See on GitHub


magic-identify implements a wrapper around both the python-magic module and the identify module to try and always return results, even if one fails. Finally, failing that it will try to guess some minimal shell script environments too (specifically looking at common keywords in malware droppers/downloaders that do not always have leading identification lines).

It returns two strings, one which may be a higher level text description and a second which should always be a mime-type identifier.

Example module use:

import magicidentify
c = magicidentify.MagicIdentify()
# ('application/x-pie-executable', 'application/x-pie-executable')

Example CLI use:

# magic-identify /bin/ls /sbin/ifup
/bin/ls: application/x-pie-executable, application/x-pie-executable
  using magic:    application/x-pie-executable, application/x-pie-executable
  using identify: unknown, unknown
/sbin/ifup: inode/symlink, inode/symlink
  using magic:    inode/symlink, inode/symlink
  using identify: bash/shell, text/x-bash

# magic-identify -q /bin/ls /sbin/ifup


  • Handle more boring cases from some outputs (text/inode)
  • test suite


The following wonderful github accounts have contributed to the code base:

  • @JakeRoggenbuck