Nothing can be more bothering than getting stuck with an unknown file type. You may have faced numerous situations when you received a file attachment from a friend or downloaded one from the internet, but you couldn’t quite guess its actual format. Perhaps, you didn’t know how to open the file or which program you needed to use? The first thing you’d probably do is Google it, but what if the file under the disguise is actually a virus? Today, I’m going to share an awesome tool that may help in such worriment. TrID is a small app that’s designed to identify unknown file types from their binary signatures with ease.
The extensible design of the tool allows you to not only identify your files, but also train it to learn new ones along the way. It uses a database of definitions to identify file types, just like antivirus definitions, making it very flexible in nature. TrID comes in three different flavors; a web based online tool, command line, and a GUI version of the command line variant.
Online TrID File Identifier is aimed at users who need to identify files right away. It also saves you from the hassle of downloading the binary definition database separately (more on that later) to get it up and running. It has a simple interface and is also very easy to use. All you need to do is visit the website (via link at the end), click Browse to select the file you need to scan, and click ‘Analyze’.
When the results are shown, you can see how many extensions or file types the selected item matches. It also gives you a reference URL, and author’s info so you can dig deeper for further analysis.
TrID – File Identifier is the command line version of the app which allows you to use various switches to identify items you need, for instance, -v switch for digging into additional info about the file, -d to specify a different definitions package, –ns to display unique strings check etc. The full list of supported switches and information regarding how to point your files can be viewed by simply typing ‘trid’ (without quotations) in the command line window.
The third variant, TrIDNet, is the graphical user interface version of the program, and it’s definitely easier to use than it’s command line counterpart. But to use it, you also need to download the definitions database to your computer and place it in the same folder where the program’s EXE file is located. When done, open the program, browse to the file you want to analyze and allow TrIDNet to do the rest. You can also double-click on an item to show additional information about it.
Both TrID – File Identifier and TrIDNet are portable and work on Windows and Linux machines.
Online TrID File Identifier
TrID – File Identifier