REMnux is a Linux toolkit for reverse-engineering and dissecting software, it includes a collection of free tools created by the community that allows researchers to investigate malware.
The toolkit was first released in 2010 by SANS fellow researcher Lenny Zeltser, who is still maintaining the software.
The last turn of the toolkit is version 7, which includes hundreds of new tools, while some old ones were removed from the Linux distro.
The easiest way to use the REMnux distro is to download its virtual machine in the OVA format and import it into an hypervisor.
The toolkit could also be installed as a standalone Linux distro, or run within a Docker container.
The tools in REMnux toolkit allow to dissects suspicious executables and artifacts, perform static and dynamic analysis of malicious code, run memory forensics on a compromised host, explore network and system interactions for behavioral analysis.
Lenny Zeltser will provide additional details on the new REMnux version in a free webcast on Tuesday, July 28 (10:30 EDT).
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(SecurityAffairs – malware analysis, Linux toolkit)