340 files changed, 45070 insertions, 0 deletions
diff --git a/magic/Magdir/acorn b/magic/Magdir/acorn
new file mode 100644
index 0000000..37a4ed7
--- /dev/null
+++ b/magic/Magdir/acorn
@@ -0,0 +1,102 @@
+
+#------------------------------------------------------------------------------
+# $File: acorn,v 1.8 2021/04/26 15:56:00 christos Exp $
+# acorn:  file(1) magic for files found on Acorn systems
+#
+
+# RISC OS Chunk File Format
+# From RISC OS Programmer's Reference Manual, Appendix D
+# We guess the file type from the type of the first chunk.
+0	lelong		0xc3cbc6c5	RISC OS Chunk data
+>12	string		OBJ_		\b, AOF object
+>12	string		LIB_		\b, ALF library
+
+# RISC OS AIF, contains "SWI OS_Exit" at offset 16.
+16	lelong		0xef000011	RISC OS AIF executable
+
+# RISC OS Draw files
+# From RISC OS Programmer's Reference Manual, Appendix E
+0	string 		Draw		RISC OS Draw file data
+
+# RISC OS new format font files
+# From RISC OS Programmer's Reference Manual, Appendix E
+0	string		FONT\0		RISC OS outline font data,
+>5	byte		x		version %d
+0	string		FONT\1		RISC OS 1bpp font data,
+>5	byte		x		version %d
+0	string		FONT\4		RISC OS 4bpp font data
+>5	byte		x		version %d
+
+# RISC OS Music files
+# From RISC OS Programmer's Reference Manual, Appendix E
+0	string		Maestro\r	RISC OS music file
+>8	byte		x		version %d
+
+>8	byte		x		type %d
+
+# Digital Symphony data files
+# From: Bernard Jungen (bern8817@euphonynet.be)
+0		string	\x02\x01\x13\x13\x13\x01\x0d\x10	Digital Symphony sound sample (RISC OS),
+>8		byte	x	version %d,
+>9		pstring	x	named "%s",
+>(9.b+19)	byte	=0	8-bit logarithmic
+>(9.b+19)	byte	=1	LZW-compressed linear
+>(9.b+19)	byte	=2	8-bit linear signed
+>(9.b+19)	byte	=3	16-bit linear signed
+>(9.b+19)	byte	=4	SigmaDelta-compressed linear
+>(9.b+19)	byte	=5	SigmaDelta-compressed logarithmic
+>(9.b+19)	byte	>5	unknown format
+
+0	string	\x02\x01\x13\x13\x14\x12\x01\x0b	Digital Symphony song (RISC OS),
+>8	byte	x	version %d,
+>9	byte	=1	1 voice,
+>9	byte	!1	%d voices,
+>10	leshort	=1	1 track,
+>10	leshort	!1	%d tracks,
+>12	leshort	=1	1 pattern
+>12	leshort	!1	%d patterns
+
+0	string	\x02\x01\x13\x13\x10\x14\x12\x0e
+>9	byte	=0	Digital Symphony sequence (RISC OS),
+>>8	byte	x	version %d,
+>>10	byte	=1	1 line,
+>>10	byte	!1	%d lines,
+>>11	leshort	=1	1 position
+>>11	leshort	!1	%d positions
+>9	byte	=1	Digital Symphony pattern data (RISC OS),
+>>8	byte	x	version %d,
+>>10	leshort	=1	1 pattern
+>>10	leshort	!1	%d patterns
+
+# From: Joerg Jenderek
+# URL: https://www.kyzer.me.uk/pack/xad/#PackDir
+# reference: https://www.kyzer.me.uk/pack/xad/xad_PackDir.lha/PackDir.c
+# GRR: line below is too general as it matches also "Git pack" in ./revision
+0	string	PACK\0
+# check for valid compression method 0-4
+>5	ulelong	<5
+# https://www.riscosopen.org/wiki/documentation/show/Introduction%20To%20Filing%20Systems
+# To skip "Git pack" version 0 test for root directory object like
+# ADFS::RPC.$.websitezip.FONTFIX
+>>9	string	>ADFS\  PackDir archive (RISC OS)
+# TrID labels above as "Acorn PackDir compressed Archive"
+# compression mode y (0 - 4) for GIF LZW with a maximum n bits
+# (y~n,0~12,1~13,2~14,3~15,4~16)
+>>>5	ulelong+12 x	\b, LZW %u-bits compression
+# https://www.filebase.org.uk/filetypes
+# !Packdir compressed archive has three hexadecimal digits code 68E
+!:mime	application/x-acorn-68E
+!:ext	pkd/bin
+# null terminated root directory object like IDEFS::IDE-4.$.Apps.GRAPHICS.!XFMPdemo
+>>>9	string	x	\b, root "%s"
+# load address 0xFFFtttdd, ttt is the object filetype and dddddddddd is time
+>>>>&1	ulelong	x	\b, load address %#x
+# execution address 0xdddddddd dddddddddd is 40 bit unsigned centiseconds since 1.1.1900 UTC
+>>>>&5	ulelong	x	\b, exec address %#x
+# attributes (bits: 0~owner read,1~owner write,3~no delete,4~public read,5~public write)
+>>>>&9	ulelong	x	\b, attributes %#x 
+# number of entries in this directory. for root dir 0
+#>>>&13	ulelong	x	\b, entries %#x 
+# the entries start here with object name
+>>>>&17	string	x	\b, 1st object "%s"
+
diff --git a/magic/Magdir/adi b/magic/Magdir/adi
new file mode 100644
index 0000000..2fe79d4
--- /dev/null
+++ b/magic/Magdir/adi
@@ -0,0 +1,13 @@
+
+#------------------------------------------------------------------------------
+# $File: adi,v 1.4 2009/09/19 16:28:07 christos Exp $
+# adi: file(1) magic for ADi's objects
+# From Gregory McGarry <g.mcgarry@ieee.org>
+#
+0	leshort		0x521c		COFF DSP21k
+>18	lelong		&02		executable,
+>18	lelong		^02
+>>18	lelong		&01		static object,
+>>18	lelong		^01		relocatable object,
+>18	lelong		&010		stripped
+>18	lelong		^010		not stripped
diff --git a/magic/Magdir/adventure b/magic/Magdir/adventure
new file mode 100644
index 0000000..bd7f863
--- /dev/null
+++ b/magic/Magdir/adventure
@@ -0,0 +1,122 @@
+
+#------------------------------------------------------------------------------
+# $File: adventure,v 1.18 2019/04/19 00:42:27 christos Exp $
+# adventure: file(1) magic for Adventure game files
+#
+# from Allen Garvin <earendil@faeryland.tamu-commerce.edu>
+# Edited by Dave Chapeskie <dchapes@ddm.on.ca> Jun 28, 1998
+# Edited by Chris Chittleborough <cchittleborough@yahoo.com.au>, March 2002
+#
+# ALAN
+# I assume there are other, lower versions, but these are the only ones I
+# saw in the archive.
+0	beshort	0x0206	ALAN game data
+>2	byte	<10	version 2.6%d
+
+
+# Infocom (see z-machine)
+#------------------------------------------------------------------------------
+# Z-machine:  file(1) magic for Z-machine binaries.
+# Sanity checks by David Griffith <dave@661.org>
+# Updated by Adam Buchbinder <adam.buchbinder@gmail.com>
+#
+#http://www.gnelson.demon.co.uk/zspec/sect11.html
+#https://www.jczorkmid.net/~jpenney/ZSpec11-latest.txt
+#https://en.wikipedia.org/wiki/Z-machine
+# The first byte is the Z-machine revision; it is always between 1 and 8. We
+# had false matches (for instance, inbig5.ocp from the Omega TeX extension as
+# well as an occasional MP3 file), so we sanity-check the version number.
+#
+# It might be possible to sanity-check the release number as well, as it seems
+# (at least in classic Infocom games) to always be a relatively small number,
+# always under 150 or so, but as this isn't rigorous, we'll wait on that until
+# it becomes clear that it's needed.
+#
+0	ubyte			>0
+>0	ubyte			<9
+>>16	belong&0xfe00f0f0	0x3030
+>>>0	ubyte			< 10
+>>>>2	ubeshort		x
+>>>>>18	regex			[0-9][0-9][0-9][0-9][0-9][0-9]
+>>>>>>0	ubyte			< 10	Infocom (Z-machine %d
+>>>>>>>2	ubeshort	x 	\b, Release %d
+>>>>>>>>18	string		>\0	\b, Serial %.6s
+>>>>>>>>18	string		x	\b)
+!:strength + 40
+!:mime	application/x-zmachine
+
+#------------------------------------------------------------------------------
+# Glulx:  file(1) magic for Glulx binaries.
+#
+# David Griffith <dave@661.org>
+# I haven't checked for false matches yet.
+#
+0	string			Glul	Glulx game data
+>4	beshort			x	(Version %d
+>>6	byte			x	\b.%d
+>>8	byte			x	\b.%d)
+>36	string			Info	Compiled by Inform
+!:mime	application/x-glulx
+
+
+# For Quetzal and blorb magic see iff
+
+
+# TADS (Text Adventure Development System) version 2
+#  All files are machine-independent (games compile to byte-code) and are tagged
+#  with a version string of the form "V2.<digit>.<digit>\0".
+#  Game files start with "TADS2 bin\n\r\032\0" then the compiler version.
+0	string	TADS2\ bin	TADS
+>9	belong  !0x0A0D1A00	game data, CORRUPTED
+>9	belong	 0x0A0D1A00
+>>13	string	>\0		%s game data
+!:mime	application/x-tads
+#  Resource files start with "TADS2 rsc\n\r\032\0" then the compiler version.
+0	string	TADS2\ rsc	TADS
+>9	belong  !0x0A0D1A00	resource data, CORRUPTED
+>9	belong	 0x0A0D1A00
+>>13	string	>\0		%s resource data
+!:mime	application/x-tads
+#  Some saved game files start with "TADS2 save/g\n\r\032\0", a little-endian
+#  2-byte length N, the N-char name of the game file *without* a NUL (darn!),
+# "TADS2 save\n\r\032\0" and the interpreter version.
+0	string	TADS2\ save/g	TADS
+>12	belong	!0x0A0D1A00	saved game data, CORRUPTED
+>12	belong	 0x0A0D1A00
+>>(16.s+32) string >\0		%s saved game data
+!:mime	application/x-tads
+#  Other saved game files start with "TADS2 save\n\r\032\0" and the interpreter
+#  version.
+0	string	TADS2\ save	TADS
+>10	belong	!0x0A0D1A00	saved game data, CORRUPTED
+>10	belong	 0x0A0D1A00
+>>14	string	>\0		%s saved game data
+!:mime	application/x-tads
+
+# TADS (Text Adventure Development System) version 3
+#  Game files start with "T3-image\015\012\032"
+0	string	T3-image\015\012\032
+>11	leshort	x		TADS 3 game data (format version %d)
+#  Saved game files start with "T3-state-v####\015\012\032"
+#  where #### is a format version number
+0	string	T3-state-v
+>14	string	\015\012\032	TADS 3 saved game data (format version
+>>10	byte	x		%c
+>>11	byte	x		\b%c
+>>12	byte	x		\b%c
+>>13	byte	x		\b%c)
+!:mime	application/x-t3vm-image
+
+# edited by David Griffith <dave@661.org>
+# Danny Milosavljevic <danny.milo@gmx.net>
+# These are ADRIFT (adventure game standard) game files, extension .taf
+# Checked from source at (http://www.adrift.co/) and various taf files
+# found at the Interactive Fiction Archive (https://ifarchive.org/)
+0	belong  0x3C423FC9
+>4	belong  0x6A87C2CF	Adrift game file version
+>>8	belong  0x94453661	3.80
+>>8	belong  0x94453761	3.90
+>>8	belong  0x93453E61	4.0
+>>8	belong  0x92453E61	5.0
+>>8	default x		unknown
+!:mime	application/x-adrift
diff --git a/magic/Magdir/aes b/magic/Magdir/aes
new file mode 100644
index 0000000..e5e1edc
--- /dev/null
+++ b/magic/Magdir/aes
@@ -0,0 +1,29 @@
+
+#------------------------------------------------------------------------------
+# $File: aes,v 1.1 2020/08/18 21:20:22 christos Exp $
+#
+# aes: magic file for AES encrypted files
+
+# Summary:	AES Crypt Encrypted Data File
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
+# Reference:	https://www.aescrypt.com/aes_file_format.html
+0	string		AES	
+>3	ubyte		<3		AES encrypted data, version %u
+#!:mime	application/aes
+!:mime	application/x-aes-encrypted
+!:ext	aes
+# For Version 2 the encrypted file can have text tags
+>>3	ubyte		=2
+# length of an extension identifier and contents like: 0 24 33 38
+#>>5	ubeshort	x		\b, tag length %u
+#>>5	pstring/H	x		'%s'
+# standard extension tags like CREATED_BY
+>>>7	string		CREATED_BY	\b, created by
+# software product, manufacturer like "SharpAESCrypt v1.3.3.0" "aescrypt (Windows GUI) 3.10" ...
+>>>>&1	string		x		"%s"
+# TODO: more other tags
+# tag CREATED_DATE like YYYY-MM-DD
+# tag CREATED_TIME like HH:MM:SS
+#
+
diff --git a/magic/Magdir/algol68 b/magic/Magdir/algol68
new file mode 100644
index 0000000..1ca1fad
--- /dev/null
+++ b/magic/Magdir/algol68
@@ -0,0 +1,35 @@
+
+#------------------------------------------------------------------------------
+# $File: algol68,v 1.6 2022/11/06 18:36:55 christos Exp $
+# algol68:  file(1) magic for Algol 68 source
+#
+# URL: 		https://en.wikipedia.org/wiki/ALGOL_68
+# Reference:	http://www.softwarepreservation.org/projects/ALGOL/report/Algol68_revised_report-AB.pdf
+# Update:	Joerg Jenderek
+0	search/8192	(input,
+>0	use		algol_68
+# graph_2d.a68
+0	regex/4006	\^PROC[[:space:]][a-zA-Z0-9_[:space:]]*[[:space:]]=
+>0	use		algol_68
+0	regex/1024	\bMODE[\t\ ]
+>0	use		algol_68
+0	regex/1024	\bMODE[\t\ ]
+>0	use		algol_68
+0	regex/1024	\bREF[\t\ ]
+>0	use		algol_68
+0	regex/1024	\bFLEX[\t\ ]\*\\[
+>0	use		algol_68
+
+# display information like mime type and file name extension of Algol 68 source text
+0	name		algol_68		Algol 68 source text
+!:mime	text/x-Algol68
+# https://file-extension.net/seeker/file_extension_a68
+!:ext   a68
+#!:ext   a68/alg
+
+#0	regex          	[\t\ ]OD		Algol 68 source text
+#>0	use		algol_68
+#!:mime	text/x-Algol68
+#0	regex          	[\t\ ]FI		Algol 68 source text
+#>0	use		algol_68
+#!:mime	text/x-Algol68
diff --git a/magic/Magdir/allegro b/magic/Magdir/allegro
new file mode 100644
index 0000000..b937c9c
--- /dev/null
+++ b/magic/Magdir/allegro
@@ -0,0 +1,9 @@
+
+#------------------------------------------------------------------------------
+# $File: allegro,v 1.4 2009/09/19 16:28:07 christos Exp $
+# allegro:  file(1) magic for Allegro datafiles
+# Toby Deshane <hac@shoelace.digivill.net>
+#
+0 belong 0x736C6821   Allegro datafile (packed)
+0 belong 0x736C682E   Allegro datafile (not packed/autodetect)
+0 belong 0x736C682B   Allegro datafile (appended exe data)
diff --git a/magic/Magdir/alliant b/magic/Magdir/alliant
new file mode 100644
index 0000000..9620202
--- /dev/null
+++ b/magic/Magdir/alliant
@@ -0,0 +1,18 @@
+
+#------------------------------------------------------------------------------
+# $File: alliant,v 1.7 2009/09/19 16:28:07 christos Exp $
+# alliant:  file(1) magic for Alliant FX series a.out files
+#
+# If the FX series is the one that had a processor with a 68K-derived
+# instruction set, the "short" should probably become "beshort" and the
+# "long" should probably become "belong".
+# If it's the i860-based one, they should probably become either the
+# big-endian or little-endian versions, depending on the mode they ran
+# the 860 in....
+#
+0	short		0420		0420 Alliant virtual executable
+>2	short		&0x0020		common library
+>16	long		>0		not stripped
+0	short		0421		0421 Alliant compact executable
+>2	short		&0x0020		common library
+>16	long		>0		not stripped
diff --git a/magic/Magdir/amanda b/magic/Magdir/amanda
new file mode 100644
index 0000000..e7fa539
--- /dev/null
+++ b/magic/Magdir/amanda
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: amanda,v 1.6 2017/03/17 21:35:28 christos Exp $
+# amanda:  file(1) magic for amanda file format
+#
+0	string	AMANDA:\ 		AMANDA
+>8	string	TAPESTART\ DATE		tape header file,
+>>23	string	X
+>>>25	string	>\ 			Unused %s
+>>23	string	>\ 			DATE %s
+>8	string	FILE\ 			dump file,
+>>13	string	>\ 			DATE %s
diff --git a/magic/Magdir/amigaos b/magic/Magdir/amigaos
new file mode 100644
index 0000000..fdd947f
--- /dev/null
+++ b/magic/Magdir/amigaos
@@ -0,0 +1,218 @@
+
+#------------------------------------------------------------------------------
+# $File: amigaos,v 1.20 2021/09/20 00:42:19 christos Exp $
+# amigaos:  file(1) magic for AmigaOS binary formats:
+
+#
+# From ignatios@cs.uni-bonn.de (Ignatios Souvatzis)
+#
+0	belong		0x000003fa	AmigaOS shared library
+0	belong		0x000003f3	AmigaOS loadseg()ble executable/binary
+0	belong		0x000003e7	AmigaOS object/library data
+#
+0	beshort		0xe310		Amiga Workbench
+>2	beshort		1
+>>48	byte		1		disk icon
+>>48	byte		2		drawer icon
+>>48	byte		3		tool icon
+>>48	byte		4		project icon
+>>48	byte		5		garbage icon
+>>48	byte		6		device icon
+>>48	byte		7		kickstart icon
+>>48	byte		8		workbench application icon
+>2	beshort		>1		icon, vers. %d
+#
+# various sound formats from the Amiga
+# G=F6tz Waschk <waschk@informatik.uni-rostock.de>
+#
+0	string		FC14		Future Composer 1.4 Module sound file
+0	string		SMOD		Future Composer 1.3 Module sound file
+0	string		AON4artofnoise	Art Of Noise Module sound file
+1	string		MUGICIAN/SOFTEYES Mugician Module sound file
+58	string		SIDMON\ II\ -\ THE	Sidmon 2.0 Module sound file
+0	string		Synth4.0	Synthesis Module sound file
+0	string		ARP.		The Holy Noise Module sound file
+0	string		BeEp\0		JamCracker Module sound file
+0	string		COSO\0		Hippel-COSO Module sound file
+# Too simple (short, pure ASCII, deep), MPi
+#26	string		V.3		Brian Postma's Soundmon Module sound file v3
+#26	string		BPSM		Brian Postma's Soundmon Module sound file v3
+#26	string		V.2		Brian Postma's Soundmon Module sound file v2
+
+# The following are from: "Stefan A. Haubenthal" <polluks@web.de>
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Amiga_bitmap_font
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/f/font-amiga.trid.xml
+#		https://wiki.amigaos.net/wiki/Graphics_Library_and_Text
+# fch_FileID=FCH_ID=0x0f00
+0	beshort		0x0f00
+# skip some AVM powerline firmware images by check for positive number of font elements
+# https://download.avm.de/fritzpowerline/fritzpowerline-1000e-t/other/fritz.os/fritz.powerline_1000ET_01_05.image
+>2	ubeshort	>0		AmigaOS bitmap font
+#!:mime	application/octet-stream
+!:mime	font/x-amiga-font
+!:ext	font
+# struct FontContents fch_FC; 1st fc_FileName [MAXFONTPATH=256]; ~ filename "/" fc_YSize
+# like: topazb/6 suits/8  Excel/9e emerald/17 Franklin/23 DIAMONDS/60.8C
+>>4	string		x		"%.256s"
+# fc_YSize ~number after slash in fc_FileName; like: 6 7 8 9 11 12 16 17 21 23 45 60
+>>260	beshort		x		\b, fc_YSize %u
+# fch_NumEntries; number of FontContents elements like:
+# 1 (often) 2 3 (IconCondensed.font tempfont.font) 4 (Franklin.font) 6 (mcoop.font)
+>>2	ubeshort	>1		\b, %u elements
+#>>2	beshort		x		\b, %u element
+# plural s
+#>>2	beshort		!1		\bs
+# like: 6 7 8 9 11 12 16 17 21 23 45 60
+#>>262	beshort		x		\b, FLAGS_STYLE
+>>2	beshort		>1		\b, 2nd
+# 2nd fc_FileName like: Franklin/36
+>>>264	string		x		"%.256s"
+>>2	beshort		>2		\b, 3rd
+# 3rd fc_FileName like: Franklin/18
+>>>524	string		x		"%.256s"
+# URL:		http://fileformats.archiveteam.org/wiki/Amiga_bitmap_font
+# Reference:	https://wiki.amigaos.net/wiki/Graphics_Library_and_Text
+#		http://mark0.net/download/triddefs_xml.7z/defs/f/font-amiga-var2.trid.xml
+# Note:		called by TrID "Amiga bitmap Font (var.2)"
+# fch_FileID=TFCH_ID=0x0f02
+0	beshort		0x0f02
+# skip possible misidentified foo by check for positive number of font elements
+>2	ubeshort	>0		AmigaOS bitmap font (TFCH)
+#!:mime	application/octet-stream
+!:mime	font/x-amiga-font
+!:ext	font
+# struct TFontContents fch_TFC[]; 1st tfc_FileName [254]; ~ filename "/" fc_YSize
+# like: Abbey/45 XScript/75 XTriumvirate/45
+>>4	string		x		"%.254s"
+# tfc_TagCount; including the TAG_END tag like: 4
+>>258	ubeshort	x		\b, tfc_TagCount %u
+# tfc_YSize ~number after slash in tfc_FileName; like: 45 75
+>>260	beshort		x		\b, tfc_YSize %u
+# tfc_Style; tfc_Flags like: 8022h 8222h
+#>>262	ubeshort	x		\b, FLAGS_STYLE %#x
+# fch_NumEntries; number of FontContents elements like: 1 (abbey.font) 2 (xscript.font xtriumvirate.font)
+>>2	ubeshort	>1		\b, %u elements
+>>2	beshort		>1		\b, 2nd
+# 2nd tfc_FileName like: XScript/45 XTriumvirate/30
+>>>264	string		x		"%.254s"
+0	beshort		0x0f03		AmigaOS outline font
+0	belong		0x80001001	AmigaOS outline tag
+0	string		##\ version	catalog translation
+0	string		EMOD\0		Amiga E module
+8	string		ECXM\0		ECX module
+0	string/c	@database	AmigaGuide file
+
+# Amiga disk types
+#	display information like volume name of root block on Amiga (floppy) disk
+0	name   	adf-rootblock
+# block primary type = T_HEADER (value 2)
+>0x000	ubelong		!2		\b, type %u
+# header_key; unused in rootblock (value 0)
+>0x004	ubelong		!0		\b, header_key %u
+# high_seq; unused (value 0)
+>0x008	ubelong		!0		\b, high_seq %u
+# ht_size; hash table size; 0x48 for flopies
+>0x00c	ubelong		!0x48		\b, hash table size %#x
+# bm_flag; bitmap flag, -1 means VALID
+>0x138	belong		!-1		\b, bitmap flag %#x
+# bm_ext; first bitmap extension block (Hard disks only)
+>0x1A0	ubelong		!0		\b, bitmap extension block %#x
+# name_len; volume name length; diskname[30]; volume name
+>0x1B0	pstring		>\0		\b, "%s"
+# first directory cache block for FFS; otherwise 0
+>0x1F8	ubelong		!0		\b, directory cache block %#x
+# block secondary type = ST_ROOT (value 1)
+>0x1FC	ubelong		!1		\b, sec_type %#x
+#
+0	string		RDSK		Rigid Disk Block
+>160	string		x		on %.24s
+# URL:		http://fileformats.archiveteam.org/wiki/ADF_(Amiga)
+#		https://en.wikipedia.org/wiki/Amiga_Fast_File_System
+# Reference:	http://lclevy.free.fr/adflib/adf_info.html
+# Update:	Joerg Jenderek
+# Note:		created by ADFOpus.exe
+# 		and verified by `unadf -l TURBO_SILVER_SV.ADF`
+0	string		DOS
+# skip DOS Client Message Files like IPXODI.MSG DOSRQSTR.MSG
+>3	ubyte		<8		Amiga
+# https://reposcope.com/mimetype/application/x-amiga-disk-format
+!:mime	application/x-amiga-disk-format
+!:ext	adf
+>>3	ubyte		0		DOS disk
+>>3	ubyte		1		FFS disk
+>>3	ubyte		2		Inter DOS disk
+>>3	ubyte		3		Inter FFS disk
+# For Fastdir mode the international mode is also enabled,
+>>3	ubyte		4		Fastdir DOS disk
+>>3	ubyte		5		Fastdir FFS dis
+# called by TrID "Amiga Disk image File (OFS+INTL+DIRC)"
+>>3	ubyte		6		Inter Fastdir DOS disk
+# called by TrID "Amiga Disk image File (FFS+INTL+DIRC)"
+>>3	ubyte		7		Inter Fastdir FFS disk
+# but according to Wikipedia variants with long name support
+#>>3	ubyte		6		long name DOS disk
+#>>3	ubyte		7		long name FFS disk
+# DOES NOT only work! Partly for file size  ~< FILE_BYTES_MAX=1 MiB defined in ../../src/file.h
+#>>-0		offset	x		\b, %lld bytes
+# Correct file size, but next lines are NOT executed
+#>>-0		offset	901120		(DD 880 KiB floppy)
+# 880 KiB Double Density floppy disk by characteristic hash table size 0x48 and T_HEADER=2
+>>0x6E00C	ubelong	0x48
+>>>0x6E000	ubelong	2		(DD 880 KiB)
+# 1760 KiB High Density floppy disk (1802240 bytes) by characteristic hash table size 0x48
+>>0xDC00C	ubelong	0x48
+>>>0xDC000	ubelong	2		(HD 1760 KiB)
+# Chksum; special block checksum like: 0 0x44ccf4c0 0x51f32cac 0xe33d0e7d ...
+#>>4	ubelong		x		\b, CRC %#x
+# Rootblock: 0 880 (often for DD and HD) 1146049280 (IMAGINE_1_0_DISK_01.ADF TURBO_SILVER_SV.ADF)
+>>8	ubelong		>0		\b, probably root block %d
+# bootblock code
+>>12	quad		!0		\b, bootable
+# assembler instructions: lea exp(pc),a1; moveq 25h,d0; jsr -552(a6)
+>>>12	ubequad	=0x43fa003e70254eae	AmigaDOS 3.0
+>>>12	default	x
+>>>>12	ubequad	!0x43fa003e70254eae	%#llx..
+# 880 KiB Double Density floppy disk (901120 bytes)
+>>0x6E00C	ubelong	0x48
+>>>0x6E000	ubelong	2
+>>>>0x6E000	use			adf-rootblock
+# 1760 KiB High Density floppy disk (1802240 bytes)
+>>0xDC00C	ubelong	0x48
+>>>0xDC000	ubelong	2
+>>>>0xDC000	use			adf-rootblock
+# 1 MiB hard disc by test for T_HEADER=2 and header_key=0=high_seq 
+>>0x80000	ubelong	2
+>>>0x80004	quad	0
+>>>>0x80000	use			adf-rootblock
+# 2 MiB hard disc; only works if in ../../src/file.h FILE_BYTES_MAX is raised to 2 MiB 
+#>>0x100000	ubelong	x		2 MiB TEST
+#>>0x100000	ubelong	2		\b, 2 MiB hard disc rootblock
+#>>>0x100000	use			adf-rootblock
+0	string		KICK		Kickstart disk
+
+# From: Alex Beregszaszi <alex@fsn.hu>
+0	string		LZX		LZX compressed archive (Amiga)
+
+# From: Przemek Kramarczyk <pkramarczyk@gmail.com>
+0	string 		.KEY		AmigaDOS script
+0	string 		.key		AmigaDOS script
+
+# AMOS Basic file formats
+# https://www.exotica.org.uk/wiki/AMOS_file_formats
+0	string		AMOS\040Basic\040 	AMOS Basic source code
+>11	byte		=0x56 			\b, tested
+>11	byte		=0x76 			\b, untested
+0 	string		AMOS\040Pro		AMOS Basic source code
+>11	byte		=0x56 			\b, tested
+>11	byte		=0x76 			\b, untested
+0	string		AmSp			AMOS Basic sprite bank
+>4	beshort		x			\b, %d sprites
+0	string		AmIc			AMOS Basic icon bank
+>4	beshort		x			\b, %d icons
+0	string		AmBk			AMOS Basic memory bank
+>4	beshort		x			\b, bank number %d
+>8	belong&0xFFFFFFF	x		\b, length %d
+>12	regex		.{8}			\b, type %s
+0	string		AmBs			AMOS Basic memory banks
+>4	beshort		x			\b, %d banks
diff --git a/magic/Magdir/android b/magic/Magdir/android
new file mode 100644
index 0000000..8a2dedf
--- /dev/null
+++ b/magic/Magdir/android
@@ -0,0 +1,259 @@
+
+#------------------------------------------------------------
+# $File: android,v 1.24 2023/02/20 16:51:59 christos Exp $
+# Various android related magic entries
+#------------------------------------------------------------
+
+# Dalvik .dex format. http://retrodev.com/android/dexformat.html
+# From <mkf@google.com> "Mike Fleming"
+# Fixed to avoid regexec 17 errors on some dex files
+# From <diff@lookout.com> "Tim Strazzere"
+0	string	dex\n
+>0	regex	dex\n[0-9]{2}\0	Dalvik dex file
+>4	string	>000			version %s
+0	string	dey\n
+>0	regex	dey\n[0-9]{2}\0	Dalvik dex file (optimized for host)
+>4	string	>000			version %s
+
+# Android bootimg format
+# From https://android.googlesource.com/\
+# platform/system/core/+/master/mkbootimg/bootimg.h
+# https://github.com/djrbliss/loki/blob/master/loki.h#L43
+0		string	ANDROID!	Android bootimg
+>1024	string	LOKI		\b, LOKI'd
+>>1028	lelong	0			\b (boot)
+>>1028	lelong	1			\b (recovery)
+>8		lelong	>0			\b, kernel
+>>12	lelong	>0			\b (%#x)
+>16		lelong	>0			\b, ramdisk
+>>20	lelong	>0			\b (%#x)
+>24		lelong	>0			\b, second stage
+>>28	lelong	>0			\b (%#x)
+>36		lelong	>0			\b, page size: %d
+>38		string	>0			\b, name: %s
+>64		string	>0		 	\b, cmdline (%s)
+
+# Android Backup archive
+# From: Ariel Shkedi
+# Update: Joerg Jenderek 
+# URL: https://github.com/android/platform_frameworks_base/blob/\
+# 0bacfd2ba68d21a68a3df345b830bc2a1e515b5a/services/java/com/\
+# android/server/BackupManagerService.java#L2367
+# Reference: https://sourceforge.net/projects/adbextractor/
+#            android-backup-extractor/perl/backupencrypt.pl 
+# Note:	only unix line feeds "\n" found
+# After the header comes a tar file
+# If compressed, the entire tar file is compressed with JAVA deflate
+#
+# Include the version number hardcoded with the magic string to avoid
+# false positives
+0	string/b	ANDROID\ BACKUP\n	Android Backup
+# maybe look for some more characteristics like linefeed '\n' or version
+#>16	string		\n			
+# No mime-type defined officially
+!:mime	application/x-google-ab
+!:ext	ab
+# on 2nd line version (often 1, 2 on kitkat 4.4.3+, 4 on 7.1.2)
+>15	string		>\0			\b, version %s
+# "1" on 3rd line means compressed
+>17	string		0\n			\b, Not-Compressed
+>17	string		1\n			\b, Compressed
+# The 4th line is encryption "none" or "AES-256"
+# any string as long as it's not the word none (which is matched below)
+>19	string		none\n			\b, Not-Encrypted
+# look for backup content after line with encryption info
+#>>19	search/7	\n
+# data part after header for not encrypted Android Backup 
+#>>>&0	ubequad		x	\b, content %#16.16llx...
