Information, tools and how-to's for the new intrusion analyst. Mentoring by blogging.
Friday, April 19, 2013
REMnux by Lenny Zeltser
Lenny Zeltser, a SANS instructor who, among others, teaches the FOR610 Reverse-Engineering Malware: Malware Analysis Tools and Techniques track has a Linux distribution called REMnux for assisting malware analysts. The tool could be helpful for intrusion analysts as well, as it includes programs to decode JavaScript, examine executables and analyze malicious documents including the PDF tools by Didier Stevens. The distro comes in .ova format for use in either VMWare or Virtual box or as a virtual appliance for VMWare Workstation only. You can download the tool and read about it at Lenny's site here. Lenny's blog is here for even more information on malware analysis.
Labels:
didier stevens,
lenny zeltser,
malicious documents,
malware analysis,
REMnux,
SANS
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment