Polito x-ways-reversinglabs-extensions


DFIR Tools

License Type
Hash Set and Hash Tools
Hash Tools
The ReversingLabs hash query plugin assists digital investigators with faster analysis results and makes the process more efficient when trying to find malicious activity. The goal is to filter out the known good and known bad, and focus on the unknowns. This speeds up the analysis process and results when looking for malicious activity using forensics tools.

For X-Ways, we are releasing two different extensions (aka "X-Tensions"). One is an extension for RL hash lookups, similar in function to the Autopsy plugin. This is useful for quickly triaging a file hash or multiple file hashes at once, to help determine whether the hash is known or not and whether the underlying file is malicious or not. The other X-Ways extension is for submitting files to RL, which is handy when the hash is not found in the RL database (e.g., unknown). https://www.politoinc.com/single-post/2018/11/15/Enhancing-Digital-Forensics-with-ReversingLabs-Plugins-Now-for-X-Ways

User comments

There are no user comments for this listing.
Already have an account? or Create an account