Friday, April 19, 2013

REMnux by Lenny Zeltser

Lenny Zeltser, a SANS instructor who, among others, teaches the FOR610 Reverse-Engineering Malware: Malware Analysis Tools and Techniques track has a Linux distribution called REMnux for assisting malware analysts. The tool could be helpful for intrusion analysts as well, as it includes programs to decode JavaScript, examine executables and analyze malicious documents including the PDF tools by Didier Stevens. The distro comes in .ova format for use in either VMWare or Virtual box or as a virtual appliance for VMWare Workstation only. You can download the tool and read about it at Lenny's site here. Lenny's blog is here for even more information on malware analysis.

No comments:

Blog Archive