Got an obvious spam email. Decided to check out the PDF attachment in #remnux. Turns out to be a link to newsbtc[.]gq but seems to be down already. DNS points to Russian infrastructure 🤷‍♂️

Updated several Didier Stevens tools and Detect-It-Easy by Hors. To get the new versions run "remnux upgrade" on your REMnux system.

Madza 👨‍💻⚡ Ubuntu, REMnux, @deblistedian, Kali Linux, Fedora Project (@[email protected]). My favorites are Ubuntu and REMnux.

The latest version of Ghidra (10.2) is now on REMnux. Get it by running the "remnux upgrade" command: htmlpreview.github.io/?https://githu…

The newly released version of Ghidra (10.2) is now on REMnux. Get it by running "remnux upgrade" htmlpreview.github.io/?https://githu…

Added "dnfile" by Malware Frank and "dotnetfile" by Unit 42 to REMnux for analyzing static properties of .NET files: docs.remnux.org/discover-the-t…

Continuing with the videos introducing key analysis distributions for malware analysis and reverse engineering - next up is REMnux 👇 📽️ youtu.be/BluBQd9-Fc8 I'll discuss what is, why/when I use it and how to get started.

Added Magika to REMnux for identifying file types: google.github.io/magika

#MalwareAnalysis tip: Inetsim is a network simulator for malware analysis. You can host your own files/payloads in inetsim really easily. I had to do this today to analyze a shellcode implant that was no longer hosted on its staging domain. Here is how to do this 👇

The updated version of Ghidra (11.2) is now on REMnux. To get it, you can run "apt get && apt install ghidra" htmlpreview.github.io/?https://githu…

REMnux based on Ubuntu 24.04 (Noble) is available now, along with a new, more resilient installer. Available as prebuilt VMs for VMware, Proxmox and VirtualBox, as well as a Docker container. Get your malware analysis toolkit from REMnux.org.

The new REMnux MCP server lets AI analyze malware using the REMnux toolkit. I was surprised at the depth of investigation it delivers. Most of my time went into capturing how I approach malware analysis and providing AI the right guidance at the right time, so it can think and

The release announcement is now available, but you heard it here first! zeltser.com/remnux-v8-rele…

Nice! It did a good job with this FUD Webex installer signed by "LAKESIDE TRANSMISSION INC." 40adf1aaa86dbe99cafa24fcfc7847fac976fc3d01d07cc6a774970028bbffdd Now if only I could convince Microsoft to finally revoke this certificate.

#Ubuntu-Based REMnux 8 #Linux Toolkit for Malware Analysis Is Out Now to Celebrate the Project's 15th Anniversary 9to5linux.com/remnux-8-linux… REMnux #OpenSource

REMnux v8 brings AI integration to the Linux malware analysis toolkit, by Help Net Security: helpnetsecurity.com/2026/02/17/rem…

As also mentioned by MalwareHunterTeam , the actor also signed a copy of Microsoft's OLEVIEW.exe. I analyzed it with the new MCP in REMnux and this is what it found: It found that there was a PNG, and after the PNG was another fake PNG, which was an encrypted payload. 1/5