Search Topics

Sandeep Tech Hacking Academy

Your Termux Hacking Academy for Android

 

All content is for educational purposes only. Only practice on devices you own or have permission to test.

INTERACTIVE TERMINAL

Try out basic Termux commands in our simulated terminal environment

termux@localhost:~$
termux@localhost:~$ pkg update
Updating package lists...
All packages are up to date.
termux@localhost:~$ pkg install wget
Installing wget...
Wget successfully installed.
termux@localhost:~$ ls -la
total 24
drwxr-xr-x 4 termux termux 4096 Jun 15 10:30 .
drwxr-xr-x 3 termux termux 4096 Jun 15 09:15 ..
-rw-r--r-- 1 termux termux 220 Jun 15 09:15 .bashrc
drwxr-xr-x 2 termux termux 4096 Jun 15 10:30 storage
drwxr-xr-x 2 termux termux 4096 Jun 15 10:30 usr
termux@localhost:~$

TECH TUTORIALS

Learn ethical hacking, mobile security, and tech tutorials across different platforms

Encrypt Bash Code Using S-Tech Secure TOOL | Sandeep Tech
Termux
October 4, 2025 8 read

Encrypt Bash Code Using S-Tech Secure TOOL | Sandeep Tech

A comprehensive guide to encrypting and obfuscating Bash scripts using the S-Tech Secure TOOL. Learn why, how, and explore advanced techniques, alternatives, and deobfuscation methods

Read More
ST
Sandeep Tech
Control Any Windows Using Nethunter Termux | Koadic - Sandeep Tech
Termux
October 1, 2025 13 read

Control Any Windows Using Nethunter Termux | Koadic - Sandeep Tech

Learn how to control Windows systems using Koadic C2 framework with Nethunter Termux. This comprehensive guide covers installation, configuration, and usage of Koadic for ethical hacking.

Read More
ST
Sandeep Tech
Metasploit Framework in Termux: Complete Installation Guide | Sandeep Tech
Termux
October 1, 2025 12 read

Metasploit Framework in Termux: Complete Installation Guide | Sandeep Tech

Learn how to install and use Metasploit Framework in Termux. This comprehensive guide by Sandeep Tech covers installation, configuration, and basic usage of Metasploit on Android devices.

Read More
ST
Sandeep Tech
Cybersecurity and Ethics Guide Before Start Hacking
Security
September 15, 2025 10 read

Cybersecurity and Ethics Guide Before Start Hacking

First learn the Cybersecurity and Ethics Guide before start hacking because its the primary step of Ethical Hacking.

Read More
ST
Sandeep Tech
Install Apache2 Web Server in Termux
Termux
May 15, 2025 9 min read

Install Apache2 Web Server in Termux

Explore your local files folders and website to access by url in localhost using apache web server.

Read More
ST
Sandeep Tech
Unlimited Instagram Followers (2025) - Sandeep Tech
Android
June 15, 2025 5 min read

Unlimited Instagram Followers (2025) - Sandeep Tech

Get unlimited followers on instagram with Sandeep Tech Instagram Followers app.

Read More
ST
Sandeep Tech
How to Use Zphisher in Termux (Ethical Guide 2025) - Sandeep Tech
Termux
June 15, 2025 5 min read

How to Use Zphisher in Termux (Ethical Guide 2025) - Sandeep Tech

Install and use the Zphisher tool in Termux for security awareness and ethical phishing simulations

Read More
ST
Sandeep Tech
URL Masking Using Android Termux (Ethical Guide 2025) - Sandeep Tech
Termux
June 15, 2025 5 min read

URL Masking Using Android Termux (Ethical Guide 2025) - Sandeep Tech

A comprehensive guide to URL masking techniques using Termux on Android for ethical and educational purposes

Read More
ST
Sandeep Tech
How to Install NGROK in Termux (2025 Guide) - Sandeep Tech
Termux
June 15, 2025 5 min read

How to Install NGROK in Termux (2025 Guide) - Sandeep Tech

Install and use NGROK in Termux to expose local servers to the internet securely from your Android device

Read More
ST
Sandeep Tech
Install Kali Nethunter in Termux (2025 Guide) - Sandeep Tech
Termux
June 15, 2025 5 min read

Install Kali Nethunter in Termux (2025 Guide) - Sandeep Tech

Learn to install and use the full Kali Nethunter suite in Termux on any Android device, no root required.

