LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Distributions (https://www.linuxquestions.org/questions/linux-distributions-5/)
-   -   Recommend a Live bootable Distro for Reverse Engineering? (https://www.linuxquestions.org/questions/linux-distributions-5/recommend-a-live-bootable-distro-for-reverse-engineering-157303/)

bungerScorpio 03-13-2004 08:55 PM
Recommend a Live bootable Distro for Reverse Engineering?
 
Does anyone know if a live, bootable distro exists with tools for reverse engineering? I am looking for something that can boot from CD and then allow me to reverse engineer virus and malware code. I know all of the tools exist as separate packages, but was wondering if anyone has created a live distro yet?

tia,
bS

frandalla 03-13-2004 09:10 PM
What kind of tools you're looking for? If it's a c/c++ compiler, gbd and stuff like that knoppix have all this...

Capt_Caveman 03-14-2004 12:16 AM
Depending on what kind of analysis you are doing, you might also want to take a look at FIRE and Knoppix-STD.

bungerScorpio 03-16-2004 08:45 PM
I don't know all of the tools required to reverse engineer code, so I am looking for a live bootable distro that would have those tools readily available. Things like decompilers, memory heap analyzers, etc...

I envision putting virus code on a floppy or a portion of a hard drive, boot from the distro CD, and having my way with the code to determine how it installs itself, how it propogates, how it sends messages, etc...

I am pretty sure that FIRE, STD, or any of the others ( INSERT, LAN Security,etc ) don't have those kinds of tools. They have more forensics-based ( recovery ) tools...

thanks again for any ideas,
bS


All times are GMT -5. The time now is 05:16 AM.