What utility or method can tell a file type accurately?

file-types

If we look at files in our browser's cache, usually there is no file extension (the gif, jpg, or swf).

Is there a reliable and trustworthy app that can tell whether a file is a gif, jpg, png, swf, avi, wmv, etc, etc?

I have seen an app like that before but the icon / website of it looked very 3rd party and unprofessional.


Solution 1:

  • Trid - "TrID is an utility designed to identify file types from their binary signatures. While there are similar utilities with hard coded rules, TriID has no such rules. Instead, it is extensible and can be trained to recognize new formats in a fast and automatic way."
  • File - "File tests each argument in an attempt to classify it. There are three sets of tests, performed in this order: filesystem tests, magic number tests, and language tests." (it's for UNIX but under Windows you can use Cygwin)

Solution 2:

You know, there are tools specifically for exploring a browser cache... The browser has an index of the cache contents that usually includes MIME type as well as original URL.

I haven't used such a tool since the late 90's but I'm sure they still exist.

Here's a post that reviews browser cache viewer products for three major browsers

A quick search for more browser cache viewers turns up:

  • CacheAuditor
  • CacheViewX
  • CacheView
  • VideoChacheView
  • MozillaCacheView

Here's another post about viewing the browser cache of Firefox.

If you are determined to do it the hard way, there is a computer forensic information site that lists some commercial tools for the purpose of "File viewer- to view and/or identify file format regardless of extension" for forensics purposes. It lists: Quick View Plus5, EnCase, Turbo Browser 98, DiskJockey 98" which I've never heard of and seem a bit dated, but many of the file formats in the browser cache were around 10 years ago.

Looking for modern and capable tool like that would be interesting. My searches didn't turn up anything amazing in this space. There are so-many file formats and this is such a specialized area, that it wouldn't really attract a shareware developer or an open source community. If these tools exist and are kept up to date with the latest format changes, my guess is that they will be priced appropriately for a forensic investigator's budget. (very expensive)

Again, you'd be better off approaching it using what the browser cache already knows about its contents rather than brute-forcing the naked files.

Related

Why does the speed decrease while copying from an external harddrive?
Acrobat Reader- How to open the same document in separate windows?
Can I have Graphics on Linux without a desktop manager?
SSH via multiple hosts or bastions
How to Recover Google Chrome User Settings
Uninstalling multiple programs in Windows 7?
Mount NTFS Windows partition on Ubuntu live CD
Canoga-Perkins Password recovery (Brute-forcing via COM port)
Decrypt Google Chrome passwords
How to interpolate intermediate values for arbitrary data in Excel
Print over remote CUPS server, but just show a subset of the printers
w32tm does not exist as an installed service