HeaderSniffer is a python script that takes in a file path and double checks if the header file extension is really the file format. This could be used as a precautionary step before executing or opening a file. Hackers may disguise their file under another file extension afterall. The inspiration for this project came from this video when I was just bored.
This is assuming that you already had Git installed. If not, there are lots of resources online such as this to get you started. As well, make sure to have python installed on your machine too! Installing Python
1.) Clone the Repo:
git clone git@github.com:GitWorkingTime/HeaderSniffer.git (For SSH)
git clone https://github.com/GitWorkingTime/HeaderSniffer.git (For HTTPS)
2.) Open the Directory
1.) Enter the directory via cd in the terminal
2.) Run python header_sniffer.py
3.) Choose a file you want to check and copy its file path by right-clicking on the file and
selecting "Copy File as Path" or Ctrl + Shift + C on windows
4.) View the logs. This will be the format:
[File Name]: (The name of the file)
[Magic Number (hex)]: (Magic number in hexadecimal)
[Real File Extension]: (Real file format found based on magic number)
[File Extension Header]: (File extension found in the header)
Either "Correct file type." Or "Warning!"
[Additional Stats]:
[Size]: (Number of bytes)
[Last modified]: (date)
[Last Accessed]: (date)
[Created]: (date)
5.) If you wish to exit, just type in 'exit'
| Type | File Format |
|---|---|
| Images | png, jpg, jpeg, gif, bmp, tif, tiff, webp, ico |
| Archives / Compression | zip, gz, tar, 7z, rar |
| Documents | pdf, ps, ole2 (Generic OLE2: doc, xls, ppt) |
| Audio | mp3, mp3_v1 (MP3 Varient), wav, flac, ogg, midi |
| Video | mp4, avi, mov |
| Executables / Systems | exe, dll, elf, class, sh |
| Font Files | tff, otf |
| Disk Images | iso |
| Other | xml, rtf, swf, wasm |