Read More
ST
Sandeep Tech
Free Port Forwarding with Termux & Cloudflared (2025 Guide) - Sandeep Tech
Termux
June 15, 2025 5 min read

Free Port Forwarding with Termux & Cloudflared (2025 Guide) - Sandeep Tech

Learn to expose any local server from your Android device to the internet for free using Termux and Cloudflare Tunnel..

Read More
ST
Sandeep Tech
Termux Customization for Ethical Hacking (2025 Guide) - Sandeep Tech
Termux
June 15, 2025 5 min read

Termux Customization for Ethical Hacking (2025 Guide) - Sandeep Tech

Unlock the full potential of your Android for ethical hacking. This 2025 guide shows you how to customize Termux with powerful shells.

Read More
ST
Sandeep Tech
Getting Started with Termux: The Ultimate Guide (2025) - Sandeep Tech
Termux
June 15, 2025 5 min read

Getting Started with Termux: The Ultimate Guide (2025) - Sandeep Tech

Learn how to install, configure, and use basic commands to unlock a powerful Linux environment on your phone.

Read More
ST
Sandeep Tech

TERMUX TOOLS

Essential tools for ethical hacking on Android devices

Phishing Simulator

Network scanning and security auditing tool for Android

Access this tool

Aircrack-ng

Wireless network security assessment tool for Termux

Learn More about Aircrack-ng

Metasploit

Penetration testing framework for Android devices

Learn More about Metasploit

Sqlmap

Automatic SQL injection tool for Android web testing

Learn More about Sqlmap

Wireshark

Network protocol analyzer for Android traffic capture

Learn More about Wireshark

John the Ripper

Password cracking tool optimized for Android devices

Learn More about John the Ripper

DOWNLOAD TOOLS

Direct downloads for essential Termux security tools

Termux APK

Latest Version of Termux Application Download

119 MB 0.119.0-beta.3
Download

Tool Collection

Pre-compiled package of essential security tools

124.8 MB v2.5.0
Download

Scripts Repository

Collection of useful Termux scripts.

8.4 MB v1.8.2
Download

Documentation

Complete Termux hacking documentation PDF

24.7 MB v3.1.0
Download

LEARNING RESOURCES

Additional materials to enhance your Termux skills

Video Tutorials

Step-by-step video guides for Termux hacking

Watch Videos

eBooks

Collection of free hacking and security eBooks

Browse Collection

Certifications

Free cybersecurity certification paths

Explore Paths

Tool Documentation

Detailed documentation for all Termux tools

Read Docs

TERMUX CHALLENGES

Test your skills with Android and Termux security challenges

Termux Setup Basics
Easy

Learn to install and configure Termux with essential packages for security testing.

50 Points
342 Solves
Start Challenge
Android App Analysis
Easy

Analyze an Android application to find hardcoded credentials and security flaws.

75 Points
287 Solves
Start Challenge
Network Scanning
Medium

Use Nmap in Termux to scan a network and identify vulnerable services.

100 Points
156 Solves
Start Challenge
Permission Bypass
Medium

Identify and exploit Android permission vulnerabilities in a sample application.

125 Points
98 Solves
Start Challenge
Termux Tool Installation
Easy

Install and configure security tools in Termux from source and package repositories.

60 Points
223 Solves
Start Challenge
Android Forensics
Hard

Extract and analyze data from an Android device image to find hidden information.

200 Points
67 Solves
Start Challenge

FREQUENTLY ASKED QUESTIONS

Answers to common questions about Termux and mobile security

What is Termux and how does it work?

Termux is a terminal emulator and Linux environment for Android. It doesn't require rooting your device and provides a powerful command-line interface with package management capabilities.

Is Termux safe to use on my device?

Yes, Termux is safe when downloaded from official sources like F-Droid. It runs in a sandboxed environment and doesn't have access to system files unless you explicitly grant storage permissions.

Can I perform real security testing with Termux?

Absolutely! Termux supports many powerful security tools like Nmap, Metasploit, Wireshark, and more. While it has some limitations compared to a full Linux system, it's capable of performing most security testing tasks.

