# Unpacking

## TrID

Identify file type using signatures.

**Website**: <https://mark0.net/soft-trid-e.html>\
**Author**: Marco Pontello\
**License**: Free, unknown license\
**Notes**: trid, tridupdate\
**State File**: [remnux.tools.trid](https://github.com/REMnux/salt-states/blob/master/remnux/tools/trid.sls)

## Bytehist

Generate byte-usage-histograms for all types of files with a focus on PE files.

**Website**: <https://www.cert.at/downloads/software/bytehist_en.html>\
**Author**: Christian Wojner: <https://x.com/Didelphodon>\
**License**: ISC License: <https://en.wikipedia.org/wiki/ISC_license>\
**Notes**: bytehist\
**State File**: [remnux.tools.bytehist](https://github.com/REMnux/salt-states/blob/master/remnux/tools/bytehist.sls)

## ClamAV

Scan files for malware signatures.

**Website**: <https://www.clamav.net>\
**Author**: <https://www.clamav.net/about>\
**License**: GNU General Public License (GPL): <https://www.clamav.net/about>\
**Notes**: clamscan, freshclam\
**State File**: [remnux.packages.clamav-daemon](https://github.com/REMnux/salt-states/blob/master/remnux/packages/clamav-daemon.sls)

## binwalk

Extract and analyze firmware images.

**Website**: <https://github.com/ReFirmLabs/binwalk>\
**Author**: Craig Heffner, ReFirmLabs\
**License**: MIT License: <https://github.com/ReFirmLabs/binwalk/blob/master/LICENSE>\
**State File**: [remnux.packages.binwalk](https://github.com/REMnux/salt-states/blob/master/remnux/packages/binwalk.sls)

## UPX

Pack and unpack PE files.

**Website**: <https://upx.github.io>\
**Author**: Markus Oberhumer, Laszlo Molnar\
**License**: GNU General Public License (GPL): <https://github.com/upx/upx/blob/master/LICENSE>\
**Notes**: upx\
**State File**: [remnux.packages.upx-ucl](https://github.com/REMnux/salt-states/blob/master/remnux/packages/upx-ucl.sls)