Symantex Ghost image file (.ghs)
.ghs file signature | application/octet-stream
Symantex Ghost image file
Magic Bytes
Offset 0
FE EF
Sources: Gary Kessler
Extension
.ghs
MIME Type
application/octet-stream
Byte Offset
0
Risk Level
Safe
Validation Code
How to validate .ghs files in Python
def is_ghs(file_path: str) -> bool:
"""Check if file is a valid GHS by magic bytes."""
signature = bytes([0xFE, 0xEF])
with open(file_path, "rb") as f:
return f.read(2) == signatureHow to validate .ghs files in Node.js
function isGHS(buffer: Buffer): boolean {
const signature = Buffer.from([0xFE, 0xEF]);
return buffer.subarray(0, 2).equals(signature);
}How to validate .ghs files in Go
func IsGHS(data []byte) bool {
signature := []byte{0xFE, 0xEF}
if len(data) < 2 {
return false
}
return bytes.Equal(data[:2], signature)
}API Endpoint
/api/v1/ghs
curl https://filesignature.org/api/v1/ghs
See the full API documentation for all endpoints and parameters.
Frequently Asked Questions
What is a .ghs file?
A .ghs file is a Symantex Ghost image file file. Symantex Ghost image file
What are the magic bytes for .ghs files?
The magic bytes for Symantex Ghost image file files are FE EF at byte offset 0. These bytes uniquely identify the file format regardless of the file extension.
How do I validate a .ghs file?
To validate a .ghs file, read the first bytes of the file and compare them against the known magic bytes (FE EF) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.
What is the MIME type for .ghs files?
There is no officially registered MIME type for .ghs files. Systems typically use application/octet-stream as a generic fallback when handling this format.
Is it safe to open .ghs files?
Symantex Ghost image file (.ghs) files are generally safe to open. They are classified as low risk because they primarily contain data rather than executable code. However, always ensure files come from a trusted source.