Do I need to root my Android device to use Termux?

No, Termux works perfectly on non-rooted devices. However, some advanced tools and operations might require root access for full functionality.

WHAT OUR USERS SAY

Feedback from the Termux community

"Sandeep Tech helped me transition from desktop to mobile security testing. The tutorials are clear and the challenges are perfect for learning."

Alex Johnson

Cybersecurity Student

"I've learned more about mobile security in a month with Sandeep Tech than I did in a year of self-study. The community is incredibly supportive."

Maria Garcia

Penetration Tester

"The Termux challenges are well-designed and progressively challenging. They've significantly improved my command-line skills."

David Chen

Security Researcher

TERMUX COMMUNITY

Connect with other Termux users and Android security enthusiasts

Best Termux packages for beginners?
I'm new to Termux and want to know which packages I should install first for security testing. Any recommendations?
12 replies 245 views 18 likes
How to run Nmap on Android without root?
I want to perform network scans using my Android device. Is it possible to run Nmap in Termux without rooting my phone?
8 replies 187 views 22 likes
Termux on Android 13 issues
I'm having trouble with storage access in Termux on my Android 13 device. Anyone else experiencing this issue?
15 replies 312 views 31 likes
Metasploit in Termux performance issues
I'm trying to run Metasploit in Termux but it's very slow. Any optimization tips for Android devices?
0 replies 54 views 3 likes
Termux vs UserLAnd comparison
I'm trying to decide between Termux and UserLAnd for my Android security lab. What are the pros and cons?
0 replies 78 views 5 likes

ETHICAL GUIDELINES

Responsible disclosure and legal boundaries for mobile security testing

IMPORTANT LEGAL AND ETHICAL CONSIDERATIONS

  • Only test on devices you own or have explicit permission to test
  • Respect privacy and confidentiality of any data encountered
  • Report discovered vulnerabilities through responsible disclosure
  • Never use learned techniques for unauthorized access or malicious purposes
  • Understand and comply with all applicable laws in your jurisdiction
  • Remember that rooting or modifying devices may void warranties

Remember: Ethical hacking is about defense and education, not about causing harm.

SUBSCRIBE TO OUR NEWSLETTER

Get the latest Termux tutorials and Android security tips delivered to your inbox

Termux Setup Basics

Back to Challenges

Termux Setup: Challenge Description

This challenge will guide you through the basic setup of Termux on your Android device. Termux is a powerful terminal emulator and Linux environment for Android that allows you to run various security tools directly on your phone.

What is Termux?

Termux is an Android terminal emulator and Linux environment application that works directly with no rooting or setup required. A minimal base system is automatically installed, and additional packages are available using the package manager.

Termux Setup: Learning Objectives

  • Install Termux from F-Droid or official sources
  • Update and upgrade packages
  • Install essential security tools
  • Set up storage access
  • Understand basic Termux commands

Your Task: Termux Setup

Follow the simulated Termux terminal below to complete the setup process. Enter the correct commands in the order they appear to successfully set up Termux for security testing.

Termux Terminal Simulator

termux@localhost:~$ pkg update
termux@localhost:~$ pkg upgrade
termux@localhost:~$ pkg install python
termux@localhost:~$ pkg install git
termux@localhost:~$ pkg install nmap
termux@localhost:~$ termux-setup-storage
termux@localhost:~$ ls -la
termux@localhost:~$

Submit Flag for Termux Setup

Once you've completed all the setup commands, you'll receive the flag. Enter it below to complete the challenge.

Hint for Termux Setup

Follow the commands in order: pkg update, pkg upgrade, pkg install python, pkg install git, pkg install nmap, termux-setup-storage, ls -la

Android App Analysis

Back to Challenges

App Analysis: Challenge Description

This challenge focuses on analyzing Android applications to find security vulnerabilities and hardcoded credentials. You'll learn how to decompile APK files and examine their source code for potential security issues.

What is Android App Analysis?

Android app analysis involves examining Android application packages (APKs) to understand their functionality, identify security vulnerabilities, and extract sensitive information. This is a crucial skill for mobile security professionals.

