ARP Spoofing for Android

DroidSheep is a simple Android tool for web session hijacking (sidejacking). It listens for HTTP packets sent via a wireless (802.11) network connection and extracts the session id from these packets in order to reuse them.

DroidSheep can capture sessions using the libpcap library and supports: OPEN Networks WEP encrypted networks WPA and WPA2 encrypted networks (PSK only)

DroidSheep is not intended to steal identities or endamage anybody, but to show the weak security of non-ssl webservices.

This software's source can be downloaded at https://code.google.com/p/droidsheep/. Official site is at www.droidsheep.de. They don't have an APK download at the official site because of German law so I posted a compile here.

Sniff Facebook, Twitter, LinkedIn logins on the local network.
Basically any login over HTTP and not HTTPS.

This doesn't work without a rooted Android so don't bother downloading if you're not