Forensics
Hachoir: framework to parse binary files Dec 22 2006 03:11PM
victor stinner haypocalc com
Hi, since one year I'm working on a framework written in Python to parse any binary file. Some features:
* Autofix: Catch any parser error and fix them as soon as possible
* Lazy: Field value, size, description, absolute address, (...) are computed on demand
* No arbitrary limit on addresses, field size, field count or field tree depth
* Types: Lot of builtins types: integer, string, boolean, byte array, etc.
* Bit granularity for size and address
* Unicode: String value are stored in Unicode (if string charset is specified)
* Endian: specify endian once
* No dependency: only requires Python 2.4

More than 40 parsers based on Hachoir are already available:
http://hachoir.org/wiki/hachoir-parser
(all common image, audio, video and archive file formats are supported)

Hachoir is not specific to one format category: you will find parser for file system, metadata, ASN.1, network packet, program, etc.

Parser syntax is smart, see for example RIFF parser (AVI, WAV, CDA):
http://hachoir.org/browser/hachoir-parser/trunk/hachoir_parser/container
/riff.py

There are many programs based on Hachoir:
* hachoir-core: parse a file into fields, support edition
* hachoir-parser: many common file format parsers
* hachoir-urwid: text user interface
* hachoir-wx: graphical user interface (wxWidgets)
* hachoir-metadata: extract metadata

Get more information on Hachoir website:
http://hachoir.org/wiki

Victor Stinner

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus