{"success":true,"data":{"ext":"ko","name":"KO","description":"KO is a Linux kernel object module format used by the Linux kernel community for loadable kernel modules. It is used to extend the kernel at runtime with device drivers, filesystem support, and other kernel features. Because KO files run in kernel space, malformed or malicious modules can destabilize systems or compromise security, so they should only be loaded from trusted sources and are typically considered a system-level component.","mime":[],"risk_level":"Safe","signatures":[{"hex":"7F 45 4C 46","offset":0,"sources":[{"name":"Wikipedia","url":"https://en.wikipedia.org/wiki/List_of_file_signatures"}]}],"related":["axf","elf","o","out","prx","so"],"usage":{"python":"def is_ko(file_path: str) -> bool:\n    \"\"\"Check if file is a valid KO by magic bytes.\"\"\"\n    signature = bytes([0x7F, 0x45, 0x4C, 0x46])\n    with open(file_path, \"rb\") as f:\n        return f.read(4) == signature","node":"function isKO(buffer: Buffer): boolean {\n  const signature = Buffer.from([0x7F, 0x45, 0x4C, 0x46]);\n  return buffer.subarray(0, 4).equals(signature);\n}","go":"func IsKO(data []byte) bool {\n    signature := []byte{0x7F, 0x45, 0x4C, 0x46}\n    if len(data) < 4 {\n        return false\n    }\n    return bytes.Equal(data[:4], signature)\n}"},"category":"Executables"}}