Termux is an application for Android which emulates the Linux environment and its Terminal. It can be used directly without root access, although rooting allows for deeper access into the system.
Termux is great for road warriors who wants a full Linux environment in their pocket anytime they want. It's cool, but the application could be more than that. You can hook up a few cheap tablets with keyboards, or reuse old Chromebooks to start introducing newcomers to the Linux world. Let's be honest, many of us started out by installing Linux on an old, cheap, sometimes even recycled PC.
In this article, we will share our picks of the notable open source scripts and projects developed specifically for Termux. Hopefully it will inspire more and more users to start contributing to its ecosystem.
Disclaimer : A few of programs in this list exploits certain human and machine to break security systems for educational and proof-of-concept purposes. We do not encourage nor be hold responsible for what you do with these programs.
1. AidLearning Framework
AidLearning is a bundled mobile development framework aimed towards AI built specifically for Android devices. It supports almost all the major deep learning/neural network development tools and frameworks. Tensorflow, Keras, OpenCV/PyTorch, Caffe, mxnet, ncnn runs flawlessly out of the box.
AidLearning also has Visual Studio Code and Jupyter built-in, which should offer a great development experience.
Installation is easy with its lightweight one-click installer available as an Android app. Just download AidLearning latest version from here, install the APK and you're good to go. Documentation is only available in Chinese at the moment, which poses a little bit difficult for users. But if you're familiar with the Linux tools, there should be nothing to consult the docs.
Andronix is an application which allows you to run popular Linux distribution on Android devices. It uses Termux and PRoot under the hood to provide the command line functionalities, implement virtual file system and setup package managers.
You are still limited in terms of what you can do with the system. You can't manage SELinux policies of the Android as well as CPU architecture and device's hardware. However, daily tasks like browsing the web or using any popular application of your choice can be performed without any issues, as long as the activity does not really tax the phone's hardware too much.
Multiple OS can be installed all at once, no multi-boot required. There are 12 Linux distribution supported at the time of this writing, categorizes into Un-modded (free) and Modded OS (paid). You can install a few of them, then uninstall them when you're done.
The core application and unmodded OS are free without any ads. If you want to support the developers, you can buy modded OS which is basically an optimized version of the OS to reduce hardware usage to as low as possible.
You can also get Andronix Premium which is another way to support the developers. You also get a few perks including online sync with Andronix Commands and a web-app to access it from any device you want.
Here is a list of all the Linux distribution that Andronix supports :
Andronix Un-Modded OS
Andronix Modded OS
- Ubuntu XFCE
- Debian XFCE
- Ubuntu KDE
- Manjaro XFCE
Tool-X is another toolset for security-minded users which was built specifically for Termux. It included 370+ hacking tools, most of them are popular programs you've seen in Kali Linux. Aside from Termux, Tool-X can also be installed in Ubuntu/Debian based operating system.
You can find installation details and guide at Tool-X Official page
4. ZPhisher : Automated Phishing Tool
ZPhisher is a collection of bash scripts which allows for quickly building phishing login pages. It can generate login pages that looks identical to Facebook, Instagram, Google, Microsoft, etc services. The URL for the page could be masked to make things look more "authentic".
You can look for more details about the installation and prerequisites of Zphisher at https://github.com/htr-tech/zphisher
Tbomb is a free and open-source SMS/Call bombing programs that works in Termux and Linux. It leverages a bunch of APIs over the internet to send free SMS/Call to a phone number of your choice. Its multithreading mode also allows for faster bombing, though you will be rate limited if you try to abuse the API.
Tbomb is written in Python, supports MacOS, Debian-based distros, Termux (Android) and iSH (iOS). Installation details for can be found at https://github.com/TheSpeedX/TBomb
6. Snoop Project
Snoop is an online username checking tool written in Python. It supports Windows, Linux and Android (through Termux). Snoop takes in an username, then check it against 1400+ online services like Facebook or Soundcloud to see whether the username is registered or not. This way, you'll collect early information about the target which could come in handy if you're studying social engineering.
