Below is a list of tools and distros I have in my home lab. I will continue to update this list.
- Oracle VirtualBox
- Flare VM* (Comes with several DFIR/Malware Analysis tools installed)
- CSI Linux (Comes with several OSINT/DFIR/Malware Analysis tools installed)
- Remnux (Comes with several malware analysis tools installed)
- Tsurugi Linux (Comes with several OSINT/DFIR/Malware Analysis tools installed)
- Autopsy
- FTK Imager
- Volatility
- MemProcFS
- CurrPorts
- Wireshark (You can find sample PCAP files here)
- pestudio
- Structured Storage Viewer
*In addition to tools, Flare VM also contains lab files for the Practical Malware Analysis book.
For more tools see:
Awesome Malware Analysis – A curated list of malware analysis tools and resources.
Awesome Incident Response – A curated list of tools for incident response.
Awesome Forensics – A curated list of forensic analysis tools and resources.
DFIR Training – DFIR software and hardware database