Symantex Ghost image file (.gho)
.gho file signature | application/octet-stream
Symantex Ghost image file
Magic Bytes
Offset 0
FE EF
Sources: Gary Kessler
Extension
.gho
MIME Type
application/octet-stream
Byte Offset
0
Risk Level
Safe
Validation Code
How to validate .gho files in Python
def is_gho(file_path: str) -> bool:
"""Check if file is a valid GHO by magic bytes."""
signature = bytes([0xFE, 0xEF])
with open(file_path, "rb") as f:
return f.read(2) == signatureHow to validate .gho files in Node.js
function isGHO(buffer: Buffer): boolean {
const signature = Buffer.from([0xFE, 0xEF]);
return buffer.subarray(0, 2).equals(signature);
}How to validate .gho files in Go
func IsGHO(data []byte) bool {
signature := []byte{0xFE, 0xEF}
if len(data) < 2 {
return false
}
return bytes.Equal(data[:2], signature)
}API Endpoint
/api/v1/gho
curl https://filesignature.org/api/v1/gho
See the full API documentation for all endpoints and parameters.
Frequently Asked Questions
What is a .gho file?
A .gho file is a Symantex Ghost image file file. Symantex Ghost image file
What are the magic bytes for .gho files?
The magic bytes for Symantex Ghost image file files are FE EF at byte offset 0. These bytes uniquely identify the file format regardless of the file extension.
How do I validate a .gho file?
To validate a .gho file, read the first bytes of the file and compare them against the known magic bytes (FE EF) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.
What is the MIME type for .gho files?
There is no officially registered MIME type for .gho files. Systems typically use application/octet-stream as a generic fallback when handling this format.
Is it safe to open .gho files?
Symantex Ghost image file (.gho) files are generally safe to open. They are classified as low risk because they primarily contain data rather than executable code. However, always ensure files come from a trusted source.