这是google的一个项目,地址在最后。。。最后面有美化文档
Ad Network Detector (1.2): http://market.android.com/details?id=com.lookout.addetector
App Backup & Restore (1.0.5): http://market.android.com/details?id=mobi.infolife.appbackup
App Cache Cleaner (1.1.3): http://market.android.com/details?id=mobi.infolife.cache
ARPspoof: https://github.com/robquad/Arpspoof/Arpspoof.apk/qr_code
CACertMan (0.0.2-20110906): http://market.android.com/details?id=info.guardianproject.cacert
CacheMate for Root Users Free (2.4.2): http://market.android.com/details?id=com.aac.cachemate.demo
Carrier IQ Detector (1.1.1): http://market.android.com/details?id=com.lookout.carrieriqdetector
DeuterIDE (0.5): http://market.android.com/details?id=com.didactic.DeuterIDE
Devcheats (1.2): http://market.android.com/details?id=miquelco.devcheats
DroidVPN (1.8.7c): http://market.android.com/details?id=com.aed.droidvpn
Gibberbot (0.0.9-RC4): http://market.android.com/details?id=info.guardianproject.otr.app.im
InfoSec Reference (40): http://market.android.com/details?id=hackers.reference.free
IPv6 and More (2.1): http://market.android.com/details?id=com.tsts.ipv6
IrcDroid (4.0.8): http://market.android.com/details?id=pl.xampear.ircdroid
LUKS Manager (2.4): http://market.android.com/details?id=com.nemesis2.luksmanager
Naked Security (1.4.8.4060): http://market.android.com/details?id=com.conduit.app_a6722ad0d45240419c328b0fa48e6851.app
NoteCipher (0.0.4.1): http://market.android.com/details?id=info.guardianproject.notepadbot
ObscuraCam (2.0-RC2b): http://market.android.com/details?id=org.witness.sscphase1
OpenVPN Settings (0.4.11): http://market.android.com/details?id=de.schaeuffelhut.android.openvpn
Packet Injection (1.2): http://market.android.com/details?id=ot.semba.packetinjection
Pamn IP Scanner (nmap https://play.google.com/store/apps/details?id=com.wjholden.nmap
Pastebin for Android (3.5): http://market.android.com/details?id=com.jmz.pastedroidapp
Prey (0.5): http://market.android.com/details?id=com.prey
USB Device Info (0.0.5): http://market.android.com/details?id=aws.apps.usbDeviceEnumerator
Vpn1Click (2.21): http://market.android.com/details?id=com.vpnoneclick.android
Wifi Analyzer (3.2.232): http://market.android.com/details?id=com.farproc.wifi.analyzer
WiFi Key Recovery (0.0.8): http://market.android.com/details?id=aws.apps.wifiKeyRecovery
WinExploitSMBv2 (1.0): http://market.android.com/details?id=winexploitsmbv2.azelart.fr
AdFree (0.8.44): http://market.android.com/details?id=com.bigtincan.android.adfree
aDownloader (1.0.8.4): http://market.android.com/details?id=com.DroiDownloader
Advanced Task Killer Free (1.9.7B92): http://market.android.com/details?id=com.rechild.advancedtaskkiller
AIDE (1.0.beta19): http://market.android.com/details?id=com.aide.ui
AndCha (1.4.0.2 2012-05-11): http://market.android.com/details?id=net.andchat
androidVNC (0.5.0): http://market.android.com/details?id=android.androidVNC
AndroIRC (3.3.4): http://market.android.com/details?id=com.androirc
Android File Transfer MAC http://www.android.com/filetransfer/
android-nfc-paycardreader (taken down, cloned here) https://github.com/ciphersson/android-nfc-paycardreader
(another backup) https://www.dropbox.com/s/3q9vxu7ioiq5i4c/thomasskora-android-nfc-paycardreader-459a9b2.zip
AWS for Android (1.6.0): http://market.android.com/details?id=jp.dip.kizunasoft.aws
BusyBox Free (8.6): http://market.android.com/details?id=stericson.busybox
CACertMan https://play.google.com/store/apps/details?id=info.guardianproject.cacert
Conky? Widget (1.0.3): http://market.android.com/details?id=jp.masaki.TW
ConnectBot (1.7.1): http://market.android.com/details?id=org.connectbot
Cryptroid (2.9.3): http://market.android.com/details?id=com.andy.cryptroid
DoggCatcher (1.2.3430): http://market.android.com/details?id=com.snoggdoggler.android.applications.doggcatcher.v1_0
droid VNC server (1.1RC0): http://market.android.com/details?id=org.onaips.vnc
DroidCAT (1.0): http://market.android.com/details?id=anant.hax.droidcat
