What is ANDRAX-NG?

ANDRAX-NG is the result of the efforts made by CyberSecurity expert Weidsom Nascimento to create an advanced, modern and complete platform for penetration testing and ethical hacking.

ANDRAX-NG is a full-featured platform with everything pre-configured and/or installed to perform almost any kind of security test.

Dedicated to the next generation of CyberSecurity systems and tools!

It can be easily installed on desktops, laptops, Android smartphones and development boards such as the Raspberry Pi

ANDRAX-NG has an environment that covers all areas of CyberSecurity from programming to advanced security testing!

Millions of users and developers worldwide ensure that tools and core functionality are updated and implemented every day. That’s the power of Open Source!

What is ANDRAX-NG used for?

Bug Bounty, Exploit development, Penetration Testing, Red Team, Offensive Security operations… It’s up to you!

Is ANDRAX-NG safe?

As an Open Source platform, ANDRAX-NG is safe and reliable. Tool’s source code can be analyzed by anyone, providing the highest level of efficiency and security!

The Debian project, the most widely used Linux distribution, is responsible for the core of the system. Because ANDRAX-NG is based on the Debian core

You can visit our Github to review the source code of the tools and systems that compose ANDRAX-NG.

SNAKE Security is committed to continuously maintain and update the system as quickly as possible to prevent any kind of potential security problems.

ANDRAX-NG History

ANDRAX-NG started before the advent of Android and the widespread hacking trivialization...

Nokia e90 communicator

Probably the most important mobile device for the CyberSecurity industry!

When Weidsom got his hands on an e90, he realized that it was an extremely powerful piece of equipment for its time!

Having a very powerful processor for its time, the ARM11 (OMAP2420 @ 330 MHz), 128 MB of RAM, WIFI, VOIP GPS, Bluetooth, Infrared, USB, Fax, MIDP 2.0, CLDC 1.1…

The operating system was the powerful Symbian S60…

As you can see, the e90 was a “FOLD” SmartPhone long before FOLDs existed!

A little bit complex to program, but it allowed you to create powerful applications when you got right down to it!

It was the device that forced Weidsom to learn to program in Java (J2ME until then) and C++ to create native Symbian applications, which made Weidsom one of the youngest Symabin programmers in the world (11 years old at the time).

An idea

Weidsom developed a J2ME application based on his lessons, the application could open tcp sockets… basically it could open as many sockets as the device allowed and do it in a loop, in other words an application that could perform DoS attacks based on J2ME.

On an ordinary day, when Weidsom arrives at school, he finds out that he’s going to take a math test that he hasn’t studied for because he spent the whole night hacking for fun…

Since he knew that the teachers were printing the exam using the school’s main printer, a business XEROX… he connected to the school’s wifi network and started firing tcp connections to the printer’s ip so that it couldn’t respond to requests…

Incredible as it may seem, he managed to get out of the race and that victory tasted good!

From that day on, he realized that mobile devices would be great allies for hacking.

Android?

By the end of 2008, Weidsom had heard a lot of talk about this new Linux-based mobile operating system. In December 2008 he imported the world’s first Android SmartPhone to Brazil, the HTC Dream (T-Mobile G1).

The device arrived in February 2009 and was probably the first Android smartphone to come to Brazil…

As a Symbian user, Weidsom didn’t like Android at all at first though. He didn’t think it would be a success or that it could one day beat Symbian, but he still decided to learn a bit about the platform and the development API.

It didn’t take long for him to figure out how to exploit the device and gain root access. From that moment he fell in love with Android and never left it again!

dSploit and disappointments

In August 2012 one of Weidsom’s hacking “heroes” (back then) launched its newest creation: dSploit which was in his (evilsocket’s) own words “an Android tool to perform network analysis, port scanning, mitm attacks, etc.”

This brought back the idea he had about five years earlier: that mobile phones would be a milestone in hacking. That’s what led him to learn JNI and native Android development.

But as always, you can’t trust people, in July 2014 evilsocket sold his project (an open source project) to zImperium thus destroying a great project for a few bucks… Read more here

You Either Die A Hero, Or You Live Long Enough To Become The Villain!

A dSploit contributor named tux-mind tried to stay ahead of the project’s development, but was abruptly cut off by evilsocket due to concerns it might violate his contract with zImperium. Despite evilsocket’s objections, tux-mind bravely started a fork called cSploit, standing up for what was right against all odds. (You can’t kill the Open Source).

NetHunter

NetHunter was another project that looked promising, mainly because it came from a big company. But it turned out to be just more of the same…

When Weidsom contacted the developers to discuss best practices and feature enhancements, he received the following message: “If you can do it better, do it!”

First Steps

Weidsom was very busy in 2016, both with his students and running a computer security company. He maintained a Telegram group with some of his students, and one day he shared a screenshot of his Android smartphone running John the Ripper (which cracked the password to a Linux server he was testing).

The students quickly asked how he was running JtR, if it was an emulation or something… The answer, that it runs natively on Android, that he compiled it, that there are other tools like Hydra, Nmap… just raised more doubts and questions.

He went to sleep that day thinking about their interest and about the old (but still incessant) desire to have a Mobile Penetration Testing platform.

The next day, he announced that he intended to start developing it, and held a vote on the name. ANDRAX (suggested by Weidsom) emerged as the chosen option!

ANDRAX is derived from ANDroid + anthRAX, as the initial development was exclusively focused on the Android platform!

