Mobile app analysis with Santoku Linux – Andrew Hoog


Mobile app analysis with Santoku Linux – Andrew Hoog

Did you think there were a lot of mobile devices and platforms out there? Check out the hundreds of mobile tools being developed. We calculated it would take more time to install, test and maintain the various mobile tools than to actually fuzz the hell out all existing mobile operating systems. So, we created Santoku Linux, a F/OSS, bootable Linux distro to make life easier for mobile hackers.

We pre-install not only the mobile platforms but promising tools in development. Santoku covers mobile forensics, mobile malware analysis and mobile security testing. The distribution is based on Lubuntu 12.04 x86_64 and we recently moved to .deb support for simplified upgrades. The Santoku website contains useful information on Santoku, notable:
• Tools:
• Changelog:

This talk will introduce Santoku and provide live demos of 1) how to forensically acquire and analyze Android and iOS devices, 2) several tools to perform security audits of mobile devices and apps, and 3) how to analyze mobile malware analysis. All demos will leverage tools preinstalled on Santoku Linux and will cover both the iOS and Android platforms.


Hoog Andrew
CEO/Co-Founder, viaForensics, LLC

Andrew Hoog is a computer scientist, mobile forensics researcher and co-founder of viaForensics, a mobile security company. Andrew has two patents pending and is the author of two books on mobile forensics and security. When not breaking (or fixing) things, he enjoys great wine, science fiction, running and tinkering with geeky gadgets.

Managed by the official OWASP Media Project