NetworkToolbox is being continuously updated. Either by regular App Store updates or by so called data updates. Regular Data updates will not just be used to continuously update the databases such as the MAC/Vendor database but also to add new Security Tests which are basically scripts very similar to the Metasploit Framework.
Aug. 20. 2015 – App Version 8.2.1
■ Introduction of Public / Private keys
The SSH and SFTP Tools now supports Public / Private keys for a more secure connection. As key maintenance is usually not so easy, I also added a separate Tool for maintaining your keys. Finally, you can even generate all kind of keys from inside NetworkToolbox. To encourage more people to use Public/Private keys, I wrote an easy to follow tutorial which helps to start using Public / Private keys.
■ A Connections Tool was added
This new tool can be used to not only but mainly to identify Apps on your device that are “calling home” or establishing undesired connections. A new tutorial will also explain how to identify hidden App Communication using this new tool.
■ Completely renewed HTTP Tool
So far, I was not quite happy with the HTTP Tool. On one hand, it was able to reveal a lot of Website internals but on the other hand it often failed to display websites correctly. This has been resolved now. The HTTP Tool was completely re-written and now feels much more like Safari but still allows to perform the parameter traversal and standard password tests.
■ Improved Traceroute
Traceroute now resolves addresses much more reliable and faster than before.
■ Improved Certificates Tool
The domain names that belongs to a certificate are now listed separately one after the other so you can now easily inspect (e.g. visit) each individual website the certificate belongs to. This is especially useful along with the new Connections tool.
■ Other bug fixes and improvements
May 9. 2015 – App Version 8.1.3
■ New Network and Port Scan engines
Network and Port Scanning is now blazing fast and even more accurate than before.
Now, hundreds of addresses and ports will be scanned simultaneously as fast as possible but still with the best possible accuracy. Since scanning is now way faster, all scans are repeated automatically a few times.
Scanning is also now random so that Firewalls and Intrusion detection systems will not immediately identify each scan easily.
■ Bookmarks is now Logbook
A new Logbook functionality has been introduced and the formerly available Bookmarks functionality has been integrated in this new Logbook function.
Logbooks can collect the following type of information
- Schodan and Morpheus Scan results
- Network Scan results
- Port Scan results
- Hosts (= former Bookmarks)
Best of all, Network- and Port- scans can now be compared to each other. This way, you can quickly find out what has been changed in your network between two scans.
Logs can of course also be exported or printed.
■ Custom Device Names
You can now (optionally) assign individual names for your devices on your network. This makes it easier than ever to identify each particular device in the various scans.
These names are tied together with the MAC address. Such a maintained device name will be displayed instead of the network name in a different color.
Custom Device Names can be maintained in three different ways
In the Network Scan results. Just open the details of an entry and here you can directly enter an individual name
You can export a complete list of a network scan to the list of individual names
You can maintain the complete list of individual names from inside the settings screen
■ Improved DNS tool
The DNS Tool has been improved in several ways.
It still provides information about a certain domain with its IP Address, Provider, country and location.
Now, this tool also performs a reverse-DNS lookup with more than one record, if available.
Second, it now provides DNS Server information such as MX, NS, SOA and TXT Records.
■ Devices tool improvements
Now, all available interfaces (not just WiFi, Cell) will be displayed with much more detailed information. This way, you can even investigate your virtual VPN devices.
Proxy information now is also included.
Sensors such as Gyroscope, Accelerometer etc. will now be displayed graphically.
■ HTTP browser
The http tool now contains an improved browser. The browser also now records all requests a website initiate (even requests initiated by scripts) so you can easily inspect scriptfiles, images that are being loaded or even the sources of Ad banners.
The password test also has been improved and can now fill out many more types for login forms.
■ New Security Check tool
This is another new tool which required most of the development time. This tool contains several individual security checks for various exploits or issues. So far, it contains only a few checks but there are more to come over time.
The challenge was to implement a tool that I can use to quickly provide certain tests to you, without the necessity to send out a new app update. This is now possible with this new Security Check tool.
The idea was born when I added the Verizon Supercookie test but that was a quite simple test. Now even more sophisticated tests are possible and I can add all those tests via Data updates.
To use the test, you can either select the test inside the tool from the list or, like with most other tools, when working on results of any tool and using the […] button
I will announce new tests in the news section of the app but not on my website as this is too closely related to this app.
■ New Web-Service Tool
This new Tool allows to explore or debug SOAP and REST Web-Services. All API parameters such as URL Parameters, Header information and Request Body can easily be maintained and even stored under an individual name. The API requests can be executed via a HTTP-GET, -PUT or -POST methods.
JSON and XML results are being displayed in a hierarchical tree browser.
There are a few predefined Web-Service samples included such as the Google Geo API.
