
Cerbero Suite Advanced includes all the capabilities of the Standard edition with additional features designed for experts in the security and forensic field, so check it out too!
This is a list of some relevant features of Cerbero Suite Standard. Please note that it is not possible to enumerate all features because of the complexity and on-going improvement of the product.
- Various scan modes
- Single file scan
- Directory scan
- Full and custom disk scan
- Fast multithreaded profiling
- Automatized updates
- Large files support
- Identification among many other things of:
- Embedded files
- Personal information
- Parsing issues
- Possible shellcode
- Unused, unreferenced or custom data
- Entropic analysis of foreign data
- Metadata
- Scripting and bytecode
- File format view
- Extraction of C++ types via Clang
- Support for all advanced C++ type features
- Supported file formats:
- Android Application Package (APK)
- Binary XML converter
- Cabinet (CAB)
- Compound File Binary Format (DOC, XLS, PPT, MSI, etc.)
- Decryption
- Visual Basic Application code extraction
- Excel formula decompilation
- Word text preview
- Spreadsheet preview
- Compression formats (GZIP, BZIP2, LZMA)
- Dalvik Executable (DEX)
- Dalvik disassembler
- Layout ranges
- Device Independent Bitmap (DIB, BMP)
- Excel Binary (XLSB)
- Excel formula decompilation
- Spreadsheet preview
- Executable and Linkable Format
- Preliminary support
- Fonts
- Compact Font Format (CFont)
- Type1 and Type2 disassembler
- Embedded Open Type (EOT)
- TrueType converter
- MicroType Express (cvt, hdmx, VDMX tables not rebuilded)
- Open Type (OTF)
- TrueType bytecode disassembler
- Compact Font Format
- Tag Image File Format (TIFF)
- TrueType (SFont, TTF)
- TrueType bytecode disassembler
- TrueType Collection (TTC)
- Type1 (T1, PFB)
- Type1 disassembler
- Web Open Font Format (WOFF)
- TrueType converter
- Compact Font Format (CFont)
- Graphics Interchange Format (GIF)
- Info-Tech Storage Format (CHM, CHI, CHQ, CHW, etc.)
- Java Class (CLASS)
- Class bytecode disassembler
- Layout ranges
- Joint Photographic Experts Group (JPEG)
- Mach-O (App, Kext, DyLib)
- Universal binaries
- Apple code signatures
- Apple binary protection
- Program Database (PDB)
- Types extraction
- Portable Document Format (PDF)
- Decryption
- JavaScript extraction
- Object search
- Portable Executable (PE, EXE, DLL, SYS, OCX, etc.)
- Analysis
- Layout ranges
- Embedded resources validation and analysis
- Embedded resources preview
- Digital certificates validation
- Full format support
- MSIL disassembler
- Portable Network Graphics (PNG, APNG)
- Rich Text Format (RTF)
- OLE extraction
- Safe text preview
- Shockwave Flash (SWF)
- ActionScript2 disassembler
- ActionScript3 disassembler
- SQLite3
- Tables inspection
- Free pages inspection
- Windows Encoded Scripts (VBE, JSE)
- Windows Lnk (LNK)
- XML Data Package (XDP)
- Embedded PDF extraction
- JavaScript extraction
- XML
- Zip Archive (ZIP: covers many file extensions)
- Decompression: Deflate, BZIP2, LZMA
- Decryption: ZipCrypto, WinZip AES
- Zip bomb detection
- Incomplete archives support
- Android Application Package (APK)
- Advanced report saving functionality:
- Generate reports for millions of files
- Include the scanned files into the report project itself
- Optional compression
- Optional symmetric encryption
- Powerful Python 3 SDK
- Custom scripts
- Access to core classes
- Access to format classes
- Access to filters
- User defined actions
- Action configuration
- Hooks
- Key providers
- Logic providers
- Scan providers
- Multi-processing
- Use of imported C++ types
- Creation of new views
- Output console
- Command line
- Capstone support
- libmagic support
- YARA support
- ZMQ support
- Installable packages
- Powerful filter technology including:
- Conversion algorithms
- Compression algorithms
- Encryption algorithms
- Cryptographic hashes
- Disassemblers
- Capability to apply filters to embedded files
- Range parameters
- Sandboxed Lua scripting
- Plugins and actions
- JavaScript beautifier
- JavaScript debugger
- Pastebin upload
- XML indenter
- Entropic analysis
- Embedded file analysis
- Custom embedded files (with optional filters)
- Intuitive workspace
- Advanced and customizable hex view
- Visualization of data ranges
- Plots and pie charts
- Easy risk evaluation
- Syntax highlighting
- Media preview
- Global and individual bookmarks
- Analysis view jump
- Global and individual file notes
- Dock-based interface with navigability
- Advanced and customizable hex view
- Cryptographic hashes
- Advanced password input dialog
- Names unmangling
- Visual C++
- GCC 3 & 4
- Theme support
- New themes can be created
- Existing themes can be customized
- Tools
- Full-fledged Hex-Editor
- Python Editor
- Header Manager
- C++ types importer via Clang
- Explorer
- JavaScript editor
- Full-fledged JavaScript debugger
- 3rd Party Libraries
- Capstone (including Python bindings)
- libmagic (including Python bindings)
- YARA (including Python bindings)
- ZMQ (including Python bindings)
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)