Visit the NIST Main Home Page

National Software Reference Library Logo





CFTT Website

Privacy Policy/Security Notice
Disclaimer | FOIA

NIST is an agency of the
U.S. Commerce Department

Date created: 8/20/2003
Last updated: April 28, 2009

Technical comments:

Website comments:





On this page, we will make links available to hashsets, to source code, and to executable tools produced by the NSRL.

Query the Hash Set Online
There is a project called NSRLquery developed by Rob Hansen of RedJack Security LLC, which has two subprojects: nsrlsvr, which provides a server that yields NSRL RDS information on request, and nsrllookup, a simple command-line application that queries the server.
Jesse Kornblum of Kyrus has established a beta testing NSRLquery server at, and NSRL has been supplying release-day data to support this server.

ISO 9660 images of RDS CDs

If you have a fast Internet connection, you may download ISO 9660 image files and burn your own copy of the RDS CDs.

Be aware that the ISO image files are each approximately 700MB in size.

The RDS, from RDS 2.20 onward, does not support the categorization used in previous releases. For example, you cannot use CD "B" for exclusion of known operating system applications, as was possible previously.

NOTE: the data format has not changed, merely the allocation of space across the media.

The discs contain the following ranges of SHA-1 hash values:
CD "A"           0000000000000000000000000000000000000000

CD "B"           4000000000000000000000000000000000000000

CD "C"           8000000000000000000000000000000000000000

CD "D"           C000000000000000000000000000000000000000

RDS 2.45 , June 2014

The full RDS Release has become too large for distribution on four CDROMs. For users familiar with the process of using four CDROMs to load RDS data you will find a directory called RDS_Split on this DVD. This directory contains the four RDS zip files that were traditionally distributed on the four CDROMS.

For users interested in processing a unified RDS set, a directory called RDS_Unified can be found on this DVD. This directory contains the RDS files as traditionally presented on the RDS DVD ISO.

Combo DVD - A single 6 GB ISO containing all data
DVD signatures - SHA1, MD5, and filesize of the DVD image

If you wish to preview the contents, you may download three smaller files without the hash metadata. These files conform to the NSRL data format.

Product listing - 3MB text file
Manufacturer listing - 100KB text file
Operating systems listing - 50KB text file

You can download a 700KB tab-delimited sorted list of all manufacturers' products and versions that are included in RDS 2.44. If you have a different version, a Perl script is available to allow you to generate this list.

Be aware that the converted ZIP files are each between 1.8 and 2.0 GB in size.
NIST has also converted the RDS format data into data files for some commercial products:

Hashes of the zip files
Encase - with the 4 CD datasets split into directories
Encase - with the DVD data in one directory
AccessData Known File Filter (KFF) tool for FTK updates
Contact with questions about other formats.

It is your responsibility to verify the ISO image files with the signatures and file sizes once they are downloaded. After you have used the image to create a CD, it is your responsibility to verify the data files on that CD with the signatures provided on that CD.

Reduced Sets

A "minimal" hashset is available which contains only 38,747,351 file hashes. This set only lists one example of every file in the NSRL. It cannot be used to determine all possible sources of a file. Minimal set (2.4GB)
SHA1( 342a6c498ae55eaa4ec5e46b8e73c3407852c946
MD5( 3dc23fa9d7c4d811afd3e608a4614943

A "unique" hashset is available which contains only 19,998,552 file hashes. This set lists the files that appear only once in the entire NSRL collection. Unique set (1.3GB)
SHA1( e07c9d842812a6d40567e4b5bc623dd94b0adc87
MD5( de8953a181dc3f41a5b72b09c8b9501f

Converting RDS format to other formats

There is a Windows GUI tool that the NSRL is allowed redistribute.

You can pick up the NSRL Perl conversion code at
When you unpack the zip file, there is one file, "".
      perl -h
and you will get the help output:

Usage : [-h] -f format [-d RDS_directory]
      [-l logfile] [-p product_id] [-u]
      -h : help with command line options
      -f format : one of hk , 1.5 , 2.0 (MANDATORY)
      -l logfile : print log info to a file
      -d dir : directory holding NSRLProd.txt, NSRLFile.txt
      NSRLOS.txt and NSRLMfg.txt
      -p integer : use one ProductCode from NSRLProd.txt
      -u : guarantee a unique product line in hk output

Enter the command
      perl -f hk -d SOME_DIR

and you'll get two files, "outfile.hke" and "outfile.hsh"
that you can rename and pull into Hashkeeper.