Intercepter-NG v2.0 is an Android penetration testing app.
by using Intercepter-NG you will be able to intercept and analyze un-encrypted communications over WiFi network.

Intercepter-NG is a network toolkit for various types of IT specialists and an easy-to-use application to intercept communication.
it's an MiTM attacks tool , you can perform different kinds of MiTM attacks using this android app

  1. Android 2.3.3+
  2. Root
  3. Busybox
Intercepter-NG v2.0 Features:
  • Intercept communications.
  • Analyze data packets.
  • Hijack sessions. ( cookie hijacking )
Session hijacking, also known as TCP session hijacking and cookie hijacking , is a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user.
  • SSL Strip connections.
SSLStrip is a type of MITM attack that forces a user browser into communicating with an adversary in plain-text over HTTP, it simply watch for HTTPS links and redirects, then map those links into look-alike HTTP
  • Monitor target's web activity
  •  ARP Poisoning
ARP stand for “Address Resolution Protocol” this type of attack sends falsified ARP messages over a local area network to link the attacker MAC address with the IP address of a legitimate computer or server on the network.
  •  Network Discovery with OS Detection
  •  Network Traffic Analysis
  •  Passwords Recovery
  •  Files Recovery

1. Download Intercepter-NG V2.0 from Github
2. Install Busybox from Google Store 
Remember your Android phone must be rooted

2. Install and open the app click on the Radar icon in the upper left corner of IntercepterNG.
IntercepterNG Android
3.After you click on the radar icon It will scan the network and list all the connected  devices 
Intercepter-NG list

4. Now select the Devices you want to spy on from the list  , it will show the operating system next to the IP address 
Intercepter-NG Android hacking app

5. Click the Play icon on the top right then  Select the Settings icon
Now tick the check box of  Save pcap session and change the memory location to SD Card if you want the file to be saved on your SD card.
Intercepter-NG Android
6.Return to main menu and then select the play button
now it will start downloading packs
Android wifi hacking

7. To see graphical capturing of data click the Wireshark icon click the play button 

Android Wireshark
8.  Click the cookies icon and wait for the cookies to load then select any one of the IP shown it will load the web page your victim are in.

Watch YouTube Video to see the app in use

Last update : 26.09.2016 - Intercepter-NG [Android Edition] v2.0
+ Select\Copy packet data in RAW Mode
+ Pcap filter on reading *.pcap
+ Save cookie button
+ Show HTTP Requests
+ HTTP Injects
+ ARP Cage
A lot of improvements and fixes
- Resurrection\Gallery
Tested on 4/5/6/7 Android. Should also work on 2/3.

November 12, 2016


  1. The two basic functions of Intercepter-NG They are:
    1. interception traffic data from, such as passwords, files, correspondence
    2. Interception of traffic through MiTM attacks.

    Scan Mode
    Scanning mode is active by default after starting tool.
    The main objective of this regime is in the ARP
    scanning to identify other members of the network (computers,
    phones, other network equipment), for which you need to run
    ARP Scanning.

    26.09.2016 - Intercepter-NG [Android Edition] v2.0

    + Select\Copy packet data in RAW Mode
    + Pcap filter on reading *.pcap
    + Save cookie button
    + Show HTTP Requests
    + HTTP Injects
    + ARP Cage

    A lot of improvements and fixes
    - Resurrection\Gallery

    Tested on 4/5/6/7 Android. Should also work on 2/3.
    PS: Don't forget (!) to install SuperSU and BusyBox!

    07.09.2016 - Intercepter-NG v1.0

    + FATE: FAke siTE + FAke updaTE
    + X-Scan (network security scanner)
    + Bruteforce Mode: VNC, VMWARE, RDP
    + Reverse Shell Inject

    Raw Mode
    Multiply Extra SSL Ports

    A lot of fixes and improvements.

    09.11.2015 - Intercepter-NG [Android Edition] 1.7

    + Android 5 support
    + Portrait mode compatibility
    + Cookie Killer
    + Forced Download
    + Fast poisoning
    + Address bar in Cookie Viewer
    + Data view in Raw Mode
    + Updated scanning engine
    + Fixed sdcard issues
    + Improvements and fixes

    29.07.2015 - Intercepter-NG v0.9.10

    + Group Policy Hijacking
    + Forced Download and JS Inject
    + HSTS Spoofing
    + Traffic Changer
    + Smart Scan: NBNS + Bonjour resolve + hostnames cache.
    + Bruteforce mode: SMTP TLS, POP3 TLS, TELNET and Single Mode.
    + Auto ARP Poison

    SSL Strip improved.
    SSL MiTM rewritten:
    + Fast and stable
    + New certificates generation algorithm.
    + Cookier Killer
    + iOS Killer (iCloud, Instagram, VK)
    + Black and White lists

    A lot of fixes and improvements.

