📄
REMnux Documentation
  • REMnux: A Linux Toolkit for Malware Analysis
  • Install the Distro
    • Get the Virtual Appliance
    • Install from Scratch
    • Add to an Existing System
    • Run REMnux as a Container
    • Keep the Distro Up to Date
  • Discover the Tools
    • Examine Static Properties
      • General
      • PE Files
      • ELF Files
      • .NET
      • Deobfuscation
    • Statically Analyze Code
      • General
      • Unpacking
      • PE Files
      • Python
      • Scripts
      • Java
      • .NET
      • Flash
      • Android
    • Dynamically Reverse-Engineer Code
      • General
      • Shellcode
      • Scripts
      • ELF Files
    • Perform Memory Forensics
    • Explore Network Interactions
      • Monitoring
      • Connecting
      • Services
    • Investigate System Interactions
    • Analyze Documents
      • General
      • PDF
      • Microsoft Office
      • Email Messages
    • Gather and Analyze Data
    • View or Edit Files
    • General Utilities
  • Run Tools in Containers
    • Docker Images of Malware Analysis Tools
  • Behind the Scenes
    • People
    • Technologies
      • SaltStack Management
      • REMnux Installer
      • State Files Without the REMnux Installer
      • Debian Packages
      • Website and Docs
    • License
  • Tips and More
    • REMnux Configuration Tips
    • REMnux Tool Tips
    • Malware Analysis Training
    • REMnux Website
  • Get Involved
    • Ask and Answer Questions
    • Write About the Tools
    • Add or Update Tools
      • Contribute a Salt State File
      • Contribute a Debian Package
      • Contribute a Dockerfile
    • Implement Enhancements
Powered by GitBook
On this page
  • Local Interactive Shell
  • SSH and Graphical Interface Access
  1. Install the Distro

Run REMnux as a Container

PreviousAdd to an Existing SystemNextKeep the Distro Up to Date

Last updated 7 months ago

You can run the REMnux distro as a container by using a prebuilt image, hosted in .

Local Interactive Shell

If you have Docker installed, you can start the REMnux distro container in interactive mode, as explained below. The following command will automatically download the distro image (approximately 4 GB) if your system doesn't already have it.

To run the REMnux version built on top of Ubuntu 20.04 (Focal):

docker run --rm -it -u remnux remnux/remnux-distro:focal bash

To map a local directory into the container's /home/remnux/files directory, you could use a command like this by supplying the appropriate directory name like this:

docker run --rm -it -u remnux -v <local_directory>:/home/remnux/files remnux/remnux-distro bash

The --rm parameter above directs Docker to create a transient container, which will stop running after you exit the shell. To keep the container active in the background even after you exit, don't supply --rm.

SSH and Graphical Interface Access

To access the REMnux distro container using SSH, you can invoke it by mapping your system's TCP port 22 to the container's internal TCP port 22. One way to do this is to use the following command, which will open the SSH listener and run the container in the background.

To run the REMnux version built on top of Ubuntu 20.04 (Focal):

docker run -d -p 22:22 remnux/remnux-distro:focal

Once you connected to your REMnux container using SSH, you can access the REMnux graphical interface by .

For more details about Docker images available as part of the REMnux toolkit, see .

Docker
the REMnux repository on Docker Hub
Docker Images of Malware Analysis Tools
tunneling the GUI through SSH