GN Nettest WinPharoah filter file

application/octet-stream

Safe

Magic Bytes

Offset: 0
D4 2A

The WinPharoah filter file is a proprietary configuration format developed by GN Nettest for its network protocol analysis software, WinPharoah. This file type stores specific criteria used to filter captured network traffic, enabling engineers to isolate relevant data packets for detailed inspection and troubleshooting. As a legacy format associated with discontinued network diagnostic tools, these files pose no inherent security risk and are rarely encountered in modern network environments.

Extension

.ftr

MIME Type

application/octet-stream

Byte Offset

0

Risk Level

Safe

Validation Code

How to validate .ftr files in Python

Python 
def is_ftr(file_path: str) -> bool:
    """Check if file is a valid FTR by magic bytes."""
    signature = bytes([0xD4, 0x2A])
    with open(file_path, "rb") as f:
        return f.read(2) == signature

How to validate .ftr files in Node.js

Node.js 
function isFTR(buffer: Buffer): boolean {
  const signature = Buffer.from([0xD4, 0x2A]);
  return buffer.subarray(0, 2).equals(signature);
}
Go 
func IsFTR(data []byte) bool {
    signature := []byte{0xD4, 0x2A}
    if len(data) < 2 {
        return false
    }
    return bytes.Equal(data[:2], signature)
}

API Endpoint

GET /api/v1/ftr
curl https://filesignature.org/api/v1/ftr

Related Formats

.eth .flt .ttf .cpl .doc .arl .hdf4 .manifest .dsf