User Guide
Overview
The ReversingLabs Browser Extension enhances the usability of Spectra Analyze and Spectra Intelligence products directly from your browser. It enables seamless interaction, making it easier to access and analyze discovered Indicators of Compromise (IOCs).
Features
The extension currently provides the following features:
- Automatic highlighting of IP address, URL, domain name, and file hash indicators.
- Indicator classification lookup without leaving the page.
- For Spectra Analyze users, file upload directly in the extension.
Installation
The extension can be installed via the Chrome Web Store:
| Browser | Extension Link |
|---|---|
 | Chrome Web Store |
The extension has been developed to support Chromium-based browsers. At this time, the extension has been tested and confirmed to work on the following:
- Operating Systems: macOS, Linux, Windows 11
- Browsers: Chrome (>= v116), Edge (>= v133)
Requirements
For Spectra Intellligance users: the extension utilizes the following APIs:
- TCA-9999 (single user): to check if the credentials entered are valid
- TCA-0404: to submit URLs
- TCA-0403: to query for URL info
- TCA-0405: to query for domain info
- TCA-0406: to query for IPv4 info
- TCA-0101: to query for sample info via hash
- TCA-0104: to query for sample AV info
- TCA-0202: to upload samples (only public files)
For Spectra Analyze users, the extension utilizes the following APIs:
- Submission API, for submitting URLs & uploading samples
- Network threat intel (URL): to query for URL info
- Network threat intel (domain): to query for domain info
- Network threat intel (ip): to query for IPv4 info
- Full report api: to query for sample info via hash
- Classification Status API: to query sample info via hash
- License information: to check if the credentials entered are valid
Configuration
After installing the extension from the Chrome Web Store, a new tab will open displaying the configuration options:
Adding credentials
Set your credentials for either Spectra Analyze or Spectra Intelligence and confirm by clicking "Save Credentials".
At this time, users may select only Spectra Intelligence OR Spectra Analyze, not both.
Configuring highlighting options
You can also customize the highlighting feature, which identifies IOCs and adds the RL icon to the relevant text on web pages.
By default, all indicator types are selected. Uncheck the box next to the indicator type to prevent the extension from highlighting it on a web page.
Using the extension
The extension offers several modes of interaction:
Indicator highlighting
The extension will identify indicators on the page, and highlight them by underlining the text and applying a clickable "RL" icon:
To learn more about the indicator, click the "RL" icon to see lookup results in the Chrome side panel.
The side panel
After clicking the "RL" icon next to an indicator, the Chrome side panel will appear with the lookup results.
IP address example
File hash example
Context menu
In addition to automatic highlighting, you can use the right-click context menu to manually select indicators for lookup.
- Select the indicator with the left mouse button.
- Click the right mouse button.
- Hover over the "ReversingLabs Browser Extension" item.
- Select the appropriate query type.
File upload
For Spectra Analyze users, the extension supports file upload for analysis. To upload a file to the Spectra Analyze appliance via the extension:
- Open the extension side panel by right clicking to open the context menu, then click "Open side panel".
- Click the "Upload" tab near the top of the side panel.
- Drag and drop a file into the window, or click to open the file explorer and select a file.
- Click the "Upload" button.
Analysis results can be viewed by clicking the filename in the upload history box in the extension side panel.
Support
For any questions or concerns relating to the browser extension, please contact support@reversinglabs.com