+# look for zlib compressed by ./compress after message with 1 space at end
+#>>>&0	indirect	x	\b; contains 
+# look for tar archive block by ./archive for package name manifest
+>>288	string		ustar	\b; contains
+>>>31	use	tar-file
+# look for zip/jar archive by ./archive ./zip after message with 1 space at end
+#>>2079	search/1025/s	PK\003\004	\b; contains 
+#>>>&0	indirect	x
+>19	string		!none			
+>>19    regex/1l	\^([^n\n]|n[^o]|no[^n]|non[^e]|none.+).*	\b, Encrypted (%s)
+# Commented out because they don't seem useful to print
+# (but they are part of the header - the tar file comes after them):
+# The 5th line is User Password Salt (128 Hex)
+# string length too high with standard src configuration
+#>>>&1		string	>\0	\b, PASSWORD salt: "%-128.128s"
+#>>>&1		regex/1l .*	\b, Password salt: %s
+# The 6th line is Master Key Checksum Salt (128 Hex)
+#>>>>&1		regex/1l .*	\b, Master salt: %s
+# The 7th line is Number of PBDKF2 Rounds (10000)
+#>>>>>&1	regex/1l .*	\b, PBKDF2 rounds: %s
+# The 8th line is User key Initialization Vector (IV) (32 Hex)
+#>>>>>>&1	regex/1l .*	\b, IV: %s
+#>>>>>>&1	regex/1l .*	\b, IV: %s
+# The 9th line is Master IV+Key+Checksum (192 Hex)
+#>>>>>>>&1	regex/1l .*	\b, Key: %s
+# look for new line separator char after line number 9
+#>>>0x204	ubyte	0x0a	NL found
+#>>>>&1		ubequad	x	\b, Content magic %16.16llx
+
+# *.pit files by Joerg Jenderek
+# https://forum.xda-developers.com/showthread.php?p=9122369
+# https://forum.xda-developers.com/showthread.php?t=816449
+# Partition Information Table for Samsung's smartphone with Android
+# used by flash software Odin
+0		ulelong			0x12349876
+# 1st pit entry marker
+>0x01C	ulequad&0xFFFFFFFCFFFFFFFC	=0x0000000000000000
+# minimal 13 and maximal 18 PIT entries found
+>>4		ulelong			<128	Partition Information Table for Samsung smartphone
+>>>4		ulelong			x	\b, %d entries
+# 1. pit entry
+>>>4		ulelong			>0	\b; #1
+>>>0x01C	use				PIT-entry
+>>>4		ulelong			>1	\b; #2
+>>>0x0A0	use				PIT-entry
+>>>4		ulelong			>2	\b; #3
+>>>0x124	use				PIT-entry
+>>>4		ulelong			>3	\b; #4
+>>>0x1A8	use				PIT-entry
+>>>4		ulelong			>4	\b; #5
+>>>0x22C	use				PIT-entry
+>>>4		ulelong			>5	\b; #6
+>>>0x2B0	use				PIT-entry
+>>>4		ulelong			>6	\b; #7
+>>>0x334	use				PIT-entry
+>>>4		ulelong			>7 	\b; #8
+>>>0x3B8	use				PIT-entry
+>>>4		ulelong			>8 	\b; #9
+>>>0x43C	use				PIT-entry
+>>>4		ulelong			>9	\b; #10
+>>>0x4C0	use				PIT-entry
+>>>4		ulelong			>10	\b; #11
+>>>0x544	use				PIT-entry
+>>>4		ulelong			>11	\b; #12
+>>>0x5C8	use				PIT-entry
+>>>4		ulelong			>12	\b; #13
+>>>>0x64C	use				PIT-entry
+# 14. pit entry
+>>>4		ulelong			>13	\b; #14
+>>>>0x6D0	use				PIT-entry
+>>>4		ulelong			>14	\b; #15
+>>>0x754	use				PIT-entry
+>>>4		ulelong			>15	\b; #16
+>>>0x7D8	use				PIT-entry
+>>>4		ulelong			>16	\b; #17
+>>>0x85C	use				PIT-entry
+# 18. pit entry
+>>>4		ulelong			>17	\b; #18
+>>>0x8E0	use				PIT-entry
+
+0	name			PIT-entry
+# garbage value implies end of pit entries
+>0x00		ulequad&0xFFFFFFFCFFFFFFFC	=0x0000000000000000
+# skip empty partition name
+>>0x24		ubyte				!0
+# partition name
+>>>0x24		string				>\0			%-.32s
+# flags
+>>>0x0C		ulelong&0x00000002		2			\b+RW
+# partition ID:
+# 0~IPL,MOVINAND,GANG;1~PIT,GPT;2~HIDDEN;3~SBL,HIDDEN;4~SBL2,HIDDEN;5~BOOT;6~kernel,RECOVER,misc;7~RECOVER
+# ;11~MODEM;20~efs;21~PARAM;22~FACTORY,SYSTEM;23~DBDATAFS,USERDATA;24~CACHE;80~BOOTLOADER;81~TZSW
+>>>0x08	ulelong		x			(%#x)
+# filename
+>>>0x44		string				>\0			"%-.64s"
+#>>>0x18	ulelong				>0
+# blocksize in 512 byte units ?
+#>>>>0x18	ulelong				x			\b, %db
+# partition size in blocks ?
+#>>>>0x22	ulelong				x			\b*%d
+
+# Android sparse img format
+# From https://android.googlesource.com/\
+# platform/system/core/+/master/libsparse/sparse_format.h
+0		lelong	0xed26ff3a		Android sparse image
+>4		leshort	x			\b, version: %d
+>6		leshort	x			\b.%d
+>16		lelong	x			\b, Total of %d
+>12		lelong	x			\b %d-byte output blocks in
+>20		lelong	x			\b %d input chunks.
+
+# Android binary XML magic
+# In include/androidfw/ResourceTypes.h:
+# RES_XML_TYPE = 0x0003 followed by the size of the header (ResXMLTree_header),
+# which is 8 bytes (2 bytes type + 2 bytes header size + 4 bytes size).
+# The strength is increased to avoid misidentifying as Targa image data
+0	lelong	0x00080003	Android binary XML
+!:strength +1
+
+# Android cryptfs footer
+# From https://android.googlesource.com/\
+# platform/system/vold/+/refs/heads/master/cryptfs.h
+0	lelong	0xd0b5b1c4	Android cryptfs footer
+>4	leshort	x	\b, version: %d
+>6	leshort	x	\b.%d
+
+# Android Vdex format
+# From https://android.googlesource.com/\
+# platform/art/+/master/runtime/vdex_file.h
+0	string	vdex	Android vdex file,
+>4	string	>000	verifier deps version: %s,
+>8	string	>000	dex section version: %s,
+>12	lelong	>0	number of dex files: %d,
+>16	lelong	>0	verifier deps size: %d
+
+# Android Vdex format, dexfile is currently being updated
+# by android system
+# From https://android.googlesource.com/\
+# platform/art/+/master/dex2oat/dex2oat.cc
+0	string	wdex	Android vdex file, being processed by dex2oat,
+>4	string	>000	verifier deps version: %s,
+>8	string	>000	dex section version: %s,
+>12	lelong	>0	number of dex files: %d,
+>16	lelong	>0	verifier deps size: %d
+
+# Disassembled DEX files
+0	string/t	.class\x20
+>&0	regex/512	\^\\.super\x20L.*;$	disassembled Android DEX Java class (smali/baksmali)
+!:ext	smali
+
+# Android ART (baseline) profile + metadata: baseline.prof, baseline.profm
+# Reference: https://android.googlesource.com/platform/frameworks/support/\
+#            +/refs/heads/androidx-main/profileinstaller/profileinstaller/\
+#            src/main/java/androidx/profileinstaller/ProfileTranscoder.java
+# Reference: https://android.googlesource.com/platform/frameworks/support/\
+#            +/refs/heads/androidx-main/profileinstaller/profileinstaller/\
+#            src/main/java/androidx/profileinstaller/ProfileVersion.java
+0	string	pro\x00
+>0	regex	pro\x000[0-9][0-9]\x00	Android ART profile
+!:ext	prof
+>>4	string	001\x00	\b, version 001 N
+>>4	string	005\x00	\b, version 005 O
+>>4	string	009\x00	\b, version 009 O MR1
+>>4	string	010\x00	\b, version 010 P
+>>4	string	015\x00	\b, version 015 S
+0	string	prm\x00
+>0	regex	prm\x000[0-9][0-9]\x00	Android ART profile metadata
+!:ext	profm
+>>4	string	001\x00	\b, version 001 N
+>>4	string	002\x00	\b, version 002
+
+# Android package resource table (ARSC): resources.arsc
+# Reference: https://android.googlesource.com/platform/tools/base/\
+#            +/refs/heads/mirror-goog-studio-main/apkparser/binary-resources/\
+#            src/main/java/com/google/devrel/gmscore/tools/apk/arsc
+# 00: resource table type = 0x0002 (2) + header size = 12 (2)
+# 04: chunk size (4, skipped)
+# 08: #packages (4)
+0	ulelong	0x000c0002	Android package resource table (ARSC)
+!:ext	arsc
+>8	ulelong	!1	\b, %d packages
+# 12: string pool type = 0x0001 (2) + header size = 28 (2)
+# 16: chunk size (4, skipped)
+# 20: #strings (4), #styles (4), flags (4)
+>12	ulelong	0x001c0001
+>>20	ulelong	!0	\b, %d string(s)
+>>24	ulelong	!0	\b, %d style(s)
+>>28	ulelong	&1	\b, sorted
+>>28	ulelong	&256	\b, utf8
+
+# extracted APK Signing Block
+-16	string	APK\x20Sig\x20Block\x2042	APK Signing Block
diff --git a/magic/Magdir/animation b/magic/Magdir/animation
new file mode 100644
index 0000000..aab93ca
--- /dev/null
+++ b/magic/Magdir/animation
@@ -0,0 +1,1206 @@
+
+#------------------------------------------------------------------------------
+# $File: animation,v 1.94 2023/06/16 20:06:50 christos Exp $
+# animation:  file(1) magic for animation/movie formats
+#
+# animation formats
+# MPEG, FLI, DL originally from vax@ccwf.cc.utexas.edu (VaX#n8)
+# FLC, SGI, Apple originally from Daniel Quinlan (quinlan@yggdrasil.com)
+
+# SGI and Apple formats
+0	string		MOVI		Silicon Graphics movie file
+!:mime	video/x-sgi-movie
+4       string          moov            Apple QuickTime
+!:mime	video/quicktime
+>12     string          mvhd            \b movie (fast start)
+>12     string          mdra            \b URL
+>12     string          cmov            \b movie (fast start, compressed header)
+>12     string          rmra            \b multiple URLs
+4       string          mdat            Apple QuickTime movie (unoptimized)
+!:mime	video/quicktime
+4       string          wide            Apple QuickTime movie (unoptimized)
+!:mime	video/quicktime
+#4       string          skip            Apple QuickTime movie (modified)
+#!:mime	video/quicktime
+#4       string          free            Apple QuickTime movie (modified)
+#!:mime	video/quicktime
+4       string          idsc            Apple QuickTime image (fast start)
+!:mime	image/x-quicktime
+#4       string          idat            Apple QuickTime image (unoptimized)
+#!:mime	image/x-quicktime
+4       string          pckg            Apple QuickTime compressed archive
+!:mime	application/x-quicktime-player
+
+#### MP4 ####
+# https://www.ftyps.com/ with local additions
+# https://cconcolato.github.io/mp4ra/filetype.html
+4	string		ftyp		ISO Media
+# https://aeroquartet.com/wordpress/2016/03/05/3-xavc-s/
+>8	string		XAVC		\b, MPEG v4 system, Sony XAVC Codec
+!:mime	video/mp4
+>>96	string		x		\b, Audio "%.4s"
+>>118	beshort		x		at %dHz
+>>140	string		x		\b, Video "%.4s"
+>>168	beshort		x		%d
+>>170	beshort		x		\bx%d
+>8	string		3g2		\b, MPEG v4 system, 3GPP2
+!:mime	video/3gpp2
+>>11	byte		4		\b v4 (H.263/AMR GSM 6.10)
+>>11	byte		5		\b v5 (H.263/AMR GSM 6.10)
+>>11	byte		6		\b v6 (ITU H.264/AMR GSM 6.10)
+# https://www.3gpp2.org/Public_html/Specs/C.S0050-B_v1.0_070521.pdf
+# Section 8.1.1, corresponds to a, b, c
+>>11	byte		0x61		\b C.S0050-0 V1.0
+>>11	byte		0x62		\b C.S0050-0-A V1.0.0
+>>11	byte		0x63		\b C.S0050-0-B V1.0
+>8	string		3ge		\b, MPEG v4 system, 3GPP
+!:mime	video/3gpp
+>>11	byte		6		\b, Release %d MBMS Extended Presentations
+>>11	byte		7		\b, Release %d MBMS Extended Presentations
+>>11	byte		9		\b, Release %d MBMS Extended Presentations
+>8	string		3gf		\b, MPEG v4 system, 3GPP
+>>11	byte		9		\b, Release %d File-delivery profile
+>8	string		3gg		\b, MPEG v4 system, 3GPP
+!:mime	video/3gpp
+>>11	byte		6		\b, Release %d General Profile
+>>11	byte		9		\b, Release %d General Profile
+>8	string		3gh		\b, MPEG v4 system, 3GPP
+!:mime	video/3gpp
+>>11	byte		9		\b, Release %d Adaptive Streaming Profile
+>8	string		3gm		\b, MPEG v4 system, 3GPP
+!:mime	video/3gpp
+>>11	byte		9		\b, Release %d Media Segment Profile
+>8	string		3gp		\b, MPEG v4 system, 3GPP
+!:mime	video/3gpp
+>>11	byte		1		\b, Release %d (non existent)
+>>11	byte		2		\b, Release %d (non existent)
+>>11	byte		3		\b, Release %d (non existent)
+>>11	byte		4		\b, Release %d
+>>11	byte		5		\b, Release %d
+>>11	byte		6		\b, Release %d
+>>11	byte		7		\b, Release %d Streaming Servers
+>8	string		3gr		\b, MPEG v4 system, 3GPP
+!:mime	video/3gpp
+>>11	byte		6		\b, Release %d Progressive Download Profile
+>>11	byte		9		\b, Release %d Progressive Download Profile
+>8	string		3gs		\b, MPEG v4 system, 3GPP
+!:mime	video/3gpp
+>>11	byte		6		\b, Release %d Streaming Servers
+>>11	byte		7		\b, Release %d Streaming Servers
+>>11	byte		9		\b, Release %d Streaming Servers
+>8	string		3gt		\b, MPEG v4 system, 3GPP
+!:mime	video/3gpp
+>>11	byte		8		\b, Release %d Media Stream Recording Profile
+>>11	byte		9		\b, Release %d Media Stream Recording Profile
+>8	string		ARRI		\b, MPEG v4 system, ARRI Digital Camera
+!:mime	video/mp4
+>8	string		avc1		\b, MPEG v4 system, 3GPP JVT AVC [ISO 14496-12:2005]
+!:mime	video/mp4
+>8	string		bbxm		\b, Blinkbox Master File: H.264 video/16-bit LE LPCM audio
+!:mime	video/mp4
+>8	string/W	qt		\b, Apple QuickTime movie
+!:mime	video/quicktime
+>8	string		CAEP		\b, Canon Digital Camera
+>8	string		caqv		\b, Casio Digital Camera
+>8	string		CDes		\b, Convergent Design
+>8	string		caaa		\b, CMAF Media Profile - AAC Adaptive Audio
+>8	string		caac		\b, CMAF Media Profile - AAC Core
+>8	string		caqv		\b, Casio Digital Camera	Casio
+>8	string		ccea		\b, CMAF Supplemental Data - CEA-608/708
+>8	string		ccff		\b, Common container file format
+>8	string		cfhd		\b, CMAF Media Profile - AVC HD
+>8	string		cfsd		\b, CMAF Media Profile - AVC SD
+>8	string		chd1		\b, CMAF Media Profile - HEVC HDR10
+>8	string		chdf		\b, CMAF Media Profile - AVC HDHF
+>8	string		chhd		\b, CMAF Media Profile - HEVC HHD8
+>8	string		chh1		\b, CMAF Media Profile - HEVC HHD10
+>8	string		clg1		\b, CMAF Media Profile - HEVC HLG10
+>8	string		cmfc		\b, CMAF Track Format
+>8	string		cmff		\b, CMAF Fragment Format
+>8	string		cmfl		\b, CMAF Chunk Format
+>8	string		cmfs		\b, CMAF Segment Format
+>8	string		cud1		\b, CMAF Media Profile - HEVC UHD10
+>8	string		cud8		\b, CMAF Media Profile - HEVC UHD8
+>8	string		cwvt		\b, CMAF Media Profile - WebVTT
+>8	string		da0a		\b, DMB MAF w/ MPEG Layer II aud, MOT slides, DLS, JPG/PNG/MNG
+>8	string		da0b		\b, DMB MAF, ext DA0A, with 3GPP timed text, DID, TVA, REL, IPMP
+>8	string		da1a		\b, DMB MAF audio with ER-BSAC audio, JPG/PNG/MNG images
+>8	string		da1b		\b, DMB MAF, ext da1a, with 3GPP timed text, DID, TVA, REL, IPMP
+>8	string		da2a		\b, DMB MAF aud w/ HE-AAC v2 aud, MOT slides, DLS, JPG/PNG/MNG
+>8	string		da2b		\b, DMB MAF, ext da2a, with 3GPP timed text, DID, TVA, REL, IPMP
+>8	string		da3a		\b, DMB MAF aud with HE-AAC aud, JPG/PNG/MNG images
+>8	string		da3b		\b, DMB MAF, ext da3a w/ BIFS, 3GPP, DID, TVA, REL, IPMP
+>8	string		dash		\b, MPEG v4 system, Dynamic Adaptive Streaming over HTTP
+!:mime	video/mp4
+>8	string		dby1		\b, MP4 files with Dolby content
+>8	string		dsms		\b, Media Segment DASH conformant
+>8	string		dts1		\b, MP4 track file with audio codecs dtsc dtsh or dtse
+>8	string		dts2		\b, MP4 track file with audio codec dtsx
+>8	string		dts3		\b, MP4 track file with audio codec dtsy
+>8	string		dxo$20		\b, DxO ONE camera
+>8	string		dmb1		\b, DMB MAF supporting all the components defined in the spec
+>8	string		dmpf		\b, Digital Media Project
+>8	string		drc1		\b, Dirac (wavelet compression), encap in ISO base media (MP4)
+>8	string		dv1a		\b, DMB MAF vid w/ AVC vid, ER-BSAC aud, BIFS, JPG/PNG/MNG, TS
+>8	string		dv1b		\b, DMB MAF, ext dv1a, with 3GPP timed text, DID, TVA, REL, IPMP
+>8	string		dv2a		\b, DMB MAF vid w/ AVC vid, HE-AAC v2 aud, BIFS, JPG/PNG/MNG, TS
+>8	string		dv2b		\b, DMB MAF, ext dv2a, with 3GPP timed text, DID, TVA, REL, IPMP
+>8	string		dv3a		\b, DMB MAF vid w/ AVC vid, HE-AAC aud, BIFS, JPG/PNG/MNG, TS
+>8	string		dv3b		\b, DMB MAF, ext dv3a, with 3GPP timed text, DID, TVA, REL, IPMP
+>8	string		dvr1		\b, DVB (.DVB) over RTP
+!:mime	video/vnd.dvb.file
+>8	string		dvt1		\b, DVB (.DVB) over MPEG-2 Transport Stream
+>8	string		emsg		\b, Event message box present
+!:mime	video/vnd.dvb.file
+>8	string		F4V		\b, Video for Adobe Flash Player 9+ (.F4V)
+!:mime	video/mp4
+>8	string		F4P		\b, Protected Video for Adobe Flash Player 9+ (.F4P)
+!:mime	video/mp4
+>8	string		F4A		\b, Audio for Adobe Flash Player 9+ (.F4A)
+!:mime	audio/mp4
+>8	string		F4B		\b, Audio Book for Adobe Flash Player 9+ (.F4B)
+!:mime	audio/mp4
+>8	string		ifrm		\b, Apple iFrame Specification, Version 8.1 Jan 2013
+>8	string		im1i		\b, CMAF Media Profile - IMSC1 Image
+>8	string		im1t		\b, CMAF Media Profile - IMSC1 Text
+>8	string		isc2		\b, ISMACryp 2.0 Encrypted File
+#	?/enc-isoff-generic
+>8	string		iso		\b, MP4 Base Media
+!:mime	video/mp4
+!:ext	mp4
+>>11	string		m 		v1 [ISO 14496-12:2003]
+>>11	string		2		v2 [ISO 14496-12:2005]
+>>11	string		4		v4
+>>11	string		5		v5 
+>>11	string		6		v6 
+>8	string		isml		\b, MP4 Base Media v2 [ISO 14496-12:2005]
+!:mime	video/mp4
+>8	string		J2P0		\b, JPEG2000 Profile 0
+>8	string		J2P1		\b, JPEG2000 Profile 1
+>8	string/W	jp2		\b, JPEG 2000
+!:mime	image/jp2
+>8	string		JP2		\b, JPEG 2000 Image (.JP2) [ISO 15444-1 ?]
+!:mime	image/jp2
+>8	string		JP20		\b, Unknown, from GPAC samples (prob non-existent)
+>8	string		jpm		\b, JPEG 2000 Compound Image (.JPM) [ISO 15444-6]
+!:mime	image/jpm
+>8	string		jpsi		\b, The JPSearch data interchange format
+>8	string		jpx		\b, JPEG 2000 w/ extensions (.JPX) [ISO 15444-2]
+!:mime	image/jpx
+>8	string		KDDI		\b, 3GPP2 EZmovie for KDDI 3G cellphones
+!:mime	video/3gpp2
+>8	string		LCAG		\b,  Leica digital camera
+>8	string		lmsg		\b, Last Media Segment indicator for ISO base media file format.
+>8	string		M4A 		\b, Apple iTunes ALAC/AAC-LC (.M4A) Audio
+!:mime	audio/x-m4a
+>8	string		M4B 		\b, Apple iTunes ALAC/AAC-LC (.M4B) Audio Book
+!:mime	audio/mp4
+>8	string		M4P 		\b, Apple iTunes ALAC/AAC-LC (.M4P) AES Protected Audio
+!:mime	video/mp4
+>8	string		M4V 		\b, Apple iTunes Video (.M4V) Video
+!:mime	video/x-m4v
+>8	string		M4VH		\b, Apple TV (.M4V)
+!:mime	video/x-m4v
+>8	string		M4VP		\b, Apple iPhone (.M4V)
+!:mime	video/x-m4v
+>8	string		mj2s		\b, Motion JPEG 2000 [ISO 15444-3] Simple Profile
+!:mime	video/mj2
+>8	string		mjp2		\b, Motion JPEG 2000 [ISO 15444-3] General Profile
+>8	string		MFSM		\b, Media File for Samsung video Metadata
+>8	string		MGSV		\b, Sony Home and Mobile Multimedia Platform (HMMP)
+!:mime	video/mj2
+>8	string		mmp4		\b, MPEG-4/3GPP Mobile Profile (.MP4 / .3GP) (for NTT)
+!:mime	video/mp4
+>8	string		mobi		\b, MPEG-4, MOBI format
+!:mime	video/mp4
+>8	string		mp21		\b, MPEG-21 [ISO/IEC 21000-9]
+>8	string		mp41		\b, MP4 v1 [ISO 14496-1:ch13]
+!:mime	video/mp4
+>8	string		mp42		\b, MP4 v2 [ISO 14496-14]
+!:mime	video/mp4
+>8	string		mp71		\b, MP4 w/ MPEG-7 Metadata [per ISO 14496-12]
+>8	string		mp7t		\b, MPEG v4 system, MPEG v7 XML
+>8	string		mp7b		\b, MPEG v4 system, MPEG v7 binary XML
+>8	string		mpuf		\b, Compliance with the MMT Processing Unit format
+>8	string		msdh		\b, Media Segment conforming to ISO base media file format.
+>8	string		msix		\b, Media Segment conforming to ISO base media file format.
+>8	string		mmp4		\b, MPEG v4 system, 3GPP Mobile
+!:mime	video/mp4
+>8	string		MPPI		\b, Photo Player, MAF [ISO/IEC 23000-3]
+>8	string		mqt		\b, Sony / Mobile QuickTime (.MQV) US Pat 7,477,830
+!:mime	video/quicktime
+>8	string		MSNV		\b, MPEG-4 (.MP4) for SonyPSP
+!:mime	audio/mp4
+>8	string		NDAS		\b, MP4 v2 [ISO 14496-14] Nero Digital AAC Audio
+!:mime	audio/mp4
+>8	string		NDSC		\b, MPEG-4 (.MP4) Nero Cinema Profile
+!:mime	video/mp4
+>8	string		NDSH		\b, MPEG-4 (.MP4) Nero HDTV Profile
+!:mime	video/mp4
+>8	string		NDSM		\b, MPEG-4 (.MP4) Nero Mobile Profile
+!:mime	video/mp4
+>8	string		NDSP		\b, MPEG-4 (.MP4) Nero Portable Profile
+!:mime	video/mp4
+>8	string		NDSS		\b, MPEG-4 (.MP4) Nero Standard Profile
+!:mime	video/mp4
+>8	string		NDXC		\b, H.264/MPEG-4 AVC (.MP4) Nero Cinema Profile
+!:mime	video/mp4
+>8	string		NDXH		\b, H.264/MPEG-4 AVC (.MP4) Nero HDTV Profile
+!:mime	video/mp4
+>8	string		NDXM		\b, H.264/MPEG-4 AVC (.MP4) Nero Mobile Profile
+!:mime	video/mp4
+>8	string		NDXP		\b, H.264/MPEG-4 AVC (.MP4) Nero Portable Profile
+!:mime	video/mp4
+>8	string		NDXS		\b, H.264/MPEG-4 AVC (.MP4) Nero Standard Profile
+>8	string		niko		\b, Nikon Digital Camera
+!:mime	video/mp4
+>8	string		odcf  		\b, OMA DCF DRM Format 2.0 (OMA-TS-DRM-DCF-V2_0-20060303-A)
+>8	string		opf2 		\b, OMA PDCF DRM Format 2.1 (OMA-TS-DRM-DCF-V2_1-20070724-C)
+>8	string		opx2  		\b, OMA PDCF DRM + XBS ext (OMA-TS-DRM_XBS-V1_0-20070529-C)
+>8	string		pana		\b, Panasonic Digital Camera
+>8	string		piff		\b, Protected Interoperable File Format
+>8	string		pnvi		]b, Panasonic Video Intercom
+>8	string		qt  		\b, Apple QuickTime (.MOV/QT)
+!:mime	video/quicktime
+# HEIF image format
+# see https://nokiatech.github.io/heif/technical.html
+>8	string		mif1		\b, HEIF Image
+!:mime image/heif
+>8	string		msf1		\b, HEIF Image Sequence
+!:mime image/heif-sequence
+>8	string		heic		\b, HEIF Image HEVC Main or Main Still Picture Profile
+!:mime image/heic
+>8	string		heix		\b, HEIF Image HEVC Main 10 Profile
+!:mime image/heic
+>8	string		hevc		\b, HEIF Image Sequenz HEVC Main or Main Still Picture Profile
+!:mime image/heic-sequence
+>8	string		hevx		\b, HEIF Image Sequence HEVC Main 10 Profile
+!:mime image/heic-sequence
+# following HEIF brands are not mentioned in the heif technical info currently (Oct 2017)
+# but used in the reference implementation:
+# https://github.com/nokiatech/heif/blob/d5e9a21c8ba8df712bdf643021dd9f6518134776/Srcs/reader/hevcimagefilereader.cpp
+>8	string		heim		\b, HEIF Image L-HEVC
+!:mime image/heif
+>8	string		heis		\b, HEIF Image L-HEVC
+!:mime image/heif
+>8	string		avic		\b, HEIF Image AVC
+!:mime image/heif
+>8	string		hevm		\b, HEIF Image Sequence L-HEVC
+!:mime image/heif-sequence
+>8	string		hevs		\b, HEIF Image Sequence L-HEVC
+!:mime image/heif-sequence
+>8	string		avcs		\b, HEIF Image Sequence AVC
+!:mime image/heif-sequence
+# AVIF image format
+# see https://aomediacodec.github.io/av1-avif/
+>8	string		avif		\b, AVIF Image
+!:mime image/avif
+>8	string		avis		\b, AVIF Image Sequence
+!:mime image/avif
+>8	string		risx		\b, Representation Index Segment for MPEG-2 TS Segments
+>8	string		ROSS		\b, Ross Video
+>8	string		sdv		\b, SD Memory Card Video
+>8	string		ssc1		\b, Samsung stereo, single stream (patent pending)
+>8	string		ssc2		\b, Samsung stereo, dual stream (patent pending)
+>8	string		SEAU		\b, Sony Home and Mobile Multimedia Platform (HMMP)
+>8	string		SEBK		\b, Sony Home and Mobile Multimedia Platform (HMMP)
+>8	string		senv		\b, Video contents Sony Entertainment Network
+>8	string		sims		\b, Media Segment for Sub-Indexed Media Segment format
+>8	string		sisx		\b, Single Index Segment forindex MPEG-2 TS
+>8	string		ssss		\b, Subsegment Index Segment used to index MPEG-2 Segments
+>8	string		uvvu		\b, UltraViolet file brand for DECE Common Format
+
+# MPEG sequences
+# Scans for all common MPEG header start codes
+0	 belong		    0x00000001
+>4	 byte&0x1F	    0x07	   JVT NAL sequence, H.264 video
+>>5      byte               66             \b, baseline
+>>5      byte               77             \b, main
+>>5      byte               88             \b, extended
+>>7      byte               x              \b @ L %u
+0        belong&0xFFFFFF00  0x00000100
+>3       byte               0xBA           MPEG sequence
+!:mime  video/mpeg
+# http://fileformats.archiveteam.org/wiki/Enhanced_VOB
+# https://reposcope.com/mimetype/video/mpeg
+!:ext	vob/evo/mpg/mpeg
+>>4      byte               &0x40          \b, v2, program multiplex
+>>4      byte               ^0x40          \b, v1, system multiplex
+>3       byte               0xBB           MPEG sequence, v1/2, multiplex (missing pack header)
+>3       byte&0x1F          0x07           MPEG sequence, H.264 video
+>>4      byte               66             \b, baseline
+>>4      byte               77             \b, main
+>>4      byte               88             \b, extended
+>>6      byte               x              \b @ L %u
+# GRR too general as it catches also FoxPro Memo example NG.FPT
+>3       byte               0xB0           MPEG sequence, v4
+# TODO: maybe this extra line exclude FoxPro Memo example NG.FPT starting with 000001b0 00000100 00000000
+#>>4      byte               !0             MPEG sequence, v4
+!:mime  video/mpeg4-generic
+>>5      belong             0x000001B5
+>>>9     byte               &0x80
+>>>>10   byte&0xF0          16             \b, video
+>>>>10   byte&0xF0          32             \b, still texture
+>>>>10   byte&0xF0          48             \b, mesh
+>>>>10   byte&0xF0          64             \b, face
+>>>9     byte&0xF8          8              \b, video
+>>>9     byte&0xF8          16             \b, still texture
+>>>9     byte&0xF8          24             \b, mesh
+>>>9     byte&0xF8          32             \b, face
+>>4      byte               1              \b, simple @ L1
+>>4      byte               2              \b, simple @ L2
+>>4      byte               3              \b, simple @ L3
+>>4      byte               4              \b, simple @ L0
+>>4      byte               17             \b, simple scalable @ L1
+>>4      byte               18             \b, simple scalable @ L2
+>>4      byte               33             \b, core @ L1
+>>4      byte               34             \b, core @ L2
+>>4      byte               50             \b, main @ L2
+>>4      byte               51             \b, main @ L3
+>>4      byte               53             \b, main @ L4
+>>4      byte               66             \b, n-bit @ L2
+>>4      byte               81             \b, scalable texture @ L1
+>>4      byte               97             \b, simple face animation @ L1
+>>4      byte               98             \b, simple face animation @ L2
+>>4      byte               99             \b, simple face basic animation @ L1
+>>4      byte               100            \b, simple face basic animation @ L2
+>>4      byte               113            \b, basic animation text @ L1
+>>4      byte               114            \b, basic animation text @ L2
+>>4      byte               129            \b, hybrid @ L1
+>>4      byte               130            \b, hybrid @ L2
+>>4      byte               145            \b, advanced RT simple @ L!