■ New Mail Server Tool
This tool checks for POP3, IMAP and SMTP mail services and provides useful information either for your Mail-Client settings and possible improvements for the Mail-Server settings.
■ Resources section has been completely re-coded
The resources section of the app contains a lot of information but wasn’t easy to find and use. It now has a similar user interface like the main app screen. It now also allows me to add more information via Data updates.
■ Various other changes and bug fixes
- Several design changes throughout the whole app
- The MAC address bug has been fixed which showed a wrong last byte of the MAC
- The local IP address has not always been displayed correctly (e.g. was shown as “error”)
- The MAC address is now displayed in the Network Scan report and no longer only in the details screen
- IP Calculator improvements
- Improvements for iPhone 6 and 6+
- 64-Bit support
- iOS 8.3 support
July 30. 2014 – App Version
■ Improved user interface
The user interface has been improved significantly to increase the usability, convenience, and effectiveness of NetworkToolbox. It is now even easier than before to switch from the scan results of one tool to another for further analysis.
■ New tools:
There are now 24 tools in total.
Bonjour, which is Apples zero configuration protocol, can now be scanned and analyzed by NetworkToolbox. You will be surprised how many devices talk Bonjour in your network.
Another new tool can be used to analyse and display server certificates in a readable form. Such certificates will be used to secure websites such as banking sites. Recently, some certificate authorities have been compromised and issued insecure certificates e.g. even for google. NetworkToolbox can now reveal such certificates.
■ Bluetooth LE
As Apple recently introduced iBeacons in their stores which are basically Bluetooth LE (low energy) tokens, NetworkToolbox now offers a new tool that can be used to scan for and analyse such iBeacons or any other Bluetooth LE device easily.
■ More and better device information
The Device Information tool now provides much more information about your iPhone/iPad such as Cell, Cell-Carrier, Hardware, Memory, CPU, Sensor and sensitive device ID information.
■ External app integration
NetworkToolbox now integrates also with external apps. External apps like your favourite remote access app can now be used from inside NetworkToolbox and the other way around. NetworkToolbox can now be started from inside other apps e.g. even by safari.
■ Shodan improvements
Shodan’s new API has now been integrated and you can even use your own Shodan API key.
■ Socket / Telnet improvements
Feb. 3. 2014 – App Version 6.7.1
Among some minor changes “under the hood”, this update contains:
■ Again, improved Morpheus
The Morpheus search engine has been improved further and is now better integrated into the app.
■ Custom Port ranges for the Port scanner
It is now either possible to select individual port ranges for all HTTP Services, Mail Services or upper/lower ranges or even enter individual ranges for scanning manually.
■ Custom Password list
In addition to the built-in default password list, it is now possible to maintain and use a custom password list for the HTTP, Socket, FTP, SFTP Tools. This way, you can pre-enter the know credentials of your servers and devices if you like.
■ Collect discovered password
Once you discover a username/password combination, you can now even store your findings along with the host information for later reference in the custom password list. So now, there is no need to write it down anymore.
■ Reverse DNS lookup
The Domain tool now also supports revers DNS lookups. So for instance, if you just enter an IP address, this tool may also show the domain name if there is a domain name registered for that IP address.
PLEASE NOTE: This app update also requires the installation of the newest data update. So please also use the “Check for data update” button in the settings screen of the app. The installation order (app or data update) does not matter.
Oct. 10. 2013 – App Version 6.5.1
This version adds iOS 7 compatibility so this App is now compatible to iOS 5,6 and 7. Also, this updates adds new tools and features such as:
■ Improved Network and Port-scan with improved accuracy and speed
■ The Device Map view is now back working
■ A new Port-forward tool has been added to monitor traffic between two ports
■ An IP Calculation Tool has been added
■ A new HTTP-Head Tool was added to inspect Webserver Header information
■ A Trace route tool has been added
■ Bookmarks can now be submitted via E-Mail as a list which makes it much easier to continue to investigate in theresults of this App on another PC
■ The HTTP exploit test has been improved
■ MAC Vendor information will now be displayed and there is new tool to search for MAC Addresses and Vendor information
This version introduces “Morpheus”. Morpheus is an alternative to Shodan. Like Shodan, it is a device search engine and can be used to search for certain Servers, Routers, Set-Top Boxes and other devices on the net. Morpheus has its strength in Port 80, 21 and 443 whereas Shodan searches for additional Ports. Morpheus also has less old entries or just keeps old entries if they continue to be accessible over a while. Both engines use different approaches to crawl the internet for devices. So both search engines have their own pros and cons and now you can use both engines to search for the devices you like to explore.
Morpheus results can also be instantly displayed on a map so you can also see where the devices have been found.
Again, this App is not meant for hacking other people’s systems. It is to verify and analyze your own network or a network you got permission for.