EVTX Format Package

We are happy to announce support for the Windows Event Log (EVTX) format. The new EVTX Format package lets you inspect EVTX files directly within the application, with a familiar table-based event viewer and full XML detail pane.

EVTX is the binary log format used by modern versions of Windows (Vista and later) to store system, security, and application events. It is a key artifact in digital forensics and incident response, as it records user logons, process creation, service changes, and many other system activities. Having native support in Cerbero Suite means analysts can open and triage event logs without leaving their primary analysis environment.

ACE Format Package

We are happy to announce support for the ACE archive format in Cerbero Suite. The new ACE Format package lets you inspect and extract ACE archives directly within the application, including password-protected and solid archives.

ACE is a compression format that was widely popular in the late 1990s and early 2000s. While largely superseded by more modern formats, ACE files still appear regularly in malware analysis and digital forensics investigations. Having native support in Cerbero Suite means analysts no longer need to rely on external tools to inspect these archives.

Memory Challenge 17: Recollection

We’re testing our Memory Analysis package (currently in beta) against various challenges available online.

We found this challenge on the Memory Forensic site, so credit goes to them for highlighting it and to Hack The Box for creating it in the first place.

Continue reading “Memory Challenge 17: Recollection”

Memory Analysis Package 0.9

We are excited to announce the release of Memory Analysis 0.9 package, a significant milestone that introduces support for extracting GUI artifacts.

All features have been thoroughly tested across Windows versions from XP through Windows 11, on both x86 and x64 architectures. This, for instance, is the latest version of Windows 11.

Continue reading “Memory Analysis Package 0.9”

Memory Challenge 16: MemLabs Lab 1 – Beginner’s Luck

We’re testing our Memory Analysis package (currently in beta) against various challenges available online.

We found this challenge on the Memory Forensic site, so credit goes to them for highlighting it and to MemLabs for creating it in the first place.

Continue reading “Memory Challenge 16: MemLabs Lab 1 – Beginner’s Luck”