Examine Static Properties


Identify file type using signatures.

Website: Author: Marco Pontello License: Free, unknown license Notes: trid, tridupdate State File:

Yara Rules

Statically scan a file to identify common malicious capabilities.

Website: Author: A group of IT security researchers: License: GNU General Public License (GPL) v2: Notes: To scan a file using these rules, you can use the wrapper around Yara: yara-rules FILE, where FILE is the path to the file you wish to scan. State File:


Tool to read from, write to, and edit EXIF metadata of various file types

Website: Author: Phil Harvey License: "This is free software; you can redistribute it and/or modify it under the same terms as Perl itself": Notes: exiftool State File: remnux.perl-packages.exiftool


Perform static analysis of Android applications.

Website: Author: cryptax License: MIT License: Notes: droidlysis State File: remnux.python3-packages.droidlysis

Analyze zip-compressed files.

Website: Author: Didier Stevens: License: Public Domain State File: remnux.scripts.zipdump

Convert decimal numbers to strings.

Website: Author: Didier Stevens: License: Public Domain State File: remnux.scripts.numbers-to-string


Manipulate embedded digital signatures.

Website: Author: Didier Stevens License: Public Domain Notes: State File: remnux.scripts.disitool

Hash ID

Identify dfferent types of hashes.

Website: Author: Zion3R License: GNU General Public License (GPL) v3 Notes: State File: remnux.scripts.hash-identifier


Find patterns of common encryption, compression, or encoding algorithms

Website: Author: Luigi Auriemma License: Free, unknown license State File: remnux.packages.signsrch


Compute Context Triggered Piecewise Hashes (CTPH), also known as fuzzy hashes.

Website: Author: Jesse Kornblum, Helmut Grohne, Tsukasa OI License: GNU General Public License (GPL) v2: State File: remnux.packages.ssdeep


Compress and decompress files using a variety of algorithms.

Website: Author: Igor Pavlov License: GNU Lesser General Public License (LGPL) Notes: 7z, 7za, 7zr State File: remnux.packages.7zip


Hex editor

Website: Author: Unknown License: GNU General Public License (GPL) v2: State File: remnux.packages.wxhexeditor


Scan files for malware signatures.

Website: Author: License: GNU General Public License (GPL): Notes: clamscan, freshclam State File: remnux.packages.clamav-daemon


Extract interesting strings from binary files.

Website: Author: License: Portions Public Domain, portions MIT License: State File: remnux.packages.bulk-extractor


View, edit, and carve contents of various binary file types.

Website: Author: License: GNU General Public License (GPL) v2: Notes: hachoir-grep, hachoir-metadata, hachoir-strip, hachoir-wx State File: remnux.python3-packages.hachoir

Sleuth Kit

Analyze disk images and recover files from them.

Website: Author: Brian Carrier, and others License: IBM Public License, Common Public License, GNU General Public License (GPL) v2: Notes: For a listing of commands, see State File: remnux.packages.sleuthkit


Identify file type using "magic" numbers.

Website: Author: Ian F. Darwin, Christos Zoulas License: BSD 2-Clause "Alike" License: State File: remnux.packages.file