REMnux ukusabalalisa kugxile ekuhlaziyweni kwe-malware okususelwe ku-Ubuntu

Darkcrizt

Imizuzu ye-4

Zimbalwa izinsuku ezedlule kukhishwe inguqulo entsha yokusatshalaliswa kwe-Linux "REMnux 7.0" futhi eza ngemuva kweminyaka emihlanu kushicilelwe umagazini wokugcina.

Lokhu kusatshalaliswa Idizayinelwe ukutadisha nokuguqula unjiniyela ikhodi yezinhlelo ezinonya. Enqubeni yokuhlaziya, i-REMnux ivumela ukuhlinzeka ngendawo eseceleni yebhu lapho ungalingisa ukusebenza kwensizakalo yenethiwekhi ethile ehlaselwe ukutadisha ukusebenza kwe-malware ezimweni eziseduze naleyo yangempela.

Enye indawo yesicelo se-REMnux ifunda izakhiwo zokufakwa okunonya kumawebhusayithi weJavaScript.

Mayelana ne-REMnux

Ukusatshalaliswa kusekelwe ku-Ubuntu 18.04 futhi isebenzisa imvelo yomsebenzisi we-LXDE. Ukusatshalaliswa kufaka phakathi ukukhethwa okuphelele kwamathuluzi okuhlaziya i-malware, izinsiza zekhodi yobunjiniyela ebuyela emuva, izinhlelo zokufunda imibhalo yehhovisi le-PDF kanye ne-hacker-modified, namathuluzi wokuqapha umsebenzi wohlelo

Kumathuluzi okusatshalaliswa lokhu, singathola okulandelayo:

Ukuhlaziywa kwewebhusayithi

Lesi sigaba sifaka amathuluzi alandelayo: Thug, mitmproxy, Network Miner Free Edition, curl, Wget, Burp Proxy Free Edition, Automater, pdnstool, Tor, tcpextract, tcpflow, passive.py, CapTipper, yaraPcap.py.

Ukuhlaziywa kwe-Flash movie

Lesi sigaba sifaka amathuluzi alandelayo: i-xxxswf, i-SWF Tools, i-RABCDAsm, i-extract_swf, i-Flare.

Ukuhlaziywa kweJava

Lesi sigaba sifaka amathuluzi alandelayo: I-Java Cache IDX Parser, i-JD-GUI Java Decompiler, i-JAD Java Decompiler, iJavassist, i-CFR.

Ukuhlukaniswa kweJavaScript

Lesi sigaba sifaka amathuluzi alandelayo: i-Rhino Debugger, i-ExtractScript, i-SpiderMonkey, i-V8, i-JS Beautifier.

Ukuhlaziywa kwe-PDF

Lesi sigaba sifaka amathuluzi alandelayo: I-AnalyzePDF, i-Pdfobjflow, i-pdfid, i-pdf-parser, i-peepdf, i-Origami, i-PDF X-RAY Lite, i-PDFtk, i-swf_mastah, i-qpdf, i-pdf iqondile.

Ukuhlaziywa kwemibhalo ye-Microsoft Office

officeparser, pyOLEScanner.py, oletools, libolecf, oledump, emldump, MSGConvert, base64dump.py, i-unicode.

Ukuhlaziywa kwe-Shellcode

i-sctest, i-unicode2hex-ephunyukile, i-unicode2raw, i-dism-this, i-shellcode2exe.

Ikhodi ehlanganisiwe

i-unXOR, i-XORStrings, ex_pe_xor, i-XORSearch, i-brxor.py, i-xortool, i-NoMoreXOR, i-XORBruteForcer, i-Babbler, i-FLOSS.

Ukukhishwa kwedatha

strdeobj, pestr, izintambo.

Ukuvuselelwa kwefayela

Okuphambili, iScalpel, i-bulk_extractor, iHachoir.

Ukuqapha umsebenzi wenethiwekhi

IWireshark, ngrep, TCPDump, tcpick.

Ukuhlaziywa kokulahlwa kwememori

Uhlaka Lokuguquguquka, ama-findaes, i-AESKeyFinder, i-RSAKeyFinder, i-VolDiff, i-Rekall, i-linux_mem_diff_tool.

Iskena amafayela e-PE asebenzayo

UPX, Bytehist, Density Scout, PackerID, objdump, Udis86, Vivisect, Signsrch, pescanner, ExeScan, pev, Peframe, pedump, Bokken, RATDecoder, Py, readpe.py, PyInstaller Extractor, DC3-MWCP.

Izinsizakalo zenethiwekhi

I-FakeDNS, i-Nginx, i-fakeMail, i-Honeyd, i-INetSim, i-Inspire IRCd, i-OpenSSH, yamukela wonke ama-ips.

Izinsiza zenethiwekhi

prettyping.sh, set-static-ip, renew-dhcp, Netcat, EPIC IRC Client, stunnel, Just-Metadata.

Kwamanye amathuluzi afakiwe

  • Ukusebenza neqoqo lamasampuli we-malware: iMaltrieve, iRagpicker, iViper, iMASTIFF, iDensity Scout.
  • Incazelo yesiginesha: YaraGenerator, IOCextractor, Autorule, Rule Editor, ioc-parser.
  • Skena: Yara, ClamAV, TrID, ExifTool, virustotal-submission, Disitool.
  • Ukusebenza ngama-hashes: nsrllookup, Automater, Hash Identifier, totalhash, ssdeep, virustotal-search, VirusTotalApi.
  • Ukuhlaziywa Kwe-Linux Malware: I-Sysdig ne-Unhide.
  • Abahlukanisi: Vivisect, Udis86, objdump.
  • Izinhlelo zokulandelela: i-strace ne-ltrace.
  • Phenya: Radare 2, Pyew, Bokken, m2elf, ELF Parser.
  • Ukusebenza ngemininingwane yombhalo: iSciTE, iGeany neVim.
  • Ukusebenza nezithombe: feh ne-ImageMagick.
  • Ukusebenza namafayela kanambambili: wxHexEditor neVBinDiff.
  • Ukuhlaziywa kwe-Malware kumadivayisi eselula: I-Androwarn ne-AndroGuard.

Yini okusha in I-REMnux 7.0?

Kuzinguquko ezinkulu ezethulwe kule nguqulo entsha yokusabalalisa, olunye lwazo ngu- ushintsho lwenguqulo ye-LTS ye-Ubuntu 18.04 kanye nokusatshalaliswa kulokhu kudilivwa yahlelwa kabusha kusuka phansi kuya phansi futhi kwakungeyona nje ukuthuthukiswa okuyisisekelo.

Ngaphandle kwalokho enguqulweni entsha, wonke amathuluzi ahlinzekiwe abuyekeziwe ngakho-ke iphakethe lokusabalalisa linwetshiwe ngokuphawulekayo (ubukhulu besithombe somshini obonakalayo buphindwe kabili).

Futhi imibhalo ye-REMnux ibuyekeziwe ukuhlinzeka abasebenzisi ngohlu olubanzi futhi oluhlukaniswe ngamathuluzi atholakalayo, kanye nemininingwane mayelana nabalobi babo, ilayisense, nekhasi lasekhaya.

Landa

Kulabo abanentshisekelo yokukwazi ukuhlola lokhu kusatshalaliswa, bangathola isithombe sohlelo kusuka kuwebhusayithi yalo esemthethweni.

Isixhumanisi yilokhu.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.