REMnux Tutorial-2: Extraction and decoding of Artifacts

       REMnux: A Linux Toolkit for Reverse-Engineering and Analyzing Malware

       It is free, lightweight Linux (Ubuntu distribution) toolkit for reverse-engineering malicious files.

   

       REMnux provides the collection of some of the most common and effective tools used for

       reverse engineering malwares in categories like:

      1) Investigate Linux malwares

      2) Statically analyze windows executable file

      3) Examine File properties and contents

      4) Multiple sample processing

      5) Memory Snapshot Examination

      6) Extract and decode artifacts

      7) Examine Documents

      8) Browser Malware Examination

      9) Network utilities

      REMnux Tutorial - 2 covers tools and techniques used to extract and decode artifacts.Tutorial also describes about steps to perform investigation on infected drives with forensic discipline.

Tools covered : unXOR, XORSearch, XORStrings, xorBruteForcer, brutexor, xortool, NoMoreXor, Dcfldd, Foremost, Scalpel, Bulk_extractor, hackoir

    

  

       Please click here to access my PPT slides.
     

       Video presentation explaining the slides will be posted soon.!

       Thanks for visiting my blog.!