Mobile security, forensics & malware w/ Santoku

Presented at THOTCON 0x4 (2013), April 26, 2013, 6:30 p.m. (50 minutes).

Did you think there were a lot of mobile devices and platforms out there? Check out the hundreds of mobile tools being developed. We calculated it would take more time to install, test and maintain the various mobile tools than to actually fuzz the hell out all existing mobile operating systems. So, we created Santoku Linux, a F/OSS, bootable Linux distro to make life easier for mobile hackers. We pre-install not only the mobile platforms but promising tools in development. Santoku covers mobile forensics, mobile malware analysis and mobile security testing. This talk will introduce Santoku and provide demos of 1) how to forensically acquire and analyze Android and iOS devices, 2) several tools to perform security audits of mobile devices and apps, and 3) an approach to mobile malware analysis. All demos will leverage tools preinstalled on Santoku Linux. As a bonus, the talk will demonstrate another very different type of hacking. Throughout the talk, the sport of hacky sack (footbag) will be discussed and demoed including origins, how to play, why hacky sack is a great sport for hackers and how to perform different freestyle tricks. Audience participation will be encouraged.


Presenters:

  • James M. Drake
    James M. Drake is a mobile security researcher with a unique professional and educational background. After training in applied statistics and probability theory on the trading floors of the Chicago Mercantile Exchange, James became a successful independent trader of equities and commodities. His keen interest in electronics and information security led him to shift gears and pursue computer science and mobile security. At viaForensics, his area of research includes mobile exploits, JTAG, Android and iOS forensics. He has thus far decided to remain amateur in the sport of hacky sack.

Similar Presentations: