Santoku is a free Linux distribution that is packed with tools designed for mobile forensics, malware analysis, and security testing.

Tools for Mobile Forensics:

Firmware flashing tools for multiple manufacturers

Imaging tools for NAND, media cards, and RAM, free versions of some commercial forensics tools

Useful scripts and utilities specifically designed for mobile forensics

Tools for analysing malware:

Mobile device emulators

Utilities to simulate network services for dynamic analysis

Decompilation and disassembly tools

Access to malware databases



Tools for security assessment of mobile apps:

Decompilation and disassembly tools

Scripts to detect common issues in mobile applications

Scripts to automate decrypting binaries, deploying apps, enumerating app details, and more







Note: The word "Santoku" loosely translates as 'three virtues' or 'three uses'. The word "" loosely translates as 'three virtues' or 'three uses'.





The official website provides the full .ISO image for 64-bit systems (there is no 32-bit version available). You can download it, and then burn it onto a CD or USB drive.





Instead of downloading the full .ISO, you can also download Lubuntu and update your OS with the new Santoku packages.





The Santoku 0.5 requires a Lubuntu 14.04 64-bit install (you can make a VM in Virtualbox) which is then updated with the Santoku package repository.





Here is how to do it:





1. Download the Lubuntu 14.04 x64 iso using links below and install up your Linux system/VM.





2. Apply updates in Lubuntu. (This will take some time.) Restart.





3. Download this build script directly on your Lubuntu install, rename it to just .sh extension and make it executable.















Download Santoku (Official Link) 4. Open a terminal and run the script. (Or, to exercise your Linux-fu, type the commands.)



