We released the XST Format package, which adds support for Microsoft Outlook PST and OST email data formats.
The package makes it possible to explore every part of an email container, including messages, folder structures, metadata and attachments.
Author: Erik Pistelli
Memory Challenge 9: BankingTroubles
We’re testing our Memory Analysis package (currently in beta) against various challenges available online.
We found this challenge on the Memory Forensic site, so credit goes to them for highlighting it and to CyberDefenders for creating it in the first place.
InnoSetup Format Package 3.0
Version 3 of our state-of-the-art InnoSetup Format package is now available and includes support for the latest releases of InnoSetup and the recently introduced full encryption mode.
In addition to the format itself and file extraction, make sure to install the IFPS Format package to inspect the code of setup scripts.
Memory Challenge 8: MemLabs Lab 4 – Obsession
We’re testing our Memory Analysis package (currently in beta) against various challenges available online.
We found this challenge on the Memory Forensic site, so credit goes to them for highlighting it and to MemLabs for creating it in the first place.
Continue reading “Memory Challenge 8: MemLabs Lab 4 – Obsession”
AD1 Format Package
We released the AD1 Format package, which adds basic support for AccessData Custom Content Image files. AD1 images are logical evidence containers created by FTK Imager and other AccessData tools, used to store selected files or folders from a system rather than a full physical disk image.
Memory Challenge 7: DeepDive
We’re testing our Memory Analysis package (currently in beta) against various challenges available online.
We found this challenge on the Memory Forensic site, so credit goes to them for highlighting it and to CyberDefenders for creating it in the first place.
Memory Analysis Package 0.7
We are excited to announce the release of the Memory Analysis 0.7 package, which is currently in beta. This version introduces significant improvements that partly stem from testing our solution against various CTF challenges.
These new features, together with the recent release of Cerbero Suite 8.6, make this update particularly noteworthy. Thanks to the sophisticated caching mechanism implemented in the latest release of Cerbero Suite, memory analysis is now faster than ever. If you thought it was already fast, you are in for a surprise!
Cerbero Suite 8.6
Cerbero Suite 8.6 and Cerbero Engine 5.6 are out with several improvements and fixes.
The highlight: a new caching system that makes memory analysis even faster than it was before!
Memory Challenge 6: Injector
We’re testing our Memory Analysis package (currently in beta) against various challenges available online.
We found this challenge on the Memory Forensic site, so credit goes to them for highlighting it and to CyberDefenders for creating it in the first place.
Memory Challenge 5: DumpMe
We’re testing our Memory Analysis package (currently in beta) against various challenges available online.
We found this challenge on the Memory Forensic site, so credit goes to them for highlighting it and to CyberDefenders for creating it in the first place.