Didier Stevens

Wednesday 11 July 2018

New Tool: file-magic.py

Filed under: Announcement,My Software — Didier Stevens @ 0:00

I find the *nix tool file very useful. There’s no equivalent on Windows, that’s why I use a Windows port of this tool.

But it has some limitations, the most annoying to me being the lack of support for stdin. This prevents me from using it in a chain of commands.

That’s the main reason I developed file-magic.py, a Python tool that is essentially a wrapper for the Python magic module.

On Windows and OSX, install module python-magic-bin with pip (this will install binaries too), while on Linux install module python-magic.

Here is an example showing how output from base64dump is piped into file-magic:

And here is an example with jsonoutput I mentioned before:

You can also add your own definitions to file file-magic.def.

For example, I added a definition for VBE/JSE files (encoded .vbs/.js scripts).

file-magic_V0_0_2.zip (https)
MD5: EAE684E74731FF493D5EC5D243EB16B6
SHA256: 9B0E7B47CAED8F5627DEFCE19B737554BBF998EF380187D6DE4FC1C9572EC9ED

Blog at WordPress.com.