!)

Accounts -> Integration into system accounts -> Off

Accounts -> Store message history -> Don't Store

Security -> Store History -> Off

Security -> Check Server Certificate

Chat -> Show Typing Notifications -> Off

Connection Settings -> Auto-away -> disabled

Connection Settings -> Extended away when idle -> Disabled

Keep Wifi Awake -> On

Prevent sleep Mode -> On

**Offline Calender

Download: https://f-droid.org/repository/browse/?
fdfilter=offline%20calendar&fdid=org.sufficientlysecure.localcalendar

Description: Offline Calendar is a hack to allow you to create a fake local

Google account that does not sync to Google. This allows you to use the Calendar
App without risk of leaking your activities to Google.

**K-9 Mail

Download: https://f-droid.org/repository/browse/?fdid=com.fsck.k9

Description: E-mail client supporting multiple accounts, POP3, IMAP and Push
IMAP. Can do encryption if APG and/or OpenKeychain is installed depending on the
version. Settings and account configurations can be exported so that they can be
imported easily if you are switching packages/signatures: a file manager will
need to be already installed to achieve this.

**APG

Download: https://f-droid.org/repository/browse/?fdid=org.thialfihar.android.apg

Description: APG is a port of OpenPGP for Android. Use it to encrypt and decrypt
files, and in conjunction with K-9 Mail, to seamlessly add support for
encrypting and decrypting emails, as well as adding and verifying digital
signatures.

OSMAnd~

Download: https://f-droid.org/repository/browse/?
fdfilter=osmand&fdid=net.osmand.plus

Description: A free offline mapping tool. While the UI is a little clunky, it

does support voice navigation and driving directions, and is a handy, private
alternative to Google Maps.

VLC

Download: https://f-droid.org/repository/browse/?
fdfilter=vlc&fdid=org.videolan.vlc

Description: Video and audio player that supports a wide range of formats, for
both local and remote playback.

**Firefox

Download: https://f-droid.org/repository/browse/?
fdfilter=firefox&fdid=org.mozilla.firefox

Description: Better browser then Chrome and the built in android browser.

Configuration: Go into Firefox settings and disable the following:

Settings -> Sync -> OFF

Settings -> Mozilla -> Telemetry -> OFF

Settings -> Mozilla -> Crash Reporter -> OFF

Settings -> Mozilla -> Health Report -> OFF

Settings -> Privacy -> Remember Passwords -> OFF

Settings -> Privacy -> Use Master Password -> OFF

Settings -> Privacy -> Tracking -> Do Not Track

Settings -> Privacy -> Cookies -> Enable Cookies; Excluding 3rd Party

Settings -> Developer Options -> Remote Debugging -> OFF

Download NoScript, HTTPS-Everywhere, Adblock Edge. Also be sure to edit the
"about:config" options withing Firefox. See my other Firefox guide for more
configuration here: http://pastebin.com/fn7VHwhm

**Launch App Ops

Download: https://f-droid.org/repository/browse/?
fdfilter=permissions&fdid=com.adstrosoftware.launchappops

Description: In Android 4.3 there is a new activity/screen, not accessible from

settings, called App Ops, where you can manage permissions for different apps.
This app simply allows you to launch this activity.

OS Monitor

Download: https://f-droid.org/repository/browse/?
fdfilter=os%20monitor&fdid=com.eolwral.osmonitor

Description: OS Monitor is an excellent Android process and connection

monitoring app, that can help you watch for CPU usage and connection attempts by
your apps.

**CCleaner

Download: https://play.google.com/store/apps/details?id=com.piriform.ccleaner

Description: Cleans all the useless crap that can slow your phone down such as
logs, cache, empty folders and more.

**Titanium Backup PRO

Download: https://play.google.com/store/apps/details?
id=com.keramidas.TitaniumBackup&hl=en

Description: You can backup, restore, freeze [With pro version] your apps, data,
market links. This includes all protected apps & system apps, plus external data
on your SD card. You can do 0-click batch & scheduled backups. Backups will
operate without closing any apps [With pro version]. You can move any app [or
app data] to and from the SD card. You can browse any app's data and even query
the Market to see detailed information about the apps.

dSploit

Download:
http://m.banzai13fr.store.aptoide.com/app/market/it.evilsocket.dsploit.debug/
1/4903638/dSploit

Description: Once dSploit is started, you will be able to easily map your
network, fingerprint alive hosts operating systems and running services, search
for known vulnerabilities, crack logon procedures of many TCP protocols, perform
man in the middle attacks such as password sniffing [With common protocols
dissection] and real time traffic manipulation and more.
Terminal Emulator

Download: https://play.google.com/store/apps/details?
id=jackpal.androidterm&hl=en

Description: Access your Android's built-in Linux command line shell.

========================

/After you install and configure these applications, it is recommended that you
use Titanium Backup to either freeze or uninstall EVERYTHING that has to do with
Google. These include:

Google Account Manager

Google Backup Transport

Google Calender Sync

Google Contacts Sync

Google Partner Setup

Google Play Services

Google Play Store

Google Search

Google Services Framework

Google Text-to-Speech Engine

Google+

LocationServices 1.0

Doing this means you will have no Google Play Store, No syncing with your Google
account, No Google Maps, No Google search, No Google Play Services, No YouTube,
No Google+, No Google Contacts, Nothing Google at all. This will ensure that
those asshats from Google are not tracking you, eavesdropping on your texts and
calls, logging all of your metadata and so on. Also, it is VERY important that
you DO NOT to install an app that uses a lot of permissions. Such as Facebook,
Facebook Messenger, Twitter, Steam, Netflix and so on.

/So there you have it! You are now running a securely hardened Android device.
If you are interested in reading more about this topic head over to:
https://blog.torproject.org/blog/mission-impossible-hardening-android-security-
and-privacy

/Feel free to suggest any more techniques for enhancing security and I will
gladly add them above!
.-.

( " )