DroidEdit Free (1.14.8): http://market.android.com/details?id=com.aor.droidedit
DroidMote Client (2.9.1): http://market.android.com/details?id=org.videomap.droidmoteclient
DroidSheep (14):https://code.google.com/p/droidsheep/source/checkout
DroidSheep Guard:https://play.google.com/store/search?q=droidsheep+guard
DroidWall (1.5.7): http://market.android.com/details?id=com.googlecode.droidwall.free
Dropbox (2.1.7): http://market.android.com/details?id=com.dropbox.android
ElectroDroid (3.0.1): http://market.android.com/details?id=it.android.demi.elettronica
Enigma Simulator (1.07): http://market.android.com/details?id=uk.co.franklinheath.enigmasim
FaceNiff (2.1a): http://market.android.com/details?id=net.ponury.faceniff
Fake GPS (1.5.0): http://market.android.com/details?id=com.lexa.fakegps
Fing – Network Tools (2.0): http://market.android.com/details?id=com.overlook.android.fing
Firefox Beta (15.0): http://market.android.com/details?id=org.mozilla.firefox_beta
Gaug.es (1.4): http://market.android.com/details?id=com.github.mobile.gauges
Gibberbot https://play.google.com/store/apps/details?id=info.guardianproject.otr.app.im
GitHub (1.0.4): http://market.android.com/details?id=com.github.mobile
GooManager (2.1.1): http://market.android.com/details?id=com.s0up.goomanager
GPS OnOff (2.1.0): http://market.android.com/details?id=com.curvefish.widgets.gpsonoff
GScript (1.1.2): http://market.android.com/details?id=nl.rogro.GScriptFull
Hack a Droid (4.2): http://market.android.com/details?id=com.firebird.hackadroid
Hacker’s Keyboard (v1.33): http://market.android.com/details?id=org.pocketworkstation.pckeyboard
Hackers Home Pro (1.05): http://market.android.com/details?id=com.theredhatter_hackershomepro
Hash Droid (3.1): http://market.android.com/details?id=com.hobbyone.HashDroid
Iptables (beta) https://play.google.com/store/apps/details?id=com.mgranja.iptables&hl=en
Infosec Island (3): http://market.android.com/details?id=com.appmakr.app152726
Irssi ConnectBot (1.7.1-irssi): http://market.android.com/details?id=org.woltage.irssiconnectbot
IrssiNotifier (1.2): http://market.android.com/details?id=fi.iki.murgo.irssinotifier
LanDroid (1.25): http://market.android.com/details?id=net.fidanov.landroid
LauncherPro (0.8.6): http://market.android.com/details?id=com.fede.launcher
LBE Privacy Guard (3.0.1): https://play.google.com/store/search?q=lbe+privacy+guard
LogCat+ (0.1.0): http://market.android.com/details?id=com.baldhead.android.logcatplus
LUKS Manager https://play.google.com/store/apps/details?id=com.nemesis2.luksmanager
Lulz Soundboard (2.0): http://market.android.com/details?id=net.rocketbird.LulzSoundboard
Metal Sniffer (0.6.0): http://market.android.com/details?id=com.icechen1.metalsniffer
Mock GPS (1.1.1): http://market.android.com/details?id=com.tim.apps.mockgps
Moss (0.5): http://market.android.com/details?id=org.mosspaper
Nessus (1.0.1): http://market.android.com/details?id=com.tenable
Network Discovery (0.3.5): http://market.android.com/details?id=info.lamatricexiste.network
Network Info II (0.6.7): http://market.android.com/details?id=aws.apps.networkInfoIi
Network Spoofer (0.9.0): http://market.android.com/details?id=uk.digitalsquid.netspoofer
NewsRob (4.8.8): http://market.android.com/details?id=com.newsrob
Nmap (0.6.1): http://market.android.com/details?id=com.wjholden.nmap
NoteCipher https://play.google.com/store/apps/details?id=info.guardianproject.notepadbot
ObscuraCam https://play.google.com/store/apps/details?id=org.witness.sscphase1
Orbot Tor (0.2.3.17-beta-1.0.9-rc5a): http://market.android.com/details?id=org.torproject.android
Orweb Proxy+Privacy Browser https://play.google.com/store/apps/details?id=info.guardianproject.browser
PdaNet Tablet (2.20): http://market.android.com/details?id=com.pdanet.tablet2
Penetrate Pro Removed form google play. Reasonhere.>> http://underdev.org/http://www.forhacsec.com/2011/06/13/penetrate-wep-key-cracking-app-removed-from-the-android-market/My back up….https://www.dropbox.com/s/2rhs24m6dpurbe0/Penetrate%20Pro%20v2.7.1%20for%20Android.apkhttp://www.mediafire.com/?aamwjt5mvvtlewm
