πŸ“„
πŸ“„
πŸ“„
πŸ“„
REMnux Documentation
Search…
πŸ“„
πŸ“„
πŸ“„
πŸ“„
REMnux Documentation
REMnux: A Linux Toolkit for Malware Analysis
Install the Distro
Get the Virtual Appliance
Install from Scratch
Add to an Existing System
Run REMnux as a Container
Keep the Distro Up to Date
Discover the Tools
Examine Static Properties
Statically Analyze Code
Dynamically Reverse-Engineer Code
Perform Memory Forensics
Explore Network Interactions
Investigate System Interactions
Analyze Documents
Gather and Analyze Data
View or Edit Files
General Utilities
Run Tools in Containers
Docker Images of Malware Analysis Tools
Behind the Scenes
People
Technologies
License
Tips and More
REMnux Configuration Tips
REMnux Tool Tips
Malware Analysis Training
REMnux Website
Get Involved
Ask and Answer Questions
Write About the Tools
Add or Update Tools
Implement Enhancements
Powered By GitBook
Add to an Existing System
You can add REMnux to an existing system based on Ubuntu 20.04 by following instructions below. This configuration doesn't modify your system's look and feel, so you won't have the experience of the full REMnux environment. To the full experience, consider using the REMnux virtual appliance.
REMnux is based on an x86/amd64 version of Ubuntu, and won't run on an ARM processor such as Apple M1.

Step 1: Get the REMnux Installer

After logging into your existing system based on Ubuntu 20.04, download the REMnux installer:
1
wget https://REMnux.org/remnux-cli
Copied!
Validate that the SHA-256 hash of the downloaded file to make sure it matches this expected value:
1
23c7f4eefa7599ea2c4156f083906ea5fd99df18f306e4bb43eec0430073985a
Copied!
To generate the hash of your file, run:
1
sha256sum remnux-cli
Copied!
Set up the REMnux installer by running these commands:
1
mv remnux-cli remnux
2
chmod +x remnux
3
sudo mv remnux /usr/local/bin
Copied!
Before proceeding, make sure your system doesn't have an active Ubuntu unattended upgrade in progress. One way to do this is check whether the "unattended-upgrade" process is active (ps aux | grep unattended-upgrade.) If the upgrade is active, let it finish or disable it, then reboot the system before installing REMnux.

Step 3: Run the REMnux Installer

You're now ready to install the REMnux distro. To kick off the installation, run:
1
sudo remnux install --mode=addon
Copied!
The addon mode will avoid modifications that can modify the look and feel of your existing system. As a result, you won't get the experience of the standard REMnux environment..
The installation will take about an hour, depending on your resources and internet connection.
If the REMnux installer produces an error, diagnose the issue by reviewing the saltstack.log file under /var/cache/remnux/cli in the subdirectory that matches the REMnux state-files version you're installing. Search for the log file for result: false messages and look at the surrounding 5 lines or the 8 lines above each message to see the state file that caused the issue. (grep -i -C 5 'result: false' or grep -i -B 8 'result: false').

Step 4: Reboot the REMnux System

Once the REMnux installation finishes, reboot your new REMnux system by typing:
1
sudo reboot
Copied!
Login to your system to start benefiting from the tools that the REMnux distro includes.
To keep your REMnux environment up-to-date run the REMnux installer periodically as described in the Keep the Distro Up to Date section.

Step 5: Take a Snapshot of the Virtual Machine

If you installed REMnux inside a virtual machine, consider taking a snapshot of the VM, so you can return it to a known good state if the need arises.
Install the Distro - Previous
Install from Scratch
Next - Install the Distro
Run REMnux as a Container
Last modified 1mo ago
Copy link
Contents
Step 1: Get the REMnux Installer
Step 3: Run the REMnux Installer
Step 4: Reboot the REMnux System
Step 5: Take a Snapshot of the Virtual Machine