SANS Digital Forensics and Incident Response Blog

Digital Forensics Case Leads: REMnux, Stuxnet, Facebook and more

This week we have Lenny Zeltser releasing his awesome tool REMnux V2 along with some good blog posts by Brad Garnett, Andrew Hay and Harlan Carvey and the Yahoo group Win4n6. In the news we have more Stuxnet and privacy issues with Facebook. Don't forget to check out the up coming training events coming to a city near you. If you have an article, news story or new tool that you think should be mentioned send an email to, we would love to hear from you.


  • REMnux v2 from Lenny Zeltser is out and includes good tools for doing analysis and reverse engineering of malicious software, it even includes the latest release of Volatility which is version 1.4 RC1. If you are at the DoD CyberCrime Conference next week be sure to attend Lenny's session on Malware.

Good Reads:



Coming Events:

If you have an article to suggest for case leads please email it to

Digital Forensics Case Leads for 20110120 was compiled by Mark McKinnon GCFA, CCE is Principal of RedWolf Computer Forensics where he has written many tools that are used through out the Computer Forensic Community. You can follow Mark on twitter @markmckinnon.