EnCase case file (.cbk)
.cbk file signature | application/octet-stream
EnCase case file (and backup)
Magic Bytes
Offset 0
5F 43 41 53 45 5F
Sources: Gary Kessler
Extension
.cbk
MIME Type
application/octet-stream
Byte Offset
0
Risk Level
Safe
Validation Code
How to validate .cbk files in Python
def is_cbk(file_path: str) -> bool:
"""Check if file is a valid CBK by magic bytes."""
signature = bytes([0x5F, 0x43, 0x41, 0x53, 0x45, 0x5F])
with open(file_path, "rb") as f:
return f.read(6) == signatureHow to validate .cbk files in Node.js
function isCBK(buffer: Buffer): boolean {
const signature = Buffer.from([0x5F, 0x43, 0x41, 0x53, 0x45, 0x5F]);
return buffer.subarray(0, 6).equals(signature);
}How to validate .cbk files in Go
func IsCBK(data []byte) bool {
signature := []byte{0x5F, 0x43, 0x41, 0x53, 0x45, 0x5F}
if len(data) < 6 {
return false
}
return bytes.Equal(data[:6], signature)
}API Endpoint
/api/v1/cbk
curl https://filesignature.org/api/v1/cbk
See the full API documentation for all endpoints and parameters.
Frequently Asked Questions
What is a .cbk file?
A .cbk file is a EnCase case file file. EnCase case file (and backup)
What are the magic bytes for .cbk files?
The magic bytes for EnCase case file files are 5F 43 41 53 45 5F at byte offset 0. These bytes uniquely identify the file format regardless of the file extension.
How do I validate a .cbk file?
To validate a .cbk file, read the first bytes of the file and compare them against the known magic bytes (5F 43 41 53 45 5F) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.
What is the MIME type for .cbk files?
There is no officially registered MIME type for .cbk files. Systems typically use application/octet-stream as a generic fallback when handling this format.
Is it safe to open .cbk files?
EnCase case file (.cbk) files are generally safe to open. They are classified as low risk because they primarily contain data rather than executable code. However, always ensure files come from a trusted source.