Follow us on RSS or Twitter for the latest updates.

June 7, 2011

FaceNiff – Taking FireSheep Mobile – Sniff & Intercept Web Sessions With Android


FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to. It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK).

It’s kind of like Firesheep for android, but maybe a bit easier to use (and it works on WPA2!).

Do note that a rooted phone is required. Please note that if the web user uses SSL this application won’t work This application due to its nature is very phone-dependent so please let the author know if it doesn’t work for you.

There’s a great video demo of it working here:



FaceNiff – Taking FireSheep Mobile – Sniff & Intercept Web Sessions With Android
Want to Learn Penetration Testing

FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to. It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK).

It’s kind of like Firesheep for android, but maybe a bit easier to use (and it works on WPA2!).


Do note that a rooted phone is required. Please note that if the webuser uses SSL this application won’t work This application due to its nature is very phone-dependent so please let the author know if it doesn’t work for you.

There’s a great video demo of it working here:


Supported services:
  • FaceBook
  • Twitter
  • Youtube
  • Amazon
  • Nasza-Klasa
You can download FaceNiff here:

FaceNiff-1.9.4.apk


Or read more here.