Development and first BETA

Officially, the development of ANDRAX started on October 8, 2016, and the first beta version was made available on November 3, 2016. Until then, it was dedicated exclusively to the Brazilian public, and the initial beta version was purely conceptual with few tools. Below are a few images from the early beta versions…

The initial versions of ANDRAX didn’t even include a native terminal; instead, we used the “Material Terminal” to run ANDRAX (which was very precarious, by the way!).

Here’s how ANDRAX appeared on the Material Terminal:

The first BETA of ANDRAX was intended to be available to a small group of people for testing, but it quickly went viral in Telegram groups. Within hours of the initial release of the first BETA, Weidsom’s Telegram was flooded with notifications.

In less than 24 hours, his Telegram account was flooded with over 500 messages from people all over the country and even neighboring countries, offering suggestions, making requests, and reporting bugs.

This surprised him a bit because he never expected it to be so popular. But it confirmed his belief in the potential of a Mobile Hacking platform!

From that moment on, he began to expand the system to make it as complete as possible.

Special thanks

Special thanks go to three people who believed in the development of ANDRAX and supported it from the very beginning. Without their support the platform might never have come to life.

• Matheus Motta
• Warley Gobira
• Pedro Cunha

Thanks for believing!

International release

Since the first BETA versions, there have been requests from people in many countries for an international version with an English web site and documentation…

However, Weidsom had to redesign the entire platform, as it was initially built for the Brazilian domestic market. Thus, on October 05, 2018, ANDRAX was launched globally.

It was another great success! A large community began to form, including Russian, Latin American, and American members. In less than a month, we reached over 1000 users in each group, which was quite substantial for an independent and experimental system.

Problems and more problems

With the international release, Weidsom realized that there were thousands of Android device models that did not even remotely follow Google’s recommendations and development guidelines. This resulted in hundreds of bugs in ANDRAX installations and executions.

He had to create a new department within the company dedicated to the development of ANDRAX, which was always offered completely free of charge. However, during this period, it cost the company more than $5,000 per month for servers, support, and his full-time dedication to it.

Reloaded Version

After some time, Weidsom realized that the compatibility and execution problems were not ANDRAX’s fault. The heavily modified ROMs by the manufacturers with each version of Android led to various bugs. He tried to reach out to the vendors to request the portability that Google had mandated. However, the only company that gave a satisfactory answer was SAMSUNG; Motorola and Asus, on the other hand, let’s say they just “spit in his face”…

At this point, Weidsom made the decision to abandon Android’s native mode and focus solely on the userspace of the Linux kernel, running ANDRAX in a Debian-based chroot environment. This move allowed a significant advancement of ANDRAX as a platform, allowing the installation of previously inaccessible libraries and standardizing the execution of tools. It also allowed the integration of a graphical interface with VNC, which solved 90% of the problems and allowed him to focus on platform development rather than fixing problems caused by vendor negligence.

And so ANDRAX Reloaded was born!

ANDRAX Desktop

Weidsom never intended to port ANDRAX to the desktop. ANDRAX was created due to the lack of a Mobile penetration testing platform. However, many users requested a desktop version, and he always recommended using ParrotOS for this purpose, as it was his preferred desktop environment.

To his disgust, ParrotOS was becoming more and more like Kali, losing its essence and becoming nothing more than a clone… He tried to migrate to BlackArch, but 99% of what was there didn’t work, i.e. there was again a need for an efficient, simple but powerful platform for the desktop, so he secretly started to develop it…

He was forced to develop a package manager as simple as possible, following the KISS methodology to simultaneously manage packages on the mobile, portable and desktop platforms… AFOS made this difficult task extremely easy.

Lawsuit

If you’re a long-time ANDRAX user, you might wonder what happened in 2022 when it disappeared and the company that maintained it was dissolved…

Well, what happened was a greedy attitude corroborated by the Free Software Foundation through the GPLv2…

ANDRAX has always been an Open Source platform and therefore made a point of using as much Open Source software as possible…

At the time ANDRAX was licensed under GPLv3…

ANDRAX used to make a system call to a binary file (which we can’t name for legal reasons) that provided Android support tools… the binary file was packaged in ANDRAX for Android, the binary in question was under the GPLv2 which is incompatible with GPLv3 and other licenses… the developer of the software in question filed a lawsuit in the US courts…

What did they want? The ANDRAX code?

Obviously not! ANDRAX was already 100% Open Source!

They wanted what everyone who uses the GPL wants these days - MONEY, lots of money!

They asked for 1.5 million US dollars claiming that ANDRAX violated the GPLv2 by calling the binary from a GPLv3 application (which is allowed by the GPLv2)… but the court didn’t interpret it that way and accepted it with no chance of appeal…

This was around 7.8 million in Brazilian currency, in a period after the covid19 pandemic and for a company that made a profit of only 10 million BRL per year it was a huge blow, especially when it came to an Open Source project that didn’t generate any profit but was maintained for the community.

This led to the withdrawal of the company’s investors, who then filed for bankruptcy after paying the fine to the GPL bloodsuckers.

This was one of the reasons why SNAKE Security was created, to protect and fight against those who want to make millions from the Open Source community, at the expense of security…

NG (New Gen) Version

After the bankruptcy of the old company that maintained ANDRAX and after much thought about whether it was still worth fighting for Open Source, Weidsom founded SNAKE Security and decided to reformulate ANDRAX for not just a new version but a new generation, the third generation of ANDRAX came to solve the problems of the previous ones with a focus on the new generation of computer systems, tools, tests and scalability of operations on a global level.

The platform had to be rewritten from the ground up, including the central core, and new development standards had to be created.

But that history is being written right now…