Version 7 of the REMnux Distro Is Now Available
2020-07-22 22:51:50 Author:查看原文) 阅读量:87 收藏

10 years after the initial release of REMnux, I’m thrilled to announce that REMnux version 7 is now available. This Linux distribution for malware analysis includes hundreds of new and classic tools for examining executables, documents, scripts, and other forms of malicious code.

To start using REMnux v7, you can:

What’s New?

What’s new in REMnux v7? Almost everything!

All the tools have been refreshed, some have been retired, and many new ones were added to the distro. Browse the expanded, categorized listing of the tools to get a sense for what you can do with REMnux and learn about the tools’ authors. For a quick glance, check out the one page summary.

Revamped REMnux documentation provides an extensive, categorized listing of the installed malware analysis tools, and lists their authors, websites, and license details.

Behind the Scenes

REMnux been fully rebuilt to help stay up-to-date with the rapid pace of today’s tool releases. To achieve this, the distro now uses SaltStack behind the scenes for automating the installation and configuration of software. You can read about the REMnux building blocks to learn more.

The new architecture also makes it easier for community members to contribute tools and revisions.

The revamped documentation not only helps you get started with REMnux and become familiar with its tools, but also explains the distro’s building blocks for those who want to peek behind the scenes.


Thank you to to everyone who’s helped with this REMnux release, including those who’ve contributed and revised scripts and those who’ve tested and fine-tuned beta versions of the distro.

Thank you to the authors of the tools that comprise REMnux, without whom we’d still be stuck analyzing malware with nothing more than pen and paper. I’ve seen the availability and maturity of such tools blossom in the past decade. We have a much easier job examining malware because these people decided to freely share their time and expertise with the community.

Thank you to Erik Kristensen, who designed the new SaltStack-based architecture and assisted with REMnux setup and advice.

And thank you to Corey Forman, who became involved with REMnux in a major way by creating and adjusting Salt state files, revising scripts, updating Docker images, offering advice, sharing expertise, and motivating me to complete this release.

Video Overview of REMnux v7

I recorded a 1-hour video to showcase the new capabilities of REMnux v7 and walk you through an example of using some of the tools included in the distro to begin analyzing a malicious executable. Here is the video. You can also download my slides.

Updated August 8, 2020

About the Author

Lenny Zeltser develops teams, products, and programs that use information security to achieve business results. He is presently the CISO at Axonius and an author and instructor at SANS Institute. Over the past two decades, Lenny has been leading efforts to establish resilient security practices and solve hard security problems. As a respected author and speaker, he has been advancing cybersecurity tradecraft and contributing to the community. His insights build upon 20 years of real-world experiences, a Computer Science degree from the University of Pennsylvania, and an MBA degree from MIT Sloan.

Learn more