Version 3 Release of the REMnux Linux Distro for Malware Analysis

This note was published in December 2011. A newer revision of the REMnux distro has been released since then.

I’m happy to announce the release of version 3 of the REMnux Linux distribution for reverse-engineering malware. This release incorporates many usability improvements, software updates and new tools to make the environment even more useful for analyzing malicious software.

REMnux is available as a VMware virtual appliance and as an ISO image of a Live CD. The easiest way to get started with and derive the most value from REMnux is to refer to the REMnux Usage Tips cheat sheet.

Here’s what’s new in REMnux v3:

REMnux was rebuilt to be based on Ubuntu 11.10 to improve maintainability, while maintaining backwards compatibility wherever practical.

The desktop environment on REMnux has been migrated to use LXDE for improved usability, while maintaining the lightweight nature of the distribution.

The malware analysis tools available in the earlier version of REMnux have been upgraded to the latest stable versions to provide the latest features and improvements. The most significant updates include:

REMnux includes several malware analysis tools that were not present in earlier versions of the distribution, including:

For more information about REMnux, including download instructions, please refer to the distribution’s official website. If you find REMnux useful, take a look at the reverse-engineering malware course I teach at SANS, which makes use of REMnux and various other tools.

A big thank you to the individuals who tested beta releases of REMnux v3. Thank you for lending your time and expertise to this project!


About the Author

Lenny Zeltser is a seasoned business and tech leader with extensive cybersecurity experience. He builds innovative endpoint defense solutions as VP of Products at Minerva Labs. Beforehand, he was responsible for security product management at NCR Corp. Lenny also trains incident response and digital forensics professionals at SANS Institute. An engaging presenter, he speaks at industry events, writes articles and has co-authored books. Lenny has earned the prestigious GIAC Security Expert designation, has an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania.

Learn more