Description: REMnux is a lightweight Linux distribution for assisting malware analysts with reverse-engineering malicious software. Release 4 of this popular distro came out in April 2013. It incorporates several new tools useful for analyzing malware in this Ubuntu-based environment. Lenny Zeltser, who teaches the course FOR610: Reverse-Engineering Malware at SANS and maintains REMnux explains what's new in this release of the toolkit.
Lenny covers topics such as:
• Installing the REMnux virtual appliance using the OVF/OVA file, designed for improved compatibility with many virtualization tools, including VMware and VirtualBox.
• Nuanced differences between the updated and older versions of tools installed on REMnux, including Volatility, Firebug and Origami.
• New utilities for dealing with XOR-based obfuscation commonly employed by malware authors.
• New tools for statically examining Windows PE files, such as pev, ExeScan and autorule other newly-added utilities for malware analysis, including hack-functions and ProcDot
To learn more about SANS course FOR610: Reverse-Engineering Malware visit http://LearnREM.com. To check out REMnux, please see http://REMnux.org. For more useful forensics resources from SANS, see http://computer-forensics.sans.org.
For More Information please visit : - SANS Digital Forensics - https://www.youtube.com/channel/UCwSo89W3KgPrid41vskBDYA
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.