PyInstaller Extractor Package

We have released the PyInstaller Extractor package for all licenses of Cerbero Suite.

PyInstaller is a tool that packages Python applications into standalone executables, compatible with Windows, Linux, and macOS. It works by analyzing Python scripts to discover every import statement and include the appropriate Python files, binaries, and libraries in the executable. Additionally, PyInstaller converts all Python code into bytecode before packaging, enhancing performance and security.

The extractor supports all versions of PyInstaller, all supported file types and automatically identifies PyInstaller generated binaries. It also supports PyInstaller bytecode decryption.

Continue reading “PyInstaller Extractor Package”

PYC Format Package

We have released the PYC Format package for all licenses of Cerbero Suite.

PYC files are compiled bytecode versions of Python source code. These compiled files can be deployed in place of the original source code, serving as a bytecode format for execution by the Python interpreter. PYC files are tied to the specific version of Python they were compiled with, necessitating recompilation when different Python versions are used.

Continue reading “PYC Format Package”

RPM Format Package

We have released the RPM Format package for all licenses of Cerbero Suite.

The RPM Package Manager (RPM) format is a package management system used primarily in Red Hat-based Linux distributions, including Fedora and CentOS. It is utilized for managing the installation, update, and removal of software on Linux systems. An RPM file contains the software itself, along with metadata about the software such as its version, dependencies, and instructions for installation. This format streamlines the process of software management, providing a standardized approach to handling packages on Linux platforms.

Continue reading “RPM Format Package”

PCAP Format Package

We have released the PCAP Format package for all licenses of Cerbero Suite.

The PCAP format is the main capture file format used in TcpDump/WinDump, snort, and many other networking tools and is fully supported by Wireshark/TShark. Our support does not aim to compete against a specialized tool like WireShark, but it gives the capability to inspect PCAP files without leaving the Cerbero Suite interface. This is especially useful when analyzing malware reports.

Continue reading “PCAP Format Package”

AR Format Package

We have released the AR Format package for all licenses of Cerbero Suite.

The AR archive format, originally devised for Unix systems, serves as a straightforward file archiving tool, combining multiple files into a single archive without inherent compression. It’s primarily used in Unix-like environments for storing static libraries (‘.a’ files), and is also a key component in the structure of DEB packages for Debian-based Linux distributions. Furthermore, the AR format finds its application in the Windows operating system as well, where it is used for ‘.lib’ files.

Continue reading “AR Format Package”

RegHive Format Package

We have released the RegHive Format package for all licenses of Cerbero Suite.

This package offers enhanced functionality for exploring Windows Registry hives. It enables detailed inspection of keys and values, and importantly, provides additional insights by displaying the last modification date and time for each key. Moreover, it includes the ability to view security access details for each key, offering a comprehensive overview of the Registry’s structure and access controls.

Continue reading “RegHive Format Package”

DSStore Format Package

We have released the DSStore Format package for all licenses of Cerbero Suite.

In Apple macOS, .DS_Store is a file that stores custom attributes of its containing folder, such as folder view options, icon positions, and other visual information. It is created and maintained by the Finder application in every folder and contains information that can be valuable for forensics purposes, such as file names and timestamps.

Continue reading “DSStore Format Package”

Cerbero Suite 7.1 Release

🚀 We’re elated to announce the rollout of Cerbero Suite 7.1 and Cerbero Engine 4.1! In this post, we’ll explore the most important new features that this release introduces.

File Info Workspace

The spotlight feature of this release is undoubtedly the file info view. This versatile view provides you with a detailed list of a file’s properties and an array of other valuable information.

What makes this particularly useful is the introduction of an additional workspace in Cerbero Suite. This new workspace leverages the file info view and can be accessed via the shell context menu, giving you immediate access to essential file details and its content.

Continue reading “Cerbero Suite 7.1 Release”