REMnux, an Ubuntu Fork to Reverse Engineer Malware

REMnux is a nifty security tool based on Ubuntu. It is essentially a stripped down version of Ubuntu to create a sandbox environment and test for exploits remotely. The  official website defines REMnux as,

REMnux is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software. The distribution is based on  Ubuntu and is maintained by Lenny Zeltser.

REMnux comes pre-loaded with an array of security related tools to check network activity, check memory activity and to debug and understand code execution.

The features of REMnux are best explained as,

REMnux is also useful for analyzing web-based malware, such as malicious JavaScript, Java programs, and Flash files. It also has tools for  analyzing malicious documents, such as Microsoft Office and Adobe PDF files, and utilities for reversing malware through memory forensics. In these cases, malware may be loaded onto REMnux and analyzed directly on the REMnux system without requiring other systems to be present in the lab.

Setting up of virtual environments is an essential step in checking security hacks and REMnux does exactly that. The download is a VMware virtual machine file, which is actually a stripped down version of Ubuntu. Adobe and JavaScript vulnerability scanning tools are available by default making this an excellent tester for browser security.

Try REMnux  here.

2 thoughts on “REMnux, an Ubuntu Fork to Reverse Engineer Malware”

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>