Download
Detect It Easy (DiE) is a tool for determining the type and internal features of binary and other file formats. It is widely used by malware analysts, digital forensics investigators, reverse engineers, and security researchers to quickly inspect unknown files and infer their type, architecture, compiler/packer used, and internal structure. DiE supports a large variety of file formats — from common executables (Windows PE, Linux ELF, macOS Mach-O) to archives, mobile packages (APK, IPA), legacy binaries, compressed or packed files, and more — making it a versatile first step in analysis or triage workflows. The tool offers both a graphical user interface as well as a command-line interface, allowing flexible use across environments (desktop, servers, automation). Its detection engine is signature-based, but also includes heuristics that help when signatures are missing or obfuscated. This helps when analyzing packed, compressed, or partially corrupted files.
Features
- Detection of a wide variety of file formats: PE (Windows), ELF (Linux), Mach-O (macOS), APK, DEX, IPA, archives, legacy executables, compressed/polymorphic, etc.
- Signature-based + heuristic detection engine for identifying packers, compilers, linkers, protectors, and file structure even when obfuscated
- Cross-platform GUI and command-line interface — usable on Windows, Linux and macOS
- Displays metadata: architecture, header/section info, imports/exports/resources, hash, entropy, and embedded strings for fast analysis
- Regularly updated signature database, making detection of new/rare packers and formats possible
- Licensed under MIT, with packaging support (binary builds, distro packages) for easy installation and integration into analysis pipelines
Project Samples
