Smartphone-Pentest-Framework (SPF) up and running in Kali Linux - Pentestmag

Smartphone-Pentest-Framework (SPF) up and running in Kali Linux


You can already read a fragment of the next issue publication - Mobile Pentesting. This issue appears shortly on PenTest Magazine Website. You can check on pre-order here

Want to know how to install Smartphone-Pentest-Framework in Kali Linux? We are sharing a step by step tutorial divided to several parts.

Read now and share your opinion in the comments section ! :)

Install Smartphone-Pentest-Framework in Kali Linux

Step1: Start MySQL, Apache2 services in Kali Linux


Step2: Clone the git repository for SPF change directories to the newly created Smartphone-Pentest-Framework directory as shown below.


Step3: Run the kali install script as shown below.


Step4:-Check out your Kali Linux machine IP Address.

Step5:- Finally, you need to edit the SPF configuration file to match your environment. The SPF configuration file is located at “/root/Smartphone-Pentest-Framework/frameworkconsole” directory under the name “config”. You need to change any options to meet your environment if it is different.


Step6:- Configuration file” We need to change in IPADDRESS & SHELLIPADDRESS to your Kali Machine IP Address. The IPADDRESS option should be set to the IP address of your webserver. The SHELLIPADDRESS option should be set to the IP address, where listeners should listen on for the incoming shells. Other options in the configuration file include paths to software and database login information.


Step7:- Now you are ready to run the SPF server. Start SPF from the “frameworkconsole” directory. Run “”.

You should be presented to the SPF menu as shown below.


Step8:- SPF stores information about Agents, attacks, etc. in the database. To clear out any data from the database or set it up for the first time, you need to choose option “7.) Clear/Create Database from the main menu”. You will be reasked to make sure you intend to destroy all your logs. Type “y”.


If this is successfully done, your SPF can communicate with the database. If an error appears, make sure the database server is running and the options in the config file are chosen correctly.


For the next step on the SPF configuration, you need to launch Android SDK Tool, but further steps can be found in the Mobile Pentesting issue by PenTest Magazine. We encourage to discover more in the issue by visitng

Remember, that your comment is more that appreciated and your discussion engagement is a welcomed activity in here!

Explore Mobile PenTesting!


Karina Radzikowska and PenTest Magazine


September 2, 2014
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023