Open Source Linux Anti-Malware Software

REMnux® is a Linux toolkit for reverse-engineering and analyzing malicious software. REMnux provides a curated collection of free tools created by the community. Analysts can use it to investigate malware without having to find, install, and configure the tools.

Announcing The New Robolinux Series 14 Mate LTS - 2034 Robolinux is very pleased to announce a completely new 14.1 Mate privacy centered 1inux operating system you can download freely while also offering our users an optional 14+ advanced upgrade which comes with our Untracker and FAAST Boot along with one click popular privacy software installers like Tor and I2p, Wireshark and Bleachbit plus many more for a fair and reasonable price. Robolinux14.1-Mate is ideal for beginners and advanced users. We are proud that it comes with Enoch AI which is TOTALLY 100% PRIVATE, FREE, HONEST & UNCENSORED built into Robolinux Cinnamon 14.1 The Robolinux 14.1 version with rock solid Long Term Support through 2034! requires users to set secure boot in their BIOS. It is currently available in the Cinnamon desktop flavor. we will release series 14 Xfce version in the next two months.For more information please see Readme file. Warmest regards John Martinson Robolinux.org

HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction honeypot, Glastopf web honeypot and Wordpot, Conpot SCADA/ICS honeypot, Thug and PhoneyC honeyclients and more. Additionally it includes many useful pre-configured scripts and utilities to analyze, visualize and process the data it can capture, such as Kippo-Graph, Honeyd-Viz, DionaeaFR, an ELK stack and much more. Lastly, almost 90 well-known malware analysis, forensics and network monitoring related tools are also present in the distribution.

Common network dump analyzer tool to extract application data and pretty show. It reassembles and shows HTTP/SMTP/POP3/IMAP etc files. Please donate if you want this to be a candy.

Compensato is full suite of diagnostic and troubleshooting tools (focused on troubleshooting Windows environments at the moment) that runs from an Ubuntu based Linux live environment. Once booted a browser winow will launch and the program will automatically look for a Windows installation to work with. You should be able to have this Windows installation visible to the system either internally or externally.

Air Raid Siren is multi-platform software designed to keep users safe on wireless networks when they log onto the Internet. This easy to use software protects against common attacks, like man-in-the-middle and packet sniffing.

Anoubis is a Security Suite which implements a secured environment for applications. The core of the suite is an Application Firewall alongside with a Sandbox. Mechanisms to assure the authenticity of files, directories and applications are provided.

NOTICE: The format of this project has been changed from ISO to using ansible and has been moved to GitHub. Github link: https://github.com/Bifrozt/bifrozt-ansible

Edit the Windows Registry from a Live CD to Remove Malware and fix problems that keeps your system from booting.

The SXMD (" like Security-X MultiDistribution ") use syslinux, grub4dos and others bootloaders to recover a crashed boot or run many GNU / Linux utilities. The first category is "Antivirus" with editors like Antivir, AVG, Comodo, DrWeb, FSecure, Kaspersky, Panda, VBA ... The second is composed by GNU/Linux's Distro: DSL, CorePlus (+Qemu Starter), Slacko, Slax Custom, Slitaz & XPuD ... After, you can find very good Recovery and Partitioning tools : Redo Backup, Parted Magic, MiniTool Partition Wizard, Paragon, PING, OSF and ActiveBootDisk ... SXMD also gathering a XP PE : Hiren'sBoot with DOS tools ("ubcd"), a Portable Suite and many boot priorities or possibilities. Size : +/- 3Gb Available : USB / DVD version ("coming soon") WebSite : http://www.security-x.fr/tools/SXMD ("under construct")

A packet dissector driven by machine learning algorithms. You train it to recognize specific types of packets by showing it examples and counterexamples of some packet type, and it will figure out which bits in the packet define it as the type you seek.

SisyphusScan is a wrapper to malware scanners that can be used for cyclic scanning of files (i.e. accross several executions). The scanning process is optimized with a cache. Currently supports the clamd daemon from the ClamAV tools suite.

A hardware supported hypervisor originally built for malware analysis. Features: Linux VM introspection, minimal detectability, small (~150KB), simple, and well documented. Can be used for other purposes. Support for Intel-VT & Windows coming soon.

Hosting exploit/backdoor detection daemon.It's written in python , and uses inotify (pyinotify) to monitor file system activity.It checks files smaller then some size,compares their md5sum and hex signatures against DBs with known exploits/backdoor.

sktrap (script kiddies trap) is a tiny intrusion detection system. Installed on the monitor server, it runs tests via ssh on its clients. Cracks very visible (files,open ports). Built in reply to and very succesful in finding real-world break-ins.