Hash Sets

Download hash sets and place them "\user\Documents\Forensic Explorer\HashSets\" folder. Compatible Hash Set formats are:

  • Forensic Explorer.edb3;
  • EnCase.hash (EnCase 6,7,8).

Download Hash Sets

White Hash Set

Source: Whitehat Computer Forensics, LLC (HashSets.com)
File Name:Encase_6_or_7_or_8_MD5_only_Whitehash.zip
Last Modified: 2019-06-10 21:51
Size:540M
Download:Contact support@getdata.com
About: All Known-Good/Non-Threatening hash values in one file.
Use: These hash values can be utilized to assist in the elimination of non-threatening files during computer forensic and computer security examinations (Computer Compromises, Network Intrusions, eDiscovery, Malware Analysis, etc).

Black or Gray Hash Set

Source: Whitehat Computer Forensics, LLC (HashSets.com)
File Name: Encase_6_7_or_8_Black_or_Gray_HashSets.zip
Last Modified: 2018-12-10 13:52
Size:9.9M
Download:Contact support@getdata.com
About: 'Notable', 'Suspicious' or 'Significant' hash values involving possibly malicious and/or unwanted software and utilities including:
- SQL Injection Tools, Packers, Bruteforcing
- Flooders, Denial of Service (DoS)
- Defacers, Cracking, Rippers
- Recon, Killers, All in One (AIO) Tools
- Credit Card Generators, Key Generators, Sniffers
- Password Gathering, Nukers, Network Testing
- File Sharing artifacts from Peer-to-Peer (P2P) sites
- Red-herring (files annotated or described with a particular non-threatening name but actually designed or coded for nefarious purposes)
- Carrier Pigeon Archives (compressed files such as ZIP, RAR, GZIP, CAB, etc, that were identified in transporting any significant, notable or alert files).
Use: These provided hash values can be utilized to assist in the identification of possibly threatening files during computer forensic and computer security examinations (Computer Compromises, Network Intrusions, Malware Analysis, etc).

Operating Systems

Source: Whitehat Computer Forensics, LLC (HashSets.com)
File Name: Operating_Systems_Encase_6_or_7_or_8_using_MD5_only.zip
Last Modified: 2019-06-11 10:26
Size:349M
Download:Contact support@getdata.com
About: Operating System Hash Sets: MS Windows, Linux, macOS, BSD and Solaris
Use: These hash values can be utilized to assist in the elimination of non-threatening files during computer forensic and computer security examinations (Computer Compromises, Network Intrusions, eDiscovery, Malware Analysis, etc).

MS Windows Applications

Source: Whitehat Computer Forensics, LLC (HashSets.com)
File Name: Encase_MD5_Windows_App_Store.hash
Last Modified: 2017-02-09 09:12
Size:16M
Download:Contact support@getdata.com
About: MS Windows Applications (Known Good/Non-Threatening).
The attached zip file contains hash values derived from MS Windows 8 and 10 Applications commonly found within the MS Windows App Store. Specifically, more than 2,000 common business, home, education and game apps which were subsequently installed, analyzed and then gathered into MD5, SHA-1 and SHA-256 hash sets.
Use: These hash values can be utilized to assist in the elimination of non-threatening files during computer forensic and computer security examinations (Computer Compromises, Network Intrusions, eDiscovery, Malware Analysis, etc).

MAC Applications

Source: Whitehat Computer Forensics, LLC (HashSets.com)
File Name: Encase_MD5_Mac_App_Store.hash
Last Modified: 2017-11-17 10:56
Size:27M
Download:Contact support@getdata.com
About: OS X Mac Applications (Known Good/Non-Threatening).
The attached zip file contains hash values derived from Mac OS X Applications commonly found within the Mac App Store. Specifically, more than 2,000 common Utilities, Finance, Travel, Graphics & Design, Games, Business and Education apps which were subsequently installed, analyzed and then gathered into MD5, SHA-1 and SHA-256 hash sets.
Use: These hash values can be utilized to assist in the elimination of non-threatening files during computer forensic and computer security examinations (Computer Compromises, Network Intrusions, eDiscovery, Malware Analysis, etc).

US Government

Source: Whitehat Computer Forensics, LLC (HashSets.com)
File Name: Encase_MD5_US_Goverment.hash
Last Modified: 2016-09-05 07:59
Size:17M
Download:FEX customers contact support@getdata.com
About: The attached hash set contains more than 963,490 common non-threatening known hash values consisting of US Government (federal, state, local and military) publicly accessible website images, logos, multimedia files, office documents (.doc, .pdf, .xls, .ppt, etc).
Use: These hash values can be utilized to assist in the elimination of non-threatening files during computer forensic and computer security examinations (Computer Compromises, Network Intrusions, eDiscovery, Malware Analysis, etc).