π
π
π
π
REMnux Documentation
Searchβ¦
π
π
π
π
REMnux Documentation
REMnux: A Linux Toolkit for Malware Analysis
Install the Distro
Get the Virtual Appliance
Install from Scratch
Add to an Existing System
Run REMnux as a Container
Keep the Distro Up to Date
Discover the Tools
Examine Static Properties
Statically Analyze Code
Dynamically Reverse-Engineer Code
General
Shellcode
Scripts
ELF Files
Perform Memory Forensics
Explore Network Interactions
Investigate System Interactions
Analyze Documents
Gather and Analyze Data
View or Edit Files
General Utilities
Run Tools in Containers
Docker Images of Malware Analysis Tools
Behind the Scenes
People
Technologies
License
Tips and More
REMnux Configuration Tips
REMnux Tool Tips
Malware Analysis Training
REMnux Website
Get Involved
Ask and Answer Questions
Write About the Tools
Add or Update Tools
Implement Enhancements
Powered By
GitBook
Scripts
Dynamically Reverse-Engineer Code
SpiderMonkey (Patched)
Execute and deobfuscate JavaScript using a patched version of Mozilla's standalone JavaScript engine.
Website
:
https://blog.didierstevens.com/2018/04/19/update-patched-spidermonkey/
Author
: SpiderMonkey by Mozilla Foundation, patched by Didier Stevens:
https://twitter.com/DidierStevens
License
: Mozilla Public License 2.0:
https://github.com/mozilla/treeherder/blob/master/LICENSE.txt
Notes
: js-ascii, js-file
State File
:
remnux.tools.js-patched
β
objects.js
Emulate common browser and PDF viewer objects, methods, and properties when deobfuscating JavaScript.
Website
:
https://github.com/REMnux/salt-states/blob/master/remnux/config/objects/objects.js
Author
: Lenny Zeltser
License
: Public Domain
Notes
: The file is in /usr/local/share/remnux
State File
:
remnux.config.objects.init
β
STPyV8
Python3 and JavaScript interop engine, fork of the original PyV8 project
Website
:
https://github.com/area1/stpyv8
Author
: Area1 Security
License
: Apache License 2.0:
https://github.com/area1/stpyv8/blob/master/LICENSE.txt
State File
:
remnux.python3-packages.stpyv8
β
JStillery
Deobfuscate JavaScript scripts using AST and Partial Evaluation techniques.
Website
:
https://github.com/mindedsecurity/jstillery
Author
: Stefano Di Paola, Minded Security:
http://www.mindedsecurity.com
License
: GNU General Public License (GPL) v3:
https://github.com/mindedsecurity/JStillery/blob/master/LICENSE
Notes
: jstillery
State File
:
remnux.node-packages.jstillery
β
box-js
Analyze suspicious JavaScript scripts.
Website
:
https://github.com/CapacitorSet/box-js
Author
: CapacitorSet
License
: MIT License:
https://github.com/CapacitorSet/box-js/blob/master/LICENSE
Notes
: box-js, box-export
State File
:
remnux.node-packages.box-js
β
SpiderMonkey
Execute and deobfuscate JavaScript using Mozilla's standalone JavaScript engine.
Website
:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey
Author
: Mozilla Foundation
License
: Mozilla Public License 2.0:
https://github.com/mozilla/treeherder/blob/master/LICENSE.txt
Notes
: js
State File
:
remnux.packages.spidermonkey
β
Rhino Debugger
GUI JavaScript debugger
Website
:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/Rhino/Debugger
Author
: Mozilla Project
License
: Mozilla Public License v2.0:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/Rhino/License
Notes
: rhino-debugger
State File
:
remnux.packages.rhino
β
PowerShell Core
Run PowerShell scripts and commands.
Website
:
https://github.com/powershell/powershell
Author
: Microsoft Corporation
License
: MIT License:
https://github.com/PowerShell/PowerShell/blob/master/LICENSE.txt
Notes
: pwsh
State File
:
remnux.packages.powershell
β
Previous
Shellcode
Next
ELF Files
Last modified
1mo ago
Copy link
Contents
SpiderMonkey (Patched)
objects.js
STPyV8
JStillery
box-js
SpiderMonkey
Rhino Debugger
PowerShell Core