Cerbero Profiler 2.5.0 Commercial » Developer.Team

Cerbero Profiler 2.5.0 Commercial

Cerbero Profiler 2.5.0 Commercial
Cerbero Profiler 2.5.0 Commercial | 19 Mb


Cerbero Profiler is a tool designed primarily for malware and forensic analysis. It supports a huge number of file formats (listed below) on which it performs analysis and lets the user inspect their internal layout. Profiler is often used to identify 0-day threats and personal information inside of files. However, given the scale of the project, it has many other uses and we encourage you to visit our blog in order to see Profiler in action.

Some of the file types supported by Profiler are:
APK, APNG, AXML, BMP, BZ2, CHM, CLASS, DEX, DIB, DLL, DOC, DOCX, ELF, EOT, EXE, GIF, GZIP, JAR, JPEG, JSE, LNK, LZMA, MACH-O, MSI, O, OCX, ODT, OTF, PDB, PFB, PNG, PPS, PPT, PPTX, PRX, PUFF, RAW, RTF, SO, SQLITE3, SWF, SYS, T1, T2, TIFF, TORRENT, TTC, TTF, VBE, WOFF, XLS, XLSX, ZIP

Product information
Cerbero Profiler represents a new approach to security and file analysis. It is not an antivirus nor does it behave like one, instead it creates a profile of a scanned file by identifying threats and privacy issues, and exposes this profile to the user along with warnings and other information. It is mainly intended for security and forensic analysis. However, it can be used also by medium and advanced users: an inexperienced user might not be able to evaluate the risk of jаvascript code, but a system administrator can. This makes the software accessible to companies outside of the security industry as well. On top of that, the product offers an easy risk evaluation so that even users with little experience can benefit from it.

The main intent of Profiler is the analysis of 0-day exploits and private information contained in files. The key point is the interaction with the user who can evaluate in detail any issue discovered by Profiler and perform further inspection on the file. Another important feature is the ability to analyze embedded or referenced files, since in many cases the security issue may not be in the originally scanned file, but in a file contained in or referenced from it (a simple case would be a JPEG disclosing geolocation information embedded into a PDF). The analysis of one or more files can be saved into projects which may also include a copy of the files themselves.

Features

This is a list of some relevant features of Profiler. Please note that it is not possible to enumerate all features because of the complexity and on-going improvement of the product.

Various scan modes
Single file scan
Directory scan
Full and custom disk scan
Fast multithreaded profiling
Automatized updates
Large files support
Identification among many other things of:
Embedded files
Personal information
Parsing issues
Possible shellcode
Unused, unreferenced or custom data
Entropic analysis of foreign data
Metadata
Scripting and bytecode
File format view
Extraction of C++ types via Clang
Support for all advanced C++ type features
Supported file formats:
Android Application Package (APK)
Binary XML converter
Compound File Binary Format (DOC, XLS, PPT, MSI, etc.)
Visual Basic Application code extraction
DOC safe text preview
Compression formats (GZIP, BZIP2, LZMA)
Dalvik Executable (DEX)
Dalvik disassembler
Layout ranges
Device Independent Bitmap (DIB, BMP)
Executable and Linkable Format
Preliminary support
Fonts
Compact Font Format (CFont)
Type1 and Type2 disassembler
Embedded Open Type (EOT)
TrueType converter
MicroType Express (cvt, hdmx, VDMX tables not rebuilded)
Open Type (OTF)
TrueType bytecode disassembler
Compact Font Format
Tag Image File Format (TIFF)
TrueType (SFont, TTF)
TrueType bytecode disassembler
TrueType Collection (TTC)
Type1 (T1, PFB)
Type1 disassembler
Web Open Font Format (WOFF)
TrueType converter
Graphics Interchange Format (GIF)
Info-Tech Storage Format (CHM, CHI, CHQ, CHW, etc.)
Java Class (CLASS)
Class bytecode disassembler
Layout ranges
Joint Photographic Experts Group (JPEG)
Mach-O (App, Kext, DyLib)
Universal binaries
Apple code signatures
Apple binary protection
Program Database (PDB)
Types extraction/li>
Portable Document Format (PDF)
Decryption
jаvascript extraction
Object search
Portable Executable (PE, EXE, DLL, SYS, OCX, etc.)
Analisys
Layout ranges
Embedded resources validation and analysis
Embedded resources preview
Digital certificates validation
Full format support
MSIL disassembler
Portable Network Graphics (PNG, APNG)
Rich Text Format (RTF)
OLE extraction
Safe text preview
Shockwave Flash (SWF)
ActionScript2 disassembler
ActionScript3 disassembler

SQLite3

Tables inspection
Free pages inspection

Torrent
Windows Encoded Scripts (VBE, JSE)
Windows Lnk (LNK)
Zip Archive (ZIP: covers many file extensions)

Decompression: Deflate, BZIP2, LZMA
Decryption: ZipCrypto, WinZip AES
Zip bomb detection
Incomplete archives support

Advanced report saving functionality:

Generate reports for millions of files
Include the scanned files into the report project itself
Optional compression
Optional symmetric encryption

Powerful Python 3 SDK

Custom scripts
Access to core classes
Access to format classes
Access to filters
User defined actions
Action configuration
Hooks
Key providers
Logic providers
Scan providers
Use of imported C++ types
Creation of new views
Output console
Command line
Capstone support
libmagic support
YARA support

Powerful filter technology including:

Conversion algorithms
Compression algorithms
Encryption algorithms
Cryptographic hashes
Disassemblers
Capability to apply filters to embedded files
Range parameters
Sandboxed Lua scripting

Plugins and actions

jаvascript beautifier
jаvascript debugger
Pastebin upload
XML indenter
Entropic analysis

Embedded file analysis

Custom embedded files (with optional filters)

Intuitive workspace

Advanced and customizable hex view
Visualization of data ranges
Plots and pie charts
Easy risk evaluation
Syntax highlighting
Media preview
Global and individual bookmarks
Analysis view jump
Global and individual file notes
Dock-based interface with navigability

Cryptographic hashes
Advanced password input dialog
Names unmangling

Visual C++
GCC 3 & 4

Tools

Header Manager
C++ types importer via Clang
Explorer
Full-fledged jаvascript debugger

3rd Party Libraries

Capstone (including Python bindings)
libmagic (including Python bindings)
YARA (including Python bindings)

http://cerbero.io/profiler/


[/b]

[b] Only for V.I.P
Warning! You are not allowed to view this text.
SiteLock