Suite Standard

This is a list of some relevant features of Cerbero Suite. Please note that it is not possible to enumerate all features because of the complexity and on-going improvement of the product.

• Various scan modes
  • Single file scan
  • Directory scan
  • Full and custom disk scan
• Fast multithreaded profiling
• Automatized updates
• Large files support
• Identification among many other things of:
  • Embedded files
  • Personal information
  • Parsing issues
  • Possible shellcode
  • Unused, unreferenced or custom data
    • Entropic analysis of foreign data
  • Metadata
  • Scripting and bytecode
• File format view
• Extraction of C++ types via Clang
  • Support for all advanced C++ type features
• Supported file formats:
  • Android Application Package (APK)
    • Binary XML converter
  • Compound File Binary Format (DOC, XLS, PPT, MSI, etc.)
    • Visual Basic Application code extraction
    • DOC safe text preview
  • Compression formats (GZIP, BZIP2, LZMA)
  • Dalvik Executable (DEX)
    • Dalvik disassembler
    • Layout ranges
  • Device Independent Bitmap (DIB, BMP)
  • Executable and Linkable Format
    • Preliminary support
  • Fonts
    • Compact Font Format (CFont)
      • Type1 and Type2 disassembler
    • Embedded Open Type (EOT)
      • TrueType converter
      • MicroType Express (cvt, hdmx, VDMX tables not rebuilded)
    • Open Type (OTF)
      • TrueType bytecode disassembler
      • Compact Font Format
    • Tag Image File Format (TIFF)
    • TrueType (SFont, TTF)
      • TrueType bytecode disassembler
    • TrueType Collection (TTC)
    • Type1 (T1, PFB)
      • Type1 disassembler
    • Web Open Font Format (WOFF)
      • TrueType converter
  • Graphics Interchange Format (GIF)
  • Info-Tech Storage Format (CHM, CHI, CHQ, CHW, etc.)
  • Java Class (CLASS)
    • Class bytecode disassembler
    • Layout ranges
  • Joint Photographic Experts Group (JPEG)
  • Mach-O (App, Kext, DyLib)
    • Universal binaries
    • Apple code signatures
    • Apple binary protection
  • Program Database (PDB)
    • Types extraction
  • Portable Document Format (PDF)
    • Decryption
    • JavaScript extraction
    • Object search
  • Portable Executable (PE, EXE, DLL, SYS, OCX, etc.)
    • Analisys
    • Layout ranges
    • Embedded resources validation and analysis
    • Embedded resources preview
    • Digital certificates validation
    • Full format support
    • MSIL disassembler
  • Portable Network Graphics (PNG, APNG)
  • Rich Text Format (RTF)
    • OLE extraction
    • Safe text preview
  • Shockwave Flash (SWF)
    • ActionScript2 disassembler
    • ActionScript3 disassembler
  • SQLite3
    • Tables inspection
    • Free pages inspection
  • Windows Encoded Scripts (VBE, JSE)
  • Windows Lnk (LNK)
  • XML Data Package (XDP)
    • Embedded PDF extraction
    • JavaScript extraction
  • XML
  • Zip Archive (ZIP: covers many file extensions)
    • Decompression: Deflate, BZIP2, LZMA
    • Decryption: ZipCrypto, WinZip AES
    • Zip bomb detection
    • Incomplete archives support
• Advanced report saving functionality:
  • Generate reports for millions of files
  • Include the scanned files into the report project itself
  • Optional compression
  • Optional symmetric encryption
• Powerful Python 3 SDK
  • Custom scripts
  • Access to core classes
  • Access to format classes
  • Access to filters
  • User defined actions
  • Action configuration
  • Hooks
  • Key providers
  • Logic providers
  • Scan providers
  • Use of imported C++ types
  • Creation of new views
  • Output console
  • Command line
  • Capstone support
  • libmagic support
  • YARA support
• Powerful filter technology including:
  • Conversion algorithms
  • Compression algorithms
  • Encryption algorithms
  • Cryptographic hashes
  • Disassemblers
  • Capability to apply filters to embedded files
  • Range parameters
  • Sandboxed Lua scripting
• Plugins and actions
  • JavaScript beautifier
  • JavaScript debugger
  • Pastebin upload
  • XML indenter
  • Entropic analysis
• Embedded file analysis
  • Custom embedded files (with optional filters)
• Intuitive workspace
  • Advanced and customizable hex view
    • Visualization of data ranges
  • Plots and pie charts
  • Easy risk evaluation
  • Syntax highlighting
  • Media preview
  • Global and individual bookmarks
    • Analysis view jump
  • Global and individual file notes
  • Dock-based interface with navigability
• Cryptographic hashes
• Advanced password input dialog
• Names unmangling
  • Visual C++
  • GCC 3 & 4
• Theme support
  • New themes can be created
  • Existing themes can be customized
• Tools
  • Full-fledged Hex-Editor
  • Python Editor
  • Header Manager
    • C++ types importer via Clang
    • Explorer
  • JavaScript editor
  • Full-fledged JavaScript debugger
• 3rd Party Libraries
  • Capstone (including Python bindings)
  • libmagic (including Python bindings)
  • YARA (including Python bindings)

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)