Below is a list of tools and distros I have in my home lab. I will continue to update this list.
- Oracle VirtualBox
- Flare VM* (Comes with several DFIR/Malware Analysis tools installed)
- Security Onion
- Kali Linux
- CSI Linux (Comes with several OSINT/DFIR/Malware Analysis tools installed)
- Remnux (Comes with several malware analysis tools installed)
- Tsurugi Linux (Comes with several OSINT/DFIR/Malware Analysis tools installed)
- SANS SIFT (ova format – comes with several DFIR tools installed)
- Alienvault OSSIM
- The Hive Project (Training VM)
- FTK Imager
- Wireshark (You can find sample PCAP files here)
- Dependency Walker
- Structured Storage Viewer
*In addition to tools, Flare VM also contains lab files for the Practical Malware Analysis book.
For more tools see:
Awesome Malware Analysis – A curated list of malware analysis tools and resources.
Awesome Incident Response – A curated list of tools for incident response.
Awesome Forensics – A curated list of forensic analysis tools and resources.
DFIR Training – DFIR software and hardware database