A core facet to the InQuest solution is our Deep File Inspection (DFI) engine. Capable of recursively decompressing, decoding, deobfuscating, decompiling, deciphering, and more. We aim to automate and scale the reverse engineering skill-set of a typical SOC analyst. While not in full parity with our production engine, this InQuest Labs tool can identify and extract embedded logic, semantic context (including that embedded within images through OCR), and metadata. Additionally, artifacts such as URLs, domains, IPs, e-mail addresses, file names, and XMP IDs are extracted and searchable. Drag and drop one or more files to queue them for analysis. The current public release is limited to Microsoft and Open Office documents, spreadsheets, and presentations up to 15MB in size. In the future, we will expose lite versions of our Adobe PDF, Oracle Java, and Adobe Flash DFI shims. Read more in our Introduction to Deep File Inspection, dig deeper in our Walkthrough of a Common Malware Carrier, read more about InQuest, about DFI or contact us directly for a formal capabilities briefing.
InQuest Labs supports authentication via OAuth as well as "magic link" login for business e-mail addresses. Signing in/up is free and provides access to the following full feature-set:
Login via business e-mail address to receive e-mail notifications when ingested files reference your company domain.
Unlimited daily requests and increased look-back.
See/sort/filter by AntiVirus and InQuest ML analysis.