Overview Release Notes Operating fsBroker fsTransform OPSWAT Filescan API Reference v1
Getting Started
Support
Datasheet
1.7.2
Search this version
Datasheet
Datasheet
Title
Message
Create new category
What is the title of your new category?
Edit page index title
What is the title of the page index?
Edit category
What is the new title of your category?
Edit link
What is the new title and URL of your link?
Engine Features
Copy Markdown
Open in ChatGPT
Open in Claude
| Engine Feature | OPSWAT Filescan | Cloud Online Analysis Tool "A" | Cloud Online Analysis Tool "B" | Cloud Online Analysis Tool "C" | Cloud Online Analysis Tool "D" |
|---|---|---|---|---|---|
| Render URLs and Detect Phishing Sites | |||||
| Extract and Decode Nearly All Malicious VBA Macros | |||||
| Analyze VBA Stomped Files Targeted for Any System | |||||
| Shellcode Emulation (x86, 32/64) | |||||
| Export MISP (JSON) and STIX Report Formats | |||||
| Extract and Analyze Embedded PE Files | |||||
| Deobfuscate Javascript/VBS | Limited | ||||
| Deobfuscate Powershell Scripts | Limited | ||||
| Deobfuscate MSHTA Scripts | |||||
| Parse METF Embed Equation Exploit Structure | |||||
| Parse Malformed RTF Files | |||||
| Parse Office Binary File Formats (BIFF5/BIFF8) | |||||
| Parse Strict OOXML File Format | |||||
| Automatically Decode Embedded Base64 Strings | |||||
| Extract Annotated Disassembly | |||||
| Decrypt Password Protected Office Documents | |||||
| Decompile Java | |||||
| Decompile .NET | |||||
| Calculate .NET GUIDs (Module Version/TypeLib Id) | |||||
| Classify Imported APIs | |||||
| MITRE ATT&CK Support (In-report and Search) | |||||
| Render PDF Pages | |||||
| Extract Embedded Files (eg: OLE2 from Word) | |||||
| Automatically Tag Samples Based on Signatures | |||||
| YARA Support | |||||
| Generate Text Metrics (Average Word Size, etc.) | |||||
| Detect Cryptographic Constants | |||||
| Text Analysis (Guessed Language) | |||||
| Map UUIDs to Known Associated Files / Metadata | Limited | ||||
| Filter Strings and Detect Interesting Ones | |||||
| Extract and Detect Overlay | |||||
| Integrated Allowlist | |||||
| Detect Alternative IOCs (Emails, Bitcoin Address, etc.) | |||||
| Calculate Authentihash | |||||
| Verify Authenticode Signatures | |||||
| Parse RICH Header | Limited | ||||
| Calculate Entropy of Resources | |||||
| Detect URLs, Domains and IP Addresses | Limited | ||||
| Calculate Hashes of Resources | |||||
| Calculate Imphash | |||||
| Calculate SSDEEP | |||||
| Extract PDB Information | |||||
| Detect TLS Callbacks | |||||
| Resolve Known Import Ordinals to Names | |||||
| Detect Anomalies (eg: Header Checksum Validation) | Limited | ||||
| Query VirusTotal for Reputation Checks | |||||
| Detect Packers (PEiD) | |||||
| Detect File Types | |||||
| Calculate Hashes of Sections | |||||
| Calculate Entropy of Sections | |||||
| Extract Strings from Executable | |||||
| Extract/Detect Resources | |||||
| Extract/Detect PKCS7 Certificate |
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Last updated on
Was this page helpful?
Next to read:
Installed Packages by FilescanSee the "Technical Datasheet" for a complete list of features: https://docs.opswat.com/filescan/datasheet/technical-datasheet
Discard Changes
Do you want to discard your current changes and overwrite with the template?
Archive Synced Block
Message
Create new Template
What is this template's title?
Delete Template
Message
