Recommend a Live bootable Distro for Reverse Engineering?
Does anyone know if a live, bootable distro exists with tools for reverse engineering? I am looking for something that can boot from CD and then allow me to reverse engineer virus and malware code. I know all of the tools exist as separate packages, but was wondering if anyone has created a live distro yet?
tia, bS |
What kind of tools you're looking for? If it's a c/c++ compiler, gbd and stuff like that knoppix have all this...
|
Depending on what kind of analysis you are doing, you might also want to take a look at FIRE and Knoppix-STD.
|
I don't know all of the tools required to reverse engineer code, so I am looking for a live bootable distro that would have those tools readily available. Things like decompilers, memory heap analyzers, etc...
I envision putting virus code on a floppy or a portion of a hard drive, boot from the distro CD, and having my way with the code to determine how it installs itself, how it propogates, how it sends messages, etc... I am pretty sure that FIRE, STD, or any of the others ( INSERT, LAN Security,etc ) don't have those kinds of tools. They have more forensics-based ( recovery ) tools... thanks again for any ideas, bS |
All times are GMT -5. The time now is 05:16 AM. |