Suite Standard

Cerbero Suite Advanced includes all the capabilities of the Standard edition with additional features designed for experts in the security and forensic field, so check it out too!

This is a list of some relevant features of Cerbero Suite Standard. Please note that it is not possible to enumerate all features because of the complexity and on-going improvement of the product.

  • Various scan modes
    • Single file scan
    • Directory scan
    • Full and custom disk scan
  • Fast multithreaded profiling
  • Automatized updates
  • Large files support
  • Identification among many other things of:
    • Embedded files
    • Personal information
    • Parsing issues
    • Possible shellcode
    • Unused, unreferenced or custom data
      • Entropic analysis of foreign data
    • Metadata
    • Scripting and bytecode
  • File format view
  • Extraction of C++ types via Clang
    • Support for all advanced C++ type features
  • Supported file formats:
    • Android Application Package (APK)
      • Binary XML converter
    • Cabinet (CAB)
    • Compound File Binary Format (DOC, XLS, PPT, MSI, etc.)
      • Decryption
      • Visual Basic Application code extraction
      • Excel formula decompilation
      • Word text preview
      • Spreadsheet preview
    • Compression formats (GZIP, BZIP2, LZMA)
    • Dalvik Executable (DEX)
      • Dalvik disassembler
      • Layout ranges
    • Device Independent Bitmap (DIB, BMP)
    • Excel Binary (XLSB)
      • Excel formula decompilation
      • Spreadsheet preview
    • Executable and Linkable Format
      • Preliminary support
    • Fonts
      • Compact Font Format (CFont)
        • Type1 and Type2 disassembler
      • Embedded Open Type (EOT)
        • TrueType converter
        • MicroType Express (cvt, hdmx, VDMX tables not rebuilded)
      • Open Type (OTF)
        • TrueType bytecode disassembler
        • Compact Font Format
      • Tag Image File Format (TIFF)
      • TrueType (SFont, TTF)
        • TrueType bytecode disassembler
      • TrueType Collection (TTC)
      • Type1 (T1, PFB)
        • Type1 disassembler
      • Web Open Font Format (WOFF)
        • TrueType converter
    • Graphics Interchange Format (GIF)
    • Info-Tech Storage Format (CHM, CHI, CHQ, CHW, etc.)
    • Java Class (CLASS)
      • Class bytecode disassembler
      • Layout ranges
    • Joint Photographic Experts Group (JPEG)
    • Mach-O (App, Kext, DyLib)
      • Universal binaries
      • Apple code signatures
      • Apple binary protection
    • Program Database (PDB)
      • Types extraction
    • Portable Document Format (PDF)
      • Decryption
      • JavaScript extraction
      • Object search
    • Portable Executable (PE, EXE, DLL, SYS, OCX, etc.)
      • Analysis
      • Layout ranges
      • Embedded resources validation and analysis
      • Embedded resources preview
      • Digital certificates validation
      • Full format support
      • MSIL disassembler
    • Portable Network Graphics (PNG, APNG)
    • Rich Text Format (RTF)
      • OLE extraction
      • Safe text preview
    • Shockwave Flash (SWF)
      • ActionScript2 disassembler
      • ActionScript3 disassembler
    • SQLite3
      • Tables inspection
      • Free pages inspection
    • Windows Encoded Scripts (VBE, JSE)
    • Windows Lnk (LNK)
    • XML Data Package (XDP)
      • Embedded PDF extraction
      • JavaScript extraction
    • XML
    • Zip Archive (ZIP: covers many file extensions)
      • Decompression: Deflate, BZIP2, LZMA
      • Decryption: ZipCrypto, WinZip AES
      • Zip bomb detection
      • Incomplete archives support
  • Advanced report saving functionality:
    • Generate reports for millions of files
    • Include the scanned files into the report project itself
    • Optional compression
    • Optional symmetric encryption
  • Powerful Python 3 SDK
    • Custom scripts
    • Access to core classes
    • Access to format classes
    • Access to filters
    • User defined actions
    • Action configuration
    • Hooks
    • Key providers
    • Logic providers
    • Scan providers
    • Use of imported C++ types
    • Creation of new views
    • Output console
    • Command line
    • Capstone support
    • libmagic support
    • YARA support
  • Powerful filter technology including:
    • Conversion algorithms
    • Compression algorithms
    • Encryption algorithms
    • Cryptographic hashes
    • Disassemblers
    • Capability to apply filters to embedded files
    • Range parameters
    • Sandboxed Lua scripting
  • Plugins and actions
    • JavaScript beautifier
    • JavaScript debugger
    • Pastebin upload
    • XML indenter
    • Entropic analysis
  • Embedded file analysis
    • Custom embedded files (with optional filters)
  • Intuitive workspace
    • Advanced and customizable hex view
      • Visualization of data ranges
    • Plots and pie charts
    • Easy risk evaluation
    • Syntax highlighting
    • Media preview
    • Global and individual bookmarks
      • Analysis view jump
    • Global and individual file notes
    • Dock-based interface with navigability
  • Cryptographic hashes
  • Advanced password input dialog
  • Names unmangling
    • Visual C++
    • GCC 3 & 4
  • Theme support
    • New themes can be created
    • Existing themes can be customized
  • Tools
    • Full-fledged Hex-Editor
    • Python Editor
    • Header Manager
      • C++ types importer via Clang
      • Explorer
    • JavaScript editor
    • Full-fledged JavaScript debugger
  • 3rd Party Libraries
    • Capstone (including Python bindings)
    • libmagic (including Python bindings)
    • YARA (including Python bindings)

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)