On computers, there are many tools and operating systems you can install to test Wi-Fi networks. Similarly there are tools such as cSploit, which can be run on Android phones with root access. The app developer’s website is http://www.csploit.org/.
When you first install the app, it will try to scan for all the devices on the network and show the number of open ports they have.
After you click on your target device that you want to run attacks on, you will see the many options you have. These include being able to scan the device or router to find out the operating system, any open ports, vulnerabilities, traceroute, login cracking, and sessions.
Within the MITM menu (Man in the Middle Attack), you can do many other things, such as killing the target’s connections, password sniffing, hijacking sessions, redirect traffic, insert custom javascript, and replace images/videos.
From the targets perspective, changes will be seen immediately.
Here is the Custom Javascript injection attack in action on a website. The popup was custom code that was written on the phone.
This is the replace images attack, and the red geometric image was uploaded directly from the Android phone.
These are the device information inspector and login crackers. Both are very powerful and have various features.
As you can see, phones are getting more and more powerful everyday, and many tasks that required a computer can now be done using your phone. In the future, even more features will be added to allow for complex things such as Wi-Fi password cracking.