Digital forensic field took a step forward and released a new Linux distro for mobile. Its alpha version was made available for analyzing and many other phases of mobile forensics and malware examination, which also includes the testing needed for securities. This new distro is nothing but new Santoku Linux. For users who are less aware, Santoku name originated from Japan, which refers to a general purpose kitchen knife. The distro is not from Japan, but this name which also means “three virtues” or “three purposes”, was given by project leader of Santoku Linux, Thomas Cannon. This clearly states the three sectors it works for i.e. Mobile Forensics, Mobile Malware Examinations, and Mobile Security Testing. This project was an innovative effort for the digital forensics specializing in the computer and mobile forensics. It also included mobile apps security, information security, testing and training.
Santoku Linux provides this Mobile forensics, malware examination and testing as basic amenities. Users can utilize free and open source utilities along with some commercial application of Santoku in order to acquire and analyze the forensic pieces of evidence.
Linux distro for mobile is also available for Application Security Testing along with Penetration Testing. With alpha release, tools were included as per following categories; Development Tools, Penetration Testing, Device Forensics, Mobile Infrastructure, Wireless Analyzer, etc.
List of Development Tools:
This category comprises of the software development kits (SDK) or Eclipse IDE for creating applications or its coding for mobile apps packages. It also includes the emulators and simulators for the Android OS and BB. Various versions can be tested here for hacking needs.
List Of Penetration Testing Tools:
With these utilities, users can easily perform the penetration testing without any further installation needed.
List of Reverse Engineering Tools:
Rebuilding and reverse engineering of third party binary Android apps can be done using these tools.
List of Wireless Analyzers of Tools:
Santoku Linux package also holds tools for the wireless spectrum, packet analysis, network analysis, etc. WEP, WPA/WPA2 keys can be retrieved using these tools as well.
List of Device Forensics of Tools:
This is to facilitate with the data recovery, data analysis, manipulation, investigating disk, etc.
List of Mobile Infrastructure Tools:
All the categories not only provide the mobile phone’s configuration and the installation procedures of the apps and platforms.
Santoku can be downloaded from the official website. The complete project is very large in memory. It is basically a pre-configured Linux environment and it can be installed as the OS it is important to create a bootable DVD or USB using an ISO image. In case users want the installation of Santoku Linux directly, “install-start installer directly” option can be chosen. In case users want to try it prior installation, “live-boot the Live System” option can be chosen.
One of the facilities provided by the Linux Distro for mobile is Mobile Forensics which is of great relevance for digital forensics done on mobile devices. It has several utilities and scripts in order to acquire and then examine the mobile data. This includes the firmware flashing tools and tools for collection and imaging of media cards. Some commercial tools are also available in the same package which can make it possible to analyze the Sqlite databases created by the Phone apps.