Santoku Linux – Mobile Forensics, Malware Analysis, and App Security Testing LiveCD


The word santoku loosely translates as ‘three virtues’ or ‘three uses’. Santoku Linux has been crafted with a plethora of open source tools to support you in three endeavours, mobile forensics, malware analysis and security testing. Boot into Santoku and get to work, with the latest security tools and utilities focused on mobile platforms such as Android and iOS.

Santoku - Mobile Forensics, Malware Analysis, and App Security Testing LiveCD

Pre-installed platform SDKs, drivers, and utilities, plus helpful tools for easy deployment and control of mobile apps. Auto Detection and setup of new connected mobile devices. To make future updating of Santoku WAY easier for users, we’re hosting a repository. Set it up just once and get updates with package management instead of downloading a whole new iso.

Mobile Forensics

Tools to acquire and analyze data

  • Firmware flashing tools for multiple manufacturers
  • Imaging tools for NAND, media cards, and RAM
  • Free versions of some commercial forensics tools
  • Useful scripts and utilities specifically designed for mobile forensics

Mobile Malware

Tools for examining mobile malware

  • Mobile device emulators
  • Utilities to simulate network services for dynamic analysis
  • Decompilation and disassembly tools
  • Access to malware databases

Mobile Security

Assessment of mobile apps

  • Decompilation and disassembly tools
  • Scripts to detect common issues in mobile applications
  • Scripts to automate decrypting binaries, deploying apps, enumerating app details, and more

You can download Santoku here:

santoku_0.5.iso (Direct ISO)
santoku_0.5.iso.torrent (Torrent)

Or read more here.

Posted in: Exploits/Vulnerabilities, Linux Hacking, Malware

, ,


Latest Posts:


Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.
UBoat - Proof Of Concept PoC HTTP Botnet Project UBoat – Proof Of Concept PoC HTTP Botnet Project
UBoat is a PoC HTTP Botnet designed to replicate a full weaponised commercial botnet like the famous large scale infectors Festi, Grum, Zeus and SpyEye.
LambdaGuard - AWS Lambda Serverless Security Scanner LambdaGuard – AWS Lambda Serverless Security Scanner
LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.
exe2powershell - Convert EXE to BAT Files exe2powershell – Convert EXE to BAT Files
exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows.
HiddenWall - Create Hidden Kernel Modules HiddenWall – Create Hidden Kernel Modules
HiddenWall is a Linux kernel module generator used to create hidden kernel modules to protect your server from attackers.
Anteater - CI/CD Security Gate Check Framework Anteater – CI/CD Security Gate Check Framework
Anteater is a CI/CD Security Gate Check Framework to prevent the unwanted merging of filenames, binaries, deprecated functions, staging variables and more.


Comments are closed.