+>>4      byte               146            \b, advanced RT simple @ L2
+>>4      byte               147            \b, advanced RT simple @ L3
+>>4      byte               148            \b, advanced RT simple @ L4
+>>4      byte               161            \b, core scalable @ L1
+>>4      byte               162            \b, core scalable @ L2
+>>4      byte               163            \b, core scalable @ L3
+>>4      byte               177            \b, advanced coding efficiency @ L1
+>>4      byte               178            \b, advanced coding efficiency @ L2
+>>4      byte               179            \b, advanced coding efficiency @ L3
+>>4      byte               180            \b, advanced coding efficiency @ L4
+>>4      byte               193            \b, advanced core @ L1
+>>4      byte               194            \b, advanced core @ L2
+>>4      byte               209            \b, advanced scalable texture @ L1
+>>4      byte               210            \b, advanced scalable texture @ L2
+>>4      byte               211            \b, advanced scalable texture @ L3
+>>4      byte               225            \b, simple studio @ L1
+>>4      byte               226            \b, simple studio @ L2
+>>4      byte               227            \b, simple studio @ L3
+>>4      byte               228            \b, simple studio @ L4
+>>4      byte               229            \b, core studio @ L1
+>>4      byte               230            \b, core studio @ L2
+>>4      byte               231            \b, core studio @ L3
+>>4      byte               232            \b, core studio @ L4
+>>4      byte               240            \b, advanced simple @ L0
+>>4      byte               241            \b, advanced simple @ L1
+>>4      byte               242            \b, advanced simple @ L2
+>>4      byte               243            \b, advanced simple @ L3
+>>4      byte               244            \b, advanced simple @ L4
+>>4      byte               245            \b, advanced simple @ L5
+>>4      byte               247            \b, advanced simple @ L3b
+>>4      byte               248            \b, FGS @ L0
+>>4      byte               249            \b, FGS @ L1
+>>4      byte               250            \b, FGS @ L2
+>>4      byte               251            \b, FGS @ L3
+>>4      byte               252            \b, FGS @ L4
+>>4      byte               253            \b, FGS @ L5
+>3       byte               0xB5           MPEG sequence, v4
+!:mime  video/mpeg4-generic
+>>4      byte               &0x80
+>>>5     byte&0xF0          16             \b, video (missing profile header)
+>>>5     byte&0xF0          32             \b, still texture (missing profile header)
+>>>5     byte&0xF0          48             \b, mesh (missing profile header)
+>>>5     byte&0xF0          64             \b, face (missing profile header)
+>>4      byte&0xF8          8              \b, video (missing profile header)
+>>4      byte&0xF8          16             \b, still texture (missing profile header)
+>>4      byte&0xF8          24             \b, mesh (missing profile header)
+>>4      byte&0xF8          32             \b, face (missing profile header)
+>3       byte               0xB3           MPEG sequence
+!:mime  video/mpeg
+>>12     belong             0x000001B8     \b, v1, progressive Y'CbCr 4:2:0 video
+>>12     belong             0x000001B2     \b, v1, progressive Y'CbCr 4:2:0 video
+>>12     belong             0x000001B5     \b, v2,
+>>>16    byte&0x0F          1              \b HP
+>>>16    byte&0x0F          2              \b Spt
+>>>16    byte&0x0F          3              \b SNR
+>>>16    byte&0x0F          4              \b MP
+>>>16    byte&0x0F          5              \b SP
+>>>17    byte&0xF0          64             \b@HL
+>>>17    byte&0xF0          96             \b@H-14
+>>>17    byte&0xF0          128            \b@ML
+>>>17    byte&0xF0          160            \b@LL
+>>>17    byte               &0x08          \b progressive
+>>>17    byte               ^0x08          \b interlaced
+>>>17    byte&0x06          2              \b Y'CbCr 4:2:0 video
+>>>17    byte&0x06          4              \b Y'CbCr 4:2:2 video
+>>>17    byte&0x06          6              \b Y'CbCr 4:4:4 video
+>>11     byte               &0x02
+>>>75    byte               &0x01
+>>>>140  belong             0x000001B8     \b, v1, progressive Y'CbCr 4:2:0 video
+>>>>140  belong             0x000001B2     \b, v1, progressive Y'CbCr 4:2:0 video
+>>>>140  belong             0x000001B5     \b, v2,
+>>>>>144 byte&0x0F          1              \b HP
+>>>>>144 byte&0x0F          2              \b Spt
+>>>>>144 byte&0x0F          3              \b SNR
+>>>>>144 byte&0x0F          4              \b MP
+>>>>>144 byte&0x0F          5              \b SP
+>>>>>145 byte&0xF0          64             \b@HL
+>>>>>145 byte&0xF0          96             \b@H-14
+>>>>>145 byte&0xF0          128            \b@ML
+>>>>>145 byte&0xF0          160            \b@LL
+>>>>>145 byte               &0x08          \b progressive
+>>>>>145 byte               ^0x08          \b interlaced
+>>>>>145 byte&0x06          2              \b Y'CbCr 4:2:0 video
+>>>>>145 byte&0x06          4              \b Y'CbCr 4:2:2 video
+>>>>>145 byte&0x06          6              \b Y'CbCr 4:4:4 video
+>>76    belong             0x000001B8     \b, v1, progressive Y'CbCr 4:2:0 video
+>>76    belong             0x000001B2     \b, v1, progressive Y'CbCr 4:2:0 video
+>>76    belong             0x000001B5     \b, v2,
+>>>80   byte&0x0F          1              \b HP
+>>>80   byte&0x0F          2              \b Spt
+>>>80   byte&0x0F          3              \b SNR
+>>>80   byte&0x0F          4              \b MP
+>>>80   byte&0x0F          5              \b SP
+>>>81   byte&0xF0          64             \b@HL
+>>>81   byte&0xF0          96             \b@H-14
+>>>81   byte&0xF0          128            \b@ML
+>>>81   byte&0xF0          160            \b@LL
+>>>81   byte               &0x08          \b progressive
+>>>81   byte               ^0x08          \b interlaced
+>>>81   byte&0x06          2              \b Y'CbCr 4:2:0 video
+>>>81   byte&0x06          4              \b Y'CbCr 4:2:2 video
+>>>81   byte&0x06          6              \b Y'CbCr 4:4:4 video
+>>4      belong&0xFFFFFF00  0x78043800     \b, HD-TV 1920P
+>>>7     byte&0xF0          0x10           \b, 16:9
+>>4      belong&0xFFFFFF00  0x50002D00     \b, SD-TV 1280I
+>>>7     byte&0xF0          0x10           \b, 16:9
+>>4      belong&0xFFFFFF00  0x30024000     \b, PAL Capture
+>>>7     byte&0xF0          0x10           \b, 4:3
+>>4      beshort&0xFFF0     0x2C00         \b, 4CIF
+>>>5     beshort&0x0FFF     0x01E0         \b NTSC
+>>>5     beshort&0x0FFF     0x0240         \b PAL
+>>>7     byte&0xF0          0x20           \b, 4:3
+>>>7     byte&0xF0          0x30           \b, 16:9
+>>>7     byte&0xF0          0x40           \b, 11:5
+>>>7     byte&0xF0          0x80           \b, PAL 4:3
+>>>7     byte&0xF0          0xC0           \b, NTSC 4:3
+>>4      belong&0xFFFFFF00  0x2801E000     \b, LD-TV 640P
+>>>7     byte&0xF0          0x10           \b, 4:3
+>>4      belong&0xFFFFFF00  0x1400F000     \b, 320x240
+>>>7     byte&0xF0          0x10           \b, 4:3
+>>4      belong&0xFFFFFF00  0x0F00A000     \b, 240x160
+>>>7     byte&0xF0          0x10           \b, 4:3
+>>4      belong&0xFFFFFF00  0x0A007800     \b, 160x120
+>>>7     byte&0xF0          0x10           \b, 4:3
+>>4      beshort&0xFFF0     0x1600         \b, CIF
+>>>5     beshort&0x0FFF     0x00F0         \b NTSC
+>>>5     beshort&0x0FFF     0x0120         \b PAL
+>>>7     byte&0xF0          0x20           \b, 4:3
+>>>7     byte&0xF0          0x30           \b, 16:9
+>>>7     byte&0xF0          0x40           \b, 11:5
+>>>7     byte&0xF0          0x80           \b, PAL 4:3
+>>>7     byte&0xF0          0xC0           \b, NTSC 4:3
+>>>5     beshort&0x0FFF     0x0240         \b PAL 625
+>>>>7    byte&0xF0          0x20           \b, 4:3
+>>>>7    byte&0xF0          0x30           \b, 16:9
+>>>>7    byte&0xF0          0x40           \b, 11:5
+>>4      beshort&0xFFF0     0x2D00         \b, CCIR/ITU
+>>>5     beshort&0x0FFF     0x01E0         \b NTSC 525
+>>>5     beshort&0x0FFF     0x0240         \b PAL 625
+>>>7     byte&0xF0          0x20           \b, 4:3
+>>>7     byte&0xF0          0x30           \b, 16:9
+>>>7     byte&0xF0          0x40           \b, 11:5
+>>4      beshort&0xFFF0     0x1E00         \b, SVCD
+>>>5     beshort&0x0FFF     0x01E0         \b NTSC 525
+>>>5     beshort&0x0FFF     0x0240         \b PAL 625
+>>>7     byte&0xF0          0x20           \b, 4:3
+>>>7     byte&0xF0          0x30           \b, 16:9
+>>>7     byte&0xF0          0x40           \b, 11:5
+>>7      byte&0x0F          1              \b, 23.976 fps
+>>7      byte&0x0F          2              \b, 24 fps
+>>7      byte&0x0F          3              \b, 25 fps
+>>7      byte&0x0F          4              \b, 29.97 fps
+>>7      byte&0x0F          5              \b, 30 fps
+>>7      byte&0x0F          6              \b, 50 fps
+>>7      byte&0x0F          7              \b, 59.94 fps
+>>7      byte&0x0F          8              \b, 60 fps
+>>11     byte               &0x04          \b, Constrained
+
+# MPEG ADTS Audio (*.mpx/mxa/aac)
+# from dreesen@math.fu-berlin.de
+# modified to fully support MPEG ADTS
+
+# MP3, M1A
+# modified by Joerg Jenderek
+# GRR the original test are too common for many DOS files
+# so don't accept as MP3 until we've tested the rate
+# But also beat GEMDOS fonts
+0       beshort&0xFFFE  0xFFFA
+# rates
+>2	byte&0xF0	!0	
+>>2	byte&0xF0	!0xF0		MPEG ADTS, layer III, v1
+!:strength +20
+!:mime	audio/mpeg
+>2	byte&0xF0	0x10		\b, 32 kbps
+>2	byte&0xF0	0x20		\b, 40 kbps
+>2	byte&0xF0	0x30		\b, 48 kbps
+>2	byte&0xF0	0x40		\b, 56 kbps
+>2	byte&0xF0	0x50		\b, 64 kbps
+>2	byte&0xF0	0x60		\b, 80 kbps
+>2	byte&0xF0	0x70		\b, 96 kbps
+>2	byte&0xF0	0x80		\b, 112 kbps
+>2	byte&0xF0	0x90		\b, 128 kbps
+>2	byte&0xF0	0xA0		\b, 160 kbps
+>2	byte&0xF0	0xB0		\b, 192 kbps
+>2	byte&0xF0	0xC0		\b, 224 kbps
+>2	byte&0xF0	0xD0		\b, 256 kbps
+>2	byte&0xF0	0xE0		\b, 320 kbps
+# timing
+>2	byte&0x0C	0x00		\b, 44.1 kHz
+>2	byte&0x0C	0x04		\b, 48 kHz
+>2	byte&0x0C	0x08		\b, 32 kHz
+# channels/options
+>3	byte&0xC0	0x00		\b, Stereo
+>3	byte&0xC0	0x40		\b, JntStereo
+>3	byte&0xC0	0x80		\b, 2x Monaural
+>3	byte&0xC0	0xC0		\b, Monaural
+#>1	byte		^0x01		\b, Data Verify
+#>2	byte		&0x02		\b, Packet Pad
+#>2	byte		&0x01		\b, Custom Flag
+#>3	byte		&0x08		\b, Copyrighted
+#>3	byte		&0x04		\b, Original Source
+#>3	byte&0x03	1		\b, NR: 50/15 ms
+#>3	byte&0x03	3		\b, NR: CCIT J.17
+
+# MP2, M1A
+0       beshort&0xFFFE  0xFFFC         MPEG ADTS, layer II, v1
+!:mime	audio/mpeg
+# rates
+>2      byte&0xF0       0x10           \b,  32 kbps
+>2      byte&0xF0       0x20           \b,  48 kbps
+>2      byte&0xF0       0x30           \b,  56 kbps
+>2      byte&0xF0       0x40           \b,  64 kbps
+>2      byte&0xF0       0x50           \b,  80 kbps
+>2      byte&0xF0       0x60           \b,  96 kbps
+>2      byte&0xF0       0x70           \b, 112 kbps
+>2      byte&0xF0       0x80           \b, 128 kbps
+>2      byte&0xF0       0x90           \b, 160 kbps
+>2      byte&0xF0       0xA0           \b, 192 kbps
+>2      byte&0xF0       0xB0           \b, 224 kbps
+>2      byte&0xF0       0xC0           \b, 256 kbps
+>2      byte&0xF0       0xD0           \b, 320 kbps
+>2      byte&0xF0       0xE0           \b, 384 kbps
+# timing
+>2      byte&0x0C       0x00           \b, 44.1 kHz
+>2      byte&0x0C       0x04           \b, 48 kHz
+>2      byte&0x0C       0x08           \b, 32 kHz
+# channels/options
+>3      byte&0xC0       0x00           \b, Stereo
+>3      byte&0xC0       0x40           \b, JntStereo
+>3      byte&0xC0       0x80           \b, 2x Monaural
+>3      byte&0xC0       0xC0           \b, Monaural
+#>1     byte            ^0x01          \b, Data Verify
+#>2     byte            &0x02          \b, Packet Pad
+#>2     byte            &0x01          \b, Custom Flag
+#>3     byte            &0x08          \b, Copyrighted
+#>3     byte            &0x04          \b, Original Source
+#>3     byte&0x03       1              \b, NR: 50/15 ms
+#>3     byte&0x03       3              \b, NR: CCIT J.17
+
+# MPA, M1A
+# updated by Joerg Jenderek
+# GRR the original test are too common for many DOS files, so test 32 <= kbits <= 448
+# GRR this test is still too general as it catches a BOM of UTF-16 files (0xFFFE)
+# FIXME: Almost all little endian UTF-16 text with BOM are clobbered by these entries
+#0	beshort&0xFFFE		0xFFFE
+#>2	ubyte&0xF0	>0x0F
+#>>2	ubyte&0xF0	<0xE1		MPEG ADTS, layer I, v1
+## rate
+#>>>2      byte&0xF0       0x10           \b,  32 kbps
+#>>>2      byte&0xF0       0x20           \b,  64 kbps
+#>>>2      byte&0xF0       0x30           \b,  96 kbps
+#>>>2      byte&0xF0       0x40           \b, 128 kbps
+#>>>2      byte&0xF0       0x50           \b, 160 kbps
+#>>>2      byte&0xF0       0x60           \b, 192 kbps
+#>>>2      byte&0xF0       0x70           \b, 224 kbps
+#>>>2      byte&0xF0       0x80           \b, 256 kbps
+#>>>2      byte&0xF0       0x90           \b, 288 kbps
+#>>>2      byte&0xF0       0xA0           \b, 320 kbps
+#>>>2      byte&0xF0       0xB0           \b, 352 kbps
+#>>>2      byte&0xF0       0xC0           \b, 384 kbps
+#>>>2      byte&0xF0       0xD0           \b, 416 kbps
+#>>>2      byte&0xF0       0xE0           \b, 448 kbps
+## timing
+#>>>2      byte&0x0C       0x00           \b, 44.1 kHz
+#>>>2      byte&0x0C       0x04           \b, 48 kHz
+#>>>2      byte&0x0C       0x08           \b, 32 kHz
+## channels/options
+#>>>3      byte&0xC0       0x00           \b, Stereo
+#>>>3      byte&0xC0       0x40           \b, JntStereo
+#>>>3      byte&0xC0       0x80           \b, 2x Monaural
+#>>>3      byte&0xC0       0xC0           \b, Monaural
+##>1     byte            ^0x01          \b, Data Verify
+##>2     byte            &0x02          \b, Packet Pad
+##>2     byte            &0x01          \b, Custom Flag
+##>3     byte            &0x08          \b, Copyrighted
+##>3     byte            &0x04          \b, Original Source
+##>3     byte&0x03       1              \b, NR: 50/15 ms
+##>3     byte&0x03       3              \b, NR: CCIT J.17
+
+# MP3, M2A
+0       beshort&0xFFFE  0xFFF2         MPEG ADTS, layer III, v2
+!:mime	audio/mpeg
+# rate
+>2      byte&0xF0       0x10           \b,   8 kbps
+>2      byte&0xF0       0x20           \b,  16 kbps
+>2      byte&0xF0       0x30           \b,  24 kbps
+>2      byte&0xF0       0x40           \b,  32 kbps
+>2      byte&0xF0       0x50           \b,  40 kbps
+>2      byte&0xF0       0x60           \b,  48 kbps
+>2      byte&0xF0       0x70           \b,  56 kbps
+>2      byte&0xF0       0x80           \b,  64 kbps
+>2      byte&0xF0       0x90           \b,  80 kbps
+>2      byte&0xF0       0xA0           \b,  96 kbps
+>2      byte&0xF0       0xB0           \b, 112 kbps
+>2      byte&0xF0       0xC0           \b, 128 kbps
+>2      byte&0xF0       0xD0           \b, 144 kbps
+>2      byte&0xF0       0xE0           \b, 160 kbps
+# timing
+>2      byte&0x0C       0x00           \b, 22.05 kHz
+>2      byte&0x0C       0x04           \b, 24 kHz
+>2      byte&0x0C       0x08           \b, 16 kHz
+# channels/options
+>3      byte&0xC0       0x00           \b, Stereo
+>3      byte&0xC0       0x40           \b, JntStereo
+>3      byte&0xC0       0x80           \b, 2x Monaural
+>3      byte&0xC0       0xC0           \b, Monaural
+#>1     byte            ^0x01          \b, Data Verify
+#>2     byte            &0x02          \b, Packet Pad
+#>2     byte            &0x01          \b, Custom Flag
+#>3     byte            &0x08          \b, Copyrighted
+#>3     byte            &0x04          \b, Original Source
+#>3     byte&0x03       1              \b, NR: 50/15 ms
+#>3     byte&0x03       3              \b, NR: CCIT J.17
+
+# MP2, M2A
+0       beshort&0xFFFE  0xFFF4         MPEG ADTS, layer II, v2
+!:mime	audio/mpeg
+# rate
+>2      byte&0xF0       0x10           \b,   8 kbps
+>2      byte&0xF0       0x20           \b,  16 kbps
+>2      byte&0xF0       0x30           \b,  24 kbps
+>2      byte&0xF0       0x40           \b,  32 kbps
+>2      byte&0xF0       0x50           \b,  40 kbps
+>2      byte&0xF0       0x60           \b,  48 kbps
+>2      byte&0xF0       0x70           \b,  56 kbps
+>2      byte&0xF0       0x80           \b,  64 kbps
+>2      byte&0xF0       0x90           \b,  80 kbps
+>2      byte&0xF0       0xA0           \b,  96 kbps
+>2      byte&0xF0       0xB0           \b, 112 kbps
+>2      byte&0xF0       0xC0           \b, 128 kbps
+>2      byte&0xF0       0xD0           \b, 144 kbps
+>2      byte&0xF0       0xE0           \b, 160 kbps
+# timing
+>2      byte&0x0C       0x00           \b, 22.05 kHz
+>2      byte&0x0C       0x04           \b, 24 kHz
+>2      byte&0x0C       0x08           \b, 16 kHz
+# channels/options
+>3      byte&0xC0       0x00           \b, Stereo
+>3      byte&0xC0       0x40           \b, JntStereo
+>3      byte&0xC0       0x80           \b, 2x Monaural
+>3      byte&0xC0       0xC0           \b, Monaural
+#>1     byte            ^0x01          \b, Data Verify
+#>2     byte            &0x02          \b, Packet Pad
+#>2     byte            &0x01          \b, Custom Flag
+#>3     byte            &0x08          \b, Copyrighted
+#>3     byte            &0x04          \b, Original Source
+#>3     byte&0x03       1              \b, NR: 50/15 ms
+#>3     byte&0x03       3              \b, NR: CCIT J.17
+
+# MPA, M2A
+0       beshort&0xFFFE  0xFFF6         MPEG ADTS, layer I, v2
+!:mime	audio/mpeg
+# rate
+>2      byte&0xF0       0x10           \b,  32 kbps
+>2      byte&0xF0       0x20           \b,  48 kbps
+>2      byte&0xF0       0x30           \b,  56 kbps
+>2      byte&0xF0       0x40           \b,  64 kbps
+>2      byte&0xF0       0x50           \b,  80 kbps
+>2      byte&0xF0       0x60           \b,  96 kbps
+>2      byte&0xF0       0x70           \b, 112 kbps
+>2      byte&0xF0       0x80           \b, 128 kbps
+>2      byte&0xF0       0x90           \b, 144 kbps
+>2      byte&0xF0       0xA0           \b, 160 kbps
+>2      byte&0xF0       0xB0           \b, 176 kbps
+>2      byte&0xF0       0xC0           \b, 192 kbps
+>2      byte&0xF0       0xD0           \b, 224 kbps
+>2      byte&0xF0       0xE0           \b, 256 kbps
+# timing
+>2      byte&0x0C       0x00           \b, 22.05 kHz
+>2      byte&0x0C       0x04           \b, 24 kHz
+>2      byte&0x0C       0x08           \b, 16 kHz
+# channels/options
+>3      byte&0xC0       0x00           \b, Stereo
+>3      byte&0xC0       0x40           \b, JntStereo
+>3      byte&0xC0       0x80           \b, 2x Monaural
+>3      byte&0xC0       0xC0           \b, Monaural
+#>1     byte            ^0x01          \b, Data Verify
+#>2     byte            &0x02          \b, Packet Pad
+#>2     byte            &0x01          \b, Custom Flag
+#>3     byte            &0x08          \b, Copyrighted
+#>3     byte            &0x04          \b, Original Source
+#>3     byte&0x03       1              \b, NR: 50/15 ms
+#>3     byte&0x03       3              \b, NR: CCIT J.17
+
+# MP3, M25A
+0       beshort&0xFFFE  0xFFE2         MPEG ADTS, layer III,  v2.5
+!:mime	audio/mpeg
+# rate
+>2      byte&0xF0       0x10           \b,   8 kbps
+>2      byte&0xF0       0x20           \b,  16 kbps
+>2      byte&0xF0       0x30           \b,  24 kbps
+>2      byte&0xF0       0x40           \b,  32 kbps
+>2      byte&0xF0       0x50           \b,  40 kbps
+>2      byte&0xF0       0x60           \b,  48 kbps
+>2      byte&0xF0       0x70           \b,  56 kbps
+>2      byte&0xF0       0x80           \b,  64 kbps
+>2      byte&0xF0       0x90           \b,  80 kbps
+>2      byte&0xF0       0xA0           \b,  96 kbps
+>2      byte&0xF0       0xB0           \b, 112 kbps
+>2      byte&0xF0       0xC0           \b, 128 kbps
+>2      byte&0xF0       0xD0           \b, 144 kbps
+>2      byte&0xF0       0xE0           \b, 160 kbps
+# timing
+>2      byte&0x0C       0x00           \b, 11.025 kHz
+>2      byte&0x0C       0x04           \b, 12 kHz
+>2      byte&0x0C       0x08           \b, 8 kHz
+# channels/options
+>3      byte&0xC0       0x00           \b, Stereo
+>3      byte&0xC0       0x40           \b, JntStereo
+>3      byte&0xC0       0x80           \b, 2x Monaural
+>3      byte&0xC0       0xC0           \b, Monaural
+#>1     byte            ^0x01          \b, Data Verify
+#>2     byte            &0x02          \b, Packet Pad
+#>2     byte            &0x01          \b, Custom Flag
+#>3     byte            &0x08          \b, Copyrighted
+#>3     byte            &0x04          \b, Original Source
+#>3     byte&0x03       1              \b, NR: 50/15 ms
+#>3     byte&0x03       3              \b, NR: CCIT J.17
+
+# AAC (aka MPEG-2 NBC audio) and MPEG-4 audio
+
+# Stored AAC streams (instead of the MP4 format)
+0       string          ADIF           MPEG ADIF, AAC
+!:mime	audio/x-hx-aac-adif
+>4      byte            &0x80
+>>13    byte            &0x10          \b, VBR
+>>13    byte            ^0x10          \b, CBR
+>>16    byte&0x1E       0x02           \b, single stream
+>>16    byte&0x1E       0x04           \b, 2 streams
+>>16    byte&0x1E       0x06           \b, 3 streams
+>>16    byte            &0x08          \b, 4 or more streams
+>>16    byte            &0x10          \b, 8 or more streams
+>>4    byte            &0x80          \b, Copyrighted
+>>13   byte            &0x40          \b, Original Source
+>>13   byte            &0x20          \b, Home Flag
+>4      byte            ^0x80
+>>4     byte            &0x10          \b, VBR
+>>4     byte            ^0x10          \b, CBR
+>>7     byte&0x1E       0x02           \b, single stream
+>>7     byte&0x1E       0x04           \b, 2 streams
+>>7     byte&0x1E       0x06           \b, 3 streams
+>>7     byte            &0x08          \b, 4 or more streams
+>>7     byte            &0x10          \b, 8 or more streams
+>>4    byte            &0x40          \b, Original Stream(s)
+>>4    byte            &0x20          \b, Home Source
+
+# Live or stored single AAC stream (used with MPEG-2 systems)
+0       beshort&0xFFF6  0xFFF0         MPEG ADTS, AAC
+!:mime	audio/x-hx-aac-adts
+>1      byte            &0x08          \b, v2
+>1      byte            ^0x08          \b, v4
+# profile
+>>2     byte            &0xC0          \b LTP
+>2      byte&0xc0       0x00           \b Main
+>2      byte&0xc0       0x40           \b LC
+>2      byte&0xc0       0x80           \b SSR
+# timing
+>2      byte&0x3c       0x00           \b, 96 kHz
+>2      byte&0x3c       0x04           \b, 88.2 kHz
+>2      byte&0x3c       0x08           \b, 64 kHz
+>2      byte&0x3c       0x0c           \b, 48 kHz
+>2      byte&0x3c       0x10           \b, 44.1 kHz
+>2      byte&0x3c       0x14           \b, 32 kHz
+>2      byte&0x3c       0x18           \b, 24 kHz
+>2      byte&0x3c       0x1c           \b, 22.05 kHz
+>2      byte&0x3c       0x20           \b, 16 kHz
+>2      byte&0x3c       0x24           \b, 12 kHz
+>2      byte&0x3c       0x28           \b, 11.025 kHz
+>2      byte&0x3c       0x2c           \b, 8 kHz
+# channels
+>2      beshort&0x01c0  0x0040         \b, monaural
+>2      beshort&0x01c0  0x0080         \b, stereo
+>2      beshort&0x01c0  0x00c0         \b, stereo + center
+>2      beshort&0x01c0  0x0100         \b, stereo+center+LFE
+>2      beshort&0x01c0  0x0140         \b, surround
+>2      beshort&0x01c0  0x0180         \b, surround + LFE
+>2      beshort         &0x01C0        \b, surround + side
+#>1     byte            ^0x01           \b, Data Verify
+#>2     byte            &0x02           \b, Custom Flag
+#>3     byte            &0x20           \b, Original Stream
+#>3     byte            &0x10           \b, Home Source
+#>3     byte            &0x08           \b, Copyrighted
+
+# Live MPEG-4 audio streams (instead of RTP FlexMux)
+0       beshort&0xFFE0  0x56E0         MPEG-4 LOAS
+!:mime	audio/x-mp4a-latm
+#>1     beshort&0x1FFF  x              \b, %hu byte packet
+>3      byte&0xE0       0x40
+>>4     byte&0x3C       0x04           \b, single stream
+>>4     byte&0x3C       0x08           \b, 2 streams
+>>4     byte&0x3C       0x0C           \b, 3 streams
+>>4     byte            &0x08          \b, 4 or more streams
+>>4     byte            &0x20          \b, 8 or more streams
+>3      byte&0xC0       0
+>>4     byte&0x78       0x08           \b, single stream
+>>4     byte&0x78       0x10           \b, 2 streams
+>>4     byte&0x78       0x18           \b, 3 streams
+>>4     byte            &0x20          \b, 4 or more streams
+>>4     byte            &0x40          \b, 8 or more streams
+# This magic isn't strong enough (matches plausible ISO-8859-1 text)
+#0       beshort         0x4DE1         MPEG-4 LO-EP audio stream
+#!:mime	audio/x-mp4a-latm
+
+# Summary: FLI animation format
+# Created by: Daniel Quinlan <quinlan@yggdrasil.com>
+# Modified by (1): Abel Cheung <abelcheung@gmail.com> (avoid over-generic detection)
+4	leshort		0xAF11
+# standard FLI always has 320x200 resolution and 8 bit color
+>8	leshort		320
+>>10	leshort		200
+>>>12	leshort		8			FLI animation, 320x200x8
+!:mime	video/x-fli
+>>>>6	leshort		x			\b, %d frames
+# frame speed is multiple of 1/70s
+>>>>16	leshort		x			\b, %d/70s per frame
+
+# Summary: FLC animation format
+# Created by: Daniel Quinlan <quinlan@yggdrasil.com>
+# Modified by (1): Abel Cheung <abelcheung@gmail.com> (avoid over-generic detection)
+4	leshort		0xAF12
+# standard FLC always use 8 bit color
+>12	leshort		8			FLC animation
+!:mime	video/x-flc
+>>8	leshort		x			\b, %d
+>>10	leshort		x			\bx%dx8
+>>6	uleshort	x			\b, %d frames
+>>16	uleshort	x			\b, %dms per frame
+
+# DL animation format
+# XXX - collision with most `mips' magic
+#
+# I couldn't find a real magic number for these, however, this
+# -appears- to work.  Note that it might catch other files, too, so be
+# careful!
