REMnux Usage Tips for Malware Analysis on Linux

This cheat sheet outlines the tools and commands for analyzing malware using the REMnux v7 Linux distribution. To print, use the one-page PDF version; you can also edit the Word version for you own needs.

Get Started with REMnux

Operate Your REMnux System

Shut down the systemshutdown
Reboot the systemreboot
Switch to a root shellsudo -s
Renew DHCP leaserenew-dhcp
See current IP addressmyip
Edit a text filecode file
View an image filefeh file
Start web serverhttpd start
Start SSH serversshd start

Analyze Windows Executables

Reverse-Engineer Linux Binaries

Investigate Other Forms of Malicious Code

Examine Suspicious Documents

Explore Network Interactions

Gather and Analyze Data

Other Analysis Tasks

Use Docker Containers for Analysis

  • Thug Honeyclient: remnux/thug
  • JSDetox JavaScript Analysis: remnux/jsdetox
  • Rekall Memory Forensics: remnux/recall
  • RetDec Decompiler: remnux/retdec
  • Radare2 Reversing Framework: remnux/radare2
  • Ciphey Automatic Decrypter: remnux/ciphey
  • Viper Binary Analysis Framework: remnux/viper

Interact with Docker Images

List local imagesdocker images
Update local imagedocker pull image
Delete local imagedocker rmi imageid
Delete unused resourcesdocker system prune
Open a shell inside a transient containerdocker run --rm -it image bash
Map a local TCP port 80 to container's port 80docker run --rm -it -p 80:80 image bash
Map your current directory into containerdocker run --rm -it -v .:dirimage bash

This cheat sheet for REMnux is distributed according to the Creative Commons v3 "Attribution" License.


About the Author

I transform ideas into successful outcomes, building on my 25 years of experience in cybersecurity. As the CISO at Axonius, I lead the security program to earn customers' trust. I'm also a Faculty Fellow at SANS Institute, where I author and deliver training for incident responders. My expertise, which spans cybersecurity, IT, and leadership, allows me to create practical security solutions that drive business growth.

Learn more