Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
SUBSCRIBE
Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
Zerosecurity
No Result
View All Result
Home Mobile Security

New Linux Distro for Mobile Security

Paul Anderson by Paul Anderson
August 19, 2012 - Updated on May 19, 2022
in Mobile Security, Security
2
wireless security picture e9bf3defe9fdaebb1a622354d799392a
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

wireless security picture e9bf3defe9fdaebb1a622354d799392aThe Three Virtues or Three Uses

You might also like

BreachForums Owner Arrested and Charged

Stolen credit card market BidenCash leaks over 2 million credit cards

Android is getting firmware level security improvements

Santoku Linux is aimed at Mobile Forensics, Mobile Malware Analysis, and Mobile Security Testing; these three aims are called the three virtues or the three uses of the said distribution and is the very foundation for the existence of this new distro. With these three virtues, users can use the free and open source tools and some of the commercial tools of Santoku Linux to forensically acquire and analyze data, examine mobile malware, detect malicious softwares, and support security assessment of mobile applications because of the increasing amount of malware that has plagued the users of mobile phones or smart phones. If you are into mobile security and mobile forensics then this distribution is definitely right for you.

Mobile Forensics:

  • Firmware flashing tools for multiple manufacturers
  • Imaging tools for NAND, media cards, and RAM
  • Free versions of some commercial forensics tools
  • Useful scripts and utilities specifically designed for mobile forensics

Mobile Malware Analysis

  • Mobile device emulators
  • Utilities to simulate network services for dynamic analysis
  • Decompilation and disassembly tools
  • Access to malware databases

Mobile Security Testing

  • Decompilation and disassembly tools
  • Scripts to detect common issues in mobile applications
  • Scripts to automate decrypting binaries, deploying apps, enumerating app details, and more

List of Tools for the Alpha Release

Aside from the platform’s three endeavors which are Mobile Forensics, Mobile Malware Analysis, and Mobile Security Testing, this platform can also be used for Application Security Testing and Penetration Testing. As of this moment, the tools included in the July 2012 alpha release are categorized into Development Tools, Reverse Engineering, Penetration Testing, Wireless Analyzers, Device Forensics, and Mobile Infrastructure.

Development Tools:

  • Android SDK Manager
  • Apple Xcode IDE
  • BlackBerry JDE
  • BlackBerry Tablet OS SDK
  • BlackBerry WebWorks
  • DroidBox
  • Eclipse IDE
  • Windows Phone SDK
  • Android 2.3.3, 3.2, and 4.0.3 Emulators
  • SecurityCompass Lab Server (HTTP and HTTPS)
  • BlackBerry Ripple
  • BlackBerry Simulators

The set of tools for this category contains software development kits (SDK) or devkits plus the Eclipse IDE (Integrated development environment) in order to create or code applications for mobile software packages. Aside from the development environments, it also comes with emulators and simulators for the Android OS and the Blackberry. Thus, you can test the versions 2.3.3, 3.2, and 4.0.3
for the Android OS for your hacking needs.

Penetration Testing:

  • CeWL
  • DirBuster
  • Fierce
  • Nikto
  • nmap
  • Burp Suite
  • Mallory
  • w3af Console
  • w3af GUI
  • ZAP
  • BeEF
  • Ettercap
  • iSniff
  • Metasploit Console
  • Metasploit GUI
  • NetSed
  • SET
  • SQLMap
  • SSLStrip

With the addition of the tools for the Penetration Testing category, users can do penetration testing easier without the hassle of installing your favorite pentesting tools for web applications and servers. Because pentesting is very important. And so, Fire it all up! 

Reverse Engineering:

  • APK Tool
  • Dex2Jar
  • Flawfinder
  • Java Decompiler
  • Strace

With the set of tools for Reverse Engineering, users will be able to reverse engineer third party, closed, binary Android apps and rebuild them easier. Thus, making it your average distro for examining source codes and looking for security weaknesses, decompilation, and debugging. This is very important because nowadays a lot of developers who don’t practice or are not aware of safe coding have released their softwares in the Android Market.

Wireless Analyzers:

  • Aircrack-ng
  • Kismet
  • Ubertooth Kismet
  • Ubertooth Spectrum Analyzer
  • Wireshark

Santoku Linux also includes tools for wireless spectrum, packet analysis of wireless devices, sniffing the network, and for monitoring wireless networks. And of course, it can also be used for cracking and retrieving WEP, WPA/WPA2 keys just like other penetration testing distros out there. Thus, eliminating some of your time in installing your favorite Aircrack-Ng suite.

Device Forensics:

  • AFLogical Open Source Edition
  • Android Encryption Brute Force
  • BitPim
  • BlackBerry Desktop Manager
  • Foremost
  • iPhone Backup Analyzer
  • MIAT
  • Paraben Device Seizure
  • Sift Workstation
  • Sleuth Kit
  • SQLiteSpy

The Device Forensic Tools will help you in your endeavor in analyzing data, data recovery, data manipulation and exploration, investigate disk images, seize digital evidences, software auditing, and for testing the security of your mobile phones. The Paraben Device Seizure for example has been giving forensic examiners access to mobile device data for over 10 years and is recognized as the first tool for the forensic analysis of cell phones. 

Mobile Infrastructure:

  • BES Express
  • Google Mobile Management
  • iPhone Configuration Tool

These categories will help you with your mobile phone’s configuration and installation of its apps or platforms. Take for example the iPhone Configuration Tool which lets you easily create, maintain, encrypt, and push configuration profiles, track and install provisioning profiles and authorized applications, and capture device information including console logs[1]
and the BlackBerry Enterprise Server Express which is a free software to mobilize email platforms for growing businesses[2].

