REMnux, an Ubuntu Fork to Reverse Engineer Malware

REMnux is a nifty security tool based on Ubuntu. It is essentially a stripped down version of Ubuntu to create a sandbox environment and test for exploits remotely. The  official website defines REMnux as,

REMnux is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software. The distribution is based on  Ubuntu and is maintained by Lenny Zeltser.

REMnux comes pre-loaded with an array of security related tools to check network activity, check memory activity and to debug and understand code execution.

The features of REMnux are best explained as,

REMnux is also useful for analyzing web-based malware, such as malicious JavaScript, Java programs, and Flash files. It also has tools for  analyzing malicious documents, such as Microsoft Office and Adobe PDF files, and utilities for reversing malware through memory forensics. In these cases, malware may be loaded onto REMnux and analyzed directly on the REMnux system without requiring other systems to be present in the lab.

Setting up of virtual environments is an essential step in checking security hacks and REMnux does exactly that. The download is a VMware virtual machine file, which is actually a stripped down version of Ubuntu. Adobe and JavaScript vulnerability scanning tools are available by default making this an excellent tester for browser security.

Try REMnux  here.

Published by

Chinmoy Kanjilal

Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. He rants occasionally at You can connect with him on Twitter @ckandroid.

  • Paul

    REMnux and Ubuntu are the answer even for malware for windows!

    • no. They can be used to test network vulnerabilities and browser vulnerabilities.