/\_.' '._/\

| |

\ /

\ /`

.(__) /

`.__.' @Gh0sterSec

RAW Paste Data

________.__ _______ __ / _____/| |__ \ _ \ _______/ |_ ___________ / \ ___| | \/

/_\ \ / ___/\ __\/ __ \_ __ \ \ \_\ \ Y \ \_/ \\___ \ | | \ ___/| | \/
\______ /___| /\_____ /____ > |__| \___ >__| \/ \/ \/ \/ \/ .::Android Security
Hardening::. ================================= /This guide was created to help
you to securely configure your Android device to stop spying and eavesdropping
from various companies and government agencies. I hope this guide helps you
along the path to becoming truly Anonymous. Enjoy! .::[Rooting]::.
================= /It is strongly suggested that you root your device ASAP
because it will give you plenty of awesome things like modifying system files,
installing pirated apps, running any other mobile OS [Like CynogenMod], running
root privilege apps, spoofing IMEI, ESN and MEID IDs and much more. /To root
your device you will need the devices system drivers and a pre-made root kit.
There are plenty of ways to root your android. I suggest you head over to
http://forum.xda-developers.com. .::[Security Hardening]::.
============================ /First, you need to enable Developer Options on
your device if you haven't done so already. To do this go into -> Settings ->
About Device -> Tap Build Number or Kernel Version OR Baseband Version. Its
different for every Android OS. Settings -> Lock Screen -> Pattern/PIN -> ON
Settings -> Security -> Device Encryption -> ON Settings -> Security -> SD Card
Encryption -> ON Settings -> Security -> Unknown Sources -> OFF Settings ->
Security -> Passwords Visible -> OFF Settings -> Desktop Backup Password -> ON
Settings -> Security -> Password -> USB Debugging -> OFF Settings -> Developer
Options -> Do Not Keep Activities -> ON Settings -> Developer Options -> Limit
Background Processes -> At Most 2 Processes Settings -> My Device -> Power
Saving Mode -> ON Settings -> My Device -> Voice Control -> OFF Settings ->
Accessibility -> Google Subtitles [CC] -> OFF Settings -> Accessibility ->
Samsung Subtitles [CC] -> OFF Settings -> Date and Time -> Automatic Date and
Time -> OFF .::[Network Hardening]::. =========================== /Make sure you
check these off, prevents location tracking and bluetooth MITM attacks and
spoofs location in apps. Settings -> Connections -> Bluetooth -> OFF Settings ->
Connections -> NFC -> OFF Settings -> Connections -> S Beam -> OFF Settings ->
Connections -> Nearby Devices -> OFF Settings -> Connections -> Screen Mirroring
-> OFF Settings -> Connections -> Tethering and Mobile Hotspot -> OFF Settings
-> Accounts & Sync -> OFF Settings -> Location Services -> OFF Settings -> My
Device -> Smart Screen -> OFF Settings -> Developer Options -> Allow Mock
Locations -> ON /It is highly recommended that you run a VPN service on your
device, as it will guarantee anonymous communication. You can configure VPN
access by adding its certificates to the root [/] filesystem of the device.
Either internal storage or SD Card. If your device does not have VPN
configuration you can use the OpenVPN apps to do this. .::[Applications]::.
===================== /These applications will need to be configured after
installation. /The ones marked with "**" are essential for privacy and security.
Also note some apps listed here MUST be configured! I added a "Configuration"
section under the apps that need to be. **SuperSU Download:
https://play.google.com/store/apps/details?id=eu.chainfire.supersu&hl=en
Description: SuperSU allows for advanced management of Superuser access rights
for all the apps on your device that need root. SuperSU has been built from the
ground up to counter a number of problems with other Superuser access management
tools. **DroidWall Download: https://code.google.com/p/droidwall/ Description:
Blocks all incoming and outgoing packets from your apps. Configuration: Be sure
to disable all system applications and other applications that may eat up your
network bandwidth speed. Enable Root Browser, RomToolBox, Wireless Tether,
DroidWall, Busy Box, SuperSU and any other relevant Application. **Root Explorer
Download: https://code.google.com/p/p500/downloads/detail?
name=Root%20Explorer%20%282.19%29.apk Description: Accesses your devices root
system files. **OpenVPN Link: https://play.google.com/store/apps/details?
id=de.blinkt.openvpn Description: OpenVPN is a client software to connect to an
OpenVPN server and not a free VPN software. **OpenVPN Installer Download:
https://play.google.com/store/apps/details?
id=de.schaeuffelhut.android.openvpn.installer Description: OpenVPN Installer
will try to install OpenVPN [2.1.1] in /system/xbin or /system/bin. Your mileage
might vary depending on your device. **OpenVPN Settings Download:
