.

REMnux: A Linux Distribution for Reverse-Engineering Malware

<<

blackazarro

User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Thu Jul 08, 2010 4:04 pm

REMnux: A Linux Distribution for Reverse-Engineering Malware

This just came out today:

REMnux is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software. The distribution is based on Ubuntu and is maintained by Lenny Zeltser.


Download it here.
Security+, OSCP, CEH
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Fri Jul 09, 2010 7:09 am

Re: REMnux: A Linux Distribution for Reverse-Engineering Malware

Very interesting, thanks nebu10z!

This distro can do more than Reverse Engineering:

Malware Analysis Tools Set Up On REMnux

Analyzing Flash malware: swftools, flasm, flare

Analyzing IRC bots: IRC server (Inspire IRCd) and client (Irssi). To launch the IRC server, type "ircd start"; to shut it down "ircd stop". To launch the IRC client, type "irc".

Network-monitoring and interactions: Wireshark, Honeyd, INetSim, fakedns and fakesmtp scripts, NetCat

JavaScript deobfuscation: Firefox with Firebug, NoScript and JavaScript Deobfuscator extensions, Rhino debugger, two versions of patched SpiderMonkey, Windows Script Decoder, Jsunpack-n

Interacting with web malware in the lab: TinyHTTPd, Paros proxy

Analyzing shellcode: gdb, objdump, Radare (hex editor+disassembler), shellcode2exe

Dealing with protected executables: upx, packerid, bytehist, xorsearch, TRiD

Malicious PDF analysis: Dider's PDF tools, Origami framework, Jsunpack-n, pdftk

Memory forensics: Volatility Framework and malware-related plugins

Miscellaneous: unzip, strings, ssdeep, feh image viewer, SciTE text editor, OpenSSH server


I will take a look at it soon...
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

Bane

Post Fri Jul 09, 2010 9:52 am

Re: REMnux: A Linux Distribution for Reverse-Engineering Malware

Lenny has been giving this out at his GREM courses for quite awhile. Nice to see that it is now publicly available.
<<

wmburke

User avatar

Newbie
Newbie

Posts: 17

Joined: Wed Sep 15, 2010 5:20 am

Post Thu Sep 30, 2010 8:53 am

Re: REMnux: A Linux Distribution for Reverse-Engineering Malware

Very Coooool thanks for the info  ;)
"If the only tool you have is a hammer, you tend to see every problem as a nail"
Abraham Maslow
<<

dante

User avatar

Jr. Member
Jr. Member

Posts: 58

Joined: Wed Jul 21, 2010 10:17 pm

Post Thu Sep 30, 2010 9:20 am

Re: REMnux: A Linux Distribution for Reverse-Engineering Malware

Even old posts in ethical-hacker.net are valuable.. Will download it right away... Thanks for bring this up back again  H0nd0CSI
<<

putosusio

Newbie
Newbie

Posts: 26

Joined: Wed Aug 12, 2009 8:20 pm

Post Thu Oct 28, 2010 1:20 am

Re: REMnux: A Linux Distribution for Reverse-Engineering Malware

Unfortunately, I may need to this soon.

Curse you chinese hackers ... well thank you in a sort of twisted way.  At least the malware is on a test system.
Its not the fixing that's the hard part, its knowing what needs fixing.

Return to Malware

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software