一款非常有用的恶意软件分析工具。同时也是一款现有的最佳文件格式解析器。惊人的PE，字体，Flash等解析/反汇编等功能。

File size: 73.3 MB

State-of-the-art suite of tools for malware triage and file analysis. Analysis for many file formats including PE, Mach-O, ELF, Java, SWF, DEX, PDF, DOC, XLS, RTF, Zip and many more. Automatic analysis, interactive analysis, Carbon Interactive Disassembler, byte-code disassemblers (.NET MSIL, Java, DEX, ActionScript2/3, VBA, fonts), hex editor with layouts, Windows memory analysis (raw dumps, WinDmp files, hibernation files), JavaScript debugger, extremely rich Python3 SDK, extension support, C++/PDB structures importer, support for projects and bookmarks. Completely multi-platform (Windows, Linux, OS X). Visit our blog to see Cerbero Suite in action!

This is a list of some relevant features of Cerbero Suite Advanced. Please note that it is not possible to enumerate all features because of the complexity and on-going improvement of the product.

Carbon Interactive Disassembler

Supported file formats:

Email (EML)

Extraction of attachments

Torrent

Windows Dmp files (WINDMP)

Inspection of internal structures

Full inspection of memory when available

Windows Hibernation files

Inspection of internal structures

Full inspection of memory

Windows Raw Memory Images (WINMEM)

Support for all Windows editions

Inspection of files in memory

Inspection of SSDT, IDT, GDT

Suppport for VAD trees

User address spaces

System address space

System symbols of all supported Windows editions