Thursday, December 5, 2024
HomeLinuxREMnux - A Linux-based Malware Analysis Toolkit for Malware Researchers

REMnux – A Linux-based Malware Analysis Toolkit for Malware Researchers

Published on

SIEM as a Service

REMnux is a Linux distro for malware researchers that has a curated collection of free tools used for examining executables, documents, scripts, and other forms of malicious code. The tools help researchers to find, install, and configure the tools.

The initial release was before 10 years, now a new version REMnux 7 is released. It can be installed as a virtual appliance or standalone operating system or can be run as a docker container.

The distro is based on Ubuntu, created and maintained by Lenny Zeltser, an instructor and author at SANSInstitute.

- Advertisement - SIEM as a Service

New REMnux v7

With the new version, all the tools have been refreshed, some of the old tools have been retired and many new tools have been added.

Number of new tools has been added with the latest version to perform the following tasks

  • Examine Static Properties
  • Statically Analyze Code
  • Dynamically Reverse-Engineer Code
  • Perform Memory Forensics
  • Explore Network Interactions
  • Investigate System Interactions
  • Check static properties
  • Gather and analyze data
  • Static code analysis

Zeltser also scheduled a webcast What’s New in REMnux on July 28, 2020, to showcase the new distro, if you are interested you can join.

Also, the documentation is revamped let anyone become familiar with its tools and also explains the distro’s building blocks.

Zeltser also released a new cheat sheet that outlines the tools and commands for analyzing malware using the REMnux v7.

You can add REMnux as a virtual appliance, install the distro on a dedicated system, add it to an existing one, or Run REMnux as a container.

Malware Analysis Course: Certified Malware Analyst Course where you learn about Exploit Development, Expert Malware Analysis, Threat Research & Reverse Engineering

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read

Free Open Source Penetration Testing Distro BackBox Linux 6 Released with new Hacking Tools

Powerful Penetration Testing Distro Kali Linux Now available in Windows 10

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

HCL DevOps Deploy / Launch Vulnerability Let Embed arbitrary HTML tags

Recently identified by security researchers, a new vulnerability in HCL DevOps Deploy and HCL...

CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, & ProjectSend Flaws Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being...

HackSynth : Autonomous Pentesting Framework For Simulating Cyberattacks

HackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to...

Fuji Electric Indonesia Hit by Ransomware Attack

Fuji Electric Indonesia has fallen victim to a ransomware attack, impacting its operations and...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Linux 6.13-rc1 Released: What’s New!

In a recent announcement, Linus Torvalds, the creator of Linux, officially released the first...

“Bootkitty” – A First Ever UEFI Bootkit Attack Linux Systems

Cybersecurity researchers have uncovered the first-ever UEFI bootkit designed to target Linux systems.This...

Rekoobe Backdoor In Open Directories Possibly Attacking TradingView Users

APT31, using the Rekoobe backdoor, has been observed targeting TradingView, a popular financial platform,...