The interface is available in English and Russian, but sadly the documentation is currently Russian-only at the time of this writing. Still, The Github repository does demonstrate a few basic operations, and Snoop's English man page is pretty informative.
One more thing to keep in mind is that Snoop requires Python 3.7 and pip. You should have it installed before proceeding with the installation. More information about Snoop can be found at its Github repository https://github.com/snooppr/snoop
7. LAZY script
LAZY script is a script for Kali Linux that automates many procedures about wireless penetration and hacking. Basically it's a bash script that automate many actions such as enable/disable wireless interface, view current MAC address or change it, etc. The script is great for users who are new to security and need first-hand experience with the tools but does not want to fiddle with the installation.
LAZY script feature list :
- Automatic installation of Fluxion, WifiTe, Wifiphisher, Zatacker, Morpheus, Osrframework, Hakku, Trity, Cupp, Dracnmap, Fern, Kichthemout, BeeLogger, Ghost-Phisher, Mdk3-master, Anonsurf, The, Airgeddon, Xerxes, Ezsploit, Katana, 4nonimizer, Sslstrip2, Dns2proxy, Pupy, Zirikatu, TheFatRat, Angry, Sniper, ReconDog, RED, Routersploit, CHAOS, Winpayloads, Infoga, nWatch, Eternal, Eaphammer, Dagon, LALIN, Ngrok, Kwetza, Bleachbit, Operative, Netattack2, Findsploit, Howdoi, Dr0p1t-Framework, FakeImageExploiter, Leviathan, WiFi-Pumpkin, Avet, Meterpreter_Paranoid_Mode-SSL, Koadic, Empire, Veil, SecHub, DKMC, Demiguise, UniByAv, LFISuite, Faraday, MSFPC, NoSQLMap, Evil-Droid, Iftop
- Automated WPA/WPA2 handshake capturing, WPS brute-forcing and WEP cracking
- Email spoofing
- Metasploit automation (create payloads,listeners,save listeners for later, etc)
- Automatic EternalBlue exploiting for Windows
- Browser auto-expoiting with BeEF and MITMf
- Automated SQLmap
For more information, visit https://github.com/arismelachroinos/lscript
onex is an all-in-one library of hacking tool installer and package manager built with Termux support in mind. Onex provide installation scripts for 370 tools, which should include almost all the tools and scripts you would want as a security-minded user.
Using Linux on a mobile device is not that easy as on a computer. But with Onex, you'll reduce the amount of time fiddling with commands on Android's tiny and limited keyboard. All you need to do is typing
onex install tool_name and you're ready to go.
More information : https://github.com/rajkumardusad/onex
9. Termux Desktop: Setup A Beautiful Desktop/GUI In Termux
If you're using Termux on a tablet or a phone with big screen, you might want to try Termux Desktop. It is a combination of dotfiles and automated scripts that made it easy to setup a graphical environment of your choice in Termux.
Before you can use Termux Desktop, you have to install Termux (of course) and Termux:API add-on onto your phone. Termux API application is also recommended, as crucial desktop elements relies on it to access system resources.
Termux Desktop recommends Openbox as the preferred window manager for its simplicity and lightweight. There are 8 different themes included in Termux Desktop which you can freely choose from. Right click on the desktop, choose Preferences, then Change Style to make the interface more personal. After configuring, your desktop should look something like this
More information can be found at https://github.com/adi1090x/termux-desktop
10. HiddenEye: Reborn
HiddenEye: Reborn is a rewritten version of HiddenEye, a feature-packed toolset to exploit human mistakes through phishing. The old version codebase contains bad practices and low quality code so it was replaced with this new, built-from-scratch version.
HiddenEye features included Android support, keylogger, quick phishing page generation, emailing support, locatopm tool
HiddenEye: Reborn is available on PyPI and can be installed using pip:
pip install hiddeneye-reborn
Legacy version : https://github.com/DarkSecDevelopers/HiddenEye-Legacy