App Analysis: Learning Objectives

  • Understand APK file structure
  • Learn to decompile Android applications
  • Identify hardcoded credentials
  • Find insecure data storage
  • Understand Android manifest vulnerabilities

Your Task: App Analysis

Analyze the sample Android application information below to find the hardcoded API key and flag. The application has poor security practices that you need to identify.

Sample Application: SecureChat v1.0

This is a supposedly secure chat application that stores user data and communicates with a backend server. However, the developers made several security mistakes.

Package Name

com.example.securechat

Version

1.0 (release)

Min SDK

21 (Android 5.0)

Target SDK

33 (Android 13)

Android Permissions

INTERNET
Granted
READ_EXTERNAL_STORAGE
Granted
WRITE_EXTERNAL_STORAGE
Granted
ACCESS_FINE_LOCATION
Granted

Decompiled Code Snippet

// NetworkUtils.java
public class NetworkUtils {
private static final String API_BASE_URL = "https://api.securechat.example.com";
private static final String API_KEY = "FLAG{HARDCODED_API_KEY_FOUND}";
public static String sendRequest(String endpoint) {
// Implementation details...
}
}

Submit Flag for App Analysis

Enter the flag you found in the decompiled code to complete the challenge.

Hint for App Analysis

Look for hardcoded strings in the NetworkUtils class. The flag is stored as the API_KEY value.

Network Scanning

Back to Challenges

Network Scanning: Challenge Description

This challenge teaches you how to use Nmap in Termux to scan networks and identify vulnerable services. Network scanning is a fundamental skill for security professionals to discover hosts and services on a computer network.

What is Network Scanning?

Network scanning is the process of identifying active hosts, open ports, and services running on a network. Nmap is a powerful tool that can be used to perform various types of scans to gather information about network devices.

Network Scanning: Learning Objectives

  • Understand basic Nmap commands
  • Learn to identify open ports and services
  • Recognize potential vulnerabilities
  • Interpret Nmap scan results
  • Use Nmap options effectively

Your Task: Network Scanning

Analyze the simulated Nmap scan results below to identify the vulnerable service and extract the flag. The scan was performed on a target network to discover open services.

Nmap Scan Results

# nmap -sV -p 1-100 192.168.1.100
Starting Nmap 7.80 ( https://nmap.org )
Nmap scan report for 192.168.1.100
Host is up (0.021s latency).
Not shown: 98 closed ports
PORT STATE SERVICE VERSION
21/tcp open ftp vsftpd 3.0.3
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.1
80/tcp open http Apache httpd 2.4.41 ((Ubuntu))
139/tcp open netbios-ssn Samba smbd 3.6.9
445/tcp open netbios-ssn Samba smbd 3.6.9
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 7.31 seconds

Vulnerability Information

# searchsploit samba 3.6.9
------------------------------------------------------------------------------------------------------------------
Exploit Title | Path
------------------------------------------------------------------------------------------------------------------
Samba 3.0.20 - 3.0.25rc3 - Username Handling Remote Code Execution (Metasploit) | unix/remote/16320.rb
Samba 3.0.21 < 3.0.24 - 'lsa_io_trans_names' Heap Overflow (Metasploit) | unix/remote/10059.rb
Samba 3.0.24 - 'lsa_io_trans_names' Heap Overflow (Metasploit) | unix/remote/10060.rb
Samba 3.0.10 - 3.3.5 - 'lsa_remote' Memory Corruption (Metasploit) | unix/remote/10058.rb
Samba 3.0.20 < 3.0.25rc3 - 'trans2open' Remote Overflow (Metasploit) | unix/remote/9945.rb
Samba 3.0.21 - 3.0.24 - 'lsa_io_trans_names' Heap Overflow (Metasploit) | unix/remote/10059.rb
Samba 3.0.24 - 'lsa_io_trans_names' Heap Overflow (Metasploit) | unix/remote/10060.rb
Samba 3.0.10 - 3.3.5 - 'lsa_remote' Memory Corruption (Metasploit) | unix/remote/10058.rb
Samba 3.0.20 < 3.0.25rc3 - 'trans2open' Remote Overflow (Metasploit) | unix/remote/9945.rb
Samba 3.6.9 - IsKnownDword Unicode Buffer Overflow (Metasploit) | unix/remote/10061.rb
------------------------------------------------------------------------------------------------------------------
Shellcodes: No Results
------------------------------------------------------------------------------------------------------------------

Submit Flag for Network Scanning

Based on the Nmap scan results and vulnerability information, identify the vulnerable service and submit the flag.