There are tools that are still to be updated or added and if you want a cool tool to be added on the distribution then feel free to drop your message or request in the contact page of the Santoku Linux’s official website. Remember, Santoku Linux is by the Community and for the Community. It’s still an alpha release so expect more tools to be added and more improvements.

Getting Started (for newbies)

Santoku can be downloaded at santoku-linux.com (official website) and the full .iso image or file capacity is 3+ GB so be sure you have a fast connection. Santoku is a pre-configured Linux environment so if you want to install it in your computer or laptop as one of your Operating Systems (multi-boot or dual boot) or as your primary Operating System then you need to create a bootable DVD or USB using the ISO image. Then boot the bootable or live DVD by prioritizing it as your first boot device. If all goes well, you should see something like this:

If you really want to install Santoku Linux then choose the third option that says “install – start the installer directly” or if you just want to try it out first before installing it then choose “live – boot the Live System”,the installation should let you choose your language, time zone, clock settings, and allow you to erase the entire hard disk or install with other OS’s. However, if you have chosen the first option which boots you to the pre-configured Linux environment without installing it, you should see a graphical interface that asks you for a password.

Make sure that you type the word “santoku” in the box that lets you input the password. The next thing you should see is the Desktop Wallpaper of a santoku knife and now you can already play with the distro.

And if want to boot or emulate it with Oracle’s Virtualbox then you can just follow this instruction from the official blog of Santoku.

Santoku Pro

You may be wondering why there is a link for Santoku Pro in the download link of the official website of Santoku Linux so let me explain a few things about it. The Santoku Pro version will be released later this year (2012) and this version will offer an easy-to-use interface for mobile application security assessment. So be sure to subscribe to the mailing list in order to be updated for this version and for the new tools update because there are still a lot of tools that will soon be added for this new distribution because the Santoku Community (contributors) is growing. Stay tuned!

Santoku Linux Download Page:
https://santoku-linux.com/download

References:

http://www.apple.com/support/iphone/enterprise/

http://us.blackberry.com/business/software/besx.html

http://www.paraben.com/device-seizure.html

Tags: forensicsinformationmobilesecurity
Share30Tweet19
Paul Anderson

Paul Anderson

Editor and chief at ZeroSecurity. Expertise includes programming, malware analysis, and penetration testing. If you would like to write for ZeroSecurity, please click "Contact us" at the top of the page.

Recommended For You

BreachForums Owner Arrested and Charged

by Paul Anderson
March 17, 2023
0
BreachForums Owner Arrested and Charged

On Wednesday afternoon, federal agents arrested a man in Peekskill, New York, for allegedly running a dark web data breach site known as "BreachForums." The suspect, Conor Brian...

Read more

Stolen credit card market BidenCash leaks over 2 million credit cards

by Paul Anderson
March 3, 2023
0
Stolen credit card market BidenCash leaks over 2 million credit cards

BidenCash, a marketplace that focuses on carding, has leaked a database of 2,165,700 credit and debit cards to celebrate its first anniversary. Instead of keeping the leak a...

Read more

Android is getting firmware level security improvements

by Paul Anderson
February 22, 2023
0
Android is getting firmware level security improvements

Android is the most widely used mobile operating system in the world, but it is also the most challenging to protect against evolving security threats. Google is working...

Read more

New iOS and iPadOS update pushed to fix zero-day bugs

by Kyle
February 17, 2023 - Updated on February 19, 2023
0
New iOS and iPadOS update pushed to fix zero-day bugs

Cybercriminals and "commercial" spyware developers frequently target iOS devices to carry out surveillance operations, data theft, and other nefarious actions. By identifying a weakness in Apple's iOS WebKit,...

Read more

Cloudflare Stops Record-Breaking DDoS

by Christi Rogalski
June 29, 2022
0
Cloudflare record breaking DDoS

Cloudflare has reported that it successfully neutralized the largest recorded DDoS attack in history. The attack, a 26 million request per second onslaught, targeted a customer on the...

Read more
Next Post
10 Faroe Islands Sites Hacked for #OpHarpoon

10 Faroe Islands Sites Hacked for #OpHarpoon

Related News

Netwire RAT seized by FBI and other worldwide police agencies

Netwire RAT seized by FBI and other worldwide police agencies

March 16, 2023
The Emotet botnet returns and is sending a slew of malicious emails

The Emotet botnet returns and is sending a slew of malicious emails

March 14, 2023
Update-resistant malware infects SonicWall security appliances

Update-resistant malware infects SonicWall security appliances

March 12, 2023
Zerosecurity

We cover the latest in Information Security & Blockchain news, as well as threat trends targeting both sectors.

Categories

  • Crypto
  • Data Breaches
  • DotNet Framework
  • Downloads
  • Exploits
  • Exploits
  • Information
  • Legal
  • Malware
  • Malware Analysis
  • Mobile Security
  • Paper Downloads
  • Piracy
  • Privacy
  • Programming
  • Public
  • Security
  • Security
  • Software & Service Reviews
  • Technology News
  • Tools
  • Tutorials
  • Video Tutorials
  • Whitepapers
  • Zero Security
  • Contact Us
  • List of our Writers

© 2022 ZeroSecurity, All Rights Reserved.

No Result
View All Result
  • Home
  • Security
  • Exploits
  • Data Breaches
  • Malware
  • Privacy
  • Mobile Security
  • Tools
  • Contact Us
  • Privacy Policy

© 2022 ZeroSecurity, All Rights Reserved.