PiiK (1.0): http://market.android.com/details?id=net.ponury.piik
Ping & DNS (1.8.5): http://market.android.com/details?id=com.ulfdittmer.android.ping
Pixie (1.0.6): http://market.android.com/details?id=com.nbl.pixie
Pixie Probe (1.0.1): http://market.android.com/details?id=com.nbl.pixieprobe
Port Scanner (4.96): http://market.android.com/details?id=com.twistandroid.portscan
PortKnocker (1.2.0): http://market.android.com/details?id=org.thebigmachine.portknocker
Python for Android (6): http://market.android.com/details?id=com.googlecode.pythonforandroid
Python Programming Reference FREE (1.2): http://market.android.com/details?id=nadsoft.pythonprogrammingreferencefree
PythonConsole (1.2): http://market.android.com/details?id=com.pythonconsole
RemoteFile (1.8.2): http://market.android.com/details?id=com.grrzzz.remotefilefull
Root Explorer (2.20.1): http://market.android.com/details?id=com.speedsoftware.rootexplorer
SecuriteInfo.com NetAudit (2.24.3957): http://market.android.com/details?id=com.securiteinfo.android.netaudit
ShareMyApps (3.2.1): http://market.android.com/details?id=com.mattlary.shareMyApps
Shark (1.0.2): http://market.android.com/details?id=lv.n3o.shark
SharkReader (0.1.5): http://market.android.com/details?id=lv.n3o.sharkreader
Shoutcast Client (0.1.6): http://market.android.com/details?id=com.gomork
Show IP (1.4): http://market.android.com/details?id=mobi.mgeek.showip
Skype (2.8.0.920): http://market.android.com/details?id=com.skype.raider
SL4A (4): http://market.android.com/details?id=com.googlecode.android_scripting
SManager ads (2.4): http://market.android.com/details?id=os.tools.scriptmanager
Solid Explorer (1.3): http://market.android.com/details?id=pl.solidexplorer
SSHTunnel (1.5.4): http://market.android.com/details?id=org.sshtunnel
StickMount (1.5): http://market.android.com/details?id=eu.chainfire.stickmount
STUN Client (1.1): http://market.android.com/details?id=com.kodholken.stunclient
Superuser (3.1.3): http://market.android.com/details?id=com.noshufou.android.su
TeamViewer (7.0.405): http://market.android.com/details?id=com.teamviewer.teamviewer.market.mobile
Terminal Emulator (1.0.44): http://market.android.com/details?id=jackpal.androidterm
Translate (2.4.2): http://market.android.com/details?id=com.google.android.apps.translate
Twitter (3.3.1): http://market.android.com/details?id=com.twitter.android
WiFi File Transfer (1.0.3): http://market.android.com/details?id=com.smarterdroid.wififiletransfer
Wigle Bluetooth (1.0): http://market.android.com/details?id=net.wigle
WiGLE Wifi Wardriving (1.52): http://market.android.com/details?id=net.wigle.wigleandroid
X-Ray (1.0): http://market.android.com/details?id=com.duosecurity.xray
xkcd Browser (3.0): http://market.android.com/details?id=com.floern.xkcd
zAnti (1.0.5): http://market.android.com/details?id=com.zimperium.zanti
µTorrent Remote (1.0.20110929): http://market.android.com/details?id=com.utorrent.web
Frameworks and distros
Smartphone Pentest Framework http://www.bulbsecurity.com/smartphone-pentest-framework/
MobiSec http://sourceforge.net/projects/mobisec/
osaftoolkit http://osaf-community.org/
Santoku-Linux https://santoku-linux.com/
Android Security Evaluation Framework-ASEF https://code.google.com/p/asef/
android-apktool http://code.google.com/p/android-apktool/
dex2jar http://code.google.com/p/dex2jar/
Other stuff
Real APK Leecher Tageline: Real APK Leecher,the easiest way to download android apk file from Android Market to desktop http://codeimba.com/2012/03/09/real-apk-leecher-the-easiest-way-to-download-android-apk-file/http://codeimba.com/wp-content/uploads/Real%20APK%20Leecher.zip http://www.mediafire.com/?b5vibfddvxmh98y https://dl.dropbox.com/u/13532430/Real%20APK%20Leecher.zip
Android FOSS Repo http://f-droid.org/
按照项目上说,是会定期更新。可以关注http://code.google.com/p/android-security-list/wiki/AndroidSecurityList了解最新列表
美化版本的文档下载:http://pan.baidu.com/s/1kToQIW3
最后放一枚Android渗透工具dsploit:http://pan.baidu.com/s/1pJBdqif (视频和文档以及软件都在一起,新手上手比较快)