+#
+# Note that title and author appear in the two 20-byte chunks
+# at decimal offsets 2 and 22, respectively, but they are XOR'ed with
+# 255 (hex FF)!  The DL format is really bad.
+#
+#0	byte	1	DL version 1, medium format (160x100, 4 images/screen)
+#!:mime	video/x-unknown
+#>42	byte	x	- %d screens,
+#>43	byte	x	%d commands
+#0	byte	2	DL version 2
+#!:mime	video/x-unknown
+#>1	byte	1	- large format (320x200,1 image/screen),
+#>1	byte	2	- medium format (160x100,4 images/screen),
+#>1	byte	>2	- unknown format,
+#>42	byte	x	%d screens,
+#>43	byte	x	%d commands
+# Based on empirical evidence, DL version 3 have several nulls following the
+# \003.  Most of them start with non-null values at hex offset 0x34 or so.
+#0	string	\3\0\0\0\0\0\0\0\0\0\0\0	DL version 3
+
+# iso 13818 transport stream
+#
+# from Oskar Schirmer <schirmer@scara.com> Feb 3, 2001 (ISO 13818.1)
+# syncbyte      8 bit	0x47
+# error_ind     1 bit	-
+# payload_start 1 bit	1
+# priority      1 bit	-
+# PID          13 bit	0x0000
+# scrambling    2 bit	-
+# adaptfld_ctrl 2 bit	1 or 3
+# conti_count   4 bit	-
+0	belong&0xFF5FFF10	0x47400010
+>188	byte			0x47		MPEG transport stream data
+!:mime  video/MP2T
+!:ext	ts
+
+# Blu-ray disc Audio-Video MPEG-2 transport stream
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://en.wikipedia.org/wiki/MPEG_transport_stream
+# Note: similar to ISO 13818.1 but with 4 extra bytes per packets
+4	belong&0xFF5FFF10	=0x47400010
+>196	byte			=0x47		BDAV MPEG-2 Transport Stream (M2TS)
+!:mime	video/MP2T
+!:ext	m2ts/mts
+
+# DIF digital video file format <mpruett@sgi.com>
+0	belong&0xffffff00	0x1f070000      DIF
+!:mime  video/x-dv
+>4	byte			&0x01		(DVCPRO) movie file
+>4	byte			^0x01		(DV) movie file
+>3	byte			&0x80		(PAL)
+>3	byte			^0x80		(NTSC)
+
+# MNG Video Format, <URL:http://www.libpng.org/pub/mng/spec/>
+0	string			\x8aMNG		MNG video data,
+!:mime	video/x-mng
+>4	belong			!0x0d0a1a0a	CORRUPTED,
+>4	belong			0x0d0a1a0a
+>>16    belong	x				%d x
+>>20    belong	x				%d
+
+# JNG Video Format, <URL:http://www.libpng.org/pub/mng/spec/>
+0	string			\x8bJNG		JNG video data,
+!:mime	video/x-jng
+>4	belong			!0x0d0a1a0a	CORRUPTED,
+>4	belong			0x0d0a1a0a
+>>16    belong	x				%d x
+>>20    belong	x				%d
+
+# Vivo video (Wolfram Kleff)
+3	string		\x0D\x0AVersion:Vivo	Vivo video data
+
+# ABC (alembic.io 3d models)
+0	string	0gawa		ABC 3d model
+
+#---------------------------------------------------------------------------
+# HVQM4: compressed movie format designed by Hudson for Nintendo GameCube
+# From Mark Sheppard <msheppard@climax.co.uk>, 2002-10-03
+#
+0	string		HVQM4		%s
+>6	string		>\0		v%s
+>0	byte		x		GameCube movie,
+>0x34	ubeshort	x		%d x
+>0x36	ubeshort	x		%d,
+>0x26	ubeshort	x		%dus,
+>0x42	ubeshort	0		no audio
+>0x42	ubeshort	>0		%dHz audio
+
+# From: Stefan A. Haubenthal <polluks@sdf.lonestar.org>
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/VOB
+0	string		DVDVIDEO-VTS	Video title set,
+!:mime	video/x-ifo
+!:ext	ifo/bup
+>0x21	byte		x		v%x
+0	string		DVDVIDEO-VMG	Video manager,
+!:mime	video/x-ifo
+!:ext	ifo/bup
+>0x21	byte		x		v%x
+
+# From: Stefan A. Haubenthal <polluks@sdf.lonestar.org>
+0 string xMovieSetter MovieSetter movie
+0 string xSceneEditor MovieSetter movie
+
+# From: Behan Webster <behanw@websterwood.com>
+# NuppelVideo used by Mythtv (*.nuv)
+# Note: there are two identical stanzas here differing only in the
+# initial string matched. It used to be done with a regex, but we're
+# trying to get rid of those.
+0	string		NuppelVideo	MythTV NuppelVideo
+>12	string		x		v%s
+>20	lelong		x		(%d
+>24	lelong		x		\bx%d),
+>36	string		P		\bprogressive,
+>36	string		I		\binterlaced,
+>40	ledouble	x		\baspect:%.2f,
+>48	ledouble	x		\bfps:%.2f
+0	string		MythTV		MythTV NuppelVideo
+>12	string		x		v%s
+>20	lelong		x		(%d
+>24	lelong		x		\bx%d),
+>36	string		P		\bprogressive,
+>36	string		I		\binterlaced,
+>40	ledouble	x		\baspect:%.2f,
+>48	ledouble	x		\bfps:%.2f
+
+#						MPEG file
+# MPEG sequences
+# FIXME: This section is from the old magic.mime file and needs
+# integrating with the rest
+#0       belong             0x000001BA
+#>4      byte               &0x40
+#!:mime	video/mp2p
+#>4      byte               ^0x40
+#!:mime	video/mpeg
+#0       belong             0x000001BB
+#!:mime	video/mpeg
+#0       belong             0x000001B0
+#!:mime	video/mp4v-es
+#0       belong             0x000001B5
+#!:mime	video/mp4v-es
+#0       belong             0x000001B3
+#!:mime	video/mpv
+#0       belong&0xFF5FFF10  0x47400010
+#!:mime	video/mp2t
+#0       belong             0x00000001
+#>4      byte&0x1F	   0x07
+#!:mime	video/h264
+
+# Type: Bink Video
+# Extension: .bik
+# URL:  https://wiki.multimedia.cx/index.php?title=Bink_Container
+# From: <hoehle@users.sourceforge.net>  2008-07-18
+0	name		bik
+#>4	ulelong		x	size %d
+>20	ulelong		x	\b, %d
+>24	ulelong		x	\bx%d
+>8	ulelong		x	\b, %d frames
+>32	ulelong		x	at rate %d/
+>28	ulelong		>1	\b%d
+>40	ulelong		=0	\b, no audio
+>40	ulelong		!0	\b, %d audio track
+>>40	ulelong		!1	\bs
+# follow properties of the first audio track only
+>>48	uleshort	x	%dHz
+>>51	byte&0x20	0	mono
+>>51	byte&0x20	!0	stereo
+#>>51	byte&0x10	0	FFT
+#>>51	byte&0x10	!0	DCT
+
+0	string		BIK
+>3	regex		=[bdfghi]	Bink Video rev.%s
+>>0	use		bik
+
+0	string		KB2
+>3	regex		=[adfghi]	Bink Video 2 rev.%s
+>>0	use		bik
+
+# Type:	NUT Container
+# URL:	https://wiki.multimedia.cx/index.php?title=NUT
+# From:	Adam Buchbinder <adam.buchbinder@gmail.com>
+0	string	nut/multimedia\ container\0	NUT multimedia container
+
+# Type: Nullsoft Video (NSV)
+# URL:  https://wiki.multimedia.cx/index.php?title=Nullsoft_Video
+# From: Mike Melanson <mike@multimedia.cx>
+0	string	NSVf	Nullsoft Video
+
+# Type: REDCode Video
+# URL:  https://www.red.com/ ; https://wiki.multimedia.cx/index.php?title=REDCode
+# From: Mike Melanson <mike@multimedia.cx>
+4	string	RED1	REDCode Video
+
+# Type: MTV Multimedia File
+# URL:  https://wiki.multimedia.cx/index.php?title=MTV
+# From: Mike Melanson <mike@multimedia.cx>
+0	string	AMVS	MTV Multimedia File
+
+# Type: ARMovie
+# URL:  https://wiki.multimedia.cx/index.php?title=ARMovie
+# From: Mike Melanson <mike@multimedia.cx>
+0	string	ARMovie\012	ARMovie
+
+# Type: Interplay MVE Movie
+# URL:  https://wiki.multimedia.cx/index.php?title=Interplay_MVE
+# From: Mike Melanson <mike@multimedia.cx>
+0	string	Interplay\040MVE\040File\032	Interplay MVE Movie
+
+# Type: Windows Television DVR File
+# URL:  https://wiki.multimedia.cx/index.php?title=WTV
+# From: Mike Melanson <mike@mutlimedia.cx>
+# This takes the form of a Windows-style GUID
+0	bequad	0xB7D800203749DA11
+>8	bequad	0xA64E0007E95EAD8D	Windows Television DVR Media
+
+# Type: Sega FILM/CPK Multimedia
+# URL:  https://wiki.multimedia.cx/index.php?title=Sega_FILM
+# From: Mike Melanson <mike@multimedia.cx>
+0	string	FILM	Sega FILM/CPK Multimedia,
+>32	belong	x	%d x
+>28	belong	x	%d
+
+# Type: Nintendo THP Multimedia
+# URL:  https://wiki.multimedia.cx/index.php?title=THP
+# From: Mike Melanson <mike@multimedia.cx>
+0	string	THP\0	Nintendo THP Multimedia
+
+# Type: BBC Dirac Video
+# URL:  https://wiki.multimedia.cx/index.php?title=Dirac
+# From: Mike Melanson <mike@multimedia.cx>
+0	string	BBCD	BBC Dirac Video
+
+# Type: RAD Game Tools Smacker Multimedia
+# URL:  https://wiki.multimedia.cx/index.php?title=Smacker
+# From: Mike Melanson <mike@multimedia.cx>
+0	string	SMK	RAD Game Tools Smacker Multimedia
+>3	byte	x	version %c,
+>4	lelong	x	%d x
+>8	lelong	x	%d,
+>12	lelong	x	%d frames
+
+# Material Exchange Format
+# More information:
+# https://en.wikipedia.org/wiki/Material_Exchange_Format
+# http://www.freemxf.org/
+0	string	\x06\x0e\x2b\x34\x02\x05\x01\x01\x0d\x01\x02\x01\x01\x02	Material exchange container format
+!:ext	mxf
+!:mime	application/mxf
+
+# Recognize LucasArts Smush video files (cf.
+# https://wiki.multimedia.cx/index.php/Smush)
+0	string	ANIM
+>8	string	AHDR	LucasArts Smush Animation Format (SAN) video
+0	string	SANM
+>8	string	SHDR	LucasArts Smush v2 (SANM) video
+
+# Type: Scaleform video
+# Extension: .usm
+# URL:  https://wiki.multimedia.cx/index.php/USM
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+0	string	CRID
+>32	string	@UTF	Scaleform video
+
+# http://www.jerrysguide.com/tips/demystify-tvs-file-format.html
+0	string	TVS\015\012
+>&0	string	Version\040	TeamViewer Session File
+>>&0	string	x		\b, version %s
+
+# SER file format - simple uncompressed video format for astronomical use
+# Initially developed by Lucam Recorder,
+# as of 2021 maintained by Heiko Wilkens, Grischa Hahn
+# Typical extensions: .SER
+# http://www.grischa-hahn.homepage.t-online.de/astro/ser/SER%20Doc%20V3b.pdf
+0	string	LUCAM-RECORDER	SER video sequence
+!:ext	ser
+>18	lelong	0	\b, bayer: mono
+>18	lelong	8	\b, bayer: RGGB
+>18	lelong	9	\b, bayer: GRBG
+>18	lelong	10	\b, bayer: GBRG
+>18	lelong	11	\b, bayer: BGGR
+>18	lelong	16	\b, bayer: CYYM
+>18	lelong	17	\b, bayer: YCMY
+>18	lelong	18	\b, bayer: YMCY
+>18	lelong	19	\b, bayer: MYYC
+>18	lelong	100	\b, bayer: RGB
+>18	lelong	101	\b, bayer: BGR
+>22	lelong	0	\b, big-endian
+>22	lelong	1	\b, little-endian
+>26	lelong	x	\b, width: %d
+>30	lelong	x	\b, height: %d
+>34	lelong	x	\b, %d bit
+>38	lelong	x	\b, frames: %d
+
+# https://wiki.multimedia.cx/index.php/Duck_IVF
+0	string	DKIF	Duck IVF video file
+!:mime	video/x-ivf
+>4	leshort	>0	\b, version %d
+>8	string	x	\b, codec %s
+>12	leshort x	\b, %d
+>14	leshort x	\bx%d
+>24	lelong	>0	\b, %d frames
diff --git a/magic/Magdir/aout b/magic/Magdir/aout
new file mode 100644
index 0000000..69b6ec6
--- /dev/null
+++ b/magic/Magdir/aout
@@ -0,0 +1,46 @@
+
+#------------------------------------------------------------------------------
+# $File: aout,v 1.1 2013/01/09 22:37:23 christos Exp $
+# aout:  file(1) magic for a.out executable/object/etc entries that
+# handle executables on multiple platforms.
+#
+
+#
+# Little-endian 32-bit-int a.out, merged from bsdi (for BSD/OS, from
+# BSDI), netbsd, and vax (for UNIX/32V and BSD)
+#
+# XXX - is there anything we can look at to distinguish BSD/OS 386 from
+# NetBSD 386 from various VAX binaries?  The BSD/OS shared library flag
+# works only for binaries using shared libraries.  Grabbing the entry
+# point from the a.out header, using it to find the first code executed
+# in the program, and looking at that might help.
+#
+0	lelong		0407		a.out little-endian 32-bit executable
+>16	lelong		>0		not stripped
+>32	byte		0x6a		(uses BSD/OS shared libs)
+
+0	lelong		0410		a.out little-endian 32-bit pure executable
+>16	lelong		>0		not stripped
+>32	byte		0x6a		(uses BSD/OS shared libs)
+
+0	lelong		0413		a.out little-endian 32-bit demand paged pure executable
+>16	lelong		>0		not stripped
+>32	byte		0x6a		(uses BSD/OS shared libs)
+
+#
+# Big-endian 32-bit-int a.out, merged from sun (for old 68010 SunOS a.out),
+# mips (for old 68020(!) SGI a.out), and netbsd (for old big-endian a.out).
+#
+# XXX - is there anything we can look at to distinguish old SunOS 68010
+# from old 68020 IRIX from old NetBSD?  Again, I guess we could look at
+# the first instruction or instructions in the program.
+#
+0	belong		0407		a.out big-endian 32-bit executable
+>16	belong		>0		not stripped
+
+0	belong		0410		a.out big-endian 32-bit pure executable
+>16	belong		>0		not stripped
+
+0	belong		0413		a.out big-endian 32-bit demand paged executable
+>16	belong		>0		not stripped
+
diff --git a/magic/Magdir/apache b/magic/Magdir/apache
new file mode 100755
index 0000000..d896b50
--- /dev/null
+++ b/magic/Magdir/apache
@@ -0,0 +1,28 @@
+
+#------------------------------------------------------------------------------
+# $File: apache,v 1.1 2017/04/11 14:52:15 christos Exp $
+# apache: file(1) magic for Apache Big Data formats
+
+# Avro files
+0	string		Obj		Apache Avro
+>3	byte		x		version %d
+
+# ORC files
+# Important information is in file footer, which we can't index to :(
+0	string		ORC		Apache ORC
+
+# Parquet files
+0	string		PAR1		Apache Parquet
+
+# Hive RC files
+0	string		RCF		Apache Hive RC file
+>3	byte		x		version %d
+
+# Sequence files (and the careless first version of RC file)
+
+0	string		SEQ
+>3	byte		<6		Apache Hadoop Sequence file version %d
+>3	byte		>6		Apache Hadoop Sequence file version %d
+>3	byte		=6
+>>5	string		org.apache.hadoop.hive.ql.io.RCFile$KeyBuffer  Apache Hive RC file version 0
+>>3	default		x		Apache Hadoop Sequence file version 6
diff --git a/magic/Magdir/apl b/magic/Magdir/apl
new file mode 100644
index 0000000..d717e37
--- /dev/null
+++ b/magic/Magdir/apl
@@ -0,0 +1,7 @@
+
+#------------------------------------------------------------------------------
+# $File: apl,v 1.6 2009/09/19 16:28:07 christos Exp $
+# apl:  file(1) magic for APL (see also "pdp" and "vax" for other APL
+#       workspaces)
+#
+0	long		0100554		APL workspace (Ken's original?)
diff --git a/magic/Magdir/apple b/magic/Magdir/apple
new file mode 100644
index 0000000..547b0ac
--- /dev/null
+++ b/magic/Magdir/apple
@@ -0,0 +1,773 @@
+
+#------------------------------------------------------------------------------
+# $File: apple,v 1.48 2023/05/01 14:20:21 christos Exp $
+# apple:  file(1) magic for Apple file formats
+#
+0	search/1/t	FiLeStArTfIlEsTaRt	binscii (apple ][) text
+0	string		\x0aGL			Binary II (apple ][) data
+0	string		\x76\xff		Squeezed (apple ][) data
+0	string		NuFile			NuFile archive (apple ][) data
+0	string		N\xf5F\xe9l\xe5		NuFile archive (apple ][) data
+0	belong		0x00051600		AppleSingle encoded Macintosh file
+0	belong		0x00051607		AppleDouble encoded Macintosh file
+
+# Type: Apple Emulator A2R format
+# From: Greg Wildman <greg@apple2.org.za>
+# Ref: https://applesaucefdc.com/a2r2-reference/
+# Ref: https://applesaucefdc.com/a2r/
+0	string		A2R
+>3	string		\x31\xFF\x0A\x0D\x0A	Applesauce A2R 1.x Disk Image
+>3	string		\x32\xFF\x0A\x0D\x0A	Applesauce A2R 2.x Disk Image
+>3	string		\x33\xFF\x0A\x0D\x0A	Applesauce A2R 3.x Disk Image
+>8	string		INFO
+>>49	byte		01			\b, 5.25″ SS 40trk
+>>49	byte		02			\b, 3.5″ DS 80trk
+>>49	byte		03			\b, 5.25″ DS 80trk
+>>49	byte		04			\b, 5.25″ DS 40trk
+>>49	byte		05			\b, 3.5″ DS 80trk
+>>49	byte		06			\b, 8″ DS
+>>50	byte		01			\b, write protected
+>>51	byte		01			\b, cross track synchronized
+>>17	string/T	x			\b, %.32s
+
+# Type: Apple Emulator WOZ format
+# From: Greg Wildman <greg@apple2.org.za>
+# Ref: https://applesaucefdc.com/woz/reference/
+# Ref: https://applesaucefdc.com/woz/reference2/
+0	string		WOZ
+>3	string		\x31\xFF\x0A\x0D\x0A	Apple ][ WOZ 1.0 Disk Image
+>3	string		\x32\xFF\x0A\x0D\x0A	Apple ][ WOZ 2.0 Disk Image
+>12	string		INFO
+>>21	byte		01			\b, 5.25 inch
+>>21	byte		02			\b, 3.5 inch
+>>22	byte		01			\b, write protected
+>>23	byte		01			\b, cross track synchronized
+>>25	string/T	x			\b, %.32s
+
+# Type: Apple Macintosh Emulator MOOF format
+# From: Greg Wildman <greg@apple2.org.za>
+# Ref: https://applesaucefdc.com/moof-reference/
+0	string		MOOF
+>4	string		\xFF\x0A\x0D\x0A	Apple Macintosh MOOF Disk Image
+>12	string		INFO
+>>21	byte		01			\b, SSDD GCR (400K)
+>>21	byte		02			\b, DSDD GCR (800K)
+>>21	byte		03			\b, DSHD MFM (1.44M)
+>>22	byte		01			\b, write protected
+>>23	byte		01			\b, cross track synchronized
+>>25	string/T	x			\b, %.32s
+
+# Type: Apple Emulator disk images
+# From: Greg Wildman <greg@apple2.org.za>
+# ProDOS boot loader?
+0		string	\x01\x38\xB0\x03\x4C	Apple ProDOS Image
+# Detect Volume Directory block ($02)
+>0x400		string	\x00\x00\x03\x00
+>>0x404		byte	&0xF0
+>>>0x405	string	x			\b, Volume /%s
+>>>0x429	uleshort	x		\b, %u Blocks
+# ProDOS ordered ?
+>0xb00		string	\x00\x00\x03\x00
+>>0xb04		byte	&0xF0
+>>>0xb05	string	x			\b, Volume /%s
+>>>0xb29	uleshort	x		\b, %u Blocks
+#
+# Proboot HD
+0		string	\x01\x8A\x48\xD8\x2C\x82\xC0\x8D\x0E\xC0\x8D\x0C	Apple ProDOS ProBoot Image
+>0x400		string	\x00\x00\x03\x00
+>>0x404		byte	&0xF0
+>>>0x405	string	x			\b, Volume /%s
+>>>0x429	uleshort	x		\b, %u Blocks
+>0xb00		string	\x00\x00\x03\x00
+>>0xb04		byte	&0xF0
+>>>0xb05	string	x			\b, Volume /%s
+>>>0xb29	uleshort	x		\b, %u Blocks
+0		string	\x01\xA8\x8A\x20\x7B\xF8\x29\x07\x09\xC0\x99\x30	Apple ProDOS ProBoot Image
+>0x400		string	\x00\x00\x03\x00
+>>0x404		byte	&0xF0
+>>>0x405	string	x			\b, Volume /%s
+>>>0x429	uleshort	x		\b, %u Blocks
+>0xb00		string	\x00\x00\x03\x00
+>>0xb04		byte	&0xF0
+>>>0xb05	string	x			\b, Volume /%s
+>>>0xb29	uleshort	x		\b, %u Blocks
+0		string	\x01\x4A\xD0\x34\xE6\x3D\x8A\x20\x7B\xF8\x09\xC0	Apple ProDOS ProBoot Image
+>0x400		string	\x00\x00\x03\x00
+>>0x404		byte	&0xF0
+>>>0x405	string	x			\b, Volume /%s
+>>>0x429	uleshort	x		\b, %u Blocks
+>0xb00		string	\x00\x00\x03\x00
+>>0xb04		byte	&0xF0
+>>>0xb05	string	x			\b, Volume /%s
+>>>0xb29	uleshort	x		\b, %u Blocks
+#
+# ProDOS formatted
+0		string	\x01\xBD\x88\xC0\x20\x2F\xFB\x20\x58\xFC\x20\x40	Apple ProDOS Unbootable Image
+>0x400		string	\x00\x00\x03\x00
+>>0x404		byte	&0xF0
+>>>0x405	string	x			\b, Volume /%s
+>>>0x429	uleshort	x		\b, %u Blocks
+>0xb00		string	\x00\x00\x03\x00
+>>0xb04		byte	&0xF0
+>>>0xb05	string	x			\b, Volume /%s
+>>>0xb29	uleshort	x		\b, %u Blocks
+0		string	\x01\x38\xB0\x03\x4C\x1C\x09\x78\x86\x43\xC9\x03	Apple ProDOS Unbootable Image
+>0x400		string	\x00\x00\x03\x00
+>>0x404		byte	&0xF0
+>>>0x405	string	x			\b, Volume /%s
+>>>0x429	uleshort	x		\b, %u Blocks
+>0xb00		string	\x00\x00\x03\x00
+>>0xb04		byte	&0xF0
+>>>0xb05	string	x			\b, Volume /%s
+>>>0xb29	uleshort	x		\b, %u Blocks
+#
+# DOS3 boot loader
+0		string	\x01\xA5\x27\xC9\x09\xD0
+>0x11001	byte	0x11
+>>0x11003	ubyte	x		Apple DOS 3.%u Image
+>>0x11006	ubyte	x		\b, Volume #%03u
+>>0x11034	ubyte	x		\b, %u Tracks
+>>0x11035	ubyte	x		\b, %u Sectors
+>>0x11036	uleshort	x		\b, %u bytes per sector
+#
+# DOS3 uninitialized disk
+0		string	\x01\xA6\x2B\xBD\x88\xC0\x8A\x4A\x4A
+>0x11001	byte	0x11
+>>0x11003	ubyte	x	Apple DOS 3.%u Unbootable Image
+>>>0x11006	ubyte	x		\b, Volume #%03u
+>>>0x11034	ubyte	x		\b, %u Tracks
+>>>0x11035	ubyte	x		\b, %u Sectors
+>>>0x11036	uleshort	x		\b, %u bytes per sector
+#
+# Pascal boot loader?
+0		string	\x01\xE0\x60\xF0\x03\x4C\xE3\x08\xAD
+>0xd6		pstring SYSTEM.APPLE
+>>0xb00		leshort	0x0000
+>>>0xb04	leshort 0x0000		Apple Pascal Image
+>>>>0xb06	pstring x		\b, Volume %s:
+>>>>0xb0e	leshort x		\b, %u Blocks
+>>>>0xb10	leshort x		\b, %u Files
+#
+# Diversi Dos boot loader?
