NetHunter Hacker IV: Introduction to NetHunter system

NetHunter Hacker IV: Introduction to NetHunter system


In previous posts we went through installation of NetHunter on almost any non-rooted and supported rooted Android device.

If your device is among NetHunter supported smartphones, however, a prebuild image is not available on the NetHunter website; I explained how to build it from sources in a previous blog.

Now when we have NetHunter installed and running, we will go through a quick introduction of the NetHunter menu, applications and their use, tools, settings etc. This will be a high level of explanation, but don’t worry, in upcoming blogposts we will go through all the tools and their usage to a great extent. Let’s start with tools that got with the rooted Android and NetHunter as well; starting with unreplaceable Magisk and its modules.


It is a free and open-source software for the rooting of Android devices, developed by John Wu. Magisk supporting devices running higher than Android 5.0.

Older versions of Magisk allowed user to download and install modules directly from the app; however, after version 24, it is necessary to install an additional application that manages modules called FoxMagiskModuleManager (FMMM).

Either using Magisk manager or FMMM, we are particularly interested in one module – Wireless Firmware for Nethunter. In case NetHunter can’t recognize your current external wireless adapter, this module might fix it. Installing this module will add firmware support for popular external Wi-Fi adapters. You can see the list of supported wireless adapters and chipsets in Figure 1.

Figure 1. List of supported chipsets and adapters

In the video below, I demonstrate how to install it.

NetHunter Store

The NetHunter Store is an Android app made specifically for the Kali NetHunter.

It gives users access to several tools and programs that are helpful for security analysis and penetration testing.

Users can install a variety of apps and tools created especially for use with NetHunter from the NetHunter Store such as NetHunter Terminal, NetHunter KeX, cSploit, Shodan, Hacker’s Keyboard, Orbot, Open VPN, Wigle etc.

Figure 2. NetHunter Store apps

Additionally, for downloading apps, you can use Google Play Store, F-droid, Aurora stores.

NetHunter Terminal

It is a terminal emulator program that allows users to access the command line interface (CLI) of Android. After launch, user can start one of three options: KALI, ANDROID, and ANDROIDSU.

Figure 3. Types of NetHunter Terminal shells

KALI shell, a customized variation of the Bash shell, was created especially to function with the Kali Nethunter. It features several Nethunter-specific tools that are useful for penetration testing and security analysis. This sell runs under chroot, where root path is /data/local/nhsystem/kali-arm64/.

ANDROID shell is a Bash shell variant that has been designed for use with the Android operating system. It contains commands and tools tailored specifically for Android that are helpful for controlling and setting up the operating system.

ANDROIDSU shell is an extension of the Bash shell that may be used to execute commands as the superuser. With superuser rights, users can carry out operations such as system file modification and software installation that are generally only available to the system administrator.

NetHunter KeX

Nethunter KeX is a VNC client app that offers users a desktop environment that is comparable to Kali’s, allowing them to execute GUI-based programs on their Android device. Users who want to use the Kali Linux desktop environment on their Android device and are familiar with it may find this handy. Users can run several desktop programs on their Android device with Nethunter KeX, including web browsers, text editors, Wireshark, etc.

Figure 4. Wireshark running in KeX uses external Wi-Fi adapter in monitoring mode

NetHunter app

The NetHunter app includes a range of options that allow users to access and manage the various tools and features as you can see in Figure 5.

Figure 5. Menu overview of NetHunter app


The first one is Home, which displays system information about kernel, root and HID status, local and external IP addresses as you can see in Figure 6.

Figure 6. Home menu

All this information is the result of shell commands that are executed on the level of Android system, not NetHunter chroot. They are all executed after the initial launch and can be refreshed by taping on the RUN button. If you long press the command name, as in Figure 6., you can see the command responsible for output. You can alter, add new ones, or delete them.

Figure 7. Edit of Kernel Version command

Kali Chroot Manager

You can manage the Kali Linux chroot using the Kali Chroot Manager option. A chroot is a process that allows you to run a different operating system within your current operating system. The Kali Linux chroot enables you to use Kali tools and commands on an Android device without really changing the Android operating system.

The Kali Linux chroot can be installed, updated, or removed by selecting one of the available options. You can start or stop the chroot as well as check its status using the Chroot Manager. When the chroot is configured and working, you can utilize the NetHunter interface to launch a variety of tools and attacks from the NetHunter app interface.

Figure 8. Kali Chroot is successfully running

The ADD METAPACKAGE option allows you to install a metapackage, which are packages that contain a collection of additional packages. Metapackages are used in Kali Linux to group related packages together and make it easier to install a set of packages that are needed for a specific task or purpose.

For example, if you want to use NetHunter for wireless testing, you might install the “wireless” metapackage.

Figure 9. Upgrading NetHunter with additional Kali tools

List of all the tools and binaries in each metapackage you can find here.


This menu allows you to customize your NetHunter experience, including enabling or disabling certain features, changing boot animation, creating, and restoring backups, uninstalling NetHunter application, changing version of busybox, and configuring the NetHunter terminal style.

For changing boot animation, select Preview box and choose one from the animations. If you are fine with image resolution, tap on MAKE BOOTANIMATION that creates file and then INSTALL BOOTANIMATION that will copy it to /system/media/ After reboot, your new animation will be selected.

Figure 10. Changing boot animation

Now when you know where the boot animation is stored, you can pull it from your device, unzip it, and customize it. Unfortunately, there is always a risk of stucking in boot loop by messing with system files. Because of that, always backup original In case your device will not boot after altering boot animation, you can always boot in recovery mode and replace it with your backup zip file.

Kali Services

To start or stop services running in the NetHunter chroot, you can use the Kali Services option. You can extend them with your custom services. Comparing these services to commands from Home menu, these are executed in Kali chroot shell, not by Android system shell. This means that tools installed in Kali chroot are not visible to Android system.

Figure 11. Default Kali Services

Custom Commands

You can create and execute custom commands in NetHunter by choosing the “Custom Commands” option. Running scripts and other shell commands inside the NetHunter chroot is made possible by this functionality.

These commands give the user more options. If we compare them with Kali Services or commands from Home, a user can decide to run them either in Kali chroot or Android and in the background or foreground as you can see in Figure 12.

Figure 12. Default Custom shell commands

If you want to go deeper and audit the source code of the NetHunter app, how it works, what commands are being executed, or even compile your custom NetHunter APK and contribute to the project, you can download the source code from the official GitLab repository.


The NetHunter platform runs on the Kali Linux chroot and comes with a NetHunter app that makes it simpler to install, manage, and remove the chroot.

NetHunter is a powerful and flexible security solution for Android that also comes with several settings and tools as well as the possibility to execute custom commands. In the next post we will continue by covering other tools.

One thought on “NetHunter Hacker IV: Introduction to NetHunter system

  1. Hi administrator, Keep sharing your knowledge!

Leave a Reply

Your email address will not be published. Required fields are marked *