You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
steffenfritz 01859ed880 preparing move to github and DLA 7 months ago
cmd/friller preparing move to github and DLA 7 months ago
testdata added test case 7 months ago
third_party added download 8 months ago
.gitignore working copy 8 months ago
LICENSE added license 8 months ago
Makefile added Makefile for lib level, testing and benching 7 months ago Updated README and man page 7 months ago
download.go v1.0-BETA-1 8 months ago
entropy.go added entropy 7 months ago
err.go working copy 8 months ago
friller.1 Updated README and man page 7 months ago
go.mod added uuid 8 months ago
go.sum merged 8 months ago
hash.go working copy 8 months ago
hash_test.go fmted the project 8 months ago
process.go working copy 7 months ago
process_bench.go added entropy 7 months ago
process_test.go simplified test dir 7 months ago
pronom.sig added identify test. pronom.sig is needed for testing in the top level dir 8 months ago
redis.go closes #3 8 months ago
siegfried.go fixed separator count on empty files 7 months ago
types.go fmted the project 8 months ago
uuid.go fmted the project 8 months ago


Build status Go Report Card

filedriller walks a directory tree and identifies all regular files by type with siegfried. Furthermore it creates UUIDv4s, hash sums (md5, sha1, sha256, sha512 or blake2b-512) and filedriller can check if the file is in the NSRL.

The NSRL check expects a Redis server that serves NSRL SHA-1 hashes. You can use my docker image



For issues see the issue tab.


  1. Binary release

    Download the file for your platform and execute it. The executables are named friller.

    Note: If the build badge above is green and says passing, it is a good idea to install from source.

  2. From source

     go get
  3. Download signature file

    friller -download
  4. Optional NSRL:

     - docker pull ampoffcom/nslredis:032020
     - docker images
     - docker run -p 6379:6379 $IMAGEID        

    When you pass the -redisserv flag, friller sends a SHA-1 hash to the specified server.

Usage Examples

  1. Fetch the pronom.sig file

     friller -download
  2. Without Redis / NSRL

     friller -in SOMEDIRECTORY
  3. With Redis / NSRL

     friller -in SOMEDIRECTORY -redisserv localhost
  4. With alternate output file

     friller -in SOMEDIRECTORY -output foo.csv


The output is written to a CSV file. Schema of the file:

Filename, SizeInByte, Registry, PUID, Name, Version, MIME, ByteMatch, IdentificationNote, HashSum, UUID, inNSRL, Entropy


Usage of ./friller:


    Download siegfried's signature file


    Calculate the entropy of files. Limited to file sizes up to 1GB

-hash string

    The hash algorithm to use: md5, sha1, sha256, sha512, blake2b-512 (default "sha256")

-in string

    Root directory to work on

-output string

    Output file (default "info.csv")

-redisport string

    Redis port number for a NSRL database (default "6379")

-redisserv string

    Redis server address for a NSRL database


    Print version and build info