Last day to get an iPad Air w/ Smart Keyboard or Pixel 4a Smartphone with 5-6 day course registration! View details.


To attend this webcast, login to your SANS Account or create your Account.

Malware Analysis Essentials Using REMnux w/ Lenny Zeltser

  • Thursday, April 17, 2014 at 1:00 PM EDT (2014-04-17 17:00:00 UTC)
  • Lenny Zeltser


  • Symantec

You can now attend the webcast using your mobile device!



Though some tasks for analyzing Windows malware are best performed on Windows laboratory systems, there is a lot you can do on Linux with the help of free and powerful tools. REMnux is an Ubuntu distribution that incorporates many such utilities. This practical session presents some of the most useful REMnux tools. Lenny Zeltser, who teaches SANS' reverse-engineering malware course, will share how you can use the utilities installed on REMnux to:

  • Assess suspicious Windows executable files
  • Explore infection artifacts in a network capture file
  • Examine malicious document and media files

If you haven't experimented with Linux-based tools for malware analysis, you've been missing out. And if you've been meaning to begin exploring the field of malware analysis, this talk will help you get started.

Speaker Bio

Lenny Zeltser

Lenny Zeltser is a seasoned business leader with extensive experience in information technology and security. As a product management director at NCR Corporation, he focuses on safeguarding IT infrastructure of small and mid-size businesses world-wide. Before NCR, Lenny led the enterprise security consulting practice at a major IT hosting provider. He also teaches digital forensics and malware courses for the SANS Institute, where he is a senior faculty member. In addition, Lenny is a Board of Directors member at SANS Technology Institute and a volunteer incident handler at the Internet Storm Center. Lenny's expertise is strongest at the intersection of business, technology, and information security practices and includes incident response, cloud services, and product management. He frequently speaks at conferences, writes articles, and has co-authored books on network security and malicious software defenses. Lenny is one of the few individuals in the world who've earned the prestigious GIAC Security Expert designation. He has an MBA degree from MIT Sloan and a Computer Science degree from the University of Pennsylvania. You can learn more about Lenny's projects on his personal website and blog.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.