Detect-It-Easy

Detect It Easy (DiE) is a desktop tool for figuring out what kind of file you are looking at. When you have an executable, an archive, or an unfamiliar file and want to know what software made it or what format it uses, DiE can identify it. It is used mainly by people who analyze malware, do security research, or reverse-engineer software.

The tool works by combining two approaches: signature-based detection, where it matches files against a library of known patterns, and heuristic analysis, which looks for structural clues when no matching signature exists. You can also write your own detection rules using a JavaScript-like scripting language built into the tool, which makes it possible to add detection for new file types without rebuilding the whole program.

Detect It Easy handles a wide variety of file formats: Windows executables, Linux binaries, Android app packages, iOS apps, Java archives, compressed ZIP files, Mac binaries, and many others. Unknown file formats still get analyzed through heuristics rather than simply failing. The tool runs on Windows, Linux, and macOS, and has a graphical interface, a command-line version for batch processing, and a lightweight scanner-only build.

Installation is available through package managers on most platforms, including Chocolatey and the Microsoft Store on Windows, and several Linux distribution repositories. It can also be built from source or run inside a Docker container. There is even a Telegram bot that lets you check a file without installing anything locally.

The project is open source and community-maintained, with contributions welcome for new signatures, bug reports, and translations into other languages.