https://play.google.com/store/apps/details?id=de.schaeuffelhut.android.openvpn
Description: UI similar to Wi-Fi settings; Restart tunnel when connectivity
changes [e.g. from wifi to 3G]; Start on boot; Passphrase; DNS; Script-Security;
Write and View Log File; Open Source [GPLv3]. **OpenVPN Connect Download:
https://play.google.com/store/apps/details?id=net.openvpn.openvpn Description:
OpenVPN Connect is the official full-featured Android VPN client for the OpenVPN
Access Server, Private Tunnel VPN and OpenVPN community. Wireless Tether
Download: https://code.google.com/p/android-wifi-tether/ Description: This
program enables tethering via wifi for rooted devices. **Call Control Download:
https://play.google.com/store/apps/details?
id=com.flexaspect.android.everycallcontrol Description: Call Control is full
featured call blocker that's super easy to use and is a trusted call blocker by
more than 10M users to block unwanted calls and texts. Calls are blocked
silently without you ever knowing someone called. **RomToolBox Download:
https://play.google.com/store/apps/details?id=com.jrummy.liberty.toolbox
Description: ROM Toolbox combines all the great root apps into one monster app
with a beautiful and easy to use interface. ROM Toolbox has every tool you need
to make your Android device fast and customized to your liking. **BusyBox
Download: https://play.google.com/store/apps/details?id=stericson.busybox
Description: This is the only installer that is ad free and requires no internet
permission. **NoBloat Link: https://play.google.com/store/apps/details?
id=com.tvkdevelopment.nobloatfree Description: NoBloat lets you delete unwanted
apps that come per-installed with your device. **ORBot Download:
https://play.google.com/store/apps/details?id=org.torproject.android
Description: Orbot is a free proxy app that empowers other apps to use the
internet more securely. Orbot uses Tor to encrypt your Internet traffic and then
hides it by bouncing through a series of computers around the world. **RedPhone
Download: https://play.google.com/store/apps/details?
id=org.thoughtcrime.redphone&hl=en Description: This application will encrypt
your voice calls if both users are is running it. F-Droid Download: https://f-
droid.org/ Description: F-Droid is an installable catalog of FOSS (Free and Open
Source Software) applications for the Android platform. The client makes it easy
to browse, install, and keep track of updates on your device. Aptiode Download:
http://m.aptoide.com/installer?lang=EN Description: A free market place to
download pirated and cracked apps. **Xabber Download:
https://f-droid.org/repository/browse/?
fdfilter=xabber&fdid=com.xabber.androiddev Description: Xabber is a full Java
implementation of XMPP, and supports both OTR and Tor. Its UI is a bit more
streamlined than Guardian Project's ChatSecure, and it does not make use of any
native code components (which are more vulnerable to code execution exploits
than pure Java code). Unfortunately, this means it lacks some of ChatSecure's
nicer features, such as push-to-talk voice and file transfer. Configuration: Go
into settings and check the following. Notifications -> Message text in
Notifications -> Off (notifications can be read by other apps!) Accounts ->
Integration into system accounts -> Off Accounts -> Store message history ->
Don't Store Security -> Store History -> Off Security -> Check Server
Certificate Chat -> Show Typing Notifications -> Off Connection Settings ->
Auto-away -> disabled Connection Settings -> Extended away when idle -> Disabled
Keep Wifi Awake -> On Prevent sleep Mode -> On **Offline Calender Download:
https://f-droid.org/repository/browse/?
fdfilter=offline%20calendar&fdid=org.sufficientlysecure.localcalendar
Description: Offline Calendar is a hack to allow you to create a fake local
Google account that does not sync to Google. This allows you to use the Calendar
App without risk of leaking your activities to Google. **K-9 Mail Download:
https://f-droid.org/repository/browse/?fdid=com.fsck.k9 Description: E-mail
client supporting multiple accounts, POP3, IMAP and Push IMAP. Can do encryption
if APG and/or OpenKeychain is installed depending on the version. Settings and
account configurations can be exported so that they can be imported easily if
you are switching packages/signatures: a file manager will need to be already
installed to achieve this. **APG Download:
https://f-droid.org/repository/browse/?fdid=org.thialfihar.android.apg
Description: APG is a port of OpenPGP for Android. Use it to encrypt and decrypt
files, and in conjunction with K-9 Mail, to seamlessly add support for
encrypting and decrypting emails, as well as adding and verifying digital
