windows – Cerbero Blog

EVTX Format Package

We are happy to announce support for the Windows Event Log (EVTX) format. The new EVTX Format package lets you inspect EVTX files directly within the application, with a familiar table-based event viewer and full XML detail pane.

EVTX is the binary log format used by modern versions of Windows (Vista and later) to store system, security, and application events. It is a key artifact in digital forensics and incident response, as it records user logons, process creation, service changes, and many other system activities. Having native support in Cerbero Suite means analysts can open and triage event logs without leaving their primary analysis environment.

Memory Challenge 18: Reminiscent

We’re testing our Memory Analysis package (currently in beta) against various challenges available online.

We found this challenge on Hack The Box, so credit goes to them for creating it.

Continue reading “Memory Challenge 18: Reminiscent”

Memory Challenge 17: Recollection

We’re testing our Memory Analysis package (currently in beta) against various challenges available online.

We found this challenge on the Memory Forensic site, so credit goes to them for highlighting it and to Hack The Box for creating it in the first place.

Continue reading “Memory Challenge 17: Recollection”

Memory Analysis Package 0.9

We are excited to announce the release of Memory Analysis 0.9 package, a significant milestone that introduces support for extracting GUI artifacts.

Windows
Clipboard

All features have been thoroughly tested across Windows versions from XP through Windows 11, on both x86 and x64 architectures. This, for instance, is the latest version of Windows 11.

Continue reading “Memory Analysis Package 0.9”

Memory Challenge 16: MemLabs Lab 1 – Beginner’s Luck

We’re testing our Memory Analysis package (currently in beta) against various challenges available online.

We found this challenge on the Memory Forensic site, so credit goes to them for highlighting it and to MemLabs for creating it in the first place.

Continue reading “Memory Challenge 16: MemLabs Lab 1 – Beginner’s Luck”

Memory Challenge 15: Hijacked

We’re testing our Memory Analysis package (currently in beta) against various challenges available online.

We found this challenge on Hack The Box, so credit goes to them for creating it.

Continue reading “Memory Challenge 15: Hijacked”

Memory Challenge 14: RogueOne

We’re testing our Memory Analysis package (currently in beta) against various challenges available online.

We found this challenge on the Memory Forensic site, so credit goes to them for highlighting it and to Hack The Box for creating it in the first place.

Continue reading “Memory Challenge 14: RogueOne”

Memory Challenge 13: TeamSpy

We’re testing our Memory Analysis package (currently in beta) against various challenges available online.

We found this challenge on the Memory Forensic site, so credit goes to them for highlighting it and to CyberDefenders for creating it in the first place.

Continue reading “Memory Challenge 13: TeamSpy”

Memory Challenge 12: BlackEnergy

We’re testing our Memory Analysis package (currently in beta) against various challenges available online.

We found this challenge on the Memory Forensic site, so credit goes to them for highlighting it and to CyberDefenders for creating it in the first place.

Continue reading “Memory Challenge 12: BlackEnergy”