+0		string	\x01\xA8\xAD\x81\xC0\xEE\x09\x08\xAD
+>0x11001	string	\x11\x0F\x03	Apple Diversi Dos Image
+>>0x11006	byte	x		\b, Volume %u
+>>0x11034	byte	x		\b, %u Tracks
+>>0x11035	byte	x		\b, %u Sectors
+>>0x11036	leshort	x		\b, %u bytes per sector
+
+# Type: Apple Emulator 2IMG format
+# From: Radek Vokal <rvokal@redhat.com>
+# Update: Greg Wildman <greg@apple2.org.za>
+0		string	2IMG		Apple ][ 2IMG Disk Image
+>4		clear	x
+>4		string	XGS!		\b, XGS
+>4		string	CTKG		\b, Catakig
+>4		string	ShIm		\b, Sheppy's ImageMaker
+>4		string	SHEP		\b, Sheppy's ImageMaker
+>4		string	WOOF		\b, Sweet 16
+>4		string	B2TR		\b, Bernie ][ the Rescue
+>4		string	\!nfc		\b, ASIMOV2
+>4		string	\>BD\<		\b, Brutal Deluxe's Cadius
+>4		string	CdrP		\b, CiderPress
+>4		string	Vi][		\b, Virtual ][
+>4		string	PRFS		\b, ProFUSE
+>4		string	FISH		\b, FishWings
+>4		string	RVLW		\b, Revival for Windows
+>4		default	x
+>>4		string	x		\b, Creator tag "%-4.4s"
+>0xc		byte	00		\b, DOS 3.3 sector order
+>>0x10		byte	00		\b, Volume 254
+>>0x10		byte&0x7f x		\b, Volume %u
+>0xc		byte	01		\b, ProDOS sector order
+# Detect Volume Directory block ($02) + 2mg header offset
+>>0x440		string	\x00\x00\x03\x00
+>>>0x444	byte	&0xF0
+>>>>0x445	string	x		\b, Volume /%s
+>>>>0x469	uleshort	x		\b, %u Blocks
+>0xc		byte	02		\b, NIB data
+
+# Type: Peter Ferrie QBoot
+# From: Greg Wildman <greg@apple2.org.za>
+# Ref: https://github.com/peterferrie/qboot
+0	string	\x01\x4A\xA8\x69\x0F\x85\x27\xC9
+>8	string	\x12\xF0\x10\xE6\x3D\x86\xDA\x8A	Apple ][ QBoot Image
+
+# Type: Peter Ferrie 0Boot
+# From: Greg Wildman <greg@apple2.org.za>
+# Ref: https://github.com/peterferrie/0boot
+0	string	\x01\x4A\xA8\x69\x0F\x85\x27\xC9
+>8	string	\x12\xF0\x10\xE6\x3D\x86\xDA\x8A	Apple ][ 0Boot Image
+
+# Different proprietary boot sectors
+0	string	\x01\x0F\x21\x74\x00\x01\x6B\x00\x02\x30\x81\x5D	Apple ][ Disk Image
+0	string	\x01\x20\x58\xFC\xA2\x00\x8E\x78\x04\x8E\xF4\x03	Apple ][ Disk Image
+0	string	\x01\x20\x58\xFC\xAD\x51\xC0\xAD\x54\xC0\xA6\x2B	Apple ][ Disk Image
+0	string	\x01\x20\x89\xFE\x20\x93\xFE\xA6\x2B\xBD\x88\xC0	Apple ][ Disk Image
+0	string	\x01\x20\x93\xFE\x20\x89\xFE\x4C\x25\x08\x68\x85	Apple ][ Disk Image
+0	string	\x01\x20\x93\xFE\x20\x89\xFE\x4C\x2D\x08\x68\x85	Apple ][ Disk Image
+0	string	\x01\x38\x90\x2A\xC9\x01\xF0\x33\xA8\xC8\xC0\x10	Apple ][ Disk Image
+0	string	\x01\x38\xB0\x03\x4C\x32\xA1\x87\x43\xC9\x03\x08	Apple ][ Disk Image
+0	string	\x01\x4C\x04\x08\xA9\x2A\x8D\x02\x08\x86\x2B\xEE	Apple ][ Disk Image
+0	string	\x01\x4C\x60\x08\x09\xD0\x18\xA5\x2B\x4A\x4A\x4A	Apple ][ Disk Image
+0	string	\x01\x4C\x92\x08\x01\x08\xA2\x00\xB5\x00\x9D\x00	Apple ][ Disk Image
+0	string	\x01\x4C\xB3\x08\x09\xD0\x18\xA5\x2B\x4A\x4A\x4A	Apple ][ Disk Image
+0	string	\x01\x8D\xFB\x03\x8E\xFC\x03\x8C\xFD\x03\x8A\x29	Apple ][ Disk Image
+0	string	\x01\xA2\xFF\x9A\xD8\x20\x20\x08\x20\x34\x08\xAD	Apple ][ Disk Image
+0	string	\x01\xA5\x27\xBD\x88\xC0\x2C\x10\xC0\xA2\x00\xA9	Apple ][ Disk Image
+0	string	\x01\xA5\x2B\xAE\x51\xC0\xEA\xAA\xBD\x88\xC0\x20	Apple ][ Disk Image
+0	string	\x01\xA6\x27\xBD\x0B\x08\x48\xBD\x0A\x08\x48\x85	Apple ][ Disk Image
+0	string	\x01\xA6\x2B\xBD\x88\xC0\x20\x58\xFC\xA9\x01\x85	Apple ][ Disk Image
+0	string	\x01\xA6\x2B\xBD\x88\xC0\x20\x58\xFC\xA9\x25\x85	Apple ][ Disk Image
+0	string	\x01\xA8\xC0\x0F\x90\x16\xF0\x12\xA0\xFF\x18\xAD	Apple ][ Disk Image
+0	string	\x01\xA9\x00\x85\xF0\xA9\x04\x85\xF1\xA0\x00\xA9	Apple ][ Disk Image
+0	string	\x01\xA9\x5C\x8D\xF2\x03\xA9\xC6\x8D\xF3\x03\x49	Apple ][ Disk Image
+0	string	\x01\xA9\x60\x8D\x01\x08\x20\x2F\xFB\x20\x58\xFC	Apple ][ Disk Image
+0	string	\x01\xA9\x60\x8D\x01\x08\x20\x49\x08\xA9\x0A\x85	Apple ][ Disk Image
+0	string	\x01\xA9\x60\x8D\x01\x08\x2C\x82\xC0\xBD\x88\xC0	Apple ][ Disk Image
+0	string	\x01\xA9\x60\x8D\x01\x08\x86\x43\x8A\x4A\x4A\x4A	Apple ][ Disk Image
+0	string	\x01\xA9\x60\x8D\x01\x08\xA2\x00\x86\xFF\xB5\x00	Apple ][ Disk Image
+0	string	\x01\xA9\x60\x8D\x01\x08\xA2\x00\xB5\x00\x9D\x00	Apple ][ Disk Image
+0	string	\x01\xA9\x60\x8D\x01\x08\xA9\xB2\x8D\xF2\x03\xA9	Apple ][ Disk Image
+0	string	\x01\xA9\x60\x8D\x01\x08\xA9\xFF\x8D\xF3\x03\x8D	Apple ][ Disk Image
+0	string	\x01\xAC\x00\x08\xF0\x19\xB9\x30\x08\x85\x3D\xCE	Apple ][ Disk Image
+0	string	\x01\xAC\x23\x08\x30\x2E\xB9\x24\x08\x85\x3D\xCE	Apple ][ Disk Image
+0	string	\x01\xAD\x00\x08\xC9\x09\xB0\x20\x69\x02\x8D\x00	Apple ][ Disk Image
+0	string	\x01\xB0\x00\xA9\x3C\x8D\x02\x08\x86\x2B\x8A\x4A	Apple ][ Disk Image
+0	string	\x01\xB0\x00\xA9\x3C\x8D\x02\x08\xA9\xF5\x8D\xF2	Apple ][ Disk Image
+0	string	\x01\xB0\x00\xA9\x3F\x8D\x02\x08\x86\x2B\x8E\xF4	Apple ][ Disk Image
+0	string	\x01\xB0\x00\xA9\x48\x8D\x02\x08\x86\x2B\x8E\xF4	Apple ][ Disk Image
+0	string	\x01\xBD\x88\xC0\x8A\x4A\x4A\x4A\x4A\x09\xC0\x8D	Apple ][ Disk Image
+0	string	\x01\xBD\x88\xC0\x8A\x4A\x4A\x4A\x4A\x8D\x2F\x08	Apple ][ Disk Image
+0	string	\x01\xD8\x2C\x81\xC0\xA9\x60\x4D\x58\xFF\xD0\xFE	Apple ][ Disk Image
+0	string	\x01\xD8\x78\xBD\x88\xC0\xA9\xFD\x85\x37\x85\x39	Apple ][ Disk Image
+0	string	\x01\xE0\x60\xF0\x03\x4C\x16\x09\xAD\x00\x08\xC9	Apple ][ Disk Image
+0	string	\x01\xE0\x60\xF0\x03\x4C\xCB\x08\xAD\x00\x08\xC9	Apple ][ Disk Image
+0	string	\x01\xE0\x60\xF0\x03\x4C\xEE\x08\xAD\x00\x08\xC9	Apple ][ Disk Image
+0	string	\x01\xE0\x60\xF0\x03\x4C\xEF\x08\xAD\x00\x08\xC9	Apple ][ Disk Image
+0	string	\x01\xE0\x70\xB0\x04\xE0\x40\xB0\x39\xBD\x88\xC0	Apple ][ Disk Image
+0	string	\x01\xEA\x8D\xF4\x03\xA9\x60\x9D\x88\xC0\x8D\x51	Apple ][ Disk Image
+
+# magic for Newton PDA package formats
+# from Ruda Moura <ruda@helllabs.org>
+0	string	package0	Newton package, NOS 1.x,
+>12	belong	&0x80000000	AutoRemove,
+>12	belong	&0x40000000	CopyProtect,
+>12	belong	&0x10000000	NoCompression,
+>12	belong	&0x04000000	Relocation,
+>12	belong	&0x02000000	UseFasterCompression,
+>16	belong	x		version %d
+
+0	string	package1	Newton package, NOS 2.x,
+>12	belong	&0x80000000	AutoRemove,
+>12	belong	&0x40000000	CopyProtect,
+>12	belong	&0x10000000	NoCompression,
+>12	belong	&0x04000000	Relocation,
+>12	belong	&0x02000000	UseFasterCompression,
+>16	belong	x		version %d
+
+0	string	package4	Newton package,
+>8	byte	8		NOS 1.x,
+>8	byte	9		NOS 2.x,
+>12	belong	&0x80000000	AutoRemove,
+>12	belong	&0x40000000	CopyProtect,
+>12	belong	&0x10000000	NoCompression,
+
+# The following entries for the Apple II are for files that have
+# been transferred as raw binary data from an Apple, without having
+# been encapsulated by any of the above archivers.
+#
+# In general, Apple II formats are hard to identify because Apple DOS
+# and especially Apple ProDOS have strong typing in the file system and
+# therefore programmers never felt much need to include type information
+# in the files themselves.
+#
+# Eric Fischer <enf@pobox.com>
+
+# AppleWorks word processor:
+# URL: https://en.wikipedia.org/wiki/AppleWorks
+# Reference: http://www.gno.org/pub/apple2/doc/apple/filetypes/ftn.1a.xxxx
+# Update: Joerg Jenderek
+# NOTE:
+# The "O" is really the magic number, but that's so common that it's
+# necessary to check the tab stops that follow it to avoid false positives.
+# and/or look for unused bits of booleans bytes like zoom, paginated, mail merge
+# the newer AppleWorks is from claris with extension CWK
+4	string		O
+# test for unused bits of zoom- , paginated-boolean bytes
+>84	ubequad		^0x00Fe00000000Fe00
+# look for tabstop definitions "=" no tab, "|" no tab
+# "<" left tab,"^" center tab,">" right tab, "." decimal tab,
+# unofficial "!" other , "\x8a" other
+# official only if SFMinVers is nonzero
+>>5	regex/s	[=.<>|!^\x8a]{79}	AppleWorks Word Processor
+# AppleWorks Word Processor File (Apple II)
+# ./apple (version 5.25) labeled the entry as "AppleWorks word processor data"
+# application/x-appleworks is mime type for claris version with cwk extension
+!:mime	application/x-appleworks3
+# http://home.earthlink.net/~hughhood/appleiiworksenvoy/
+# ('p' + 1-byte ProDOS File Type + 2-byte ProDOS Aux Type')
+# $70 $1A $F8 $FF is this the apple type ?
+#:apple pdosp^Z\xf8\xff
+!:ext awp
+# minimum version needed to read this files. SFMinVers (0 , 30~3.0 )
+>>>183	ubyte		30	3.0
+>>>183	ubyte		!30
+>>>>183	ubyte		!0	%#x
+# usual tabstop start sequence "=====<"
+>>>5	string		x	\b, tabstop ruler "%6.6s"
+# tabstop ruler
+#>>>5	string		>\0	\b, tabstops "%-79s"
+# zoom switch
+>>>85	  byte&0x01	>0	\b, zoomed
+# whether paginated
+>>>90	  byte&0x01	>0	\b, paginated
+# contains any mail-merge commands
+>>>92	  byte&0x01	>0	\b, with mail merge
+# left margin in 1/10 inches ( normally 0 or 10 )
+>>>91	ubyte		>0
+>>>>91	ubyte		x	\b, %d/10 inch left margin
+
+# AppleWorks database:
+#
+# This isn't really a magic number, but it's the closest thing to one
+# that I could find.  The 1 and 2 really mean "order in which you defined
+# categories" and "left to right, top to bottom," respectively; the D and R
+# mean that the cursor should move either down or right when you press Return.
+
+#30	string		\x01D	AppleWorks database data
+#30	string		\x02D	AppleWorks database data
+#30	string		\x01R	AppleWorks database data
+#30	string		\x02R	AppleWorks database data
+
+# AppleWorks spreadsheet:
+#
+# Likewise, this isn't really meant as a magic number.  The R or C means
+# row- or column-order recalculation; the A or M means automatic or manual
+# recalculation.
+
+#131	string		RA	AppleWorks spreadsheet data
+#131	string		RM	AppleWorks spreadsheet data
+#131	string		CA	AppleWorks spreadsheet data
+#131	string		CM	AppleWorks spreadsheet data
+
+# Applesoft BASIC:
+#
+# This is incredibly sloppy, but will be true if the program was
+# written at its usual memory location of 2048 and its first line
+# number is less than 256.  Yuck.
+# update by Joerg Jenderek at Feb 2013
+
+# GRR: this test is still too general as it catches also Gujin BOOT144.SYS (0xfa080000)
+#0       belong&0xff00ff 0x80000 Applesoft BASIC program data
+0	belong&0x00ff00ff	0x00080000
+# assuming that line number must be positive
+>2	leshort			>0		Applesoft BASIC program data, first line number %d
+#>2     leshort         x       \b, first line number %d
+
+# ORCA/EZ assembler:
+#
+# This will not identify ORCA/M source files, since those have
+# some sort of date code instead of the two zero bytes at 6 and 7
+# XXX Conflicts with ELF
+#4       belong&0xff00ffff       0x01000000      ORCA/EZ assembler source data
+#>5      byte                    x               \b, build number %d
+
+# Broderbund Fantavision
+#
+# I don't know what these values really mean, but they seem to recur.
+# Will they cause too many conflicts?
+
+# Probably :-)
+#2	belong&0xFF00FF		0x040008	Fantavision movie data
+
+# Some attempts at images.
+#
+# These are actually just bit-for-bit dumps of the frame buffer, so
+# there's really no reasonably way to distinguish them except for their
+# address (if preserved) -- 8192 or 16384 -- and their length -- 8192
+# or, occasionally, 8184.
+#
+# Nevertheless this will manage to catch a lot of images that happen
+# to have a solid-colored line at the bottom of the screen.
+
+# GRR: Magic too weak
+#8144	string	\x7F\x7F\x7F\x7F\x7F\x7F\x7F\x7F	Apple II image with white background
+#8144	string	\x55\x2A\x55\x2A\x55\x2A\x55\x2A	Apple II image with purple background
+#8144	string	\x2A\x55\x2A\x55\x2A\x55\x2A\x55	Apple II image with green background
+#8144	string	\xD5\xAA\xD5\xAA\xD5\xAA\xD5\xAA	Apple II image with blue background
+#8144	string	\xAA\xD5\xAA\xD5\xAA\xD5\xAA\xD5	Apple II image with orange background
+
+# Beagle Bros. Apple Mechanic fonts
+
+0	belong&0xFF00FFFF	0x6400D000	Apple Mechanic font
+
+# Apple Universal Disk Image Format (UDIF) - dmg files.
+# From Johan Gade.
+# These entries are disabled for now until we fix the following issues.
+#
+# Note there might be some problems with the "VAX COFF executable"
+# entry. Note this entry should be placed before the mac filesystem section,
+# particularly the "Apple Partition data" entry.
+#
+# The intended meaning of these tests is, that the file is only of the
+# specified type if both of the lines are correct - i.e. if the first
+# line matches and the second doesn't then it is not of that type.
+#
+#0	long	0x7801730d
+#>4	long	0x62626060	UDIF read-only zlib-compressed image (UDZO)
+#
+# Note that this entry is recognized correctly by the "Apple Partition
+# data" entry - however since this entry is more specific - this
+# information seems to be more useful.
+#0	long	0x45520200
+#>0x410	string	disk\ image	UDIF read/write image (UDRW)
+
+# From: Toby Peterson <toby@apple.com>
+# From https://www.nationalarchives.gov.uk/pronom/fmt/866
+0	string	bplist00
+>8	search/500	WebMainResource	Apple Safari Webarchive
+!:mime	application/x-webarchive
+!:strength +50
+0	string	bplist00	Apple binary property list
+!:mime	application/x-bplist
+
+# Apple binary property list (bplist)
+#  Assumes version bytes are hex.
+#  Provides content hints for version 0 files. Assumes that the root
+#  object is the first object (true for CoreFoundation implementation).
+# From: David Remahl <dremahl@apple.com>
+0		string	bplist
+>6		byte	x	\bCoreFoundation binary property list data, version %#c
+>>7		byte	x	\b%c
+>6		string		00		\b
+>>8		byte&0xF0	0x00	\b
+>>>8	byte&0x0F	0x00	\b, root type: null
+>>>8	byte&0x0F	0x08	\b, root type: false boolean
+>>>8	byte&0x0F	0x09	\b, root type: true boolean
+>>8		byte&0xF0	0x10	\b, root type: integer
+>>8		byte&0xF0	0x20	\b, root type: real
+>>8		byte&0xF0	0x30	\b, root type: date
+>>8		byte&0xF0	0x40    \b, root type: data
+>>8		byte&0xF0	0x50	\b, root type: ascii string
+>>8		byte&0xF0	0x60	\b, root type: unicode string
+>>8		byte&0xF0	0x80	\b, root type: uid (CORRUPT)
+>>8		byte&0xF0	0xa0	\b, root type: array
+>>8		byte&0xF0	0xd0	\b, root type: dictionary
+
+# Apple/NeXT typedstream data
+#  Serialization format used by NeXT and Apple for various
+#  purposes in YellowStep/Cocoa, including some nib files.
+# From: David Remahl <dremahl@apple.com>
+2		string		typedstream	NeXT/Apple typedstream data, big endian
+>0		byte		x		\b, version %d
+>0		byte		<5		\b
+>>13	byte		0x81	\b
+>>>14	ubeshort	x		\b, system %d
+2		string		streamtyped NeXT/Apple typedstream data, little endian
+>0		byte		x		\b, version %d
+>0		byte		<5		\b
+>>13	byte		0x81	\b
+>>>14	uleshort	x		\b, system %d
+
+#------------------------------------------------------------------------------
+# CAF: Apple CoreAudio File Format
+#
+# Container format for high-end audio purposes.
+# From: David Remahl <dremahl@apple.com>
+#
+0	string		caff		CoreAudio Format audio file
+>4	beshort		<10		version %d
+>6	beshort		x
+
+
+#------------------------------------------------------------------------------
+# Keychain database files
+0	string		kych		Mac OS X Keychain File
+
+#------------------------------------------------------------------------------
+# Code Signing related file types
+0	belong		0xfade0c00	Mac OS X Code Requirement
+>8	belong		1			(opExpr)
+>4	belong		x			- %d bytes
+
+0	belong		0xfade0c01	Mac OS X Code Requirement Set
+>8	belong		>1			containing %d items
+>4	belong		x			- %d bytes
+
+0	belong		0xfade0c02	Mac OS X Code Directory
+>8	belong		x			version %x
+>12	belong		>0			flags %#x
+>4	belong		x			- %d bytes
+
+0	belong		0xfade0cc0	Mac OS X Detached Code Signature (non-executable)
+>4	belong		x			- %d bytes
+
+0	belong		0xfade0cc1	Mac OS X Detached Code Signature
+>8	belong		>1			(%d elements)
+>4	belong		x			- %d bytes
+
+# From: "Nelson A. de Oliveira" <naoliv@gmail.com>
+# .vdi
+4	string innotek\ VirtualBox\ Disk\ Image %s
+
+# Apple disk partition stuff
+# URL: https://en.wikipedia.org/wiki/Apple_Partition_Map
+# Reference: https://ftp.netbsd.org/pub/NetBSD/NetBSD-current/src/sys/sys/bootblock.h
+# Update: Joerg Jenderek
+# "ER" is APPLE_DRVR_MAP_MAGIC signature
+0	beshort	0x4552
+# display Apple Driver Map (strength=50) after Syslinux bootloader (71)
+#!:strength +0
+# strengthen the magic by looking for used blocksizes 512 2048
+>2	ubeshort&0xf1FF		0	Apple Driver Map
+# last 6 bytes for padding found are 0 or end with 55AAh marker for MBR hybrid
+#>>504	ubequad&0x0000FFffFFff0000	0
+!:mime	application/x-apple-diskimage
+!:apple	????devr
+# https://en.wikipedia.org/wiki/Apple_Disk_Image
+!:ext	dmg/iso
+# sbBlkSize for driver descriptor map 512 2048
+>>2	beshort	x			\b, blocksize %d
+# sbBlkCount sometimes garbish like
+# 0xb0200000 for unzlibed install_flash_player_19.0.0.245_osx.dmg
+# 0xf2720100 for bunziped Firefox 48.0-2.dmg
+# 0xeb02ffff for super_grub2_disk_hybrid_2.02s3.iso
+# 0x00009090 by syslinux-6.03/utils/isohybrid.c
+>>4	ubelong	x			\b, blockcount %u
+# following device/driver information not very useful
+# device type 0 1 (37008 garbage for super_grub2_disk_hybrid_2.02s3.iso)
+>>8	ubeshort	x		\b, devtype %u
+# device id 0 1 (37008 garbage for super_grub2_disk_hybrid_2.02s3.iso)
+>>10	ubeshort	x		\b, devid %u
+# driver data 0 (2425393296 garbage for super_grub2_disk_hybrid_2.02s3.iso)
+>>12	ubelong		>0
+>>>12	ubelong		x		\b, driver data %u
+# number of driver descriptors sbDrvrCount <= 61
+# (37008 garbage for super_grub2_disk_hybrid_2.02s3.iso)
+>>16	ubeshort	x		\b, driver count %u
+# 61 * apple_drvr_descriptor[8]. information not very useful or same as in partition map
+# >>18	use		apple-driver-map
+# >>26	use		apple-driver-map
+# # ...
+# >>500	use		apple-driver-map
+# number of partitions is always same in every partition (map block count)
+#>>0x0204	ubelong		x	\b, %u partitions
+>>0x0204	ubelong		>0	\b, contains[@0x200]:
+>>>0x0200	use		apple-apm
+>>0x0204	ubelong		>1	\b, contains[@0x400]:
+>>>0x0400	use		apple-apm
+>>0x0204	ubelong		>2	\b, contains[@0x600]:
+>>>0x0600	use		apple-apm
+>>0x0204	ubelong		>3	\b, contains[@0x800]:
+>>>0x0800	use		apple-apm
+>>0x0204	ubelong		>4	\b, contains[@0xA00]:
+>>>0x0A00	use		apple-apm
+>>0x0204	ubelong		>5	\b, contains[@0xC00]:
+>>>0x0C00	use		apple-apm
+>>0x0204	ubelong		>6	\b, contains[@0xE00]:
+>>>0x0E00	use		apple-apm
+>>0x0204	ubelong		>7	\b, contains[@0x1000]:
+>>>0x1000	use		apple-apm
+#	display apple driver descriptor map (start-block, # blocks in sbBlkSize sizes, type)
+0	name				apple-driver-map
+>0	ubequad		!0
+# descBlock first block of driver
+>>0	ubelong	x			\b, driver start block %u
+# descSize driver size in blocks
+>>4	ubeshort	x		\b, size %u
+# descType driver system type 1 701h F8FFh FFFFh
+>>6	ubeshort	x		\b, type %#x
+
+# URL: https://en.wikipedia.org/wiki/Apple_Partition_Map
+# Reference: https://opensource.apple.com/source/IOStorageFamily/IOStorageFamily-116/IOApplePartitionScheme.h
+# Update: Joerg Jenderek
+# Yes, the 3rd and 4th bytes pmSigPad are reserved, but we use them to make the
+# magic stronger.
+# for apple partition map stored as a single file
+0	belong	0x504d0000
+# to display Apple Partition Map (strength=70) after Syslinux bootloader (71)
+#!:strength +0
+>0	use		apple-apm
+# magic/Magdir/apple14.test, 365: Warning: Current entry does not yet have a description for adding a EXTENSION type
+# file: could not find any valid magic files!
+#!:ext	bin
+#	display apple partition map. Normally called after Apple driver map
+0	name				apple-apm
+>0	belong	0x504d0000		Apple Partition Map
+# number of partitions
+>>4	ubelong	x			\b, map block count %u
+# logical block (512 bytes) start of partition
+>>8	ubelong	x			\b, start block %u
+>>12	ubelong	x			\b, block count %u
+>>16	string >0			\b, name %s
+>>48	string >0			\b, type %s
+# processor type dpme_process_id[16] e.g. "68000" "68020"
+>>120	string >0			\b, processor %s
+# A/UX boot arguments BootArgs[128]
+>>136	string >0			\b, boot arguments %s
+# status of partition dpme_flags
+>>88	belong	& 1			\b, valid
+>>88	belong	& 2			\b, allocated
+>>88	belong	& 4			\b, in use
+>>88	belong	& 8			\b, has boot info
+>>88	belong	& 16			\b, readable
+>>88	belong	& 32			\b, writable
+>>88	belong	& 64			\b, pic boot code
+>>88	belong	& 128			\b, chain compatible driver
+>>88	belong	& 256			\b, real driver
+>>88	belong	& 512			\b, chain driver
+# mount automatically at startup APPLE_PS_AUTO_MOUNT
+>>88	ubelong	&0x40000000		\b, mount at startup
+# is the startup partition APPLE_PS_STARTUP
+>>88	ubelong	&0x80000000		\b, is the startup partition
+
+#https://wiki.mozilla.org/DS_Store_File_Format
+#https://en.wikipedia.org/wiki/.DS_Store
+0	string	\0\0\0\1Bud1\0		Apple Desktop Services Store
+
+# HFS/HFS+ Resource fork files (andrew.roazen@nau.edu Apr 13 2015)
+# Usually not in separate files, but have either filename rsrc with
+# no extension, or a filename corresponding to another file, with
+# extensions rsr/rsrc
+# URL:		http://fileformats.archiveteam.org/wiki/Macintosh_resource_file
+#		https://en.wikipedia.org/wiki/Resource_fork
+# Reference:	https://github.com/kreativekorp/ksfl/wiki/Macintosh-Resource-File-Format
+#		http://developer.apple.com/legacy/mac/library/documentation/mac/pdf/MoreMacintoshToolbox.pdf
+#		https://formats.kaitai.io/resource_fork/
+# Update:	Joerg Jenderek
+# Note:		verified often by command like `deark -m macrsrc Icon_.rsrc`
+# offset of resource data; usually starts at offset 0x0100
+0	string  \000\000\001\000
+# skip NPETraceSession.etl with invalid "low" map offset 0
+>4	ubelong	>0xFF
+# skip few Atari DEGAS Elite bitmap (eil2.pi1 nastro.pi1) with ivalid "high" 0x6550766 0x7510763 map length
+>>12	ubelong	<0x8001
+# most examples with zeroed system reserved field
+>>>16	lelong  =0
+>>>>0	use	apple-rsr
+# few samples with not zeroed system reserved field like: Empty.rsrc.rsr OpenSans-CondBold.dfont
+>>>16	lelong  !0
+# resource fork variant with not zeroed system reserved field and copy of header 
+>>>>(4.L)	ubelong	0x100
+# GRR: the line above only works if in ../../src/file.h FILE_BYTES_MAX is raised from 1 MiB above 0x6ab0f4 (HelveticaNeue.dfont)
+>>>>>0	use	apple-rsr
+# data fork variant with not zeroed system reserved field and no copy of header 
+>>>>(4.L)	ubelong	0
+>>>>>0	use	apple-rsr
+# Note: moved and merged from ./macintosh
+# From: Adam Buchbinder <adam.buchbinder@gmail.com>
+# URL: https://en.wikipedia.org/wiki/Datafork_TrueType
+# Derived from the 'fondu' and 'ufond' source code (fondu.sf.net). 'sfnt' is
+# TrueType; 'POST' is PostScript. 'FONT' and 'NFNT' sometimes appear, but I
+# don't know what they mean.
+#	display information about Mac OSX datafork font DFONT
+0	name		apple-dfont
+>(4.L+30)	ubelong x		Mac OSX datafork font,
+# https://en.wikipedia.org/wiki/Datafork_TrueType
+!:mime		application/x-dfont
+!:ext		dfont
+# https://exiftool.org/TagNames/RSRC.html
+>(4.L+30)	ubelong	0x73666e74	TrueType
+>(4.L+30)	ubelong	0x464f4e54	'FONT'
+>(4.L+30)	ubelong	0x4e464e54	'NFNT'
+>(4.L+30)	ubelong	0x504f5354	PostScript
+>(4.L+30)	ubelong	0x464f4e44	'FOND'
+>(4.L+30)	ubelong	0x76657273	'vers'
+#	display information about Macintosh resource
+0	name		apple-rsr
+>(4.L+30)	ubelong	0x73666e74
+>>0	use	apple-dfont
+>(4.L+30)	ubelong	0x464f4e54
+>>0	use	apple-dfont
+>(4.L+30)	ubelong	0x4e464e54
+>>0	use	apple-dfont
+>(4.L+30)	ubelong	0x504f5354
+>>0	use	apple-dfont
+>(4.L+30)	ubelong	0x464f4e44
+>>0	use	apple-dfont
+>(4.L+30)	ubelong	0x76657273
+>>0	use	apple-dfont
+>(4.L+30)	default	x		Apple HFS/HFS+ resource fork
+#!:mime		application/octet-stream
+!:mime		application/x-apple-rsr
+!:ext		rsrc/rsr
+# offset to resource data; usually starts at offset 0x0100
+>0		ubelong		!0x100	\b, data offset %#x
+# offset to resource map; positive but not nil like in NPETraceSession.etl
+>4		ubelong		x	\b, map offset %#x
+# length of resource map; positive with 32K limitation but not
+# nil like in NPETraceSession.etl or high like 0x7510763 in nastro.pi1
+>12		ubelong		x	\b, map length %#x
+# length of resource data; positive but not nil like in NPETraceSession.etl
+>8		ubelong		x	\b, data length %#x
+# reserved 112 bytes for system use; apparently often nil, but 8fd20000h in Empty.rsrc.rsr and 0x00768c2b in OpenSans-CondBold.dfont
+>16		ubelong		!0	\b, at 16 %#8.8x
+# https://fontforge.org/docs/techref/macformats.html
+# jump to resource map
+# a copy of resource header or 16 bytes of zeros for data fork
+#>(4.L)		ubelong		x	\b, DATA offset %#x
+#>(4.L+4) 	ubelong 	x	\b, MAP offset %#x
+#>(4.L+8) 	ubelong 	x	\b, DATA length %#x
+#>(4.L+12) 	ubelong 	x	\b, MAP length %#x
+# nextResourceMap; handle to next resource map; used by the Resource Manager for internal bookkeeping; should be zero
+>(4.L+16) 	ubelong		!0	\b, nextResourceMap %#x
+# fileRef; file reference number; used by the Resource Manager for internal bookkeeping; should be zero
+>(4.L+20)	ubeshort	!0	\b, fileRef %#x
+# attributes; Resource fork attributes (80h~read-only 40h~compression needed 20h~changed); other bits are reserved and should be zero
+>(4.L+22)	ubeshort	!0	\b, attributes %#x
+# typeListOffset; offset from resource map to start of type list like: 1Ch
+>(4.L+24)	ubeshort	x	\b, list offset %#x
+# nameListOffset; offset from esource map to start of name list like: 32h 46h 56h (XLISP.RSR XLISPTIN.RSR) 13Eh (HelveticaNeue.dfont)
+>(4.L+26)	ubeshort	x	\b, name offset %#x
+# typeCount; number of types in the map minus 1; If there are no resources, this is 0xFFFF
+>(4.L+28)	beshort+1	>0	\b, %u type
+# plural s 
+>>(4.L+28)	beshort+1	>1	\bs
+# resource type list array; 1st resource type like: ALRT CODE FOND MPSR icns scsz
+>>(4.L+30)	ubelong		x	\b, %#x
+>>(4.L+30)	string		x	'%-.4s'
+# resourceCount; number of this type resources minus one. If there is one resource of this type, this is 0x0000
+>>(4.L+34)	beshort+1	x	* %d
+# resourceListOffset; offset from type list to resource list like: Ah 12h DAh
+>(4.L+36)	ubeshort	x	resource offset %#x
+
+#https://en.wikipedia.org/wiki/AppleScript
+0	string	FasdUAS			AppleScript compiled
+
+# AppleWorks/ClarisWorks
+# https://github.com/joshenders/appleworks_format
+# http://fileformats.archiveteam.org/wiki/AppleWorks
+0	name			appleworks
+>0	belong&0x00ffffff	0x07e100	AppleWorks CWK Document
+>0	belong&0x00ffffff	0x008803	ClarisWorks CWK Document
+>0	default			x
+>>0	belong			x		AppleWorks/ClarisWorks CWK Document
+>0	byte			x		\b, version %d
+>30	beshort			x		\b, %d
+>32	beshort			x		\bx%d
+!:ext cwk
+
+4	string	BOBO
+>0	byte	>4
+>>12	belong	0
+>>>26	belong	0
+>>>>0	use	appleworks
+>0	belong	0x0481ad00
+>>0	use 	appleworks
+
+# magic for Apple File System (APFS)
+# from Alex Myczko <alex@aiei.ch>
+32		string	NXSB		Apple File System (APFS)
+>36		ulelong	x		\b, blocksize %u
+
+# iTunes cover art (versions 1 and 2)
+4		string	itch
+>24		string	artw
+>>0x1e8		string	data		iTunes cover art
+>>>0x1ed	string	PNG		(PNG)
+>>>0x1ec	beshort 0xffd8		(JPEG)
+
+# MacPaint image
+65		string	PNTGMPNT	MacPaint image data
+#0		belong	2		MacPaint image data
diff --git a/magic/Magdir/application b/magic/Magdir/application
new file mode 100644
index 0000000..f316608
--- /dev/null
+++ b/magic/Magdir/application
@@ -0,0 +1,7 @@
+
+#------------------------------------------------------------------------------
+# $File: application,v 1.1 2016/10/17 12:13:01 christos Exp $
+# application:  file(1) magic for applications on small devices
+#
+# Pebble Application
+0	string	PBLAPP\000\000	Pebble application
diff --git a/magic/Magdir/applix b/magic/Magdir/applix
new file mode 100644
index 0000000..f3f362e
--- /dev/null
+++ b/magic/Magdir/applix
@@ -0,0 +1,13 @@
+
+#------------------------------------------------------------------------------
+# $File: applix,v 1.5 2009/09/19 16:28:08 christos Exp $
+# applix:  file(1) magic for Applixware
+# From: Peter Soos <sp@osb.hu>
+#
+0	string		*BEGIN		Applixware
+>7	string		WORDS			Words Document
+>7	string		GRAPHICS		Graphic
+>7	string		RASTER			Bitmap
+>7	string		SPREADSHEETS		Spreadsheet
+>7	string		MACRO			Macro
+>7	string		BUILDER			Builder Object
diff --git a/magic/Magdir/apt b/magic/Magdir/apt
new file mode 100644
index 0000000..2d9f159
--- /dev/null
+++ b/magic/Magdir/apt
@@ -0,0 +1,52 @@
+
+#------------------------------------------------------------------------------
+# $File: apt,v 1.1 2016/10/17 19:51:57 christos Exp $
+# apt: file(1) magic for APT Cache files
+# <http://www.fifi.org/doc/libapt-pkg-doc/cache.html/ch2.html>
+# <https://anonscm.debian.org/cgit/apt/apt.git/tree/apt-pkg/pkgcache.h#n292>
+
+# before version 10 ("old format"), data was in arch-specific long/short
+
+# old format 64 bit
+0   	name		apt-cache-64bit-be
+>12	beshort		1		\b, dirty
+>40 	bequad		x		\b, %llu packages
+>48 	bequad		x		\b, %llu versions
+
+# old format 32 bit
+0   	name    	apt-cache-32bit-be
+>8  	beshort 	1		\b, dirty
+>40 	belong  	x		\b, %u packages
+>44 	belong  	x		\b, %u versions
+
+# new format
+0	name		apt-cache-be
+>6	byte    	1		\b, dirty
+>24	belong  	x		\b, %u packages
+>28	belong		x		\b, %u versions
+
+0	bequad		0x98FE76DC
+>8	ubeshort	<10		APT cache data, version %u
+>>10	beshort	    	x	  	\b.%u, 64 bit big-endian
+>>0	use		apt-cache-64bit-be
+
+0	lequad	    	0x98FE76DC
+>8	uleshort    	<10		APT cache data, version %u
+>>10	leshort		x		\b.%u, 64 bit little-endian
+>>0	use		\^apt-cache-64bit-be
+
+0	belong	    	0x98FE76DC
+>4	ubeshort    	<10	 	APT cache data, version %u
+>>6	ubeshort    	x		\b.%u, 32 bit big-endian
+>>0	use  		apt-cache-32bit-be
+>4	ubyte	    	>9		APT cache data, version %u
+>>5	ubyte	    	x		\b.%u, big-endian
+>>0	use 		apt-cache-be
+
+0	lelong	    	0x98FE76DC
+>4	uleshort    	<10		APT cache data, version %u
+>>6	uleshort   	x		\b.%u, 32 bit little-endian
+>>0	use 		\^apt-cache-32bit-be
+>4	ubyte	    	>9		APT cache data, version %u
+>>5	ubyte	    	x		\b.%u, little-endian
+>>0	use		\^apt-cache-be
diff --git a/magic/Magdir/archive b/magic/Magdir/archive
new file mode 100644
index 0000000..6e1f967
--- /dev/null
+++ b/magic/Magdir/archive
@@ -0,0 +1,2607 @@
+#------------------------------------------------------------------------------
+# $File: archive,v 1.193 2023/07/27 17:55:58 christos Exp $
+# archive:  file(1) magic for archive formats (see also "msdos" for self-
+#           extracting compressed archives)
+#
+# cpio, ar, arc, arj, hpack, lha/lharc, rar, squish, uc2, zip, zoo, etc.
