Tools and Distros

Below is a list of tools and distros I have in my home lab. I will continue to update this list.

• Oracle VirtualBox
• Flare VM* (Comes with several DFIR/Malware Analysis tools installed)
• Security Onion
• Kali Linux
• CSI Linux (Comes with several OSINT/DFIR/Malware Analysis tools installed)
• Remnux (Comes with several malware analysis tools installed)
• Tsurugi Linux (Comes with several OSINT/DFIR/Malware Analysis tools installed)
• SANS SIFT (ova format – comes with several DFIR tools installed)
• Alienvault OSSIM
• The Hive Project (Training VM)
• Autopsy
• FTK Imager
• CurrPorts
• Wireshark (You can find sample PCAP files here)
• Dependency Walker
• pestudio
• Structured Storage Viewer

*In addition to tools, Flare VM also contains lab files for the Practical Malware Analysis book.

For more tools see:

Awesome Malware Analysis – A curated list of malware analysis tools and resources.

Awesome Incident Response – A curated list of tools for incident response.

Awesome Forensics – A curated list of forensic analysis tools and resources.

DFIR Training – DFIR software and hardware database

Stark4n6 Start.Me