User-Defined Keyboard Shortcuts
There is a button in the dialog window with the directory browser options that you can click to define up to 20 custom keyboard shortcuts for commands in the directory browser context menu and elsewhere. Currently available only in X-Ways Forensics. Shortcuts are meant to increase your productivity when performing your most frequently used activities. Only key combinations that involve the keys Ctrl, Alt Gr, Shift and Space are supported. Please note that if you use the Space key for any keyboard shortcut, you cannot use it any more to tag or untag items. The second key can be relatively freely chosen by just pressing it when the grayed out edit box has the input focus. In case no human-readable description of the selected key is provided and you later forget what key you had defined, you can check out this list of hexadecimal key codes: https://msdn.microsoft.com/en-us/library/windows/desktop/dd375731(v=vs.85).aspx
The following ~80 directory browser menu command codes can theoretically be used (not all tested) and have to be entered as a number:
9800: View with external viewer program #1
9801: View with external viewer program #2
9802: View with external viewer program #3
...
9831: View with external viewer program #32
9919: Define file type
9920: Go to related file
9921: Refine volume snapshot for selected files
9927: Run X-Tension on selected files
9928: Attach external file
9931: Edit metadata
9932: See this file in its directory
9933: See this file from volume root
9934: Find parent object
9935: Logical search within selected files
9937: Attach external directory
9938: Erase securely
9939: Leave search hit list for specific directory
9940: Delete duplicate search hits in list
9941: Select excluded items
9942: Edit comment
9944: Include
9945: Select tagged items
9946: Exclude all except tagged items
9947: Exclude tagged items
9948: Add to evidence file container OR skeleton image if active in the background
9949: Resize search hit
9950: Convert search hit to carved file
9951: Resize carved and virtual files
9952: Assign search hit to other search term
9953: Extract consecutive video frames
9954: Include search hit in report
9955: Mount as drive letter (makes sense only if a directory is selected, and only one)
9956: Watch with preferred video player
9957: View with preferred HTML viewer
9958: View with preferred text editor
9959: Execute/open in associated external program
9960: Select viewed items
9961: View with to-be-selected external program
9962: Remove duplicates based on hash
9963: Seek item based on int. ID
9964: Sort by relevance
9965: Print
9966: Seek item based on list item number
9967: Sort by nothing
9968: Select all
9969: Filter by the selected file's hash value (to find duplicates)
9971: Explore
9972: Mark search hit as notable
9973: Open
9974: Navigate to defining data structure
9975: Export list
9976: List clusters
9977: Recover/copy
9978: Explore/view
9979: Invert selection
9980: Include in hash database
You will notice a few suspicious gaps in between the incrementing numbers. The missing numbers are either unassigned or discouraged to invoke or simply don't make much sense to define for a keyboard shortcut. As an example for the latter, 9929 will delete selected search hits or event, something that can of course be accomplished already by pressing the Del key. This information shall reduce your urge to randomly try numbers not listed here, although who knows whether one undocumented number may trigger a secret "Find all evidence" command.
Please note that even without defining any such keyboard shortcut you can reach all directory browser context menu commands purely with the keyboard by pressing the context menu key. (Usually to be found between the right-hand Windows key and the right-hand Ctrl key.) Some menu commands already have a predefined keyboard shortcut. For example the Enter key is the same as a double click (either View or Explore, depending on your settings). The multiplication key of numeric keypad triggers the Explore command. Del means Exclude. Ctrl+Del resets files to the "still to be processed by volume snapshot refinement" state and undoes some refinement operations. Ctrl+Shift+Del removes hash set matches, hash category, and PhotoDNA categorization. Ctrl+Caps Lock+Del removes the "file contents unknown" flag from a file. (Useful for example if because of temporary I/O problems X-Ways Forensics marked files that way although generally the files can be read just fine.) Ctrl+C copies the selected items into the clipboard using special settings of the Export List dialog window.
Main menu
The user-defined keyboard shortcuts should be able to invoke practically all commands from the main menu as well, and even if parts of the user interface other than the directory browser have the input focus. If the command code of a menu command changes in a future version, X-Ways Forensics will ensure that any keyboard shortcut targeting that code will automatically become inactive, to prevent accidental misuse. To find out the command codes of commands in the main menu (also called IDs of menu items), you can open the main executable file in a so-called resource editor and have a look at the menu resource in your preferred language. A highly recommendable light-weight example of such a tool is "Pelles C for Windows", which also happens to be a fine C compiler and complete development kit suitable for creating X-Tensions. Keyboard shortcuts for main menu commands should be less important than for directory browser context menu commands because the main menu already has many dedicated keyboard shortcut predefined, or even if not can be reached without taking one's hands off the keyboard starting with the Alt key. To give you some ideas about useful applications, FYI the command code to toggle between recursive and non-recursive exploration is 122, and the command code to take a new volume snapshot is 109.
Command codes defined for filters
(The order is the historical order in which filters were introduced.)
9700: Name
9701: Type
9702: Type status
9703: Category
9704: Size
9705: Path
9706: Sender
9707: Recipients
9708: Timestamp
9709: Attr
9710: Hash 1
9711: Hash set
9712: Hash category
9713: Report table
9714: Comment
9715: Metadata
9716: Analysis
9717: Pixels
9718: Int. ID
9719: Unique ID
9720: Search terms
9721: Owner
9722: Parent name
9723: Child objects
9724: ID
9725: Author
9726: Search hit description
9727: Event timestamp
9728: Event type
9729: Event description
9730: Search hit
9731: First sector
9732: Description
9733: Hash 2
9734: Full path
9735: Flex filter 1
9736: Flex filter 2
Command codes for the Mode buttons and related buttons
122: Toggle recursive exploration
138: Access button popup menu
172: Toggle Directory Browser
186: Toggle Position Manager
223: Toggle Search Hit List
224: Toggle Event Hit List
225: Disk/Partition/Volume/Container mode
226: File mode
227: Preview mode
228: Details mode
229: Gallery mode
230: Calendar mode
231: Legend mode
232: Sync mode
249: Raw preview mode
250: Viewer X-Tension preview mode