+# pre-POSIX "tar" archives are also handled in the C code ../../src/is_tar.c.
+
+# POSIX tar archives
+# URL: https://en.wikipedia.org/wiki/Tar_(computing)
+# Reference: https://www.freebsd.org/cgi/man.cgi?query=tar&sektion=5&manpath=FreeBSD+8-current
+# header mainly padded with nul bytes
+500	quad		0		
+!:strength /2
+# filename or extended attribute printable strings in range space null til umlaut ue
+>0	ubeshort	>0x1F00		
+>>0	ubeshort	<0xFCFD
+# last 4 header bytes often null but tar\0 in gtarfail2.tar gtarfail.tar-bad
+# at https://sourceforge.net/projects/s-tar/files/testscripts/
+>>>508	ubelong&0x8B9E8DFF	0	
+# nul, space or ascii digit 0-7 at start of mode
+>>>>100	ubyte&0xC8	=0		
+>>>>>101 ubyte&0xC8	=0		
+# nul, space at end of check sum
+>>>>>>155 ubyte&0xDF	=0	
+# space or ascii digit 0 at start of check sum
+>>>>>>>148	ubyte&0xEF	=0x20	
+# FOR DEBUGGING: 
+#>>>>>>>>0	regex		\^[0-9]{2,4}[.](png|jpg|jpeg|tif|tiff|gif|bmp)	NAME "%s"
+# check for 1st image main name with digits used for sorting
+# and for name extension case insensitive like: PNG JPG JPEG TIF TIFF GIF BMP
+>>>>>>>>0	regex		\^[0-9]{2,4}[.](png|jpg|jpeg|tif|tiff|gif|bmp)
+>>>>>>>>>0	use	tar-cbt
+# check for 1st member name with ovf suffix
+>>>>>>>>0	regex		\^.{1,96}[.](ovf)
+>>>>>>>>>0	use	tar-ova
+# if 1st member name without digits and without used image suffix and without *.ovf then it is a TAR archive
+>>>>>>>>0	default		x
+>>>>>>>>>0	use	tar-file
+#	minimal check and then display tar archive information which can also be
+#	embedded inside others like Android Backup, Clam AntiVirus database
+0	name		tar-file
+>257	string		!ustar		
+# header padded with nuls
+>>257	ulong		=0		
+# GNU tar version 1.29 with non pax format option without refusing
+# creates misleading V7 header for Long path, Multi-volume, Volume type
+>>>156	ubyte		0x4c		GNU tar archive
+!:mime	application/x-gtar
+!:ext	tar/gtar
+>>>156	ubyte		0x4d		GNU tar archive
+!:mime	application/x-gtar
+!:ext	tar/gtar
+>>>156	ubyte		0x56		GNU tar archive
+!:mime	application/x-gtar
+!:ext	tar/gtar
+>>>156	default		x		tar archive (V7)
+!:mime	application/x-tar
+!:ext	tar
+# other stuff in padding
+# some implementations add new fields to the blank area at the end of the header record
+# created for example by DOS TAR 3.20g 1994 Tim V.Shapore with -j option
+>>257	ulong		!0		tar archive (old)
+!:mime	application/x-tar
+!:ext	tar
+# magic in newer, GNU, posix variants
+>257	string		=ustar		
+# 2 last char of magic and UStar version because string expression does not work
+# 2 space characters followed by a null for GNU variant
+>>261	ubelong		=0x72202000	POSIX tar archive (GNU)
+!:mime	application/x-gtar
+!:ext	tar/gtar
+# UStar version with ASCII "00"
+>>261	ubelong		0x72003030	POSIX
+# gLOBAL and ExTENSION type only found in POSIX.1-2001 format
+>>>156	ubyte		0x67		\b.1-2001
+>>>156	ubyte		0x78		\b.1-2001
+>>>156	ubyte		x		tar archive
+!:mime	application/x-ustar
+!:ext	tar/ustar
+# version with 2 binary nuls embedded in Android Backup like com.android.settings.ab
+>>261	ubelong		0x72000000	tar archive (ustar)
+!:mime	application/x-ustar
+!:ext	tar/ustar
+# not seen ustar variant with garbish version
+>>261	default		x		tar archive (unknown ustar)
+!:mime	application/x-ustar
+!:ext	tar/ustar
+# type flag of 1st tar archive member
+#>156	ubyte		x		\b, %c-type
+>156	ubyte		x		
+>>156	ubyte		0		\b, file
+>>156	ubyte		0x30		\b, file
+>>156	ubyte		0x31		\b, hard link
+>>156	ubyte		0x32		\b, symlink
+>>156	ubyte		0x33		\b, char device
+>>156	ubyte		0x34		\b, block device
+>>156	ubyte		0x35		\b, directory
+>>156	ubyte		0x36		\b, fifo
+>>156	ubyte		0x37		\b, reserved
+>>156	ubyte		0x4c		\b, long path
+>>156	ubyte		0x4d		\b, multi volume
+>>156	ubyte		0x56		\b, volume
+>>156	ubyte		0x67		\b, global
+>>156	ubyte		0x78		\b, extension
+>>156	default		x		\b, type
+>>>156	ubyte		x		'%c'
+# name[100]
+>0	string		>\0		%-.60s
+# mode mainly stored as an octal number in ASCII null or space terminated
+>100	string		>\0		\b, mode %-.7s
+# user id mainly as octal numbers in ASCII null or space terminated
+>108	string		>\0		\b, uid %-.7s
+# group id mainly as octal numbers in ASCII null or space terminated
+>116	string		>\0		\b, gid %-.7s
+# size mainly as octal number in ASCII
+>124	ubyte		<0x38		
+>>124	string		>\0		\b, size %-.12s
+# coding indicated by setting the high-order bit of the leftmost byte
+>124	ubyte		>0xEF		\b, size 0x
+>>124	ubyte		!0xff		\b%2.2x
+>>125	ubyte		!0xff		\b%2.2x
+>>126	ubyte		!0xff		\b%2.2x
+>>127	ubyte		!0xff		\b%2.2x
+>>128	ubyte		!0xff		\b%2.2x
+>>129	ubyte		!0xff		\b%2.2x
+>>130	ubyte		!0xff		\b%2.2x
+>>131	ubyte		!0xff		\b%2.2x
+>>132	ubyte		!0xff		\b%2.2x
+>>133	ubyte		!0xff		\b%2.2x
+>>134	ubyte		!0xff		\b%2.2x
+>>135	ubyte		!0xff		\b%2.2x
+# seconds since 0:0:0 1 jan 1970 UTC as octal number mainly in ASCII null or space terminated
+>136	string		>\0		\b, seconds %-.11s
+# header checksum stored as an octal number in ASCII null or space terminated
+#>148	string		x		\b, cksum %.7s
+# linkname[100]
+>157	string		>\0		\b, linkname %-.40s
+# additional fields for ustar
+>257	string		=ustar		
+# owner user name null terminated
+>>265	string		>\0		\b, user %-.32s
+# group name null terminated
+>>297	string		>\0		\b, group %-.32s
+# device major minor if not zero
+>>329	ubequad&0xCFCFCFCFcFcFcFdf	!0
+>>>329	string		x		\b, devmaj %-.7s
+>>337	ubequad&0xCFCFCFCFcFcFcFdf	!0
+>>>337	string		x		\b, devmin %-.7s
+# prefix[155]
+>>345	string		>\0		\b, prefix %-.155s
+# old non ustar/POSIX tar
+>257	string		!ustar		
+>>508	string		=tar\0		
+# padding[255] in old star
+>>>257	string		>\0		\b, padding: %-.40s
+>>508	default		x		
+# padding[255] in old tar sometimes comment field
+>>>257	string		>\0		\b, comment: %-.40s
+# Summary:	Comic Book Archive *.CBT with TAR format
+# URL:		https://en.wikipedia.org/wiki/Comic_book_archive
+#		http://fileformats.archiveteam.org/wiki/Comic_Book_Archive
+# Note:		there exist also RAR, ZIP, ACE and 7Z packed variants
+0	name		tar-cbt
+>0	string		x		Comic Book archive, tar archive
+#!:mime	application/x-tar
+!:mime	application/vnd.comicbook
+#!:mime	application/vnd.comicbook+tar
+!:ext	cbt
+# name[100] probably like: 19.jpg 0001.png 0002.png
+# or maybe like ComicInfo.xml
+>0	string		>\0		\b, 1st image %-.60s
+# Summary:	Open Virtualization Format *.OVF with disk images and more packed as TAR archive *.OVA
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Open_Virtualization_Format
+#		http://fileformats.archiveteam.org/wiki/OVF_(Open_Virtualization_Format)
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/o/ova.trid.xml
+# Note:		called "Open Virtualization Format package" by TrID
+#		assuming *.ovf comes first
+0	name		tar-ova
+>0	string		x		Open Virtualization Format Archive
+#!:mime	application/x-ustar
+# http://extension.nirsoft.net/ova
+!:mime	application/x-virtualbox-ova
+!:ext	ova
+# assuming name[100] like: DOS-0.9.ovf FreeDOS_1.ovf Win98SE_DE.ovf
+>0	string		>\0		\b, with %-.60s
+
+# Incremental snapshot gnu-tar format from:
+# https://www.gnu.org/software/tar/manual/html_node/Snapshot-Files.html
+0	string		GNU\ tar-	GNU tar incremental snapshot data
+>&0	regex		[0-9]\\.[0-9]+-[0-9]+	version %s
+
+# cpio archives
+#
+# Yes, the top two "cpio archive" formats *are* supposed to just be "short".
+# The idea is to indicate archives produced on machines with the same
+# byte order as the machine running "file" with "cpio archive", and
+# to indicate archives produced on machines with the opposite byte order
+# from the machine running "file" with "byte-swapped cpio archive".
+#
+# The SVR4 "cpio(4)" hints that there are additional formats, but they
+# are defined as "short"s; I think all the new formats are
+# character-header formats and thus are strings, not numbers.
+# URL:		http://fileformats.archiveteam.org/wiki/Cpio
+#		https://en.wikipedia.org/wiki/Cpio
+# Reference:	https://people.freebsd.org/~kientzle/libarchive/man/cpio.5.txt
+# Update:	Joerg Jenderek
+#
+# Reference:    http://mark0.net/download/triddefs_xml.7z/defs/a/ark-cpio-bin.trid.xml
+# Note:		called "CPIO archive (binary)" by TrID, "cpio/Binary LE" by 7-Zip and "CPIO" by DROID via PUID fmt/635
+0	short		070707
+# skip DROID fmt-635-signature-id-960.cpio by looking for pathname of 1st entry
+>26	string		>\0		cpio archive
+!:mime	application/x-cpio
+# https://download.opensuse.org/distribution/leap/15.4/iso/openSUSE-Leap-15.4-NET-x86_64-Media.iso
+# boot/x86_64/loader/bootlogo
+# message.cpi
+!:ext	/cpio/cpi
+>>0	use	cpio-bin
+# Reference:    http://mark0.net/download/triddefs_xml.7z/defs/a/ark-cpio-bin-sw.trid.xml
+# Note:		called "CPIO archive (byte swapped binary)" by TrID and "Cpio/Binary BE" by 7-Zip
+0	short		0143561		byte-swapped cpio archive
+!:mime	application/x-cpio # encoding: swapped
+# https://telparia.com/fileFormatSamples/archive/cpio/skeleton2.cpio
+!:ext	cpio
+>0	use	cpio-bin-be
+# Reference:    http://mark0.net/download/triddefs_xml.7z/defs/a/ark-cpio.trid.xml
+# Note:		called "CPIO archive (portable)" by TrID, "cpio/Portable ASCII" by 7-Zip and "cpio/odc" by GNU cpio
+0	string		070707		ASCII cpio archive (pre-SVR4 or odc)
+!:mime	application/x-cpio
+# https://telparia.com/fileFormatSamples/archive/cpio/ pthreads-1.60B5.osr5src.cpio cinema.cpi VOL.000.008 VOL.000.012
+!:ext	cpio/cpi/008/012
+# Note:		called "CPIO archive (portable)" by TrID, "cpio/New ASCII" by 7-Zip and "cpio/newc" by GNU cpio
+0	string		070701		ASCII cpio archive (SVR4 with no CRC)
+!:mime	application/x-cpio
+# https://telparia.com/fileFormatSamples/archive/cpio/MainActor-2.06.3.cpio
+!:ext	cpio
+# Note:		called "CPIO archive (portable)" by TrID, "cpio/New CRC" by 7-Zip and "cpio/crc" by GNU cpio
+0	string		070702		ASCII cpio archive (SVR4 with CRC)
+!:mime	application/x-cpio
+# http://ftp.gnu.org/gnu/tar/tar-1.27.cpio.gz
+# https://telparia.com/fileFormatSamples/archive/cpio/pcmcia
+!:ext	/cpio
+#	display information of old binary cpio archive
+# Note:	verfied by 7-Zip `7z l -tcpio -slt *.cpio` and
+#	`cpio -ivt --numeric-uid-gid --file=clam.bin-le.cpio`
+0	name	cpio-bin
+# c_dev; device number; WHAT IS THAT?
+>2	uleshort	x		\b; device %u
+# c_ino; truncated inode number; use `ls --inode`
+>4	uleshort	x		\b, inode %u
+# c_mode; mode specifies permissions and file type like: ?622~?rw-r--r-- by `ls -l`
+>6	uleshort	x		\b, mode %o
+# c_uid; numeric user id; use `ls --numeric-uid-gid`
+>8	uleshort	x		\b, uid %u
+# c_gid; numeric group id
+>10	uleshort	x		\b, gid %u
+# c_nlink; links to this file; directories at least 2
+>12	uleshort	>1		\b, %u links
+# c_rdev; device number for block and character entries; zero for all other entries by writers
+# like 0x0440 for /dev/ttyS0
+>14	uleshort	>0		\b, device %#4.4x
+# c_mtime[2]; modification time in seconds since 1 January 1970; most-significant 16 bits first 
+>16	medate		x		\b, modified %s
+# c_filesize[2]; size of pathname; most-significant 16 bits first like: 544
+>22	melong		x		\b, %u bytes
+# c_namesize; bytes in the pathname that follows the header like: 9
+#>20	uleshort	x		\b, namesize %u
+# pathname of entry like: "clam.exe"
+>26	string		x		"%s"
+#	display information of old binary byte swapped cpio archive
+# Note:	verfied by 7-Zip `7z l -tcpio -slt *.cpio` and
+#	`LANGUAGE=C cpio -ivt --numeric-uid-gid --file=clam.bin-be.cpio`
+0	name	cpio-bin-be
+>2	ubeshort	x		\b; device %u
+>4	ubeshort	x		\b, inode %u
+>6	ubeshort	x		\b, mode %o
+>8	ubeshort	x		\b, uid %u
+>10	ubeshort	x		\b, gid %u
+>12	ubeshort	>1		\b, %u links
+>14	ubeshort	>0		\b, device %#4.4x
+>16	bedate		x		\b, modified %s
+>22	ubelong	 	x		\b, %u bytes
+#>20	ubeshort	x		\b, namesize %u
+>26	string		x		"%s"
+
+#
+# Various archive formats used by various versions of the "ar"
+# command.
+#
+
+#
+# Original UNIX archive formats.
+# They were written with binary values in host byte order, and
+# the magic number was a host "int", which might have been 16 bits
+# or 32 bits.  We don't say "PDP-11" or "VAX", as there might have
+# been ports to little-endian 16-bit-int or 32-bit-int platforms
+# (x86?) using some of those formats; if none existed, feel free
+# to use "PDP-11" for little-endian 16-bit and "VAX" for little-endian
+# 32-bit.  There might have been big-endian ports of that sort as
+# well.
+#
+0	leshort		0177555		very old 16-bit-int little-endian archive
+0	beshort		0177555		very old 16-bit-int big-endian archive
+0	lelong		0177555		very old 32-bit-int little-endian archive
+0	belong		0177555		very old 32-bit-int big-endian archive
+
+0	leshort		0177545		old 16-bit-int little-endian archive
+>2	string		__.SYMDEF	random library
+0	beshort		0177545		old 16-bit-int big-endian archive
+>2	string		__.SYMDEF	random library
+0	lelong		0177545		old 32-bit-int little-endian archive
+>4	string		__.SYMDEF	random library
+0	belong		0177545		old 32-bit-int big-endian archive
+>4	string		__.SYMDEF	random library
+
+#
+# From "pdp" (but why a 4-byte quantity?)
+#
+0	lelong		0x39bed		PDP-11 old archive
+0	lelong		0x39bee		PDP-11 4.0 archive
+
+#
+# XXX - what flavor of APL used this, and was it a variant of
+# some ar archive format?  It's similar to, but not the same
+# as, the APL workspace magic numbers in pdp.
+#
+0	long		0100554		apl workspace
+
+#
+# System V Release 1 portable(?) archive format.
+#
+0	string		=<ar>		System V Release 1 ar archive
+!:mime	application/x-archive
+
+#
+# Debian package; it's in the portable archive format, and needs to go
+# before the entry for regular portable archives, as it's recognized as
+# a portable archive whose first member has a name beginning with
+# "debian".
+#
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Deb_(file_format)
+0	string		=!<arch>\ndebian
+# https://manpages.debian.org/testing/dpkg/dpkg-split.1.en.html
+>14	string		-split	part of multipart Debian package
+!:mime	application/vnd.debian.binary-package
+# udeb is used for stripped down deb file
+!:ext	deb/udeb
+>14	string		-binary	Debian binary package
+!:mime	application/vnd.debian.binary-package
+# For ipk packager see also https://en.wikipedia.org/wiki/Opkg
+!:ext	deb/udeb/ipk
+# This should not happen
+>14	default		x	Unknown Debian package
+# NL terminated version; for most Debian cases this is 2.0 or 2.1 for split
+>68	string		>\0		(format %s)
+#>68	string		!2.0\n
+#>>68	string		x		(format %.3s)
+>68	string		=2.0\n
+# 2nd archive name=control archive name like control.tar.gz or control.tar.xz
+# or control.tar.zst
+>>72	string		>\0		\b, with %.15s
+# look for 3rd archive name=data archive name like data.tar.{gz,xz,bz2,lzma}
+>>0	search/0x93e4f	data.tar.	\b, data compression
+# the above line only works if FILE_BYTES_MAX in ../../src/file.h is raised
+# for example like libreoffice-dev-doc_1%3a5.2.7-1+rpi1+deb9u3_all.deb
+>>>&0	string		x		%.2s
+# skip space (0x20 BSD) and slash (0x2f System V) character marking end of name
+>>>&2	ubyte		!0x20
+>>>>&-1	ubyte		!0x2f
+# display 3rd character of file name extension like 2 of bz2 or m of lzma
+>>>>>&-1	ubyte	x		\b%c
+>>>>>>&0	ubyte	!0x20
+>>>>>>>&-1	ubyte	!0x2f
+# display 4th character of file name extension like a of lzma
+>>>>>>>>&-1	ubyte	x		\b%c
+# split debian package case
+>68	string		=2.1\n
+# dpkg-1.18.25/dpkg-split/info.c
+# NL terminated ASCII package name like ckermit
+>>&0	string		x		\b, %s
+# NL terminated package version like 302-5.3
+>>>&1	string		x		%s
+# NL terminated MD5 checksum
+>>>>&1	string		x		\b, MD5 %s
+# NL terminated original package length
+>>>>>&1	string		x		\b, unsplitted size %s
+# NL terminated part length
+>>>>>>&1	string	x		\b, part length %s
+# NL terminated package part like n/m
+>>>>>>>&1	string	x		\b, part %s
+# NL terminated package architecture like armhf since dpkg 1.16.1 or later
+>>>>>>>>&1	string	x		\b, %s
+
+#
+# MIPS archive; they're in the portable archive format, and need to go
+# before the entry for regular portable archives, as it's recognized as
+# a portable archive whose first member has a name beginning with
+# "__________E".
+#
+0	string	=!<arch>\n__________E	MIPS archive
+!:mime	application/x-archive
+>20	string	U			with MIPS Ucode members
+>21	string	L			with MIPSEL members
+>21	string	B			with MIPSEB members
+>19	string	L			and an EL hash table
+>19	string	B			and an EB hash table
+>22	string	X			-- out of date
+
+#
+# BSD/SVR2-and-later portable archive formats.
+#
+# Update: Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/AR
+# Reference:	https://www.unix.com/man-page/opensolaris/3HEAD/ar.h/
+# Note:		Mach-O universal binary in ./cafebabe is dependent
+# TODO:		unify current ar archive, MIPS archive, Debian package
+#		distinguish BSD, SVR; 32, 64 bit; HP from other 32-bit SVR;
+#		*.ar packages from *.a libraries. handle empty archive
+0	string		=!<arch>\n		current ar archive
+# print first and possibly second ar_name[16] for debugging purpose
+#>8			string	x	\b, 1st "%.16s"
+#>68			string	x	\b, 2nd "%.16s"
+!:mime	application/x-archive
+# a in most case for libraries; lib for Microsoft libraries; ar else cases
+!:ext	a/lib/ar
+>8	string		__.SYMDEF	random library
+# first member with long marked name __.SYMDEF SORTED implies BSD library
+>68	string		__.SYMDEF\ SORTED	random library
+# Reference: https://parisc.wiki.kernel.org/images-parisc/b/b2/Rad_11_0_32.pdf
+# "archive file" entry moved from ./hp
+# LST header system_id 0210h~PA-RISC 1.1,... identifies the target architecture
+# LST header a_magic 0619h~relocatable library
+>68	belong 		0x020b0619	- PA-RISC1.0 relocatable library
+>68	belong	 	0x02100619	- PA-RISC1.1 relocatable library
+>68	belong 		0x02110619	- PA-RISC1.2 relocatable library
+>68	belong 		0x02140619	- PA-RISC2.0 relocatable library
+#EOF for common ar archives
+
+#
+# "Thin" archive, as can be produced by GNU ar.
+#
+0	string		=!<thin>\n	thin archive with
+>68	belong		0		no symbol entries
+>68	belong		1		%d symbol entry
+>68	belong		>1		%d symbol entries
+
+0	search/1	-h-		Software Tools format archive text
+
+# ARC archiver, from Daniel Quinlan (quinlan@yggdrasil.com)
+#
+# The first byte is the magic (0x1a), byte 2 is the compression type for
+# the first file (0x01 through 0x09), and bytes 3 to 15 are the MS-DOS
+# filename of the first file (null terminated).  Since some types collide
+# we only test some types on basis of frequency: 0x08 (83%), 0x09 (5%),
+# 0x02 (5%), 0x03 (3%), 0x04 (2%), 0x06 (2%).  0x01 collides with terminfo.
+0	lelong&0x8080ffff	0x0000081a	ARC archive data, dynamic LZW
+!:mime	application/x-arc
+0	lelong&0x8080ffff	0x0000091a	ARC archive data, squashed
+!:mime	application/x-arc
+0	lelong&0x8080ffff	0x0000021a	ARC archive data, uncompressed
+!:mime	application/x-arc
+0	lelong&0x8080ffff	0x0000031a	ARC archive data, packed
+!:mime	application/x-arc
+0	lelong&0x8080ffff	0x0000041a	ARC archive data, squeezed
+!:mime	application/x-arc
+0	lelong&0x8080ffff	0x0000061a	ARC archive data, crunched
+!:mime	application/x-arc
+# [JW] stuff taken from idarc, obviously ARC successors:
+0	lelong&0x8080ffff	0x00000a1a	PAK archive data
+!:mime	application/x-arc
+0	lelong&0x8080ffff	0x0000141a	ARC+ archive data
+!:mime	application/x-arc
+0	lelong&0x8080ffff	0x0000481a	HYP archive data
+!:mime	application/x-arc
+
+# Acorn archive formats (Disaster prone simpleton, m91dps@ecs.ox.ac.uk)
+# I can't create either SPARK or ArcFS archives so I have not tested this stuff
+# [GRR:  the original entries collide with ARC, above; replaced with combined
+#  version (not tested)]
+#0	byte		0x1a		RISC OS archive (spark format)
+0	string		\032archive	RISC OS archive (ArcFS format)
+0       string          Archive\000     RISC OS archive (ArcFS format)
+
+# All these were taken from idarc, many could not be verified. Unfortunately,
+# there were many low-quality sigs, i.e. easy to trigger false positives.
+# Please notify me of any real-world fishy/ambiguous signatures and I'll try
+# to get my hands on the actual archiver and see if I find something better. [JW]
+# probably many can be enhanced by finding some 0-byte or control char near the start
+
+# idarc calls this Crush/Uncompressed... *shrug*
+0	string	CRUSH Crush archive data
+# Squeeze It (.sqz)
+0	string	HLSQZ Squeeze It archive data
+# SQWEZ
+0	string	SQWEZ SQWEZ archive data
+# HPack (.hpk)
+0	string	HPAK HPack archive data
+# HAP
+0	string	\x91\x33HF HAP archive data
+# MD/MDCD
+0	string	MDmd MDCD archive data
+# LIM
+0	string	LIM\x1a LIM archive data
+# SAR
+3	string	LH5 SAR archive data
+# BSArc/BS2
+0	string	\212\3SB\020\0	BSArc/BS2 archive data
+# Bethesda Softworks Archive (Oblivion)
+0	string	BSA\0 		BSArc archive data
+>4	lelong	x		version %d
+# MAR
+2	string	=-ah MAR archive data
+# ACB
+#0	belong&0x00f800ff	0x00800000 ACB archive data
+# CPZ
+# TODO, this is what idarc says: 0	string	\0\0\0 CPZ archive data
+# JRC
+0	string	JRchive JRC archive data
+# Quantum
+0	string	DS\0 Quantum archive data
+# ReSOF
+0	string	PK\3\6 ReSOF archive data
+# QuArk
+0	string	7\4 QuArk archive data
+# YAC
+14	string	YC YAC archive data
+# X1
+0	string	X1 X1 archive data
+0	string	XhDr X1 archive data
+# CDC Codec (.dqt)
+0	belong&0xffffe000	0x76ff2000 CDC Codec archive data
+# AMGC
+0	string	\xad6" AMGC archive data
+# NuLIB
+0	string	N\xc3\xb5F\xc3\xa9lx\xc3\xa5 NuLIB archive data
+# PakLeo
+0	string	LEOLZW PAKLeo archive data
+# ChArc
+0	string	SChF ChArc archive data
+# PSA
+0	string	PSA PSA archive data
+# CrossePAC
+0	string	DSIGDCC CrossePAC archive data
+# Freeze
+0	string	\x1f\x9f\x4a\x10\x0a Freeze archive data
+# KBoom
+0	string	\xc2\xa8MP\xc2\xa8 KBoom archive data
+# NSQ, must go after CDC Codec
+0	string	\x76\xff NSQ archive data
+# DPA
+0	string	Dirk\ Paehl DPA archive data
+# BA
+# TODO: idarc says "bytes 0-2 == bytes 3-5"
+# TTComp
+# URL: http://fileformats.archiveteam.org/wiki/TTComp_archive
+# Update: Joerg Jenderek
+# GRR: line below is too general as it matches also Panorama database "TCDB 2003-10 demo.pan", others
+0	string	\0\6
+# look for first keyword of Panorama database *.pan
+>12	search/261	DESIGN
+# skip keyword with low entropy
+>12	default		x
+# skip DOS 2.0 backup id file, sequence 6 with many nils like BACKUPID_xx6.@@@ handled by ./msdos
+>>8	quad		!0
+>>>0	use	ttcomp
+# variant ASCII, 4K dictionary (strength=48=50-2). With strength=49 wrong order! WHY?
+0	string	\1\6
+# TODO:
+# skip VAX-order 68k Blit mpx/mux executable (strength=50) handled by ./blit
+!:strength	-2
+>0	use	ttcomp
+0	string	\0\5
+# skip some DOS 2.0 backup id file, sequence 5 with many nils like BACKUPID_075.@@@ handled by ./msdos
+>8	quad	!0
+>>0	use	ttcomp
+0	string	\1\5
+# TODO:
+# variant ASCII, 2K dictionary (strength=48=50-2). With strength=49 wrong order! WHY?
