REMnux, a Linux-based malware analysis toolkit has just got an upgrade to version 7. The new kit has dumped several old tools and comes with hundreds of new tools for today’s malware analysis. The maker has given clear documentation of installing, using, and even finding the right tools quickly. Further, there’s even a webcast being conducted to explain the new changes.
REMnux Version 7 Launched With Updated Tools
Linux is preferred by many programmers and security researchers for coding and its analysis. Since the platform is so robust for handling such tasks, toolkits like REMnux are pretty useful for those trying to analyze malware and trojans. The tools it provides has been used by security researchers for years in dissecting and scrutinizing them.
The REMnux tool kit relies completely on SaltStack to install and configure the software, and be tried either as a standalone operating system, or a virtual appliance, or run as a Docker container. The new kit consists of hundreds of tools to serve different utilities. Here’s how it helps;
- Running memory forensics on an infected host
- Examining and Analysing suspicious executables, documents, and other artifacts.
- Dynamically reverse-engineering of malicious code
- Check static properties and Static code analysis
- Gathering and analyzing data
- Exploring network and system interactions for behavioral analysis
Lenny Zeltser, a SANS Faculty Fellow and course author has made this kit and maintaining ever since its inception. The REMnux is decade old and is one of the best toolkits for malware analysis for Linux. Besides giving clear documentation on its usage, Zeltser is also giving a free webcast on July 28th at 10.30 EDT to help users learn more about it.