AFF (.aff)

.aff file signature | application/octet-stream

Advanced Forensics Format (AFF) is an open digital forensics file format developed by Simson Garfinkel and maintained by the AFF project community. It is used to store disk images and related evidence for forensic acquisition, analysis, archiving, and courtroom presentation. AFF files are generally safe to handle, but, like other evidence containers, they may preserve large amounts of sensitive data and should be treated according to chain-of-custody and privacy requirements.

Safe

Magic Bytes

Offset 0


              41 46 46

Sources: Wikipedia

Extension

.aff

MIME Type

application/octet-stream

Byte Offset

Risk Level

Safe

Validation Code

How to validate .aff files in Python

Python

def is_aff(file_path: str) -> bool:
    """Check if file is a valid AFF by magic bytes."""
    signature = bytes([0x41, 0x46, 0x46])
    with open(file_path, "rb") as f:
        return f.read(3) == signature

How to validate .aff files in Node.js

Node.js

function isAFF(buffer: Buffer): boolean {
  const signature = Buffer.from([0x41, 0x46, 0x46]);
  return buffer.subarray(0, 3).equals(signature);
}

How to validate .aff files in Go

func IsAFF(data []byte) bool {
    signature := []byte{0x41, 0x46, 0x46}
    if len(data) < 3 {
        return false
    }
    return bytes.Equal(data[:3], signature)
}

API Endpoint

GET /api/v1/aff


              curl https://filesignature.org/api/v1/aff

See the full API documentation for all endpoints and parameters.

Frequently Asked Questions

What is a .aff file?

A .aff file is identified by the magic bytes 41 46 46 at byte offset 0. Advanced Forensics Format (AFF) is an open digital forensics file format developed by Simson Garfinkel and maintained by the AFF project community. It is used to store disk images and related evidence for forensic acquisition, analysis, archiving, and courtroom presentation. AFF files are generally safe to handle, but, like other evidence containers, they may preserve large amounts of sensitive data and should be treated according to chain-of-custody and privacy requirements.

What are the magic bytes for .aff files?

The magic bytes for AFF files are 41 46 46 at byte offset 0. These bytes uniquely identify the file format regardless of the file extension.

How do I validate a .aff file?

To validate a .aff file, read the first bytes of the file and compare them against the known magic bytes (41 46 46) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.

What is the MIME type for .aff files?

There is no officially registered MIME type for .aff files. Systems typically use application/octet-stream as a generic fallback when handling this format.

Is it safe to open .aff files?

AFF (.aff) files are generally safe to open. They are classified as low risk because they primarily contain data rather than executable code. However, always ensure files come from a trusted source.