REMnux is an open source and lightweight Linux operating system specially designed for assisting malware analysts in reverse-engineering malicious software.
[REMnux is an operating system designed for running services that are useful to emulate within an isolated laboratory environment when performing behavioral malware analysis.
What's New in This Release: [ read full changelog ]
Key updates to existing tools and components:
· Core system: Upgraded the underlying Ubuntu OS components and packages; increased default RAM of the virtual appliance to 512MB; replaced OpenJDK with Oracle Java 7 runtime.
· Memory analysis: Updated Volatility to version 2.2.
· PDF analysis: Updated pdfid and pdf-parser, Origami, peepdf
· Web analysis: Updated SWFTools, V8, libemu, NetworkMiner, Burp Proxy, Wireshark, Firefox and its add-ons.
· Other changes: Updated xorsearch, DensityScout, Pyew, passive-dns, ClamAV, capabilities.yara; replaced FreeMind with XMind
New tools added to REMnux:
· Windows tools: Installed Wine; added OfficeMalScanner, Malzilla
· XOR analysis: Added NoMoreXOR, brutexor, XORBruteForcer
· PE file analysis: Added pev, dism-this, ExeScan, udis86 (udcli), autorule (/usr/local/autorule), distool
· Other file analysis: Added extract_swf.py, ExifTool, MASTIFF
· Other additions: Added hack-functions (/usr/local/hack-functions), bulk_extractor, ProcDot