+# skip ctab data (strength=50) handled by ./ibm6000
+# skip locale data table (strength=50) handled by ./digital
+!:strength	-2
+>0	use	ttcomp
+0	string	\0\4
+# skip many Maple help database *.hdb with version tag handled by ./maple
+>1028	string	!version
+# skip veclib maple.hdb by looking for Mable keyword
+>>4	search/1091	Maple\040
+#>4	search/34090	Maple\040
+>>4	default		x
+# skip DOS 2.0-3.2 backed up sequence 4 with many nils like LOTUS5.RAR handled by ./msdos
+# skip xBASE Compound Index file *.CDX with many nils
+>>>0x54	quad		!0
+>>>>0	use	ttcomp
+0	string	\1\4
+# TODO:
+# skip shared library (strength=50) handled by ./ibm6000
+!:strength	-2
+# skip Commodore PET BASIC programs (Mastermind.prg) with last 3 nil bytes (\0~end of line followed by 0000h line offset)
+#>-4	ubelong		x	LAST_BYTES=%8.8x
+>-4	ubelong&0x00FFffFF	!0
+>>0	use	ttcomp
+#	display information of TTComp archive
+0	name	ttcomp
+# (version 5.25) labeled the entry as "TTComp archive data"
+>0	ubyte	x	TTComp archive data
+!:mime	application/x-compress-ttcomp
+# PBACKSCR.PI1
+!:ext	$xe/$ts/pi1/__d
+# compression type: 0~binary compression 1~ASCII compression 
+>0	ubyte	0	\b, binary
+>0	ubyte	1	\b, ASCII
+# size of the dictionary:  4~1024 bytes 5~2048 bytes 6~4096 bytes 
+>1	ubyte	4	\b, 1K
+>1	ubyte	5	\b, 2K
+>1	ubyte	6	\b, 4K
+>1	ubyte	x	dictionary
+#	https://mark0.net/forum/index.php?topic=848
+# last 3 bytes probably have only 8 possible bit sequences
+# xxxxxxxx 0000000x 11111111	____FFh
+# xxxxxxxx 10000000 01111111	__807Fh	
+# 0xxxxxxx 11000000 00111111	__C03Fh
+# 00xxxxxx 11100000 00011111	__E01Fh
+# 000xxxxx 11110000 00001111	__F00Fh
+# 0000xxxx 11111000 00000111	__F807h
+# 00000xxx 11111100 00000011	__FC03h
+# 000000xx 11111110 00000001	__FE01h
+# but for quickgif.__d 0A7DD4h
+#>-3	ubyte		x	\b, last 3 bytes 0x%2.2x
+#>-2	ubeshort	x	\b%4.4x
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Disk_Copy
+# reference:	http://nulib.com/library/FTN.e00005.htm
+0x52	ubeshort	0x0100
+# test for disk image size equal or above 400k
+>0x40	ubelong		>409599
+# test also for disk image size equal or below 1440k to skip
+# windows7en.mbr UNICODE.DAT
+#>>0x40	ubelong		<1474561
+# test now for "low" disk image size equal or below 64 MiB to skip
+# windows7en.mbr (B441BBAAh) UNICODE.DAT (0400AF05h)
+>>0x40	ubelong		<0x04000001
+# To skip Flags$StringJoiner.class with size 00106A61h test also for valid disk image sizes
+# 00064000 for  400k GCR disks	dc42-400k-gcr.trid.xml
+# 000c8000 for  800k GCR disks	dc42-800k-gcr.trid.xml
+# 000b4000 for  720k MFM disks	dc42-720k-mfm.trid.xml
+# 00168000 for 1440k MFM disks	dc42-1440k-mfm.trid.xml
+#	https://lisaem.sunder.net/LisaProjectDocs.txt
+# 00500000	05M	available
+# 00A00000	10M	available
+# 01800000	24M	possible
+# 02000000	32M	uncertain
+# 04000000	64M	uncertain
+>>>0x40	ubelong&0xf8003fFF	0
+# skip samples with invalid disk name length like:
+# 181 (biosmd80.rom) 202 (Flags$StringJoiner.class) 90 (UNICODE.DAT)
+>>>>0x0	ubyte			<64
+>>>>>0	use			dc42-floppy
+#	display information of Apple DiskCopy 4.2 floppy image
+0	name		dc42-floppy
+# disk name length; maximal 63
+#>0	ubyte	    	x	DISK NAME LENGTH %u
+# ASCII image pascal (maximal 63 bytes) name padded with NULs like:
+# "Microsoft Mail" "Disquette 2" "IIe Installer Disk"
+# "-lisaem.sunder.net hd-" (dc42-lisaem.trid.xml) "-not a Macintosh disk" (dc42-nonmac.trid.xml)
+>00	pstring/B	x	Apple DiskCopy 4.2 image %s
+#!:mime	application/octet-stream
+!:mime	application/x-dc42-floppy-image
+!:apple	dCpydImg
+# probably also img like: "Utilitaires 2.img" "Installation 7.img"
+!:ext	image/dc42/img
+# data size in bytes like: 409600 737280 819200 1474560
+>0x40	ubelong		x	\b, %u bytes
+# for debugging purpose size in hexadecimal
+#>0x40	ubelong		x	(%#8.8x)
+# tag size in bytes like: 0 (often) 2580h (PUID fmt/625) 4B00h (Microsoft Mail.image)
+>0x44	ubelong		>0	\b, %#x tag size
+# data checksum
+#>0x48	ubelong		x	\b, %#x checksum
+# tag checksum
+#>0x4c	ubelong		x	\b, %#x tag checksum
+# disk encoding like: 0 1 2 3 (PUID: fmt/625)
+>0x50	ubyte		0	\b, GCR CLV ssdd (400k)
+>0x50	ubyte		1	\b, GCR CLV dsdd (800k)
+>0x50	ubyte		2	\b, MFM CAV dsdd (720k)
+>0x50	ubyte		3	\b, MFM CAV dshd (1440k)
+>0x50	ubyte		>3	\b, %#x encoding
+# format byte like: 12h (Lisa 400K) 24h (400K Macintosh) 96h (800K Apple II disk)
+# 2 (Mac 400k "Disquette Installation 13.image")
+# 22h (double-sided MFM or Mac 800k "Disco 12.image" "IIe Installer Disk.image")
+>0x51	ubyte		x	\b, %#x format
+#>0x54	ubequad		x	\b, data %#16.16llx
+# ESP, could this conflict with Easy Software Products' (e.g.ESP ghostscript) documentation?
+0	string	ESP ESP archive data
+# ZPack
+0	string	\1ZPK\1 ZPack archive data
+# Sky
+0	string	\xbc\x40 Sky archive data
+# UFA
+0	string	UFA UFA archive data
+# Dry
+0	string	=-H2O DRY archive data
+# FoxSQZ
+0	string	FOXSQZ FoxSQZ archive data
+# AR7
+0	string	,AR7 AR7 archive data
+# PPMZ
+0	string	PPMZ PPMZ archive data
+# MS Compress
+# Update: Joerg Jenderek
+# URL: http://fileformats.archiveteam.org/wiki/MS-DOS_installation_compression
+# Reference: https://hwiegman.home.xs4all.nl/fileformats/compress/szdd_kwaj_format.html
+# Note: use correct version of extracting tool like EXPAND, UNPACK, DECOMP or 7Z  
+4	string	\x88\xf0\x27
+#		KWAJ variant
+>0	string	KWAJ		MS Compress archive data, KWAJ variant
+!:mime	application/x-ms-compress-kwaj
+# extension not working in version 5.32
+# magic/Magdir/archive, 284: Warning: EXTENSION type ` ??_' has bad char '?'
+# file: line 284: Bad magic entry '   ??_'
+!:ext	??_
+# compression method (0-4)
+>>8	uleshort	x	\b, %u method
+# offset of compressed data
+>>10	uleshort	x	\b, %#x offset
+#>>(10.s)	uleshort	x
+#>>>&-6		string	x	\b, TEST extension %-.3s
+# header flags to mark header extensions
+>>12	uleshort	>0	\b, %#x flags
+# 4 bytes: decompressed length of file
+>>12	uleshort	&0x01
+>>>14	ulelong		x	\b, original size: %u bytes
+# 2 bytes: unknown purpose
+# 2 bytes: length of unknown data + mentioned bytes
+# 1-9 bytes: null-terminated file name
+# 1-4 bytes: null-terminated file extension
+>>12	uleshort	&0x08
+>>>12	uleshort				^0x01
+>>>>12		uleshort			^0x02
+>>>>>12			uleshort		^0x04
+>>>>>>12			uleshort	^0x10	
+>>>>>>>14				string	x	\b, %-.8s
+>>>>>>12			uleshort	&0x10	
+>>>>>>>14				string	x	\b, %-.8s
+>>>>>>>>&1				string	x	\b.%-.3s
+>>>>>12			uleshort		&0x04
+>>>>>>12			uleshort	^0x10	
+>>>>>>>(14.s)			uleshort	x
+>>>>>>>>&14				string	x	\b, %-.8s
+>>>>>>12			uleshort	&0x10	
+>>>>>>>(14.s)			uleshort	x
+>>>>>>>>&14				string	x	\b, %-.8s
+>>>>>>>>>&1				string	x	\b.%-.3s
+>>>>12		uleshort			&0x02
+>>>>>12			uleshort		^0x04
+>>>>>>12			uleshort	^0x10	
+>>>>>>>16				string	x	\b, %-.8s
+>>>>>>12			uleshort	&0x10	
+>>>>>>>16				string	x	\b, %-.8s
+>>>>>>>>&1				string	x	\b.%-.3s
+>>>>>12			uleshort		&0x04
+>>>>>>12			uleshort	^0x10	
+>>>>>>>(16.s)			uleshort	x
+>>>>>>>>&16				string	x	\b, %-.8s
+>>>>>>12			uleshort	&0x10	
+>>>>>>>(16.s)			uleshort	x
+>>>>>>>&16				string	x	%-.8s
+>>>>>>>>&1				string	x	\b.%-.3s
+>>>12	uleshort				&0x01
+>>>>12		uleshort			^0x02
+>>>>>12			uleshort		^0x04
+>>>>>>12			uleshort	^0x10
+>>>>>>>18				string	x	\b, %-.8s
+>>>>>>12			uleshort	&0x10	
+>>>>>>>18				string	x	\b, %-.8s
+>>>>>>>>&1				string	x	\b.%-.3s
+>>>>>12			uleshort		&0x04
+>>>>>>12			uleshort	^0x10	
+>>>>>>>(18.s)			uleshort	x
+>>>>>>>>&18				string	x	\b, %-.8s
+>>>>>>12			uleshort	&0x10	
+>>>>>>>(18.s)			uleshort	x
+>>>>>>>>&18				string	x	\b, %-.8s
+>>>>>>>>>&1				string	x	\b.%-.3s
+>>>>12		uleshort			&0x02
+>>>>>12			uleshort		^0x04
+>>>>>>12			uleshort	^0x10	
+>>>>>>>20				string	x	\b, %-.8s
+>>>>>>12			uleshort	&0x10	
+>>>>>>>20				string	x	\b, %-.8s
+>>>>>>>>&1				string	x	\b.%-.3s
+>>>>>12			uleshort		&0x04
+>>>>>>12			uleshort	^0x10	
+>>>>>>>(20.s)			uleshort	x
+>>>>>>>>&20				string	x	\b, %-.8s
+>>>>>>12			uleshort	&0x10	
+>>>>>>>(20.s)			uleshort	x
+>>>>>>>>&20				string	x	\b, %-.8s
+>>>>>>>>>&1				string	x	\b.%-.3s
+# 2 bytes: length of data + mentioned bytes
+#
+#		SZDD variant Haruhiko Okumura's LZSS or 7z type MsLZ
+# URL:		http://fileformats.archiveteam.org/wiki/MS-DOS_installation_compression
+# Reference:	http://www.cabextract.org.uk/libmspack/doc/szdd_kwaj_format.html
+#		http://mark0.net/download/triddefs_xml.7z/defs/s/szdd.trid.xml
+# Note:		called "Microsoft SZDD compressed (Haruhiko Okumura's LZSS)" by TrID
+#		verfied by 7-Zip `7z l -tMsLZ -slt *.??_` as MsLZ
+#		`deark -l -m lzss_oku -d2 setup-1-41.bin` as "LZSS.C by Haruhiko Okumura"
+>0	string	SZDD		MS Compress archive data, SZDD variant
+# 2nd part of signature
+#>>4	ubelong	0x88F02733	\b, SIGNATURE OK
+!:mime	application/x-ms-compress-szdd
+!:ext	??_
+# The character missing from the end of the filename (0=unknown)
+>>9	string	>\0		\b, %-.1s is last character of original name
+# https://www.betaarchive.com/forum/viewtopic.php?t=26161
+# Compression mode: "A" (0x41) found but sometimes "B" in Windows 3.1 builds 026 and 034e
+>>8	string	!A		\b, %-.1s method
+>>10	ulelong	>0		\b, original size: %u bytes
+# Summary:	InstallShield archive with SZDD compressed
+# URL:		https://community.flexera.com/t5/InstallShield-Knowledge-Base/InstallShield-Redistributable-Files/ta-p/5647
+# From:		Joerg Jenderek
+1	search/48/bs	SZDD\x88\xF0\x27\x33	InstallShield archive
+#!:mime	application/octet-stream
+!:mime	application/x-installshield-compress-szdd
+!:ext	ibt
+# name of compressed archive member like: setup.dl_ _setup7int.dl_ _setup2k.dl_ _igdi.dl_ cabinet.dl_
+>0	string	x		%s
+# name of uncompressed archive member like: setup.dll _Setup.dll IGdi.dll CABINET.DLL
+>>&1	string	x		(%s)
+# probably version like: 9.0.0.333 9.1.0.429 11.50.0.42618
+>>>&1	string	x		\b, version %s
+# SZDD member length like: 168048 169333 181842
+>>>>&1	string	x		\b, %s bytes
+# MS Compress archive data
+#>&0	string		SZDD	\b, SIGNATURE FOUND
+>&0	indirect	x
+#		QBasic SZDD variant
+3	string	\x88\xf0\x27
+>0	string	SZ\x20		MS Compress archive data, QBasic variant
+!:mime	application/x-ms-compress-sz
+!:ext	??$
+>>8	ulelong	>0		\b, original size: %u bytes
+
+# Summary:	lzss compressed/EDI Pack
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/EDI_Install_packed_file
+# Note:		called "EDI Install LZS compressed data" by TrID and verified by
+#		command like `deark -l -m edi_pack -d2 BOOK01A.IC$` as "EDI Pack LZSS1"
+0	string					EDILZSS
+>7	string					1
+# look for point character before orginal file name extension
+>>8	search/9/b				.
+# check suffix of possible orginal file anme
+#>>>&0		ubelong				x	SUFFIX=%8.8x
+# samples without valid character after point in original file name field like: FENNEL.LZS PLANTAIN.LZS
+>>>&0		ubyte				<0x20
+>>>>0			use				edi-lzs
+# samples with valid character after point in original file name field
+>>>&0		ubyte				>0x1F
+# check 2nd charcter of suffix
+#>>>>&0			ubyte	x			2ND_SUFFIX=%x
+# sample with one valid character after point followed by \0 in original file name field like: SPELMATE.H$
+>>>>&0			ubyte			=0
+>>>>>0				use			edi-pack
+>>>>&0			ubyte			>0x1F
+# check 3rd charcter of suffix
+#>>>>>&0				ubyte		x	3RD_SUFFIX=%x
+# no sample with 2 valid characters after point followed by \0 in original file name field
+>>>>>&0				ubyte		=0
+>>>>>>0					use		edi-pack
+# samples with valid 3rd character after point in original file name field
+>>>>>&0				ubyte		>0x1F
+# sample with 3 valid character after point followed by \0 in original file name field like: BOOK01A.IC$ CTL3D.DL$
+>>>>>>&0				ubyte	=0
+>>>>>>>0					use	edi-pack
+# sample with 3 valid character after point followed by no \0 in original file name field like: HERBTEXT.LZS
+>>>>>>&0				ubyte	!0
+>>>>>>>0					use	edi-lzs
+# no sample with invalid 3rd character after point in original file name field
+>>>>>&0				default		x
+>>>>>>0					use		edi-lzs
+# sample with invalid 2nd character after point in original file name field like: LACERATE.LZS SPLINTER.LZS
+>>>>&0			default			x
+>>>>>0	use						edi-lzs
+# sample without point character in original file name field like GUNSHOT.LZS
+>>8	default					x
+>>>0		use					edi-lzs
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/e/edi-lzss2.trid.xml
+# Note:		called "EDI Install Pro LZSS2 compressed data" by TrID and verified by
+#		command like `deark -l -m edi_pack -d2 4WAY.WA$` as "EDI Pack LZSS2"
+>7	string			2			EDI LZSS2 packed
+#!:mime	application/octet-stream
+!:mime	application/x-edi-pack-lzss
+# the name of a compressed file often ends in character '$' or '_'
+!:ext	??$/??_
+# original filename, NUL-terminated, padded to 13 bytes like: mci.vbx 4way.wav skymap.exe cmdialog.vbx
+>>8		string		x			"%-0.13s"
+# original file size, as a 4-byte integer.
+>>21		ulelong		x			\b, %u bytes
+# compressed data like: ff5249464606ec00 ff4d5aa601010000
+>>>25		ubequad		x			\b, data %#16.16llx...
+0	name		edi-pack
+# Note:		verified by command like `deark -l -d2 SPELMATE.H$` as "EDI Pack LZSS1"
+# original filename, NUL-terminated, padded to 13 bytes like: ctl3d.dll spelmate.h filemenu.rc owl.def index-it.exe
+# but not like \377Aloe.lzs\273 (HERBTEXT.LZS)
+>8	string		x				EDI LZSS packed "%-.13s"
+#!:mime	application/octet-stream
+!:mime	application/x-edi-pack-lzss
+# the name of a compressed file often ends in character '$' or '_'
+!:ext	??$/?$
+# compressed data like: f7000001eff02020 ff4d5aa900020000 ff2f2a207370656c
+>21	ubequad		x				\b, data %#16.16llx...
+# URL:		http://fileformats.archiveteam.org/wiki/EDI_LZSSLib
+# Note:		verified partly by command like `deark -l -m edi_pack -d2 GUNSHOT.LZS` as "EDI LZSSLib"
+0	name		edi-lzs
+# Note:		verified by command like `deark -l -d2 GUNSHOT.LZS` as "EDI LZSSLib"
+# no original filename looks like: \277BM\226.\0 \277BM.n\001 \277BM\226.\0 \277BM.g\001 \377Aloe.lzs\273
+>8	string		x				EDI LZSSLib packed
+#!:mime	application/octet-stream
+!:mime	application/x-edi-pack-lzss
+# The name of a compressed file ends with LZS suffix
+!:ext	lzs
+# compressed data like: bf424df6e10100f3 ff416c6f652e6c7a ff416c6f652e6c7a
+>8	ubequad		x				\b, data %#16.16llx...
+
+# Summary:	CAZIP compressed file
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/CAZIP
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/c/caz.trid.xml
+# Note:		Format is distinct from CAZIPXP compressed
+0	string	\x0D\x0A\x1ACAZIP	CAZIP compressed file
+#!:mime	application/octet-stream
+!:mime	application/x-compress-cazip
+# like: BLINKER.WR_ CLIPDEFS._ CAOSETUP.EX_ CLIPPER.EX_ FILEIO.C_
+!:ext	??_/?_/_
+
+# Summary:	FTCOMP compressed archive
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/FTCOMP
+# Reference:    http://mark0.net/download/triddefs_xml.7z/defs/a/ark-ftcomp.trid.xml
+# Note:		called by TrID "FTCOMP compressed archive"
+#		extracted by `unpack seahelp.hl_`
+24	string/b	FTCOMP		FTCOMP compressed archive
+#!:mime	application/octet-stream
+!:mime	application/x-compress-ftcomp
+!:ext	??_/??@/dll/drv/pk2/
+# probably A596FDFF magic at the beginning
+>0	ubelong		!0xA596FDFF	\b, at beginning %#x
+# probably original file name with directory like: \OS2\unpack.exe \SYSTEM\8514.DRV MAHJONGG.EXE
+>41	string		x		"%s"
+
+# MP3 (archiver, not lossy audio compression)
+0	string	MP3\x1a MP3-Archiver archive data
+# ZET
+0	string	OZ\xc3\x9d ZET archive data
+# TSComp
+0	string	\x65\x5d\x13\x8c\x08\x01\x03\x00 TSComp archive data
+# ARQ
+0	string	gW\4\1 ARQ archive data
+# Squash
+3	string	OctSqu Squash archive data
+# Terse
+0	string	\5\1\1\0 Terse archive data
+# UHarc
+0	string	UHA UHarc archive data
+# ABComp
+0	string	\2AB ABComp archive data
+0	string	\3AB2 ABComp archive data
+# CMP
+0	string	CO\0 CMP archive data
+# Splint
+0	string	\x93\xb9\x06 Splint archive data
+# InstallShield
+0	string	\x13\x5d\x65\x8c InstallShield Z archive Data
+# Gather
+1	string	GTH Gather archive data
+# BOA
+0	string	BOA BOA archive data
+# RAX
+0	string	ULEB\xa RAX archive data
+# Xtreme
+0	string	ULEB\0 Xtreme archive data
+# Pack Magic
+0	string	@\xc3\xa2\1\0 Pack Magic archive data
+# BTS
+0	belong&0xfeffffff	0x1a034465 BTS archive data
+# ELI 5750
+0	string	Ora\  ELI 5750 archive data
+# QFC
+0	string	\x1aFC\x1a QFC archive data
+0	string	\x1aQF\x1a QFC archive data
+# PRO-PACK https://www.segaretro.org/Rob_Northen_compression
+0	string	RNC
+>3	byte	1	PRO-PACK archive data (compression 1)
+>3	byte	2	PRO-PACK archive data (compression 2)
+# 777
+0	string	777 777 archive data
+# LZS221
+0	string	sTaC LZS221 archive data
+# HPA
+0	string	HPA HPA archive data
+# Arhangel
+0	string	LG Arhangel archive data
+# EXP1, uses bzip2
+0	string	0123456789012345BZh EXP1 archive data
+# IMP
+0	string	IMP\xa IMP archive data
+# NRV
+0	string	\x00\x9E\x6E\x72\x76\xFF NRV archive data
+# Squish
+0	string	\x73\xb2\x90\xf4 Squish archive data
+# Par
+0	string	PHILIPP Par archive data
+0	string	PAR Par archive data
+# HIT
+0	string	UB HIT archive data
+# SBX
+0	belong&0xfffff000	0x53423000 SBX archive data
+# NaShrink
+0	string	NSK NaShrink archive data
+# SAPCAR
+0	string	#\ CAR\ archive\ header SAPCAR archive data
+0	string	CAR\ 2.00 SAPCAR archive data
+0	string	CAR\ 2.01 SAPCAR archive data
+#!:mime	application/octet-stream
+!:mime	application/vnd.sar
+!:ext	sar
+# Disintegrator
+0	string	DST Disintegrator archive data
+# ASD
+0	string	ASD ASD archive data
+# InstallShield CAB
+# Update:	Joerg Jenderek at Nov 2021
+# URL:		https://en.wikipedia.org/wiki/InstallShield
+# Reference:	https://github.com/twogood/unshield/blob/master/lib/cabfile.h
+# Note:		Not compatible with Microsoft CAB files
+# http://mark0.net/download/triddefs_xml.7z/defs/a/ark-cab-ishield.trid.xml
+# CAB_SIGNATURE 0x28635349
+0	string	ISc( InstallShield
+#!:mime		application/octet-stream
+!:mime		application/x-installshield
+# http://mark0.net/download/triddefs_xml.7z/defs/a/ark-cab-ishield-hdr.trid.xml
+>16	ulelong	!0	setup header
+# like: _SYS1.HDR _USER1.HDR data1.hdr
+!:ext	hdr
+>16	ulelong	=0	CAB
+# like: _SYS1.CAB _USER1.CAB DATA1.CAB  data2.cab
+!:ext	cab
+# https://github.com/twogood/unshield/blob/master/lib/helper.c
+# version like:	0x1005201 0x100600c 0x1007000 0x1009500
+#		0x2000578 0x20005dc 0x2000640 0x40007d0 0x4000834
+>4	ulelong	x	\b, version %#x
+# volume_info like: 0
+>8	ulelong	!0	\b, volume_info %#x
+# cab_descriptor_offset like: 0x200
+>12	ulelong	!0x200	\b, offset %#x
+#>0x200	ubequad	x	\b, at 0x200 %#16.16llx
+# cab_descriptor_size like: 0 (*.cab) BD5 C8B DA5 E2A E36 116C 251D 4DA9 56F0 5CC2 6E4B 777D 779E 1F7C2
+>16	ulelong	!0	\b, descriptor size %#x
+# TOP4
+0	string	T4\x1a TOP4 archive data
+# BatComp left out: sig looks like COM executable
+# so TODO: get real 4dos batcomp file and find sig
+# BlakHole
+0	string	BH\5\7 BlakHole archive data
+# BIX
+0	string	BIX0 BIX archive data
+# ChiefLZA
+0	string	ChfLZ ChiefLZA archive data
+# Blink
+0	string	Blink Blink archive data
+# Logitech Compress
+0	string	\xda\xfa Logitech Compress archive data
+# ARS-Sfx (FIXME: really a SFX? then goto COM/EXE)
+1	string	(C)\ STEPANYUK ARS-Sfx archive data
+# AKT/AKT32
+0	string	AKT32 AKT32 archive data
+0	string	AKT AKT archive data
+# NPack
+0	string	MSTSM NPack archive data
+# PFT
+0	string	\0\x50\0\x14 PFT archive data
+# SemOne
+0	string	SEM SemOne archive data
+# PPMD
+0	string	\x8f\xaf\xac\x84 PPMD archive data
+# FIZ
+0	string	FIZ FIZ archive data
+# MSXiE
+0	belong&0xfffff0f0	0x4d530000 MSXiE archive data
+# DeepFreezer
+0	belong&0xfffffff0	0x797a3030 DeepFreezer archive data
+# DC
+0	string	=<DC- DC archive data
+# TPac
+0	string	\4TPAC\3 TPac archive data
+# Ai
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Ai_Archiver
+0	string	Ai\1\1\0 Ai archive data
+#!:mime	application/octet-stream
+!:mime	application/x-compress-ai
+!:ext	ai
+0	string	Ai\1\0\0 Ai archive data
+#!:mime	application/octet-stream
+!:mime	application/x-compress-ai
+!:ext	ai
+# Ai32
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/a/ark-ai.trid.xml
+# Note:		called "Ai Archivator compressed archive" by TrID
+0	string	Ai\2\0 Ai32 archive data
+#!:mime	application/octet-stream
+!:mime	application/x-compress-ai
+!:ext	ai
+# original file name
+>8	pstring/h x	"%s"
+# according to TrID the next 3 bytes are nil
+>5	ubyte	!0	\b, at 5 %#x
+>6	ubyte	!0	\b, at 6 %#x
+>7	ubyte	!0	\b, at 7 %#x
+# the fourth byte with value 0 is probably a flag for "non solid" mode
+#>3	ubyte	=0x00	\b, unsolid mode
+0	string	Ai\2\1 Ai32 archive data
+#!:mime	application/octet-stream
+!:mime	application/x-compress-ai
+!:ext	ai
+# original file name
+>8	pstring/h x	"%s"
+# the fourth byte with value 0x01 is probably a flag for "solid" mode; this is not the default
+>3	ubyte	=0x01	\b, solid mode
+# SBC
+0	string	SBC SBC archive data
+# Ybs
+0	string	YBS Ybs archive data
+# DitPack
+0	string	\x9e\0\0 DitPack archive data
+# DMS
+0	string	DMS! DMS archive data
+# EPC
+0	string	\x8f\xaf\xac\x8c EPC archive data
+# VSARC
+0	string	VS\x1a VSARC archive data
+# PDZ
+0	string	PDZ PDZ archive data
+# ReDuq
+0	string	rdqx ReDuq archive data
+# GCA
+0	string	GCAX GCA archive data
+# PPMN
+0	string	pN PPMN archive data
+# WinImage
+3	string	WINIMAGE WinImage archive data
+# Compressia
+0	string	CMP0CMP Compressia archive data
+# UHBC
+0	string	UHB UHBC archive data
+# WinHKI
+0	string	\x61\x5C\x04\x05 WinHKI archive data
+# WWPack data file
+0	string	WWP WWPack archive data
+# BSN (BSA, PTS-DOS)
+0	string	\xffBSG BSN archive data
+1	string	\xffBSG BSN archive data
+3	string	\xffBSG BSN archive data
+1	string	\0\xae\2 BSN archive data
+1	string	\0\xae\3 BSN archive data
+1	string	\0\xae\7 BSN archive data
+# AIN
+0	string	\x33\x18 AIN archive data
+0	string	\x33\x17 AIN archive data
+# XPA32 test moved and merged with XPA by Joerg Jenderek at Sep 2015
+# SZip (TODO: doesn't catch all versions)
+0	string	SZ\x0a\4 SZip archive data
+# XPack DiskImage
+# *.XDI updated by Joerg Jenderek Sep 2015
+# ftp://ftp.sac.sk/pub/sac/pack/0index.txt
+# GRR: this test is still too general as it catches also text files starting with jm
+0	string	jm
+# only found examples with this additional characteristic 2 bytes
+>2	string	\x2\x4	Xpack DiskImage archive data
+#!:ext xdi
+# XPack Data
+# *.xpa updated by Joerg Jenderek Sep 2015
+# ftp://ftp.elf.stuba.sk/pub/pc/pack/
+0	string	xpa	XPA
+!:ext	xpa
+# XPA32
+# ftp://ftp.elf.stuba.sk/pub/pc/pack/xpa32.zip
+# created by XPA32.EXE version 1.0.2 for Windows
+>0	string	xpa\0\1 \b32 archive data
+# created by XPACK.COM version 1.67m or 1.67r with short 0x1800
+>3	ubeshort	!0x0001	\bck archive data
+# XPack Single Data
+# changed by Joerg Jenderek Sep 2015 back to like in version 5.12
+# letter 'I'+ acute accent is equivalent to \xcd
+0	string	\xcd\ jm	Xpack single archive data
+#!:mime	application/x-xpa-compressed
+!:ext xpa
+
+# TODO: missing due to unknown magic/magic at end of file:
+#DWC
+#ARG
+#ZAR
+#PC/3270
+#InstallIt
+#RKive
+#RK
+#XPack Diskimage
+
+# These were inspired by idarc, but actually verified
+# Dzip archiver (.dz)
+# Update: Joerg Jenderek
+# URL: http://speeddemosarchive.com/dzip/
+# reference: http://speeddemosarchive.com/dzip/dz29src.zip/main.c 
+# GRR: line below is too general as it matches also ASCII texts like Doszip commander help dz.txt
+0	string	DZ 
+# latest version is 2.9 dated 7 may 2003
+>2	byte	<4 Dzip archive data
+!:mime	application/x-dzip
+!:ext	dz
+>>2	byte	x \b, version %i
+>>3	byte	x \b.%i
+>>4	ulelong	x \b, offset %#x
+>>8	ulelong	x \b, %u files
+# ZZip archiver (.zz)
+0	string	ZZ\ \0\0 ZZip archive data
+0	string	ZZ0 ZZip archive data
+# PAQ archiver (.paq)
+0	string	\xaa\x40\x5f\x77\x1f\xe5\x82\x0d PAQ archive data
+0	string	PAQ PAQ archive data
+>3	byte&0xf0	0x30
+>>3	byte	x (v%c)
+# JAR archiver (.j), this is the successor to ARJ, not Java's JAR (which is essentially ZIP)
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/JAR_(ARJ_Software)
+# reference:	http://mark0.net/download/triddefs_xml.7z/defs/a/ark-jar.trid.xml
+#		https://www.sac.sk/download/pack/jar102x.exe/TECHNOTE.DOC
+# Note:		called "JAR compressed archive" by TrID
+0xe	string	\x1aJar\x1b JAR (ARJ Software, Inc.) archive data
+#!:mime	application/octet-stream
+!:mime	application/x-compress-j
+>0	ulelong	x		\b, CRC32 %#x
+# standard suffix is ".j"; for multi volumes following order j01 j02 ... j99 100 ... 990
+!:ext	j/j01/j02
+# URL:		http://fileformats.archiveteam.org/wiki/JARCS
+# reference:	http://mark0.net/download/triddefs_xml.7z/defs/a/ark-jarcs.trid.xml
+# Note:		called "JARCS compressed archive" by TrID
+0	string	JARCS JAR (ARJ Software, Inc.) archive data
+#!:mime	application/octet-stream
+!:mime	application/x-compress-jar
+!:ext	jar
+
+# ARJ archiver (jason@jarthur.Claremont.EDU)
+# URL:		http://fileformats.archiveteam.org/wiki/ARJ
+# reference:	http://mark0.net/download/triddefs_xml.7z/defs/a/ark-arj.trid.xml
+#		https://github.com/FarGroup/FarManager/
+#		blob/master/plugins/multiarc/arc.doc/arj.txt
+# Note:		called "ARJ compressed archive" by TrID and
+#		"ARJ File Format" by DROID via PUID fmt/610
+#		verified by `7z l -tarj PHRACK1.ARJ` and
+#		`arj.exe l TEST-hk9.ARJ`
+0	leshort		0xea60
+# skip DROID fmt-610-signature-id-946.arj by check for valid file type of main header
+>0xA	ubyte		2
+>>0	use		arj-archive
+0	name		arj-archive
+>0	leshort		x		ARJ archive
+!:mime	application/x-arj
+# look for terminating 0-character of filename
+>0x26	search/1024	\0
+# file name extension is normally .arj but not for parts of multi volume
+#>>&-5	string		x		extension %.4s
+>>&-5	string/c	.arj		data
+!:ext	arj
+>>&-5	default		x
+# for multi volume first name is archive.arj then following parts archive.a01 archive.a02 ...
