Reverse Engineering Malware & Investigation Forensic Toolkit
REMnux (Reverse Engineering Malware linux): A Linux Toolkit for Malware Analysis.
SIFT (SANS Investigation Forensic Toolkit): a workstation for Forensic Analysis.
Linux toolkit for reverse-engineering and analyzing malicious software: REMnux: A Linux Toolkit for Malware Analysts
3 way of installation:
1) VM (OVA format)
2a) packages: entire distro
2b) add to a system (e.g. add to SIFT Workstation): the host operating system should be Ubuntu, like 20.04
3) Containers: Docker image
Since REMnux is aimed at malware analysis (i.e. after incident), it could be combined with other tools, specific ones for forensics, like SIFT.
SIFT was developed by SANS: SIFT Workstation | SANS Institute
SIFT can run on Ubuntu 20.04
SIFT could run in WSL and REMnux could be added accordingly: Adding SIFT and REMnux to your Windows Forensics environment – Baker Street Forensics