REMnux Malware analysis distro
Check this out... sounds cool !!!
I'll have try in evaluating it right now.
REMnux: A Linux Toolkit for Reverse-Engineering and Analyzing Malware
REMnux® is a free Linux toolkit for assisting malware analysts with reverse-engineering malicious software. It strives to make it easier for forensic investigators and incident responders to start using the variety of freely-available tools that can examine malware, yet might be difficult to locate or set up.
Import the REMnux Virtual Appliance
Once you’ve downloaded the REMnux OVA file, import it into your virtualization software, then start the virtual machine. For step-by-step instructions for importing the virtual appliance, take a look at the VirtualBox screenshot and VMware Workstation screenshot slideshows.
There is no need to extract contents of the OVA file manually before importing it. Simply load the OVA file into your virtualization software to begin the import. If you attempt to extract OVA file’s contents and try importing the embedded OVF file in VirtualBox, you will likely encounter an error, such as “could not verify the content of REMnux.mf against the available files, unsupported digest type.”
If importing into QEMU, extract contents of the OVA file and run the qemu-img command like this:
tar xvf remnux-6.0-ova-public.ova qemu-img convert -O qcow2 REMnuxV6-disk1.vmdk remnux.qcow2
In all cases, once you boot up the imported virtual machine, it will automatically log you into the system using the user named “remnux”. The user’s password is “malware”; you might need to specify it when performing privileged operations.
After booting into the virtual appliance, run the
update-remnux full command on REMnux to update its software. This will allow you to benefit from any enhancements introduced after the virtual appliance has been packaged. Your system needs to have Internet access for this to work.
You can learn the malware analysis techniques that make use of the tools installed and pre-configured on REMnux by taking Reverse-Engineering Malware training at SANS Institute.