AI-Powered Cyberattacks: How to Detect, Prevent & Defend Against Intelligent Threats

Read Now
We utilize artificial intelligence for site translations, and while we strive for accuracy, they may not always be 100% precise. Your understanding is appreciated.
Home/ Technologies / Archive Extraction

Archive Extraction

Improve Detection and Prevent Archive Bombs

MetaDefender supports over 30 archive file types and supports both unextracted scanning (which scans the entire archive as a whole) and extracted scanning (which scans each file within an archive individually), detecting more threats and preventing archive bombs.

Get Started
FAST & FLEXIBLE

Archive Scanning

Detecting threats in compressed files, such as .ZIP or .RAR, can be difficult due to their large file size and ability to mask hidden threats such as archive bombs (malicious files designed to crash anti-malware programs). MetaDefender offers fast processing of archives by allowing administrators to perform archive handling once for each file type, instead of requiring each individual anti-malware engine to use its own archive handling methods. Additionally, administrators can customize the way archive scanning is performed to avoid threats like zip bombs.

Archive Extraction

Key Benefits

Improve detection capabilities of anti-malware engines by using both extracted and unextracted scanning

Decrease scanning time and improve processing time by removing redundant scanning of archives

Prevent archive bombs by extracting files and scanning them individually

screenshot metadefender archive extractor scan results
Features

Catch Threats Hidden Within Archives

Scanning an archive as a whole may be faster, but extracting files and scanning them individually often reveals hidden threats that would have otherwise been missed.

To see examples of threats missed by unextracted scanning, view the table below where the original scan was marked as clean but the extracted scan revealed threats within the archive.

screenshot metadefender archive extractor archive handling dashboard

Customized Archive Handling Options

MetaDefender allows you to specify the depth of archive scans, the maximum number of files extracted, the size of extracted files, and the maximum recursion level. This gives administrators control over how archives are scanned to avoid risks associated with scanning larger files and performing deeper file extraction.

Support for over 30 Compressed Files Types

MetaDefender currently supports archive scanning for more than 30 types of compressed files (with more to come). In addition to the file types below, MetaDefender supports extraction of AKs, JARs, and other types of extensions.

Supported File Types7z, XZ, BZIP2, GZIP, TAR, ZIP, WIM, ARJ, CAB, CHM, CPIO, CramFS, DEB, DMG, FAT, HFS, ISO, LZH, LZMA, MBR, MSI, NSIS, NTFS, RAR, RPM, SquashFS, UDF, VHD, WIM, XAR, Z

Learn How Archive Extraction Helps Protect Your Infrastructure

Get Started