Documentation
¶
Index ¶
Constants ¶
View Source
const TypeArchive = "Archive"
Archives (compressed etc.)
View Source
const TypeBasic = "Basic"
View Source
const TypeCAPA = "Capa"
CAPA Scan
View Source
const TypeELF = "ELF"
Linux/UNIX Executable Linkable Format
View Source
const TypeJAR = "JAR"
Java Archive (JAR)
View Source
const TypeMSOffice = "MSOffice"
Microsoft Office Document
View Source
const TypeOther = "Other"
Anything not implemented (yet)
View Source
const TypePE = "PE"
Microsoft Windows Portable Executable
View Source
const TypeYARA = "Yara"
Yara Scan (can be done for all filetypes)
Variables ¶
View Source
var ArchiveMime = []string{
"application/epub+zip",
"application/zip",
"application/x-tar",
"application/vnd.rar",
"application/gzip",
"application/x-bzip2",
"application/x-7z-compressed",
"application/x-xz",
"application/zstd",
"application/x-iso9660-image",
"application/x-google-chrome-extension",
"application/vnd.ms-cab-compressed",
"application/vnd.debian.binary-package",
"application/x-unix-archive",
"application/x-compress",
"application/x-lzip",
"application/x-rpm",
"application/dicom",
}
View Source
var ELFMime = []string{
"application/x-executable",
}
View Source
var MSOfficeMime = []string{
"application/msword",
"application/vnd.ms-excel",
"application/vnd.ms-powerpoint",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
"application/vnd.openxmlformats-officedocument.presentationml.presentation",
}
View Source
var PEMime = []string{
"application/vnd.microsoft.portable-executable",
}
Functions ¶
func TypeFromMime ¶
Types ¶
This section is empty.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.