Download the new version of REMnux from its main page as a virtual appliance and/or as a Live CD. Here're the quick highlight of the tools it supports.
Malicious Websites Analysis:
- Updated version of Jsunpack-n (proxy support, encrypted PDF handling)
- Includes Stunnel (for interception of SSL sessions)
- Includes RABCDAsm toolkit for RE malicious Flash (SWF) programs.
- Includes tor and torsocks (for anonymizing interactions with suspicious websites)
- Includes Burp Suite Free Edition.
Memory Forensics:
- Updated Volatility memory forensics framework to version 1.4 RC 1 (support Vista and 7).
- Includes AESKeyFinder and RSAKeyFinder tools (for finding AES and RSA keys in a memory image).
Others:
- Includes pyOLEScanner.py (for analysis of malicious Microsoft Office documents).
- Includes libemu library to obtain the “sctest” tool (for shellcode analysis).
- Added the “whois” utility.
- Added xortools.py and pescanner.py tools (from Malware Analyst’s Cookbook).
- Installed VBinDiff for viewing and comparing files.
- Installed ircII to supplement the Irssi IRC client.
- Added the VirusTotal VTzilla Firefox extension.
- Added md5deep to assist with hash calculating-operations.
- Added ClamAV for manually scanning suspicious files and generating signatures.