Santoku - A Linux Distro For Mobile Security, Malware Analysis, and Forensics

Santoku -  A Linux Distro For Mobile Security, Malware Analysis, and Forensics

Santoku is a free Linux distribution that is packed with tools designed for mobile forensics, malware analysis, and security testing.

Tools for Mobile Forensics:
  • Firmware flashing tools for multiple manufacturers
  • Imaging tools for NAND, media cards, and RAM, free versions of some commercial forensics tools
  • Useful scripts and utilities specifically designed for mobile forensics

Tools for analysing malware:
  • Mobile device emulators
  • Utilities to simulate network services for dynamic analysis
  • Decompilation and disassembly tools
  • Access to malware databases

Tools for security assessment of mobile apps:
  • Decompilation and disassembly tools
  • Scripts to detect common issues in mobile applications
  • Scripts to automate decrypting binaries, deploying apps, enumerating app details, and more

Santoku linux distribution snapshot

Note: The word "Santoku" loosely translates as 'three virtues' or 'three uses'.

The official website provides the full .ISO image for 64-bit systems (there is no 32-bit version available).  You can download it, and then burn it onto a CD or USB drive.

Instead of downloading the full .ISO, you can also download Lubuntu and update your OS with the new Santoku packages.

The Santoku 0.5 requires a Lubuntu 14.04 64-bit install (you can make a VM in Virtualbox) which is then updated with the Santoku package repository.

Here is how to do it:

1. Download the Lubuntu 14.04 x64 iso using links below and install up your Linux system/VM.

2. Apply updates in Lubuntu. (This will take some time.) Restart.

3. Download this build script directly on your Lubuntu install, rename it to just .sh extension and make it executable.

4. Open a terminal and run the script. (Or, to exercise your Linux-fu, type the commands.)

No comments

Powered by Blogger.