String Decrypter Package

We have just released our String Decrypter package on Cerbero Store for all licenses of Cerbero Suite. The String Decrypter package is very useful for reversing malware and during CTFs.

This utility can be invoked as an action from a hex view or a Carbon disassembly. It can be used to brute-force the decryption of strings and byte-arrays.

String Decrypter supports various types of string encodings combined with endianness and it can filter decoded strings with the following options:

– Don’t filter (include raw byte-arrays)
– Include only decoded strings
– Include only strings with ASCII characters
– Include only string matching a regular expression provided by the user

The plugin supports parallel execution, which will make the difference if more algorithms are added to the list. Also, for every decryption method the number of combinations is displayed.

For every decrypted entry, String Decrypter shows the performed operation along with the string encoding (if available).

API Solver Package

We have just released our API Solver package on Cerbero Store for all commercial licenses of Cerbero Suite Advanced.

You can click on the image for a video introduction.

API Solver comes very handy to analyze shellcode and it can also be used programmatically:

from Pkg.APISolver import APISolver

solver = APISolver("win32", ("kernel32", "urlmon"))
for hash in (0xEC0E4E8E, 0x702F1A36, 0xE8AFE98, 0x73E2D87E):


['KERNEL32.LoadLibraryA' (ror13_add_32)]
['URLMON.URLDownloadToFileA' (ror13_add_32)]
['KERNEL32.WinExec' (ror13_add_32)]
['KERNEL32.ExitProcess' (ror13_add_32)]

Stay tuned as we’ll soon be releasing more packages for all types of licenses on Cerbero Store!