signatures. OSMAnd~ Download: https://f-droid.org/repository/browse/?
fdfilter=osmand&fdid=net.osmand.plus Description: A free offline mapping tool.
While the UI is a little clunky, it does support voice navigation and driving
directions, and is a handy, private alternative to Google Maps. VLC Download:
https://f-droid.org/repository/browse/?fdfilter=vlc&fdid=org.videolan.vlc
Description: Video and audio player that supports a wide range of formats, for
both local and remote playback. **Firefox Download:
https://f-droid.org/repository/browse/?fdfilter=firefox&fdid=org.mozilla.firefox
Description: Better browser then Chrome and the built in android browser.
Configuration: Go into Firefox settings and disable the following: Settings ->
Sync -> OFF Settings -> Mozilla -> Telemetry -> OFF Settings -> Mozilla -> Crash
Reporter -> OFF Settings -> Mozilla -> Health Report -> OFF Settings -> Privacy
-> Remember Passwords -> OFF Settings -> Privacy -> Use Master Password -> OFF
Settings -> Privacy -> Tracking -> Do Not Track Settings -> Privacy -> Cookies
-> Enable Cookies; Excluding 3rd Party Settings -> Developer Options -> Remote
Debugging -> OFF Download NoScript, HTTPS-Everywhere, Adblock Edge. Also be sure
to edit the "about:config" options withing Firefox. See my other Firefox guide
for more configuration here: http://pastebin.com/fn7VHwhm **Launch App Ops
Download: https://f-droid.org/repository/browse/?
fdfilter=permissions&fdid=com.adstrosoftware.launchappops Description: In
Android 4.3 there is a new activity/screen, not accessible from settings, called
App Ops, where you can manage permissions for different apps. This app simply
allows you to launch this activity. OS Monitor Download:
https://f-droid.org/repository/browse/?
fdfilter=os%20monitor&fdid=com.eolwral.osmonitor Description: OS Monitor is an
excellent Android process and connection monitoring app, that can help you watch
for CPU usage and connection attempts by your apps. **CCleaner Download:
https://play.google.com/store/apps/details?id=com.piriform.ccleaner Description:
Cleans all the useless crap that can slow your phone down such as logs, cache,
empty folders and more. **Titanium Backup PRO Download:
https://play.google.com/store/apps/details?id=com.keramidas.TitaniumBackup&hl=en
Description: You can backup, restore, freeze [With pro version] your apps, data,
market links. This includes all protected apps & system apps, plus external data
on your SD card. You can do 0-click batch & scheduled backups. Backups will
operate without closing any apps [With pro version]. You can move any app [or
app data] to and from the SD card. You can browse any app's data and even query
the Market to see detailed information about the apps. dSploit Download:
http://m.banzai13fr.store.aptoide.com/app/market/it.evilsocket.dsploit.debug/
1/4903638/dSploit Description: Once dSploit is started, you will be able to
easily map your network, fingerprint alive hosts operating systems and running
services, search for known vulnerabilities, crack logon procedures of many TCP
protocols, perform man in the middle attacks such as password sniffing [With
common protocols dissection] and real time traffic manipulation and more.
Terminal Emulator Download: https://play.google.com/store/apps/details?
id=jackpal.androidterm&hl=en Description: Access your Android's built-in Linux
command line shell. ======================== /After you install and configure
these applications, it is recommended that you use Titanium Backup to either
freeze or uninstall EVERYTHING that has to do with Google. These include: Google
Account Manager Google Backup Transport Google Calender Sync Google Contacts
Sync Google Partner Setup Google Play Services Google Play Store Google Search
Google Services Framework Google Text-to-Speech Engine Google+ LocationServices
1.0 Doing this means you will have no Google Play Store, No syncing with your
Google account, No Google Maps, No Google search, No Google Play Services, No
YouTube, No Google+, No Google Contacts, Nothing Google at all. This will ensure
that those asshats from Google are not tracking you, eavesdropping on your texts
and calls, logging all of your metadata and so on. Also, it is VERY important
that you DO NOT to install an app that uses a lot of permissions. Such as
Facebook, Facebook Messenger, Twitter, Steam, Netflix and so on. /So there you
have it! You are now running a securely hardened Android device. If you are
interested in reading more about this topic head over to:
https://blog.torproject.org/blog/mission-impossible-hardening-android-security-
and-privacy /Feel free to suggest any more techniques for enhancing security and
I will gladly add them above! .-. ( " ) /\_.' '._/\ | | \ / \ /` .(__) / `.__.'
@Gh0sterSec