Hint for Network Scanning

Look for services with known vulnerabilities. The flag is FLAG{SAMBA_VULNERABILITY_DETECTED}

Permission Bypass

Back to Challenges

Permission Bypass: Challenge Description

This challenge focuses on identifying and exploiting Android permission vulnerabilities. Android permissions control what an app can and cannot do, but sometimes these permissions can be bypassed or misused.

What are Android Permissions?

Android permissions are used to protect access to sensitive data and restricted functionality. Apps must request permission from the user to access certain features or data. However, improper implementation can lead to security vulnerabilities.

Permission Bypass: Learning Objectives

  • Understand Android permission system
  • Identify permission declaration in manifest
  • Recognize permission bypass techniques
  • Understand insecure permission implementation
  • Learn to exploit permission vulnerabilities

Your Task: Permission Bypass

Analyze the Android application code below to identify the permission vulnerability and extract the flag. The application has a custom permission implementation that can be bypassed.

Vulnerable Application: SecureNotes v2.0

This application claims to securely store user notes, but has a critical permission vulnerability that allows unauthorized access to protected data.

Package Name

com.example.securenotes

Version

2.0 (release)

Min SDK

24 (Android 7.0)

Target SDK

33 (Android 13)

Android Permissions

READ_EXTERNAL_STORAGE
Granted
WRITE_EXTERNAL_STORAGE
Granted
com.example.securenotes.PERMISSION_ACCESS_NOTES
Denied

AndroidManifest.xml

NotesProvider.java

Submit Flag for Permission Bypass

Based on the code analysis, identify the permission vulnerability and submit the flag.

Hint for Permission Bypass

The permission check is incomplete. The flag is FLAG{PERMISSION_BYPASS_SUCCESS}

Termux Tool Installation

Back to Challenges

Tool Installation: Challenge Description

This challenge teaches you how to install security tools in Termux from various sources. Termux uses the pkg package manager, but sometimes you need to install tools from source or third-party repositories.

What is Tool Installation in Termux?

Termux provides a package manager called pkg that allows you to install thousands of pre-compiled packages. However, some security tools may need to be installed from source or from third-party repositories.

Tool Installation: Learning Objectives

  • Understand Termux package management
  • Learn to install from official repositories
  • Install tools from third-party repositories
  • Compile tools from source
  • Troubleshoot installation issues

Your Task: Tool Installation

Follow the steps below to install various security tools in Termux. Enter the correct commands in the simulated terminal to complete the installation process.

Installation Steps

Termux Terminal Simulator

Submit Flag for Tool Installation

Once you've completed all the installation steps, you'll receive the flag. Enter it below to complete the challenge.

Hint for Tool Installation

Follow the installation steps in order: pkg update, pkg install python, pkg install git, pkg install nmap, pkg install unstable-repo, pkg install metasploit

Android Forensics

Back to Challenges

Android Forensics: Challenge Description

This challenge introduces you to Android forensics, the process of extracting and analyzing data from Android devices. Mobile forensics is crucial for investigating security incidents and recovering evidence.

What is Android Forensics?

Android forensics involves extracting and analyzing data from Android devices to uncover evidence of criminal activity, security breaches, or other incidents. This includes examining file systems, application data, and system logs.

Android Forensics: Learning Objectives

  • Understand Android file system structure
  • Learn to extract application data
  • Analyze SQLite databases
  • Examine system logs
  • Recover deleted files

Your Task: Android Forensics

Analyze the simulated Android device data below to find hidden information and extract the flag. The data includes application databases, system logs, and file system information.

Device Information

Application Data

SQLite Database (messages.db)

System Logs

File System

Submit Flag for Android Forensics

Based on the forensic analysis, submit the flag you found in the data.

Hint for Android Forensics

Look for the flag in the SQLite database and system logs. The flag is FLAG{FORENSICS_DATA_FOUND}