Overview

The ReversingLabs Browser Extension enhances the usability of Spectra Analyze and Spectra Intelligence products directly from your browser. It enables seamless interaction, making it easier to access and analyze discovered Indicators of Compromise (IOCs).

Features

• Automatic highlighting: IP addresses, URLs, domain names and file hash indicators are automatically highlighted on page.
• Side panel integration: indicator data is displayed in a side panel integrated into the browser.
• Classification lookup: indicator classification lookup can be performed without leaving the page.
• File upload: upload and analysis of files is available for Spectra Analyze users.
• Context menu lookup: submit and query items through the right-click context menu.
• Safe URL: safer browsing is ensured by checking URLs before they are opened.
• Automatic scan: downloaded files are automatically scanned and analyzed to detect potential threats.

API reference

The ReversingLabs browser extension uses specific APIs depending on which appliance you connect with the extension.

The following Spectra Intellligence APIs are used:

• TCA-9999 (single user): check if the provided credentials are valid.
• TCA-0404: submit URLs.
• TCA-0403: query for URL info.
• TCA-0405: query for domain info.
• TCA-0406: query for IPv4 info.
• TCA-0407: query for sample reputation.
• TCA-0101: query for sample info via hash.
• TCA-0104: query for sample AV info.
• TCA-0202: upload samples; can be used only with public files.

The following Spectra Analyze APIs are used:

• License Information: check if the provided credentials are valid.
• Submission API: submit URLs and upload samples.
• Network threat intel (URL): query for URL info.
• Network threat intel (domain): query for domain info.
• Network threat intel (IP): query for IPv4 info.
• Full Report API: query for sample info via hash.
• Classification Status API: query for classification info via hash.

Requirements

Enterprise mode

For bulk deployment and management on a large number of systems, your organization must have a configured IT environment to enforce installation and configuration.

The ReversingLabs browser extension has been tested and confirmed to work on macOS, Linux and Windows operating systems with the following prerequisites:

• Chromium-based browser. Users must use a supported browser:

  • Chrome >= v116
  • Edge >= v133

• ReversingLabs appliance account. To be able to use the extension, users must have either of the following:

  • Spectra Intelligence account
  • Spectra Analyze account

Installation and setup

The ReversingLabs Browser Extension can be installed and managed individually or through enterprise deployment depending on the users' business needs and organization.

For a quick introduction to the ReversingLabs browser extension, watch the Getting Started video on YouTube. This short walkthrough demonstrates how to install, configure, and use the core features of the extension.

For more detailed instructions, see:

• Enterprise Deployment and Configuration
• Individual Installation and Setup

Support

For any questions or concerns relating to the browser extension, contact support@reversinglabs.com.