Configuration of directories and filetype inclusion/exclusion to be analysed

hashlookup / hashlookup-forensic-analyser

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/

https://hashlookup.github.io/hashlookup-forensic-analyser/

Other

121 stars 13 forks source link

Configuration of directories and filetype inclusion/exclusion to be analysed #2

Open adulau opened 2 years ago

adulau commented 2 years ago

Configuration of directories and filetype inclusion/exclusion to be analysed. Idea from @wachizungu.

adulau commented 2 years ago

For file type, we need two strategies:

Extension based
mime/type based

sthagen commented 2 years ago

Would the mime/type based perspective just be an indirection of some extension to mime/type mapper or is data inspection a la unix file command planned?

In case it is the latter, I imagine taming that dragon may be hard esp. in a platform agnostic way.

I more often than not find myself writing my own system call and parsing interface to a native file program execution as my experience with the wrapping python libraries were not too encouraging.