Specs

coff?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's a Common Object File Format.

Specs

coff_i386?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's a Common Object File Format for i386 architecture.

Specs

coff_ia64?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's a Common Object File Format for Itanium architecture.

Specs

coff_x64?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's a Common Object File Format for x64 architecture.

Specs

der?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's a DER encoded X.509 certificate.

See: https://github.com/ReFirmLabs/binwalk/blob/master/src/binwalk/magic/crypto#L25-L37 See: https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs

examples

Examples

iex> binary = File.read!("test/app/sample.der")
iex> Infer.App.der?(binary)
true

iex> binary = File.read!("test/app/sample.wasm")
iex> Infer.App.der?(binary)
false

Specs

dex?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's a Dalvik Executable (DEX).

See: https://source.android.com/devices/tech/dalvik/dex-format#dex-file-magic

Specs

dey?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's a Optimized Dalvik Executable (ODEX).

See: https://source.android.com/devices/tech/dalvik/dex-format#dex-file-magic

Specs

dll?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's a EXE or DLL.

DLL and EXE share the same magic number.

examples

Examples

iex> binary = File.read!("test/app/sample.exe")
iex> Infer.App.dll?(binary)
true

iex> binary = File.read!("test/app/sample.wasm")
iex> Infer.App.dll?(binary)
false

Specs

elf?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's a elf.

DLL and EXE share the same magic number.

examples

Examples

iex> binary = File.read!("test/app/sample_elf")
iex> Infer.App.elf?(binary)
true

iex> binary = File.read!("test/app/sample.wasm")
iex> Infer.App.elf?(binary)
false

Specs

exe?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's a EXE or DLL.

DLL and EXE share the same magic number.

examples

Examples

iex> binary = File.read!("test/app/sample.exe")
iex> Infer.App.exe?(binary)
true

iex> binary = File.read!("test/app/sample.wasm")
iex> Infer.App.exe?(binary)
false

Specs

java?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's compiled java bytecode.

Specs

llvm?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's LLVM bitcode.

Specs

mach?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's a Mach-O binary. Mach-O binaries can be one of four variants: x86, x64, PowerPC, "Fat" (x86 + PowerPC)

See: https://ilostmynotes.blogspot.com/2014/05/mach-o-filetype-identification.html

examples

Examples

iex> binary = File.read!("test/app/sample_mach_fat")
iex> Infer.App.mach?(binary)
true

iex> binary = File.read!("test/app/sample_mach_ppc")
iex> Infer.App.mach?(binary)
true

iex> binary = File.read!("test/app/sample_mach_x64")
iex> Infer.App.mach?(binary)
true

iex> binary = File.read!("test/app/sample_mach_x86")
iex> Infer.App.mach?(binary)
true

iex> binary = File.read!("test/app/sample.wasm")
iex> Infer.App.mach?(binary)
false

Specs

wasm?(binary()) :: boolean()

Takes the binary file contents as arguments. Returns true if it's a WASM.

See: http://webassembly.github.io/spec/core/binary/modules.html#binary-magic

examples

Examples

iex> binary = File.read!("test/app/sample.wasm")
iex> Infer.App.wasm?(binary)
true

iex> binary = File.read!("test/app/sample.exe")
iex> Infer.App.wasm?(binary)
false