AFF

application/octet-stream

Safe

Magic Bytes

Offset: 0
41 46 46

The Advanced Forensic Format (AFF) is an open-source file format developed by Simson Garfinkel and Basis Technology for storing disk images. It is used in digital forensics and data recovery to encapsulate raw disk data and metadata within a single archive, offering native compression and encryption. Although largely succeeded by the AFF4 standard, this format remains a significant legacy tool for preserving digital evidence chains of custody across various investigative and operating environments.

Extension

.aff

MIME Type

application/octet-stream

Byte Offset

0

Risk Level

Safe

Validation Code

How to validate .aff files in Python

Python 
def is_aff(file_path: str) -> bool:
    """Check if file is a valid AFF by magic bytes."""
    signature = bytes([0x41, 0x46, 0x46])
    with open(file_path, "rb") as f:
        return f.read(3) == signature

How to validate .aff files in Node.js

Node.js 
function isAFF(buffer: Buffer): boolean {
  const signature = Buffer.from([0x41, 0x46, 0x46]);
  return buffer.subarray(0, 3).equals(signature);
}
Go 
func IsAFF(data []byte) bool {
    signature := []byte{0x41, 0x46, 0x46}
    if len(data) < 3 {
        return false
    }
    return bytes.Equal(data[:3], signature)
}

API Endpoint

GET /api/v1/aff
curl https://filesignature.org/api/v1/aff

Related Formats

.aiff .maff .afm .dwg .sle .abox2 .ppz .tdef .mobi