Popular Linux-Based Toolkit REMnux Version 7 Now Available

Bethesda, MD; July 22, 2020

SANS Digital Forensics and Incident Response (DFIR), a curriculum focus area of SANS Institute, today announces the availability of version 7 of the REMnux® toolkit for malware analysis, founded and primarily maintained by Lenny Zeltser, SANS Faculty Fellow and course author. Updates to the REMnux toolkit will be shared and discussed by Lenny Zeltser in a SANS webcast on July 28.

REMnux is a popular Linux-based toolkit for reverse-engineering REMnux Version 7 which malware analysts have been relying on for more than 10 years to help them quickly investigate suspicious programs, websites, and document files.

As the security industry matures, it becomes harder to keep track of all the tools that are available to assist with the variety of tasks that malware analysts, incident responders, and forensic investigators face. REMnux makes hundreds of free tools, all contributed by the community, available to analysts without having to discover, install, and configure them

The new REMnux Version 7 refreshes its curated collection of tools to include the latest versions of the utilities useful for tasks such as:

  • Examining suspicious executables, documents, and other artifacts
  • Dynamically reverse-engineering malicious code
  • Performing memory forensics on an infected system
  • Exploring network and system interactions for behavioral analysis
  • Analyzing malicious documents

“I’m very excited about releasing the new version of REMnux,” exclaimed Lenny Zeltser, the founder and primary maintainer of the toolkit. “I’d like to extend a big thank you to all the authors of the tools that comprise the REMnux distro, without whom we’d be stuck analyzing malware with pen and paper. Also, I’m grateful to Corey Forman and Erik Kristensen who’ve contributed their time and expertise to this REMnux release. And thank you to REMnux beta testers for providing feedback, fixes, and advice.”

Many of the tools available in REMnux are discussed and used in the SANS course FOR610: Reverse Engineering Malware, for which Lenny Zeltser is also the primary author.

Download the free REMnux toolkit at https://remnux.org/

Webcast Details

How has REMnux evolved in the decade of its existence, and what’s new and exciting in Version 7? How can you set it up and start benefiting from the hundreds of malware analysis tools that it includes? Learn what’s new in REMnux v7 from the founder and primary maintainer Lenny Zeltser in a SANS webcast on Tuesday, July 28 at 10:30 a.m. EDT (14:30 UTC). Register for the webcast at https://www.sans.org/webcasts/113390