Difference between revisions of "Hachoir"

From ForensicsWiki
Jump to: navigation, search
(New page: '''Hachoir''' is a generic framework for binary file manipulation. Hachoir supports many file formats (more than 60 formats) and have many features: * Fault tolerant parser (truncated/bug...)
 
Line 1: Line 1:
 +
{{Infobox_Software |
 +
  name = PyFlag |
 +
  maintainer = [[Michael Cohen]], [[David Collett]] |
 +
  os = {{Linux}}, {{Web-based}} |
 +
  genre = {{Analysis}} |
 +
  license = {{GPL}} |
 +
  website = [http://www.pyflag.net/ pyflag.net] |
 +
}}
 +
 
'''Hachoir''' is a generic framework for binary file manipulation.
 
'''Hachoir''' is a generic framework for binary file manipulation.
  

Revision as of 21:29, 18 March 2007

PyFlag
Maintainer: Michael Cohen, David Collett
OS: Linux,Web-based
Genre: Analysis
License: GPL
Website: pyflag.net

Hachoir is a generic framework for binary file manipulation.

Hachoir supports many file formats (more than 60 formats) and have many features:

  • Fault tolerant parser (truncated/buggy file or buggy parser)
  • Smart syntax: you don't have to care about endian or charset, and you can mix byte and bit fields
  • Few functions to modify files
  • File recognition using header/footer in a disk image (in any file) with few false positive (each file is checked using the parser)
  • Written in Python: OS independant and easy to script/extend
  • curses, wxWidgets and Gtk interfaces
  • Many programs based on hachoir-core and hachoir-parser:
    • hachoir-strip: remove metadata and other "useless" informations
    • hachoir-grep: find substring in a binary file (using hachoir parsers: so search is Unicode aware)
    • hachoir-subfile: find all subfiles in a file
    • etc.

Links