We have released the UEFI Firmware Image Format package for all licenses of Cerbero Suite!
The package supports a variety of UEFI firmware image formats and, in addition to allowing you to inspect their structure, it automatically extracts embedded files.
The AbuseCH Intelligence package to access intelligence from MalwareBazaar is now available to personal licenses of Cerbero Suite!
If you’re not yet familiar with the AbuseCH Intelligence package, you can check out the video presentation to quickly learn about its features.
We have released the InnoSetup Format package for all licenses of Cerbero Suite!
InnoSetup is a free, script-driven installation system for Windows, developed by Jordan Russell in 1997. It uses a Pascal-based scripting language, allowing for complex and customizable installers. Key features include graphical interfaces, file and registry operations, multilingual support, and the creation of encrypted and compressed executables.
Our support encompasses all released versions of InnoSetup, including the latest 6.3 version. We provide support for encrypted setups, file extraction, thorough inspection of all parts of the format, and PascalScript disassembly.
We have released the IFPS Format package for all licenses of Cerbero Suite. IFPS (RemObjects PascalScript) bytecode files are utilized by InnoSetup, a popular script-driven Windows installation system, to enhance the installer’s functionality through custom scripts and can potentially be used by malware to execute malicious code.
We are thrilled to announce the launch of the File Miner package, a sophisticated file carving tool now available for all Cerbero Suite licenses. Designed to aid malware and forensic analysts in their daily tasks, this package stands out as a top-tier utility in its category, and we plan to enhance it further by supporting additional file formats.
We’re excited to release the DotNET Decompiler package for all licenses of Cerbero Suite: this package is capable of decompiling .NET assemblies from their bytecode back to C#.
Once you have installed the package, you can access the decompiler from the bytecode view.
We’re excited to release the DEX Decompiler package for all licenses of Cerbero Suite: this package is capable of decompiling Android DEX files from their bytecode back to Java.
Once you have installed the package, you can access the decompiler from the bytecode view.
We’re excited to release the Java Decompiler package for all licenses of Cerbero Suite: this package is capable of decompiling Java Class files from their bytecode back to Java.
Once you have installed the package, you can access the decompiler from the bytecode view.
The bytecode view and the decompiler are accessible not only within Java Class files but also within JAR files.
We are proud to announce the release of the YARA Rules package for all licenses of Cerbero Suite!
This package is designed to be the ultimate toolkit for downloading, scanning with, creating, editing, and testing YARA rules.
YARA, an essential tool in the fight against malware, allows for the creation of descriptions to match patterns across various file types. Recognizing the importance of YARA in digital forensics and malware analysis, we have developed a comprehensive suite of tools designed to enhance the YARA rule management process.
The YARA Rules package for Cerbero Suite includes an array of features aimed at streamlining the workflow associated with YARA rules. Whether you’re downloading rules from public repositories, scanning files for matches, creating rules tailored to the latest malware threats, editing existing rules to improve accuracy, or rigorously testing rules to ensure effectiveness, this package has everything you need.
Our goal is to provide Cerbero Suite users with a powerful, efficient, and user-friendly set of tools that empowers them to use YARA rules more effectively than ever before. Whether you are a seasoned malware analyst or just starting out in the field of cybersecurity, the YARA Rules package is designed to enhance your analysis capabilities and streamline your workflows.
We invite you in this blog post to explore the full potential of the YARA Rules package and discover how it can enhance your malware analysis and forensic investigations.
We have released the DotNET ManifestResources Format package for all licenses of Cerbero Suite.
.NET manifest resources are embedded elements within .NET assemblies, used to store additional data such as files, icons, and strings that an application requires for execution. These resources are directly compiled into the executable, becoming a part of the application’s core assets. In the realm of malware, attackers frequently exploit .NET manifest resources to hide malicious payloads. Cerbero Suite lets you inspect the format of .NET manifest resources and automatically detects embedded files.