REMnux rarrabawa da aka mai da hankali akan binciken malware dangane da Ubuntu

Darkcrizt

4 minti

'Yan kwanaki da suka gabata sabon sigar rarraba Linux "REMnux 7.0" ya fito kuma wanda ke zuwa bayan shekaru biyar bayan fitowar fitowar ta ƙarshe.

Wannan rarraba An tsara shi don yin nazari da kuma juya lambar injiniyar shirye-shiryen ƙeta. A cikin aikin bincike, REMnux yana ba da izini samar da keɓaɓɓiyar yanayin lab wanda zaku iya yin koyi da aikin takamaiman sabis ɗin cibiyar sadarwar da aka kai hari don nazarin halayen malware a cikin yanayin kusa da ainihin.

Wani yanki na aikace-aikace na REMnux yana nazarin kadarorin shigarwar ɓarna a cikin gidan yanar sadarwar JavaScript.

Game da REMnux

Rarrabawar ya dogara da Ubuntu 18.04 kuma yana amfani da yanayin mai amfani da LXDE. Rarrabawa ya haɗa da ingantaccen zaɓi na kayan aiki don nazarin malware, abubuwan amfani don lambar injiniyan baya, shirye-shirye don nazarin PDF da takaddun ofis da aka gyara, da kayan aikin kulawa da ayyukan tsarin.

Daga kayan aikin da wannan rarraba yake dasu, za mu iya samun wadannan:

Binciken yanar gizo

Wannan sashin ya hada da wadannan kayan aikin: Thug, mitmproxy, Network Miner Free Edition, curl, Wget, Burp Proxy Free Edition, Automater, pdnstool, Tor, tcpextract, tcpflow, passive.py, CapTipper, yaraPcap.py.

Binciken fim ɗin Flash

Wannan sashin ya hada da kayan aikin masu zuwa: xxxswf, SWF Tools, RABCDAsm, extract_swf, Flare.

Binciken Java

Wannan bangare ya hada da wadannan kayan aikin: Java Cache IDX Parser, JD-GUI Java Decompiler, JAD Java Decompiler, Javassist, CFR.

Rubutun JavaScript

Wannan bangare ya hada da wadannan kayan aikin: Rhino Debugger, ExtractScripts, SpiderMonkey, V8, JS Beautifier.

Binciken PDF

Wannan bangare ya hada da wadannan kayan aikin: AnalyzePDF, Pdfobjflow, pdfid, pdf-parser, peepdf, Origami, PDF X-RAY Lite, PDFtk, swf_mastah, qpdf, pdfresurrect.

Binciken Microsoft Office

ofishin parser, pyOLEScanner.py, oletools, libolecf, oledump, emldump, MSGConvert, base64dump.py, unicode.

Binciken Shellcode

sctest, unicode2hex-ya tsere, unicode2raw, dism-wannan, shellcode2exe.

Lambar da aka kafe

unXOR, XORStrings, ex_pe_xor, XORSearch, brxor.py, xortool, NoMoreXOR, XORBruteForcer, Babbler, FLOSS.

Kirtani data hakar

strdeobj, pestr, kirtani.

Mayar da fayil

Mafi mahimmanci, Fatar kan mutum, mai girma_extractor, Hachoir.

Kula da ayyukan cibiyar sadarwa

Wireshark, ngrep, TCPDump, tcpick.

Nazarin zubar da ƙwaƙwalwar ajiya

Tsarin Volatility, findaes, AESKeyFinder, RSAKeyFinder, VolDiff, Rekall, linux_mem_diff_tool.

Ana duba fayilolin zartarwa na PE

UPX, Bytehist, Density Scout, PackerID, objdump, Udis86, Vivisect, Signsrch, Pescanner, ExeScan, pev, Peframe, pedump, Bokken, RATDecoders, Py, readpe.py, PyInstaller Extractor, DC3-MWCP.

Ayyukan cibiyar sadarwa

FakeDNS, Nginx, fakeMail, Honeyd, INetSim, Inspire IRCd, OpenSSH, karɓar-duk-ips.

Kayan aikin hanyar sadarwa

prettyping.sh, set-tsaye-ip, sabunta-dhcp, Netcat, EPIC IRC Abokin ciniki, damuwa, Just-Metadata.

Daga sauran kayan aikin da aka hada

  • Yin aiki tare da tarin samfuran malware: Maltrieve, Ragpicker, Viper, MASTIFF, Density Scout.
  • Bayanin sa hannu: YaraGenerator, IOCextractor, Autorule, Editan Mulki, ioc-parser.
  • Duba: Yara, ClamAV, TrID, ExifTool, ƙaddamar da miji, Disitool.
  • Aiki tare da zane: nsrllookup, Automater, Hash Identifier, totalhash, ssdeep, virustotal-search, VirusTotalApi.
  • Binciken Malware na Linux: Sysdig da Unhide.
  • Mazauni: Vivisect, Udis86, objdump.
  • Tsarin bin sawu: matsi da ltrace.
  • Bincika: Radare 2, Pyew, Bokken, m2elf, ELF Parser.
  • Aiki tare da bayanan rubutu: SciTE, Geany da Vim.
  • Yin aiki tare da hotuna: feh da ImageMagick.
  • Aiki tare da fayilolin binary: wxHexEditor da VBinDiff.
  • Binciken Malware don na'urorin hannu: Androwarn da AndroGuard.

Menene sabo a ciki REMnux 7.0?

Daga cikin manyan canje-canje waɗanda aka gabatar a cikin wannan sabon sigar rarraba, ɗayansu shine canjin zuwa fasalin LTS na Ubuntu 18.04 tare da wanda rarrabawa a cikin wannan isarwar an sake tsara shi daga ƙasa har zuwa sama kuma ba kawai haɓaka tushe bane.

Bayan haka a cikin sabon sigar, duk kayan aikin da aka bayar an sabunta su don haka an fadada kunshin rarrabawa sosai (girman hoton masarrafar kamala ya ninki biyu).

Hakanan an sabunta takardun REMnux don samar wa masu amfani da jerin kayan aiki masu yawa da yawa, tare da cikakkun bayanai game da marubutan su, lasisi, da shafin gida.

Saukewa

Ga waɗanda suke da sha'awar iya gwada wannan rarrabuwa, za su iya samun hoton tsarin daga gidan yanar gizon hukuma.

Haɗin haɗin shine wannan.


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.