Difference between revisions of "Hachoir"

From ForensicsWiki
Jump to: navigation, search
Line 1: Line 1:
 
{{Infobox_Software |
 
{{Infobox_Software |
   name = PyFlag |
+
   name = Hachoir |
   maintainer = [[Michael Cohen]], [[David Collett]] |
+
   maintainer = Victor Stinner |
   os = {{Linux}}, {{Web-based}} |
+
   os = {{Linux}} |
 
   genre = {{Analysis}} |
 
   genre = {{Analysis}} |
 
   license = {{GPL}} |
 
   license = {{GPL}} |
   website = [http://www.pyflag.net/ pyflag.net] |
+
   website = [http://hachoir.org/ hachoir.org] |
 
}}
 
}}
  
 
'''Hachoir''' is a generic framework for binary file manipulation.
 
'''Hachoir''' is a generic framework for binary file manipulation.
 +
 +
== Features ==
  
 
Hachoir supports many file formats (more than 60 formats) and have many features:
 
Hachoir supports many file formats (more than 60 formats) and have many features:

Revision as of 20:31, 18 March 2007

Hachoir
Maintainer: Victor Stinner
OS: Linux
Genre: Analysis
License: GPL
Website: hachoir.org

Hachoir is a generic framework for binary file manipulation.

Features

Hachoir supports many file formats (more than 60 formats) and have many features:

  • Fault tolerant parser (truncated/buggy file or buggy parser)
  • Smart syntax: you don't have to care about endian or charset, and you can mix byte and bit fields
  • Few functions to modify files
  • File recognition using header/footer in a disk image (in any file) with few false positive (each file is checked using the parser)
  • Written in Python: OS independant and easy to script/extend
  • curses, wxWidgets and Gtk interfaces
  • Many programs based on hachoir-core and hachoir-parser:
    • hachoir-strip: remove metadata and other "useless" informations
    • hachoir-grep: find substring in a binary file (using hachoir parsers: so search is Unicode aware)
    • hachoir-subfile: find all subfiles in a file
    • etc.

Links