Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/andrewrathbun/sighunter
A C# (.NET 6) tool to compare the file signature of files recursively and inform the user of matches and mismatches
https://github.com/andrewrathbun/sighunter
anti-forensics csharp dfir filesignatures
Last synced: 2 months ago
JSON representation
A C# (.NET 6) tool to compare the file signature of files recursively and inform the user of matches and mismatches
- Host: GitHub
- URL: https://github.com/andrewrathbun/sighunter
- Owner: AndrewRathbun
- License: mit
- Created: 2023-03-12T02:50:01.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2024-09-17T00:46:32.000Z (4 months ago)
- Last Synced: 2024-10-12T14:10:07.845Z (3 months ago)
- Topics: anti-forensics, csharp, dfir, filesignatures
- Language: C#
- Homepage:
- Size: 1.61 MB
- Stars: 15
- Watchers: 2
- Forks: 4
- Open Issues: 9
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# SigHunter
A DFIR-focused tool to help identify files masquerading as a different file type!
## Sample Command
`SigHunter.exe -d C:\temp\Path\To\Scan\Recursively -o C:\temp\Output\Folder`
## Output
Using the [FileSignatures.cs](https://github.com/AndrewRathbun/SigHunter/blob/main/SigHunter/FileSignatures.cs) dictionary of file extensions and their corresponding expected file signatures, SigHunter will output three CSV files:
* `matched_files.csv` - files that match the file extension with the expected file signature
* `mismatched_files.csv` - files that DO NOT match the file extension with the expected file signature
* `unmatched_files.csv` - files that do not have a file extension entry in the tool's dictionary
## Feedback
There are a lot of improvements I want to make to this tool, but for now, it's functional and fast! Please report any issues here and I'll work on them as I have time!