    1. 29.07.2014 - Intercepter-NG v0.9.9

      + LDAP Relay
      + Heartbleed exploit
      + Java injection
      + Plugin detector
      + Bruteforce Mode: FTP\IMAP\POP3\SMTP\SMB\SSH\LDAP\HTTP
      + TFTP\SMB2 resurrection
      + Telnet\Rsh\Rlogin\Rexec logging
      + PostgreSQL Plain\MD5 Auth
      + MS-SQL Server Auth
      + MongoDB Auth
      + Wine support
      + New skin

      Improvements and fixes

      11.06.2013 - Intercepter-NG v0.9.8

      + SMB Hijacking
      + NTLM Grabber in WPAD MiTM
      + Built-in brutforce of hashes via JTR
      + More accurate OS detection
      + Port Scanner
      + POP3 NTLM Auth
      + RADIUS Auth
      + Kerberos Auth (rc4-hmac, aes256-cts-hmac-sha1-96)
      + Kerberos Downgrade (aes256->rc4)
      + Custom .exe for smbrelay
      + MAC Whitelist in DHCP MiTM

      sslstrip moved from 80 to 8080 port
      SMBv2 support
      IDN support
      OUI base updated
      Resurrection mode updated
      countless improvements and fixes

      15.04.2013 - Intercepter-NG v0.9.7

      + SSH MiTM
      + IP Forward
      + Save\Load Cookies

      fixes and improvements...

      22.03.2013 - Intercepter-NG v0.9.6

      +PPPoE PAP Auth
      +NBNS\LLMNR Spoofing
      +Replaying sniffed cookies in browser
      +PCAP Over IP

      DNS Spoofing by mask (*)
      WPAD socks support HTTP injection
      Expert Mode (dns cache ttl, arp scan timeout, stop injection on nbns)
      fixes and improvements...

      05.12.2012 - Intercepter-NG [Android Edition] 1.0 + Intercepter-NG [Console Edition] 0.5

      Completely new [Android Edition] !

      18.09.2012 - Intercepter-NG v0.9.5 + Intercepter-NG [Console Edition] 0.4

      +SSLStrip: Cookie Killer
      +DNS Spoofing
      +MRA MD5 Auth
      +HTTP Auth Heur
      +Multiselecting of captures
      +Support of pcapng (new wireshark format)
      +Expert Mode
      +ARP Cage

      ARP Scan according to netmask
      RAW Mode
      Resurrection Mode (http proxy support)
      HTTP Injection
      SSL MiTM + SSLStrip
      Countless improvements and fixes
      manual control of arp poison in CE
      and some updates from win version, see CHANGELOG

      06.08.2012 - Intercepter-NG v0.9.4 + Intercepter-NG [Console Edition] 0.3

      +IPv6 support
      +New feature: http injection

      The speed of analysis is now 5 times faster
      RAW Mode updated
      Improvements and fixes
      New RAW Mode for Console version and a lot of updates
      see CHANGELOG for details

      18.06.2012 - Intercepter-NG [Console Edition] 0.2

      + new passwords dissectors
      + grabbing messages ICQ\AIM\JABBER\YAHOO\MSN\IRC\MRA
      + recovering files from SMB
      + resizing support
      + locale support via env variable LC_ALL
      + arp code improved
      + MacOS X build

      01.06.2012 - Intercepter-NG v0.9.3 + Intercepter-NG [Console Edition] 0.1

      +UAC Manifest added to .exe
      +New Resurrection Mode - reconstruction of HTTP\FTP\SMB\IMAP\POP3\SMTP files
      +Cookie grabber added
      +Visit new Wiki page

      Major update of sslstripping code
      openssl+zlib linked statically
      IRC moved to Messengers Mode
      Updated WiFi Mode and improved MiTMs code
      RAW mode updated
      Intercepter converts Raw IP Data captures to Ethernet frames
      a lot of small changes

      New Intercepter Console Edition is available now.
      It works on any *nix including IOS and Android.
      Special thanks to nimmox for testing and building android version.

      17.04.2012 - Intercepter-NG v0.9.2

      +New SMBRelay MiTM with NTLMv2 support (watch video tutorial).
      +NTLM Challenge+Response grabbing (NTLMSSP). Bruteforce it with C&A.

      *Raw Mode updated (saving .pcap dumps, astronomical time display)

      04.04.2012 - Intercepter-NG v0.9.1

      +New WPAD MiTM (watch video tutorials).
      +Built-in Socks4 server added

      *RAW Mode updated
      *Minor fixes

      11.11.2011 - Intercepter-NG v0.9
      Next generation of Intercepter has come.
      Besides a new GUI, countless improvements have been made.
      The whole process of MiTM attacks is now completely automated.


      +NAT added to Intercepter
      +Gateway discovering feature
      +Smart Scan with OS detection
      +MSN\MRA Parsers updated
      +Raw Mode is in the style of Wireshark
      +Loading pcap dumps by Drag&Drop

      -MAC Changer and SMTP\POP3 grabber
      -Gadu-Gadu support


Post a Comment


Popular Posts

USB WiFi adapters that support monitor mode and wireless injection

usb wifi adapter with monitor mode and wireless injection (100% compatibl…

how to update Kali Linux and Fix update error

Kali Linux one of the best Linux distro for penetration testing it's freq…

Fix Kali Linux sources.list Repositories

Fix default repository First after installing a clean Kali Linux the sou…

Recent Comments

Contact Me