Android Penetration Tool [ RAT for Android ]
Screenshots
In-app binder and modules on the operator handset Β· desktop merge alternative: binder/ Β· binder/BINDER.md
Home |
|
|
||
APK binder β config |
APK binder β logs |
APK binder β activity hook |
||
Network scanner β embedded NmapDrop a GIF or still here alongside v2.0 release assets when ready. ββββββββββββββββββββββββββββββββββββββββββββββ β nmap Β· discovery Β· svc/version Β· scripts β ββββββββββββββββββββββββββββββββββββββββββββββ |
||||
Listener |
Remote device Β· actions |
Installed apps |
||
Camera |
Microphone |
Device info |
||
File explorer
|
||||
Architecture, features, credits & repo SEO β expand
Operations map
flowchart LR
subgraph ops [Operator]
Host[XHunterHostApp]
Tunnel[SSH_session]
end
subgraph edge [Controlled_VPS]
Sshd[SSHd_GatewayPorts]
Listen[Tunnel_listener]
end
subgraph node [Authorized_client]
Agent[Mergedapkagent]
Recon[Nmap_module]
end
Host --> Tunnel
Tunnel --> Sshd
Agent -->|"reverse_tunnel"| Sshd
Listen <-->|"sessions"| Sshd
Host --> Listen
Recon -.->|"lab_networks"| Agent
Merged APK HOST = same VPS/DNS as binder/config.txt HOST and the operator SSH profile. Steps: USAGE.md.
Highlights
| Track | v2.0 | |------|------| | On-device binder | Host APK β hook activity β decode / merge / rebuild / sign via apktool-android (libaapt2, no Termux/root for that pipeline). | | Desktop binder | binder/binder.sh Β· binder/BINDER.md for CI / scripting. | | Network recon | Embedded Nmap presets + advanced options on networks you control β USAGE.md. | | Session stack | Reverse SSH, listener, files / comms views, gated remote actions. |
Whatβs new in v2.0
v2.0tag /xhunter_v2.0.apk(migrate fromv2.0-demo).- In-app binder (no desktop CLI required for that flow).
- Nmap-class scanning in the same operator build.
About
Operator + VPS + enrolled client ; in-app binder restores xhunter\1.x style convenience with the current tunnel model Β· optional binder/ for workstations Β· upstream anirudhmalik/xhunter.
Credits
Repo SEO β maintainer checklist
- About repo field β keywords: Android, authorized testing, SSH tunnel, APK bind, Nmap, Apktool.
- Topics:
android,penetration-testing,red-team,network-scanner,nmap,apktool,ssh-tunnel,mobile-security,security-research,authorized-testing,infosec. - Social preview image (~1200Γ630) under repo Settings.
- Rich GitHub Release notes for
v2.0+ screenshots/GIF + legal reminder.
License
MIT β LICENSE. Confirm component licenses in the upstream monorepo if you ship mixed builds.