The REMnux® distribution includes many free tools useful for examining malicious software. These utilities are set up and tested to make it easier for you to perform malware analysis tasks without needing to figure out how to install them. The majority of these tools are listed below.

For more details, including each tool’s description and source, see the XLSX spreadsheet or the XMind-formatted mind map. You can also get an overview of the key tools and commands on the REMnux cheat sheet.

Examine Browser Malware

Examine Document Files

Extract and Decode Artifacts

Handle Network Interactions

Process Multiple Samples

Examine File Properties and Contents

Investigate Linux Malware

Edit and View Files

Examine Memory Snapshots

Statically Examine PE Files

Investigate Mobile Malware

Perform Other Tasks

Install Additional Tools

  • Metasploit Framework is not installed on REMnux; however, you can run it as a Docker container if the need arises.

  • WIPSTER offers a web-based interface to several REMnux tools. You can easily install WIPSTER on REMnux by running the command install-wipster.

  • BinNavi is a tool for statically examining disassembled code. You can install it on REMnux by running the command install-binnavi.