Difference between revisions of "Hachoir"

From ForensicsWiki
Jump to: navigation, search
Line 2: Line 2:
 
   name = Hachoir |
 
   name = Hachoir |
 
   maintainer = Victor Stinner |
 
   maintainer = Victor Stinner |
   os = {{Linux}} |
+
   os = {{Cross-platform}} |
 
   genre = {{Analysis}} |
 
   genre = {{Analysis}} |
 
   license = {{GPL}} |
 
   license = {{GPL}} |
Line 29: Line 29:
  
 
* [http://hachoir.org/ hachoir.org]: Hachoir website
 
* [http://hachoir.org/ hachoir.org]: Hachoir website
 +
 +
[[Category:Metadata]]
 +
[[Category:Windows]]
 +
[[Category:Linux]]
 +
[[Category:FreeBSD]]

Revision as of 20:47, 18 March 2007

Hachoir
Maintainer: Victor Stinner
OS: Cross-platform
Genre: Analysis
License: GPL
Website: hachoir.org

Hachoir is a generic framework for binary file manipulation. Written in Python, it's OS independant and has many text/graphic user interfaces (ncurses, wxWidget, Gtk+).

Features

Hachoir supports many file formats (more than 60 formats) and have many features:

  • Fault tolerant parser (truncated/buggy file or buggy parser)
  • Smart syntax: you don't have to care about endian or charset, and you can mix byte and bit fields
  • Few functions to modify files
  • File recognition using header/footer in a disk image (in any file) with few false positive (each file is checked using the parser)
  • Written in Python: OS independant and easy to script/extend
  • curses, wxWidgets and Gtk interfaces
  • Many programs based on hachoir-core and hachoir-parser:
    • hachoir-metadata: extract metadata
    • hachoir-strip: remove metadata and other "useless" informations
    • hachoir-grep: find substring in a binary file (using hachoir parsers: so search is Unicode aware)
    • hachoir-subfile: find all subfiles in a file
    • etc.

Links