REMnux is a Linux distro for malware researchers that has a curated collection of free tools used for examining executables, documents, scripts, and other forms of malicious code. The tools help researchers to find, install, and configure the tools.
The initial release was before 10 years, now a new version REMnux 7 is released. It can be installed as a virtual appliance or standalone operating system or can be run as a docker container.
The distro is based on Ubuntu, created and maintained by Lenny Zeltser, an instructor and author at SANSInstitute.
New REMnux v7
With the new version, all the tools have been refreshed, some of the old tools have been retired and many new tools have been added.
Number of new tools has been added with the latest version to perform the following tasks
- Examine Static Properties
- Statically Analyze Code
- Dynamically Reverse-Engineer Code
- Perform Memory Forensics
- Explore Network Interactions
- Investigate System Interactions
- Check static properties
- Gather and analyze data
- Static code analysis
Zeltser also scheduled a webcast What’s New in REMnux on July 28, 2020, to showcase the new distro, if you are interested you can join.
Also, the documentation is revamped let anyone become familiar with its tools and also explains the distro’s building blocks.
Zeltser also released a new cheat sheet that outlines the tools and commands for analyzing malware using the REMnux v7.
Malware Analysis Course: Certified Malware Analyst Course where you learn about Exploit Development, Expert Malware Analysis, Threat Research & Reverse Engineering