whfmt.Validate 1.0.0

.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher. 
dotnet tool install --global whfmt.Validate --version 1.0.0
This package contains a .NET tool you can call from the shell/command line. 
dotnet new tool-manifest
                    


                            if you are setting up this repo
                        

                    

                
dotnet tool install --local whfmt.Validate --version 1.0.0
This package contains a .NET tool you can call from the shell/command line. 
#tool dotnet:?package=whfmt.Validate&version=1.0.0
                    


                    

                
nuke :add-package whfmt.Validate --version 1.0.0

whfmt.Validate

Binary file validator — validate any file against 790+ format definitions in seconds.

whfmt.Validate is a dotnet global tool that detects file formats and validates them for structural integrity, checksum correctness, and forensic anomalies — all powered by the whfmt.FileFormatCatalog library with 790+ embedded .whfmt definitions.

Install

dotnet tool install -g whfmt.Validate

After installation, the whfmt command is available globally.

Commands

whfmt validate — Validate files

whfmt validate <file(s)> [options]

Arguments

Argument Description
files One or more files or directories to validate

Options

Option Short Description
--format <name> -f Force a specific format (name or extension). Skips auto-detection.
--report <format> -r Output format: text (default), json, html
--output <path> -o Write report to file instead of stdout
--recursive -R Recursively validate all files in a directory
--fail-fast Stop on first validation error
--quiet -q No output — only set exit code (0 = valid, 1 = invalid, 2 = error)

Examples

# Validate a ZIP file (auto-detect format)
whfmt validate archive.zip

# Validate a firmware blob, force PE32 format
whfmt validate firmware.bin --format pe32

# Validate all files in a directory, output HTML report
whfmt validate ./files --recursive --report html --output report.html

# CI/CD: silent validation, fail on first error
whfmt validate build/output.exe --quiet --fail-fast && echo "OK" || echo "INVALID"

# JSON output for scripting
whfmt validate image.png --report json | jq '.isValid'

Exit codes

Code Meaning
0 File is valid — no errors
1 Validation failed — one or more errors
2 File not found or tool error

whfmt list — Browse the format catalog

whfmt list [options]
Option Short Description
--category <name> -c Filter by category (e.g. Archives, Images, Game, Executables)
--search <text> -s Filter by name substring
--json -j Output as JSON array

Examples

# List all supported formats grouped by category
whfmt list

# List all game formats
whfmt list --category Game

# Search for anything related to "zip"
whfmt list --search zip

# JSON output for scripting
whfmt list --category Executables --json

whfmt info — Inspect a specific format

whfmt info <format> [options]
Option Short Description
--json -j Output full metadata as JSON

Examples

# Show ZIP format metadata
whfmt info zip

# Show PE32 format in JSON (includes AI hints, forensic risk, technical details)
whfmt info pe32 --json

# Look up by extension
whfmt info .docx

What gets validated

For each file, whfmt validate runs up to 4 layers of checks depending on what the format definition declares:

Layer Description
Format Detection Auto-identifies the format using magic bytes, extension, and MIME type with a confidence score
Signature Verification Checks that expected magic bytes are present at the declared offsets
Checksum Validation Verifies CRC32, CRC16, Adler32, MD5, SHA-1, SHA-256, or byte-sum checksums against stored or expected values
Assertion Evaluation Evaluates structural constraints (file_size > 0, version == 3, etc.)
Forensic Scan Detects suspicious or known-malicious byte patterns declared in the format's forensic metadata

Report formats

Text (default)

  whfmt validate — archive.zip
  ────────────────────────────────────────────────────────────
  File     : C:\files\archive.zip
  Size     : 1.23 MB
  Format   : ZIP Archive (Archives)
  Confidence: 100%  [Combined]
  Forensic : LOW risk

  Passed checks:
    ✓  [Signature] MagicBytes — Signature 504B0304 @ offset 0 ✓
    ✓  [Checksum] CentralDirCRC — CRC32: A1B2C3D4 ✓

  Result   : ✓ VALID

JSON

{
  "file": "C:\\files\\archive.zip",
  "size": 1289421,
  "format": "ZIP Archive",
  "category": "Archives",
  "confidence": 1.0,
  "matchSource": "Combined",
  "forensicRisk": "low",
  "isValid": true,
  "errors": 0,
  "warnings": 0,
  "checks": [
    { "Category": "Signature", "Name": "MagicBytes", "Passed": true, "Detail": "Signature 504B0304 @ offset 0 ✓" }
  ],
  "issues": []
}

HTML

A self-contained dark-themed HTML report — suitable for CI artifacts or sharing with teams.

Supported format categories

The tool validates files across 27 categories and 790+ formats:

Category Count Examples
Archives 37 ZIP, 7z, RAR, TAR, GZIP, BZIP2, XZ, LZ4
Audio 49 MP3, FLAC, WAV, AAC, OGG, OPUS, AIFF
Images 58 PNG, JPEG, WebP, GIF, BMP, TIFF, HEIC, ICO
Executables 14 PE32, ELF, Mach-O, WASM, .NET, JAR
Documents 44 PDF, DOCX, XLSX, PPTX, ODT, RTF, EPUB
Game 91 NES ROM, SNES, GBA, PS1, Unity Bundle, PAK
Database 29 SQLite, LevelDB, RocksDB, DuckDB, MDB
Disk 18 ISO, IMG, VHD, VMDK, E01, DD
Crypto 16 PEM, DER, PFX, GPG, SSH Key, JWT
Firmware 12 Intel HEX, SREC, BIN, UF2, EFI
Medical 20 DICOM, NIfTI, MINC, Analyze, PAR/REC
Network 23 PCAP, PCAPNG, Wireshark, NetFlow, HAR
... ... [790+ total — whfmt list for full catalog]

CI/CD integration

# GitHub Actions example
- name: Validate build artifacts
  run: |
    dotnet tool install -g whfmt.Validate
    whfmt validate ./artifacts --recursive --report json --output validation.json --quiet
    if [ $? -ne 0 ]; then echo "Artifact validation failed"; exit 1; fi

- name: Upload validation report
  uses: actions/upload-artifact@v4
  with:
    name: format-validation
    path: validation.json

# Azure DevOps example
- script: |
    dotnet tool install -g whfmt.Validate
    whfmt validate $(Build.ArtifactStagingDirectory) -R --report html --output $(Build.ArtifactStagingDirectory)/report.html
  displayName: Validate build artifacts

Powered by whfmt.FileFormatCatalog

whfmt.Validate depends on whfmt.FileFormatCatalog — automatically installed by NuGet. The catalog ships 790+ .whfmt format definitions as embedded resources, covering magic-byte signatures, checksum rules, structural assertions, and forensic metadata for every supported format.

License

AGPL-3.0 — see LICENSE.

© 2016–2026 Derek Tremblay

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

This package has no dependencies.

Version Downloads Last Updated
1.0.0 37 5/7/2026

1.0.0 — Initial release. validate command with --format, --report (text/json/html), --output, --recursive flags. 790+ format definitions via whfmt.FileFormatCatalog.