REMnux 5.0

A free and open source Linux distribution designed for reverse-engineering malware

  Add it to your Download Basket!

 Add it to your Watch List!


Rate it!

What's new in REMnux 4.0:

  • Key updates to existing tools and components:
  • Core system: Upgraded the underlying Ubuntu OS components and packages; increased default RAM of the virtual appliance to 512MB; replaced OpenJDK with Oracle Java 7 runtime.
  • Memory analysis: Updated Volatility to version 2.2.
Read full changelog
send us
an update
GPL (GNU General Public License) 
Lenny Zeltser
4.0/5 4
ROOT \ Linux Distributions
1 REMnux Screenshot:
REMnux - The desktop environment of the REMnux 5.0 Linux operating system
REMnux is an open source Ubuntu-based distribution of Linux specifically designed for malware analysts who are looking for a free alternative operating system to Microsoft Windows, in order for them to reverse-engineering malicious software.

Features at a glance

Key features include the ability to examine web browser malware, management of network interactions, decode and extract artifacts, examine document files, investigate Linux malware, statically examine PE files, examine file properties and contents, process multiple samples, examine memory snapshots, as well as to edit and view a wide range of files.

Distributed as a Live DVD and virtual appliance archive

The operating system can be downloaded as a single Live DVD ISO image that supports both 32-bit and 64-bit hardware platforms and must be written on DVD discs or USB flash drives of 2GB or higher capacity in order to boot it from the BIOS of a PC, as well as a virtual appliance archive (OVA) for the VirtualBox and VMware virtualization software.

It features a standard boot loader that can be found on a wide range of Linux distributions based on Ubuntu, allowing the user to start the live environment with default options or in safe graphics mode by forcing the VESA framebuffer, perform a system memory (RAM) test, and boot an existing operating system from the first disk.

Minimal, fast and productive desktop environment powered by LXDE

By default, the Live CD is engineered to open a terminal emulator from the get-go. It uses the Lightweight X11 Desktop Environment (LXDE) with a dark artwork and a single panel located on the bottom edge of the screen, from where the user can access the applications or interact with running programs.

Among the preinstalled apps, we can mention SciTE text editor, wxHexEditor hex editor, Wireshark network scanner, XMind mind mapping tool, SQLite database browser, Mozilla Firefox web browser, and LXMusic music player.

Bottom line

Summing up, REMnux is definitely not a Linux distribution for the regular user. It is based on an older, unsupported version of Ubuntu (11.10 - Oneiric Ocelot), but delivers a neat collection of other useful features that will help malware analysts to reverse-engineer malicious software.

REMnux was reviewed by , last updated on May 22nd, 2014

#malware analyzer #Linux distribution #operating system #malware #analyzer #Linux #distribution

Add your review!