πŸ“„
πŸ“„
πŸ“„
πŸ“„
REMnux Documentation
Search…
πŸ“„
πŸ“„
πŸ“„
πŸ“„
REMnux Documentation
REMnux: A Linux Toolkit for Malware Analysis
Install the Distro
Get the Virtual Appliance
Install from Scratch
Add to an Existing System
Run REMnux as a Container
Keep the Distro Up to Date
Discover the Tools
Examine Static Properties
Statically Analyze Code
General
Unpacking
PE Files
Python
Scripts
Java
.NET
Flash
Android
Dynamically Reverse-Engineer Code
Perform Memory Forensics
Explore Network Interactions
Investigate System Interactions
Analyze Documents
Gather and Analyze Data
View or Edit Files
General Utilities
Run Tools in Containers
Docker Images of Malware Analysis Tools
Behind the Scenes
People
Technologies
License
Tips and More
REMnux Configuration Tips
REMnux Tool Tips
Malware Analysis Training
REMnux Website
Get Involved
Ask and Answer Questions
Write About the Tools
Add or Update Tools
Implement Enhancements
Powered By GitBook
Unpacking
Statically Analyze Code

TrID

Identify file type using signatures.
Website: https://mark0.net/soft-trid-e.html Author: Marco Pontello License: Free, unknown license Notes: trid, tridupdate State File: remnux.tools.trid​

Bytehist

Generate byte-usage-histograms for all types of files with a focus PE files.
Website: https://www.cert.at/downloads/software/bytehist_en.html Author: Christian Wojner: https://twitter.com/Didelphodon License: ISC License: https://en.wikipedia.org/wiki/ISC_license Notes: bytehist State File: remnux.tools.bytehist​

ClamAV

Scan files for malware signatures.
Website: https://www.clamav.net Author: https://www.clamav.net/about License: GNU General Public License (GPL): https://www.clamav.net/about Notes: clamscan, freshclam State File: remnux.packages.clamav-daemon​

binwalk

Extract and analyze firmware images.
Website: https://github.com/ReFirmLabs/binwalk Author: Craig Heffner, ReFirmLabs License: IBM Public License, Common Public License, GNU General Public License (GPL) v2: https://www.sleuthkit.org/sleuthkit/licenses.php Notes: MIT License: https://github.com/ReFirmLabs/binwalk/blob/master/LICENSE State File: remnux.packages.binwalk​

UPX

Pack and unpack PE files.
Website: https://upx.github.io Author: Markus Oberhumer, Laszlo Molnar License: GNU General Public License (GPL): https://github.com/upx/upx/blob/master/LICENSE Notes: upx State File: remnux.packages.upx-ucl​
Previous
General
Next
PE Files
Last modified 7mo ago
Copy link
Contents
TrID
Bytehist
ClamAV
binwalk
UPX