Thursday, April 23, 2015

REMnux Tutorial-3: Investigation on Malicious PDF & Doc documents

       REMnux: A Linux Toolkit for Reverse-Engineering and Analyzing Malware

       It is free, lightweight Linux (Ubuntu distribution) toolkit for reverse-engineering malicious files.
   
       REMnux provides the collection of some of the most common and effective tools used for
       reverse engineering malwares in categories like:

      1) Investigate Linux malwares
      2) Statically analyze windows executable file
      3) Examine File properties and contents
      4) Multiple sample processing
      5) Memory Snapshot Examination
      6) Extract and decode artifacts
      7) Examine Documents
      8) Browser Malware Examination
      9) Network utilities

       REMnux Tutorial - 3 covers about variety of tools to investigate on malicious PDF and Doc documents. Tutorial covers about examining PDF, Doc files, extraction and analysis of Javascript & Shellcode from it and their analysis.

Tools covered: AnalysePDF, pdfextract, pefid, peepdf, origami-extractjs, origami-pdfscan, origami-walker, pdfxray_lite, pdf-parser, pdfobjflow, pdftk, PdfStreamDumper, OfficdeMalScanner, RTLScan, unicode2hex-unescaped, shellcode2exe, unicode2raw, sctest, xxxswf, Swfdump, Extract_swf



       












Click here to access my PPT slides.
     
       Video presentation explaining the slides will be posted soon.!
       Thanks for visiting my blog.!

1 comment:

  1. Today Internet plays a big part of our lives. With the development of modern technologies we spent more and more time on the web every day. As we browse for information around the web many people don't realize that their personal information can be exposed to danger. This is why CyberTraining 365 is here to teach you about Analyzing malware and how to protect your data from unauthorized access.

    ReplyDelete