Show Menu

Software Download Authenticity Cheat Sheet by

Download Source Verifi­cation

Connection encrypted?
CI on website correct?
Domain in URL correct?
Seems anything else weird?
According to the questions and the good answers on the right. If the website fulfils these points it's safe to assume the website is correct and authentic.

Download Verifi­cation

Direct Download URL delivered by Vendor?
No further redire­ction with suspicious action?
MD5/SHA1 or 2 Hash provided?
If all question can be answered with "­Yes­" the download is verified to be secure enough. Always keep in mind, if something on the page or download gives you a second guess, second guess it!

Official Site: Software safe to use

Unofficial Site, do NOT use this Software


Software Verifi­cation: Found in "­pro­per­tie­s"

Verify Software Signature
Verified Correct
Compare Hashes
Compared identical
Check File Size
Verify Software Version
Software Version correct
These inform­ation can be checked in the "­Pro­per­tie­s" of each file.
Simply by checking the meta inform­ation of the software, most if not all concerns about a software can be eradicated easily. Keep in mind to check the hashes as well as the software version. If a software of a vendor does not own a signature nor normal meta data, discard the software at all costs.

Meta Inform­ation

Suspicious Indicatior

Unknown signatures or missing signatures
Only available of third party download sources
Ad banners and free hosting pages
Hidden links in emails (SPAM?)
If you're insecure regarding the software, always ask for help or reassu­rance


No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          Passive Recon Cheat Sheet
          ASA Cheat Sheet