FRET helping understand file formats

site index

home |

faq |

documentation |

contacts |

downloads |

sourceforge.net/fret |

latest news

version 0.0.6 released

Thursday 19 January 2006. After several months of intensive development by a synergized team of individual contributors, at a disused chicken farm on the outskirts of Hoozindahaus, another version of FRET has taken shape. This release fixes several issues and adds --scan and --phase options.

version 0.0.5 released

Wednesday 14 September 2005. The worlds press gathered today in front of a small Unix terminal to watch the release of v0.0.5 of FRET into the wild. The tarball was reticent at first looked back once at the gathered crowd and then swiftly ran away to join its own kind.

introduction

FRET is a *nix command line tool that examines any file or files and attempts to identify the data structures and patterns within those file(s). It does this by firstly scanning files using heuristic algorithms to identify structures and then by comparing files to identify common patterns. Results are compared and ranked using a probabilistic approach. It outputs a sorted list of the detected structures within the file(s) which can then be parsed by other tools and scripts. libfret is the library used to implement FRET. It provides a clear interface to allow for the analysis of buffers of raw data. It is designed to be integrated with a range of other programs such as hex editors, packet analysers and other development tools.

status

FRET and libfret are at an early development stage and do not yet provide a lot of useful functionality. FRET (and libfret) scans a single or multiple files (buffers) and currently identifies the following structures:

data that is common to multiple files or buffers
arrays of ASCII bytes
arrays of fill bytes
offsets to other fields in a file

goals

next steps

Development is currently underway for this functionality;

improve "grinding" scan results
improve amalgamation of detected structures for a group of files
verification of the statistical model
add new scans for other types text encodings
add new scans for CPU instructions
add multi-threading support to libfret
include muti-language support

long term

Provide an additional tool to developers which is capable of identifying major structures within all types of files, without any knowledge of specific file formats.

availability

supported platforms

FRET and libfret are currently developed for the GNU/Linux platform using gcc and GNU autotools. libfret and FRET currently have no dependencies (libredblack and the FNV hash code are included as source). It is not planned to add support for non-POSIX platforms.

license

FRET and libfret are both released under the GPL open source license. See the project file COPYING for more information on the license.

acknowledgements

libredblack

Thanks to Damian Ivereigh for his excellent Red-Black Tree implementation called libredblack. Multiple Red-Black Trees are used for internal Gram storage. More information is available at the libredblack website.

FNV Hash Algorithm

Thanks to Landon Curt Noll for making the FNV (Fowler-Noll-Vo) hash source code available in the Public Domain. More information is available at Landon's website.