REMnux ukuhanjiswa kugxile kuhlalutyo lwe-malware olusekwe kwi-Ubuntu

Darkcrizt

Imizuzu ye4

Zimbalwa iintsuku ezidlulileyo Inguqulelo entsha yokusasazwa kweLinux "REMnux 7.0" yakhululwa nefika kwiminyaka emihlanu emva kokupapashwa kopapasho lokugqibela.

Olu lwabiwo yenzelwe ukufunda kunye nokubuyisela umva ikhowudi yeprogram ekhohlakeleyo yobunjineli. Kwinkqubo yohlalutyo, i-REMnux ivumela ukubonelela ngemeko-bume yelabhoratri eyodwa apho unokulinganisa ukusebenza kwenkonzo ethile yenethiwekhi ehlaselweyo ukufunda indlela yokuziphatha kwe-malware kwiimeko ezikufutshane nezokwenyani.

Enye indawo yesicelo se-REMnux ifunda iipropathi zokufakwa okungalunganga kwiiwebhusayithi zeJavaScript.

Malunga REMnux

Ukuhanjiswa kusekwe kwi-Ubuntu 18.04 kwaye isebenzisa imeko-bume yomsebenzisi we-LXDE. Ukuhanjiswa ibandakanya ukhetho olubanzi ngokufanelekileyo lwezixhobo zohlalutyo lwe-malware, izinto eziluncedo zokubuyisela umva ikhowudi yobunjineli, iinkqubo zokufunda iiPDF kunye namaxwebhu eofisi alungiswa ngabaduni, kunye nezixhobo zokujonga umsebenzi wenkqubo.

Kwizixhobo olunaso olu nikezelo, sinokufumana oku kulandelayo:

Uhlalutyo lwewebhusayithi

Eli candelo liquka ezi zixhobo zilandelayo: Thug, mitmproxy, Network Miner Free Edition, curl, Wget, Burp Proxy Free Edition, Automater, pdnstool, Tor, tcpextract, tcpflow, passive.py, CapTipper, yaraPcap.py.

Uhlalutyo lwe-Flash Movie

Eli candelo liquka ezi zixhobo zilandelayo: xxxswf, SWF Tools, RABDAsm, extract_swf, Flare.

Uhlalutyo lweJava

Eli candelo liquka ezi zixhobo zilandelayo: I-Java Cache IDX Parser, i-JD-GUI Java Decompiler, i-JAD Java Decompiler, i-Javassist, i-CFR.

Uhlalutyo lweJavaScript

Eli candelo liquka ezi zixhobo zilandelayo: iRhino Debugger, ExtractScripts, SpiderMonkey, V8, JS Beautifier.

PDF Uhlalutyo

Ezi zixhobo zilandelayo zibandakanyiwe kweli candelo: AnalyzePDF, Pdfobjflow, pdfid, pdf-parser, peepdf, Origami, PDF X-RAY Lite, PDFtk, swf_mastah, qpdf, pdfresurrect.

Uhlalutyo lwamaxwebhu e-Microsoft Office

officeparser, pyOLEScanner.py, oletools, libolecf, oledump, emldump, MSGConvert, base64dump.py, unicode.

Uhlalutyo lwekhowudi yeShell

i-sctest, i-unicode2hex-ibaleke, i-unicode2raw, i-dism-le, i-shellcode2exe.

Ikhowudi engaqondakaliyo

unXOR, XORStrings, ex_pe_xor, XORSearch, brxor.py, xortool, NoMoreXOR, XORBruteForcer, Balbuzard, FLOSS.

Utsalo lwedatha yomtya

strdeobj, pestr, iintambo.

Ukubuyisela ifayile

Okuphambili, i-Scalpel, i-bulk_extractor, i-Hachoir.

Umsebenzi womnatha wokubeka iliso

Wireshark, ngrep, TCPDump, tcpick.

Uhlalutyo lokulahla i-crash

I-Volatility Framework, findaes, AESKeyFinder, RSAKeyFinder, VolDiff, Rekall, linux_mem_diff_tool.

Uhlalutyo lweefayile zePE eziphunyeziweyo

UPX, Bytehist, Density Scout, PackerID, objdump, Udis86, Vivisect, Signsrch, Pescanner, ExeScan, pev, Peframe, pedump, Bokken, RATDecoders, Py, readpe.py, PyInstaller Extractor, DC3-MWCP.

Iinkonzo zenethiwekhi

FakeDNS, Nginx, fakeMail, Honeyd, INetSim, Inspire IRCd, OpenSSH, accept-all-ips.

Izixhobo zenethiwekhi

prettyping.sh, set-static-ip, renew-dhcp, Netcat, EPIC IRC Client, stunnel, Just-Metadata.

Kwezinye izixhobo ezibandakanyiweyo

  • Ukusebenza ngengqokelela yemizekelo ye-malware: iMaltrieve, iRagpicker, iViper, iMASTIFF, iDensity Scout.
  • Inkcazo yomsayino: YaraGenerator, IOCextractor, Autorule, Rule Editor, ioc-parser.
  • Ukuskena: Yara, ClamAV, TrID, ExifTool, virustotal-submit, Disitool.
  • Ukusebenza ngeehashes: nsrllookup, Automater, Hash Identifier, totalhash, ssdeep, virustotal-search, VirusTotalApi.
  • Uhlalutyo lwe-malware ye-Linux: I-Sysdig kunye ne-Unhide.
  • IiDisassemblers: Vivisect, Udis86, objdump.
  • Iinkqubo zokulandelela: umtya kunye ne-ltrace.
  • Uphando: Radare 2, Pyew, Bokken, m2elf, ELF Parser.
  • Ukusebenza neenkcukacha zombhalo: SciTE, Geany kunye neVim.
  • Ukusebenza ngemifanekiso: feh kunye ne-ImageMagick.
  • Ukusebenza ngeefayile zokubini: wxHexEditor kunye neVBinDiff.
  • Uhlalutyo lweMalware kwizixhobo eziphathwayo: Androwarn kunye AndroGuard.

Yintoni entsha kuyo REMnux 7.0?

Kwiinguqu eziphambili ezivezwa kule nguqulo entsha yokuhanjiswa, enye yazo utshintsho kuguqulelo lwe-LTS lwe-Ubuntu 18.04 kunye nokusasazwa kolu nikezelo Yayilwa ngokutsha ukusuka ekuqaleni kwaye yayingelophuculo nje lwesiseko.

Ukongeza kwinto yokuba kwinguqulelo entsha, zonke izixhobo ezinikezelweyo zihlaziyiwe apho iphakheji yokuhambisa iye yandiswa kakhulu (ubungakanani bomfanekiso womatshini wenyani uphindwe kabini).

Kananjalo uxwebhu lweREMnux luhlaziyiwe ukubonelela abasebenzisi ngoluhlu olubanzi nolwahlulo lwezixhobo ezikhoyo, kunye neenkcukacha malunga nababhali babo, ilayisenisi kunye nephepha lasekhaya.

Ukukhuphela

Kwabo banomdla wokuzama oku kusasazwa, unokufumana umfanekiso wenkqubo kwiwebhusayithi esemthethweni.

Ikhonkco yile.


Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*

  1. Uxanduva lwedatha: UMiguel Ángel Gatón
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.