REMnux® offers a curated collection of free tools for reverse-engineering or otherwise analyzing malicious software. How to find the right tool for the job, given how many useful utilities come as part of the distro?

To guide you through the process of examining malware, REMnux documentation lists the installed tools by category. Each grouping, which you’ll find in the Discover the Tools section of the documentation site, represents the type of actions the analysts might need to take:

In addition to providing numerous tools as part of the REMnux distro, the project also offers several malware analysis tools as Docker images. These will let you deobfuscate JavaScript and data, analyze websites, decompile executables, perform memory forensics, and more.

For another perspective on the REMnux tools you can use for examining malicious software, see the one-page REMnux Usage Tips cheat sheet.

To learn about the analysis workflow within which you can use these tools, take a look at my article Mastering 4 Stages of Malware Analysis.

Updated October 13, 2020

About the Author

Lenny Zeltser develops teams, products, and programs that use information security to achieve business results. He is presently the CISO at Axonius and an author and instructor at SANS Institute. Over the past two decades, Lenny has been leading efforts to establish resilient security practices and solve hard security problems. As a respected author and speaker, he has been advancing cybersecurity tradecraft and contributing to the community. His insights build upon 20 years of real-world experiences, a Computer Science degree from the University of Pennsylvania, and an MBA degree from MIT Sloan.

Learn more