Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/
Some attack techniques replace a 'known' file by another 'known' file, allowing them to exploit some processing flow that triggers the binary at the target location
This kind of scenario could be detected with this proposed new functionality
Some attack techniques replace a 'known' file by another 'known' file, allowing them to exploit some processing flow that triggers the binary at the target location
This kind of scenario could be detected with this proposed new functionality