10 years after the initial release of REMnux, I'm thrilled to announce that REMnux version 7 is now available. This Linux distribution for malware analysis includes hundreds of new and classic tools for examining executables, documents, scripts, and other forms of malicious code.
To start using REMnux v7, you can:
- Download REMnux as a virtual appliance
- Set up a dedicated REMnux system from scratch
- Add REMnux to an existing Ubuntu 18.04 host
- Run REMnux distro as a Docker container
What's New?
What's new in REMnux v7? Almost everything!
All the tools have been refreshed, some have been retired, and many new ones were added to the distro. Browse the expanded, categorized listing of the tools to get a sense for what you can do with REMnux and learn about the tools' authors. For a quick glance, check out the one page summary.
Revamped REMnux documentation provides an extensive, categorized listing of the installed malware analysis tools, and lists their authors, websites, and license details.
Behind the Scenes
REMnux been fully rebuilt to help stay up-to-date with the rapid pace of today's tool releases. To achieve this, the distro now uses SaltStack behind the scenes for automating the installation and configuration of software. You can read about the REMnux building blocks to learn more.
The new architecture also makes it easier for community members to contribute tools and revisions.
The revamped documentation not only helps you get started with REMnux and become familiar with its tools, but also explains the distro's building blocks for those who want to peek behind the scenes.
Thanks
Thank you to to everyone who's helped with this REMnux release, including those who've contributed and revised scripts and those who've tested and fine-tuned beta versions of the distro.
Thank you to the authors of the tools that comprise REMnux, without whom we'd still be stuck analyzing malware with nothing more than pen and paper. I've seen the availability and maturity of such tools blossom in the past decade. We have a much easier job examining malware because these people decided to freely share their time and expertise with the community.
Thank you to Erik Kristensen, who designed the new SaltStack-based architecture and assisted with REMnux setup and advice.
And thank you to Corey Forman, who became involved with REMnux in a major way by creating and adjusting Salt state files, revising scripts, updating Docker images, offering advice, sharing expertise, and motivating me to complete this release.
Video Overview of REMnux v7
I recorded a 1-hour video to showcase the new capabilities of REMnux v7 and walk you through an example of using some of the tools included in the distro to begin analyzing a malicious executable. Here is the video. You can also download my slides.