Threat Inteliigence / OSINT / NETSEC / NATSEC

RaineVM - Reversing // Analysis workstation

Download here!

Login: Raine

password: reversing

RaineVM in a way complements Ronan - it is an image of a virtual machine with installed tools for analyzing files, including malware. After we have obtained the samples in the course of our OSINT search, we can then transfer it to Raine and take a closer look. Why not just add these tools to RonanVM? In my opinion, analyzing files, especially potentially malicious ones, necessarily requires a separate environment. It's not even about the possibility of infecting our system - in the case of Linux it will be very limited - but about the system configuration that we will have to modify frequently - such as: adjusting network interface settings to disable or redirect traffic. And if we analyze a sample that may infect our system, we will very often restore the system to its initial state using snapshots.

Raine just as Ronan have privacy oriented configuration - Ubuntu's telemetry is disabled as are features like file history, Firefox is also configured as in Ronan. As for the tools, the following are available: