Santoku is a bootable linux distribution focused on mobile forensics, analysis, and security.

It comes with pre-installed platform SDKs, drivers and utilities and allows auto detection and setup of new connected mobile devices.

Santoku Linux is a free and open community project sponsored by NowSecure who provide core team members, and some tools for inclusion in the platform (ex. AFLogical OSE).

Features

Mobile Malware Analysis

  • Mobile device emulators
  • Utilities to simulate network services for dynamic analysis
  • Decompilation and disassembly tools
  • Access to malware databases

Mobile Forensics

  • Firmware flashing tools for multiple manufacturers
  • Imaging tools for NAND, media cards, and RAM
  • Free versions of some commercial forensics tools
  • Useful scripts and utilities specifically designed for mobile forensics

Mobile Security Testing

  • Decompilation and disassembly tools
  • Scripts to detect common issues in mobile applications
  • Scripts to automate decrypting binaries, deploying apps, enumerating app details, and more

Installation

Santoku disk image is build on top of a Lubuntu distro.

It can be booted from USB/CD and can run both in VirtualBox or VMWare Player.

Santoku Linux 0.5 is a64-bit OSS and will only work with64-bit hardware and softwaree

The ISO is available through SourceForge as both a full 2.5GB .iso download as well as a torrent of the .iso.

Additionally, instead of downloading the full .iso you can download Lubuntu (14.04 64-bit) and update your OS with the new Santoku packages.

  1. Download the Lubuntu 14.04 x64 iso using links below and install up your Linux system/VM.
**Download Lubuntu 14.04 64-bit: (HTTP   Torrent)**
  1. Apply updates in Lubuntu . (This will take some time.) Restart.
  2. Download this build script directly on your Lubuntu install, rename it to just .sh extension and make it executable.
  3. Open a terminal and run the script.

Santoku-05 build.sh

Demo

https://www.youtube.com/watch?v=1l6RUjK09bU&list=PLH1p-LrvEkkuV6RxPw9CDrZdXEOnlWU5I

References

  • Official website
  • Twitter account
  • Sourceforge repository