File#ash

File#ash (service may be reached by selecting the name to the left)

Files and their content can be  processed by hashing algorithms to represent the information by a fixed length alphanumeric value.  These hash values can be used to represent the content of a file.  While hashing algorithms attempt to create a unique value for file content, there are times when specific algorithms can have what is known as collisions.  Collisions are when two files, that have different content can produce the same output hash value.  Now, while collisions are not common, they are possible and have been identified.  Keep in mind, if you have a collision for an MD5 hash of two files, it does not mean you will have collisions for other algorithms.  Hash values can be used to validate file integrity when sending an email to someone and including an attachment.  Or when someone downloads a file from your website.  You can provide the hash values to the person (out of band or on a website) so they can run they, too, can run the file against the same algorithm to see if the values match.  If the values match, then you mostly likely have the same file.  If the values don't match, then something has changed within the file's contents.  Most users do not have access to the tools that will allow the files to be processed by a hashing algorithm.  Also, a website may provide the hash value for a file using a hash algorithm that an organization does not make available to their users.

File#ash was created to make it very simple for a user to gather hash values of a file they upload to the service.  The service only keeps the file as long as needed to generate the hash values (usually 1 or 2 seconds, tops).  Also, File#ash provides the user with 14 different algorithm hash values of an uploaded file.  This will allow the user to take advantage of many website provided hashes for the files downloaded.  File#ash provides many hash algorithm values to help users.  You have the option to copy the hash table values from the webpage (click of a button) and place the information within whatever method your company uses to track such information.  Because you are only uploading a file for returned hash values, you do not need special permission on your system to run an executable file.

Another capability of the service that may prove helpful is allowing a user to upload two files for hash value comparison across all 14 hash algorithm values.  The service will tell you which values match and don't match.  If you happen to have a file that has a collision with the MD5 value, it is highly unlikely that you will have collisions with other algorithms from the same file content.  If you happen to upload two files that have more than one collision from the algorithm hash values, but not all values, we would love to receive an email about it.

File#ash is an online service component of Futures' IntrOSINT line of cybersecurity analysis and protection mechanisms.  At this time File#ash is a free service for all to use, and the service has a limitation of 50MB per file uploaded.

This easy-to-use service is fast, thorough, and secure, and Futures will not retain any of your files or their content – everything within your file is securely deleted from our servers as soon as the service calculates the hash values for your file(s).

For companies, File#ash can provide you with the information necessary to trust the integrity of your file(s).  MITM attacks can be identified if you validate the hash values of the files delivered to you from another organization, or the files you provide to others.  Many cyber attacks could have been prevented if the hash values of "traded" or "downloaded" files would have been verified before use.

We hope File#ash is useful to you (the individual) as well as your organization. Feel free to email us any modification requests for the service, or if you encounter a problem.