file-magic

The file-magic tool serves as a file type identification utility integrated into Canva workflows. Utilizing the capabilities of libmagic, it analyzes files to determine their type and compute their SHA256 hash, enhancing the efficiency of automated security assessments.

Ideal Use Cases & Fit

file-magic excels in scenarios requiring the identification of file types from various inputs, such as during the analysis of suspicious files in an incident response workflow or when verifying uploaded files in a web application. It effectively solves problems related to file type ambiguity, facilitating accurate threat detection. However, it may not be suitable for workflows focused solely on dynamic file behavior analysis or content extraction.

Value in Workflows

In security workflows, file-magic adds significant value by providing critical information during early reconnaissance phases, enabling security professionals to prioritarily assess and categorize files. It can be integrated into post-processing steps, where insight into file types is needed for further actions, such as malware analysis or forensic investigations.

Input Data

The tool requires a single input file of any type, and it functions to analyze the content of the specified file. An example input could be a binary file such as /path/to/file.bin.

Configuration

• mime-type: Outputs the MIME type strings of the analyzed file, providing detailed content type information.
• mime-encoding: When enabled, this parameter outputs the MIME encoding, aiding in understanding file encoding.
• uncompress: Enables inspection of compressed files, allowing the tool to analyze content within archives.
• dereference: Follows symlinks to ensure that the target file is accurately accessed during analysis.
• keep-going: Configures the tool not to stop at the first match, allowing for comprehensive type identification across multiple formats.
• special-files: Allows the tool to read block and character device files, enhancing its capabilities in diverse environments.