+>>>8	byte		&0x04		data
+!:ext	a01/a02
+# for SFX first name is archive.exe then following parts archive.e01 archive.e02 ...
+>>>8	byte		^0x04		data, SFX multi-volume
+!:ext	e01/e02
+# basic header size like: 0x002b 0x002c 0x04e0 0x04e3 0x04e7
+#>2	uleshort	x		basic header size %#4.4x
+# next fragment content like: 0x0a200a003a8fc713 0x524a000010bb3471 0x524a0000c73c70f9
+#>(2.s)	ubequad		x		NEXT FRAGMENT CONTENT %#16.16llx
+# first_hdr_size; seems to be same as basic header size
+#>2	uleshort	x		1st header size %#x
+# archiver version number like: 3 4 6 11 102
+>5	byte		x		\b, v%d
+# minimum archiver version to extract like: 1
+>6	ubyte		!1		\b, minimum %u to extract
+# FOR DEBUGGING
+#>8	byte		x		\b, FLAGS %#x
+# GARBLED_FLAG1; garble with password; g switch
+>8	byte		&0x01		\b, password-protected
+# encryption version: 0~old  1~old 2~new 3~reserved 4~40 bit key GOST
+>>0x20	ubyte		x		(v%u)
+#>8	byte		&0x02		\b, secured
+# ANSIPAGE_FLAG; indicates ANSI codepage used by ARJ32; hy switch
+>8	byte		&0x02		\b, ANSI codepage
+# VOLUME_FLAG indicates presence of succeeding volume; but apparently not for SFX
+>8	byte		&0x04		\b, multi-volume
+#>8	byte		&0x08		\b, file-offset
+# ARJPROT_FLAG; build with data protection record; hk switch
+>8	byte		&0x08		\b, recoverable
+# arj protection factor; maximal 10; switch hky -> factor=y+1
+>>0x22	byte		x		(factor %u)
+>8	byte		&0x10		\b, slash-switched
+# BACKUP_FLAG; obsolete
+>8	byte		&0x20		\b, backup
+# SECURED_FLAG;
+>8	byte		&0x40		\b, secured,
+# ALTNAME_FLAG; indicates dual-name archive
+>8	byte		&0x80		\b, dual-name
+# security version; 0~old 2~current
+>9	ubyte		!0
+>>9	ubyte		!2		\b, security version %u
+# file type; 2 in main header; 0~binary 1~7-bitText 2~comment 3~directory 4~VolumeLabel 5=ChapterLabel
+>0xA	ubyte		!2		\b, file type %u
+# date+time when original archive was created in MS-DOS format via ./msdos
+>0xC	ulelong		x		\b, created
+>0xC	use		dos-date
+# or date and time by new internal function
+#>0xE	lemsdosdate	x		%s
+#>0xC	lemsdostime	x		%s
+# FOR DEBUGGING
+#>0x12	uleshort	x		RAW DATE %#4.4x
+#>0x10	uleshort	x		RAW TIME %#4.4x
+# date+time when archive was last modified; sometimes nil or
+# maybe wrong like in HP4DRVR.ARJ
+#>0x10	ulelong		>0		\b, modified
+#>>0x10	use		dos-date
+# or date and time by new internal function
+#>>0x12	lemsdosdate	x		%s
+#>>0x10	lemsdostime	x		%s
+# archive size (currently used only for secured archives); MAYBE?
+#>0x14	ulelong		!0		\b, file size %u
+# security envelope file position; MAYBE?
+#>0x18	ulelong		!0		\b, at %#x security envelope
+# filespec position in filename; WHAT IS THAT?
+#>0x1C	uleshort	>0		\b, filespec position %#x
+# length in bytes of security envelope data like: 2CAh 301h 364h 471h
+>0x1E	uleshort	!0		\b, security envelope length %#x
+# last chapter like: 0 1
+>0x21	ubyte		!0		\b, last chapter %u
+# filename (null-terminated string); sometimes at 0x26 when 4 bytes for extra data
+>34	byte		x		\b, original name:
+# with extras data
+>34	byte		<0x0B
+>>38	string		x		%s
+# without extras data
+>34	byte		>0x0A
+>>34	string		x		%s
+# host OS: 0~MSDOS ... 11~WIN32
+>7	byte		0		\b, os: MS-DOS
+>7	byte		1		\b, os: PRIMOS
+>7	byte		2		\b, os: Unix
+>7	byte		3		\b, os: Amiga
+>7	byte		4		\b, os: Macintosh
+>7	byte		5		\b, os: OS/2
+>7	byte		6		\b, os: Apple ][ GS
+>7	byte		7		\b, os: Atari ST
+>7	byte		8		\b, os: NeXT
+>7	byte		9		\b, os: VAX/VMS
+>7	byte		10		\b, os: WIN95
+>7	byte		11		\b, os: WIN32
+# [JW] idarc says this is also possible
+2	leshort		0xea60		ARJ archive data
+#2	leshort		0xea60
+#>2	use		arj-archive
+
+# HA archiver (Greg Roelofs, newt@uchicago.edu)
+# This is a really bad format. A file containing HAWAII will match this...
+#0	string		HA		HA archive data,
+#>2	leshort		=1		1 file,
+#>2	leshort		>1		%hu files,
+#>4	byte&0x0f	=0		first is type CPY
+#>4	byte&0x0f	=1		first is type ASC
+#>4	byte&0x0f	=2		first is type HSC
+#>4	byte&0x0f	=0x0e		first is type DIR
+#>4	byte&0x0f	=0x0f		first is type SPECIAL
+# suggestion: at least identify small archives (<1024 files)
+0  belong&0xffff00fc 0x48410000 HA archive data
+>2	leshort		=1		1 file,
+>2	leshort		>1		%u files,
+>4	byte&0x0f	=0		first is type CPY
+>4	byte&0x0f	=1		first is type ASC
+>4	byte&0x0f	=2		first is type HSC
+>4	byte&0x0f	=0x0e		first is type DIR
+>4	byte&0x0f	=0x0f		first is type SPECIAL
+
+# HPACK archiver (Peter Gutmann, pgut1@cs.aukuni.ac.nz)
+0	string		HPAK		HPACK archive data
+
+# JAM Archive volume format, by Dmitry.Kohmanyuk@UA.net
+0	string		\351,\001JAM\ 		JAM archive,
+>7	string		>\0			version %.4s
+>0x26	byte		=0x27			-
+>>0x2b	string          >\0			label %.11s,
+>>0x27	lelong		x			serial %08x,
+>>0x36	string		>\0			fstype %.8s
+
+# LHARC/LHA archiver (Greg Roelofs, newt@uchicago.edu)
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/LHA_(file_format)
+# Reference: https://web.archive.org/web/20021005080911/http://www.osirusoft.com/joejared/lzhformat.html
+#
+#	check and display information of lharc (LHa,PMarc) file
+0	name				lharc-file
+# check 1st character of method id like -lz4- -lh5- or -pm2-
+>2	string		-
+# check 5th character of method id
+>>6	string		-
+# check header level 0 1 2 3
+>>>20	ubyte		<4
+# check 2nd, 3th and 4th character of method id
+>>>>3	regex		\^(lh[0-9a-ex]|lz[s2-8]|pm[012]|pc1)		\b 
+!:mime	application/x-lzh-compressed
+# creator type "LHA "
+!:apple	????LHA
+# display archive type name like "LHa/LZS archive data" or "LArc archive"
+>>>>>2	string		-lz		\b 
+!:ext	lzs
+# already known  -lzs- -lz4- -lz5- with old names
+>>>>>>2	string	-lzs		LHa/LZS archive data
+>>>>>>3	regex	\^lz[45]	LHarc 1.x archive data
+# missing -lz?- with wikipedia names
+>>>>>>3	regex	\^lz[2378]	LArc archive
+# display archive type name like "LHa (2.x) archive data"
+>>>>>2	string		-lh		\b
+# already known -lh0- -lh1- -lh2- -lh3-  -lh4- -lh5- -lh6- -lh7- -lhd- variants with old names
+>>>>>>3	regex		\^lh[01]	LHarc 1.x/ARX archive data
+# LHice archiver use ".ICE" as name extension instead usual one ".lzh"
+# FOOBAR archiver use ".foo" as name extension instead usual one
+# "Florian Orjanov's and Olga Bachetska's ARchiver" not found at the moment
+>>>>>>>2	string	-lh1		\b 
+!:ext lha/lzh/ice
+>>>>>>3	regex		\^lh[23d]	LHa 2.x? archive data
+>>>>>>3	regex		\^lh[7]		LHa (2.x)/LHark archive data
+>>>>>>3	regex		\^lh[456]	LHa (2.x) archive data
+>>>>>>>2	string	-lh5		\b 
+# https://en.wikipedia.org/wiki/BIOS
+# Some mainboard BIOS like Award use LHa compression. So archives with unusual extension are found like
+# bios.rom , kd7_v14.bin, 1010.004, ...
+!:ext lha/lzh/rom/bin
+# missing -lh?- variants (Joe Jared)
+>>>>>>3	regex		\^lh[89a-ce]	LHa (Joe Jared) archive
+# UNLHA32 2.67a
+>>>>>>2	string		-lhx		LHa (UNLHA32) archive
+# lha archives with standard file name extensions ".lha" ".lzh"
+>>>>>>3	regex		!\^(lh1|lh5)	\b 
+!:ext lha/lzh
+# this should not happen if all -lh variants are described
+>>>>>>2	default		x		LHa (unknown) archive
+#!:ext	lha
+# PMarc
+>>>>>3	regex		\^pm[012]	PMarc archive data
+!:ext pma
+# append method id without leading and trailing minus character
+>>>>>3	string		x		[%3.3s]
+>>>>>>0	use	lharc-header
+#
+#	check and display information of lharc header
+0	name				lharc-header
+# header size 0x4 , 0x1b-0x61
+>0	ubyte		x
+# compressed data size != compressed file size
+#>7	ulelong		x		\b, data size %d
+# attribute: 0x2~?? 0x10~symlink|target 0x20~normal
+#>19	ubyte		x		\b, 19_%#x
+# level identifier 0 1 2 3
+#>20	ubyte		x		\b, level %d
+# time stamp
+#>15		ubelong	x		DATE %#8.8x
+# OS ID for level 1
+>20	ubyte		1
+# 0x20 types find for *.rom files
+>>(21.b+24)	ubyte	<0x21		\b, %#x OS
+# ascii type like M for MSDOS
+>>(21.b+24)	ubyte	>0x20		\b, '%c' OS
+# OS ID for level 2
+>20	ubyte		2
+#>>23	ubyte		x		\b, OS ID %#x
+>>23	ubyte		<0x21		\b, %#x OS
+>>23	ubyte		>0x20		\b, '%c' OS
+# filename only for level 0 and 1
+>20	ubyte		<2
+# length of filename
+>>21		ubyte	>0		\b, with
+# filename
+>>>21		pstring	x		"%s"
+#
+#2	string		-lh0-		LHarc 1.x/ARX archive data [lh0]
+#!:mime	application/x-lharc
+2	string		-lh0-
+>0	use	lharc-file
+#2	string		-lh1-		LHarc 1.x/ARX archive data [lh1]
+#!:mime	application/x-lharc
+2	string		-lh1-
+>0	use	lharc-file
+# NEW -lz2- ... -lz8-
+2	string		-lz2-
+>0	use	lharc-file
+2	string		-lz3-
+>0	use	lharc-file
+2	string		-lz4-
+>0	use	lharc-file
+2	string		-lz5-
+>0	use	lharc-file
+2	string		-lz7-
+>0	use	lharc-file
+2	string		-lz8-
+>0	use	lharc-file
+#	[never seen any but the last; -lh4- reported in comp.compression:]
+#2	string		-lzs-		LHa/LZS archive data [lzs]
+2	string		-lzs-
+>0	use	lharc-file
+# According to wikipedia and others such a version does not exist
+#2	string		-lh\40-		LHa 2.x? archive data [lh ]
+#2	string		-lhd-		LHa 2.x? archive data [lhd]
+2	string		-lhd-
+>0	use	lharc-file
+#2	string		-lh2-		LHa 2.x? archive data [lh2]
+2	string		-lh2-
+>0	use	lharc-file
+#2	string		-lh3-		LHa 2.x? archive data [lh3]
+2	string		-lh3-
+>0	use	lharc-file
+#2	string		-lh4-		LHa (2.x) archive data [lh4]
+2	string		-lh4-
+>0	use	lharc-file
+#2	string		-lh5-		LHa (2.x) archive data [lh5]
+2	string		-lh5-
+>0	use	lharc-file
+#2	string		-lh6-		LHa (2.x) archive data [lh6]
+2	string		-lh6-
+>0	use	lharc-file
+#2	string		-lh7-		LHa (2.x)/LHark archive data [lh7]
+2	string		-lh7-
+# !:mime	application/x-lha
+# >20	byte		x		- header level %d
+>0	use	lharc-file
+# NEW -lh8- ... -lhe- , -lhx-
+2	string		-lh8-
+>0	use	lharc-file
+2	string		-lh9-
+>0	use	lharc-file
+2	string		-lha-
+>0	use	lharc-file
+2	string		-lhb-
+>0	use	lharc-file
+2	string		-lhc-
+>0	use	lharc-file
+2	string		-lhe-
+>0	use	lharc-file
+2	string		-lhx-
+>0	use	lharc-file
+# taken from idarc [JW]
+2   string      -lZ         PUT archive data
+# already done by LHarc magics
+# this should never happen if all sub types of LZS archive are identified
+#2   string      -lz         LZS archive data
+2   string      -sw1-       Swag archive data
+
+0	name		rar-file-header
+>24	byte		15		\b, v1.5
+>24	byte		20		\b, v2.0
+>24	byte		29		\b, v4
+>15	byte		0		\b, os: MS-DOS
+>15	byte		1		\b, os: OS/2
+>15	byte		2		\b, os: Win32
+>15	byte		3		\b, os: Unix
+>15	byte		4		\b, os: Mac OS
+>15	byte		5		\b, os: BeOS
+
+0	name		rar-archive-header
+>3	leshort&0x1ff	>0		\b, flags:
+>>3	leshort		&0x01		ArchiveVolume
+>>3	leshort		&0x02		Commented
+>>3	leshort		&0x04		Locked
+>>3	leshort		&0x10		NewVolumeNaming
+>>3	leshort		&0x08		Solid
+>>3	leshort		&0x20		Authenticated
+>>3	leshort		&0x40		RecoveryRecordPresent
+>>3	leshort		&0x80		EncryptedBlockHeader
+>>3	leshort		&0x100		FirstVolume
+
+# RAR (Roshal Archive) archive
+0	string		Rar!\x1a\7\0		RAR archive data
+!:mime	application/x-rar
+!:ext	rar/cbr
+# file header
+>(0xc.l+9)	byte	0x74
+>>(0xc.l+7)	use	rar-file-header
+# subblock seems to share information with file header
+>(0xc.l+9)	byte	0x7a
+>>(0xc.l+7)	use	rar-file-header
+>9		byte	0x73
+>>7		use	rar-archive-header
+
+0	string		Rar!\x1a\7\1\0		RAR archive data, v5
+!:mime	application/x-rar
+!:ext	rar
+
+# Very old RAR archive
+# https://jasonblanks.com/wp-includes/images/papers/KnowyourarchiveRAR.pdf
+0	string		RE\x7e\x5e  RAR archive data (<v1.5)
+!:mime	application/x-rar
+!:ext	rar/cbr
+
+# SQUISH archiver (Greg Roelofs, newt@uchicago.edu)
+0	string		SQSH		squished archive data (Acorn RISCOS)
+
+# UC2 archiver (Greg Roelofs, newt@uchicago.edu)
+# [JW] see exe section for self-extracting version
+0	string		UC2\x1a		UC2 archive data
+
+# PKZIP multi-volume archive
+0	string		PK\x07\x08PK\x03\x04	Zip multi-volume archive data, at least PKZIP v2.50 to extract
+!:mime	application/zip
+!:ext zip/cbz
+
+# Android APK file (Zip archive)
+0	string		PK\003\004
+!:strength +1
+# Starts with AndroidManifest.xml (file name length = 19)
+>26	uleshort	19
+>>30	string	AndroidManifest.xml	Android package (APK), with AndroidManifest.xml
+!:mime	application/vnd.android.package-archive
+!:ext	apk
+>>>-22	string	PK\005\006
+>>>>(-6.l-16)	string	APK\x20Sig\x20Block\x2042	\b, with APK Signing Block
+# Starts with META-INF/com/android/build/gradle/app-metadata.properties
+>26	uleshort	57
+>>30	string	META-INF/com/android/build/gradle/
+>>>&0	string	app-metadata.properties	Android package (APK), with gradle app-metadata.properties
+!:mime	application/vnd.android.package-archive
+!:ext	apk
+>>>>-22	string	PK\005\006
+>>>>>(-6.l-16)	string	APK\x20Sig\x20Block\x2042	\b, with APK Signing Block
+# Starts with classes.dex (file name length = 11)
+>26	uleshort	11
+>>30	string	classes.dex	Android package (APK), with classes.dex
+!:mime	application/vnd.android.package-archive
+!:ext	apk
+>>>-22	string	PK\005\006
+>>>>(-6.l-16)	string	APK\x20Sig\x20Block\x2042	\b, with APK Signing Block
+# Starts with META-INF/MANIFEST.MF (file name length = 20)
+# NB: checks for resources.arsc, classes.dex, etc. as well to avoid matching JAR files
+>26	uleshort	20
+>>30	string	META-INF/MANIFEST.MF
+# Contains resources.arsc (near the end, in the central directory)
+>>>-512	search	resources.arsc	Android package (APK), with MANIFEST.MF and resources.arsc
+!:mime	application/vnd.android.package-archive
+!:ext	apk
+>>>>-22	string	PK\005\006
+>>>>>(-6.l-16)	string	APK\x20Sig\x20Block\x2042	\b, with APK Signing Block
+>>>-512	default x
+# Contains classes.dex (near the end, in the central directory)
+>>>>-512	search	classes.dex	Android package (APK), with MANIFEST.MF and classes.dex
+!:mime	application/vnd.android.package-archive
+!:ext	apk
+>>>>>-22	string	PK\005\006
+>>>>>>(-6.l-16)	string	APK\x20Sig\x20Block\x2042	\b, with APK Signing Block
+>>>>-512	default x
+# Contains lib/armeabi (near the end, in the central directory)
+>>>>>-512	search	lib/armeabi	Android package (APK), with MANIFEST.MF and armeabi lib
+!:mime	application/vnd.android.package-archive
+!:ext	apk
+>>>>>>-22	string	PK\005\006
+>>>>>>>(-6.l-16)	string	APK\x20Sig\x20Block\x2042	\b, with APK Signing Block
+>>>>>-512	default x
+# Contains drawables (near the end, in the central directory)
+>>>>>>-512	search	res/drawable	Android package (APK), with MANIFEST.MF and drawables
+!:mime	application/vnd.android.package-archive
+!:ext	apk
+>>>>>>>-22	string	PK\005\006
+>>>>>>>>(-6.l-16)	string	APK\x20Sig\x20Block\x2042	\b, with APK Signing Block
+# It may or may not be an APK file, but it's definitely a Java JAR file
+>>>>>>-512	default x	Java archive data (JAR)
+!:mime	application/java-archive
+!:ext	jar
+# Starts with zipflinger virtual entry (28 + 104 = 132 bytes)
+# See https://github.com/obfusk/apksigcopier/blob/666f5b7/apksigcopier/__init__.py#L230
+>4	string	\x00\x00\x00\x00\x00\x00
+>>&0	string	\x21\x08\x21\x02
+>>>&0	string	\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
+>>>>&0	string	\x00\x00	Android package (APK), with zipflinger virtual entry
+!:mime	application/vnd.android.package-archive
+!:ext	apk
+>>>>>-22	string	PK\005\006
+>>>>>>(-6.l-16)	string	APK\x20Sig\x20Block\x2042	\b, with APK Signing Block
+# APK Signing Block
+>0	default	x
+>>-22	string	PK\005\006
+>>>(-6.l-16)	string	APK\x20Sig\x20Block\x2042	Android package (APK), with APK Signing Block
+!:mime	application/vnd.android.package-archive
+!:ext	apk
+
+# Zip archives (Greg Roelofs, c/o zip-bugs@wkuvx1.wku.edu)
+0	string		PK\005\006	Zip archive data (empty)
+!:mime application/zip
+!:ext zip/cbz
+!:strength +1
+0	string		PK\003\004
+!:strength +1
+
+# Specialised zip formats which start with a member named 'mimetype'
+# (stored uncompressed, with no 'extra field') containing the file's MIME type.
+# Check for have 8-byte name, 0-byte extra field, name "mimetype", and
+#  contents starting with "application/":
+>26	string		\x8\0\0\0mimetypeapplication/
+
+#  KOffice / OpenOffice & StarOffice / OpenDocument formats
+#    From: Abel Cheung <abel@oaka.org>
+
+#   KOffice (1.2 or above) formats
+#    (mimetype contains "application/vnd.kde.<SUBTYPE>")
+>>50	string	vnd.kde.		KOffice (>=1.2)
+>>>58	string	karbon			Karbon document
+>>>58	string	kchart			KChart document
+>>>58	string	kformula		KFormula document
+>>>58	string	kivio			Kivio document
+>>>58	string	kontour			Kontour document
+>>>58	string	kpresenter		KPresenter document
+>>>58	string	kspread			KSpread document
+>>>58	string	kword			KWord document
+
+#   OpenOffice formats (for OpenOffice 1.x / StarOffice 6/7)
+#    (mimetype contains "application/vnd.sun.xml.<SUBTYPE>")
+# URL:		https://en.wikipedia.org/wiki/OpenOffice.org_XML
+# reference:	http://fileformats.archiveteam.org/wiki/OpenOffice.org_XML
+>>50	string	vnd.sun.xml.		OpenOffice.org 1.x
+>>>62	string	writer			Writer
+>>>>68	byte	!0x2e			document
+!:mime	application/vnd.sun.xml.writer
+!:ext	sxw
+>>>>68	string	.template		template
+!:mime	application/vnd.sun.xml.writer.template
+!:ext	stw
+>>>>68	string	.web			Web template
+!:mime	application/vnd.sun.xml.writer.web
+!:ext	stw
+>>>>68	string	.global			global document
+!:mime	application/vnd.sun.xml.writer.global
+!:ext	sxg
+>>>62	string	calc			Calc
+>>>>66	byte	!0x2e			spreadsheet
+!:mime	application/vnd.sun.xml.calc
+!:ext	sxc
+>>>>66	string	.template		template
+!:mime	application/vnd.sun.xml.calc.template
+!:ext	stc
+>>>62	string	draw			Draw
+>>>>66	byte	!0x2e			document
+!:mime	application/vnd.sun.xml.draw
+!:ext	sxd
+>>>>66	string	.template		template
+!:mime	application/vnd.sun.xml.draw.template
+!:ext	std
+>>>62	string	impress			Impress
+>>>>69	byte	!0x2e			presentation
+!:mime	application/vnd.sun.xml.impress
+!:ext	sxi
+>>>>69	string	.template		template
+!:mime	application/vnd.sun.xml.impress.template
+!:ext	sti
+>>>62	string	math			Math document
+!:mime	application/vnd.sun.xml.math
+!:ext	sxm
+>>>62	string	base			Database file
+!:mime	application/vnd.sun.xml.base
+!:ext	sdb
+
+# URL:	https://wiki.openoffice.org/wiki/Documentation/DevGuide/Extensions/File_Format
+# From:	Joerg Jenderek
+# Note:	only few OXT samples are detected here by mimetype member
+#	is used by OpenOffice and LibreOffice and probably also NeoOffice
+#	verified by `unzip -Zv *.oxt` or `7z l -slt *.oxt`
+>>50	string	vnd.openofficeorg.		OpenOffice
+>>>68	string	extension			\b/LibreOffice Extension
+# http://extension.nirsoft.net/oxt
+!:mime	application/vnd.openofficeorg.extension
+# like: Gallery-Puzzle.2.1.0.1.oxt
+!:ext	oxt
+
+#   OpenDocument formats (for OpenOffice 2.x / StarOffice >= 8)
+#   URL: http://fileformats.archiveteam.org/wiki/OpenDocument
+#    https://lists.oasis-open.org/archives/office/200505/msg00006.html
+#    (mimetype contains "application/vnd.oasis.opendocument.<SUBTYPE>")
+>>50	string	vnd.oasis.opendocument.	OpenDocument
+>>>73	string	text
+>>>>77	byte	!0x2d			Text
+!:mime	application/vnd.oasis.opendocument.text
+!:ext	odt
+>>>>77	string	-template		Text Template
+!:mime	application/vnd.oasis.opendocument.text-template
+!:ext	ott
+>>>>77	string	-web			HTML Document Template
+!:mime	application/vnd.oasis.opendocument.text-web
+!:ext	oth
+>>>>77	string	-master
+>>>>>84	byte	!0x2d			Master Document
+!:mime	application/vnd.oasis.opendocument.text-master
+!:ext	odm
+>>>>>84	string	-template		Master Template
+!:mime	application/vnd.oasis.opendocument.text-master-template
+!:ext	otm
+>>>73	string	graphics
+>>>>81	byte	!0x2d			Drawing
+!:mime	application/vnd.oasis.opendocument.graphics
+!:ext	odg
+>>>>81	string	-template		Drawing Template
+!:mime	application/vnd.oasis.opendocument.graphics-template
+!:ext	otg
+>>>73	string	presentation
+>>>>85	byte	!0x2d			Presentation
+!:mime	application/vnd.oasis.opendocument.presentation
+!:ext	odp
+>>>>85	string	-template		Presentation Template
+!:mime	application/vnd.oasis.opendocument.presentation-template
+!:ext	otp
+>>>73	string	spreadsheet
+>>>>84	byte	!0x2d			Spreadsheet
+!:mime	application/vnd.oasis.opendocument.spreadsheet
+!:ext	ods
+>>>>84	string	-template		Spreadsheet Template
+!:mime	application/vnd.oasis.opendocument.spreadsheet-template
+!:ext	ots
+>>>73	string	chart
+>>>>78	byte	!0x2d			Chart
+!:mime	application/vnd.oasis.opendocument.chart
+!:ext	odc
+>>>>78	string	-template		Chart Template
+!:mime	application/vnd.oasis.opendocument.chart-template
+!:ext	otc
+>>>73	string	formula
+>>>>80	byte	!0x2d			Formula
+!:mime	application/vnd.oasis.opendocument.formula
+!:ext	odf
+>>>>80	string	-template		Formula Template
+!:mime	application/vnd.oasis.opendocument.formula-template
+!:ext	otf
+# https://www.loc.gov/preservation/digital/formats/fdd/fdd000441.shtml
+>>>73	string	database		Database
+!:mime	application/vnd.oasis.opendocument.database
+!:ext	odb
+# Valid for LibreOffice Base 6.0.1.1 at least
+>>>73	string	base 			Database
+# https://bugs.documentfoundation.org/show_bug.cgi?id=45854
+!:mime	application/vnd.oasis.opendocument.base
+!:ext	odb
+>>>73	string	image
+>>>>78	byte	!0x2d			Image
+!:mime	application/vnd.oasis.opendocument.image
+!:ext	odi
+>>>>78	string	-template		Image Template
+!:mime	application/vnd.oasis.opendocument.image-template
+!:ext	oti
+
+#  EPUB (OEBPS) books using OCF (OEBPS Container Format)
+#    https://www.idpf.org/ocf/ocf1.0/download/ocf10.htm, section 4.
+#    From: Ralf Brown <ralf.brown@gmail.com>
+>>50	string	epub+zip	EPUB document
+!:mime application/epub+zip
+
+# From: Hajin Jang <jb6804@naver.com>
+# hwpx (OWPML) document format follows OCF specification.
+# Hangul Word Processor 2010+ supports HWPX format.
+# URL: https://www.hancom.com/etc/hwpDownload.do
+#      https://standard.go.kr/KSCI/standardIntro/getStandardSearchView.do?menuId=503&topMenuId=502&ksNo=KSX6101
+#      https://e-ks.kr/streamdocs/view/sd;streamdocsId=72059197557727331
+>>50	string	hwp+zip     Hancom HWP (Hangul Word Processor) file, HWPX
+!:mime application/x-hwp+zip
+!:ext	hwpx
+
+# From:	Joerg Jenderek
+# URL:	http://en.wikipedia.org/wiki/CorelDRAW
+# NOTE:	version; til 2 WL-based; from 3 til 13 by ./riff; from 14 zip based
+>>50	string	x-vnd.corel.	 Corel
+>>>62	string	draw.document+zip	Draw drawing, version 14-16
+!:mime	application/x-vnd.corel.draw.document+zip
+!:ext	cdr
+>>>62	string	draw.template+zip	Draw template, version 14-16
+!:mime	application/x-vnd.corel.draw.template+zip
+!:ext	cdrt
+>>>62	string	zcf.draw.document+zip	Draw drawing, version 17-22
+!:mime	application/x-vnd.corel.zcf.draw.document+zip
+!:ext	cdr
+>>>62	string	zcf.draw.template+zip	Draw template, version 17-22
+!:mime	application/x-vnd.corel.zcf.draw.template+zip
+!:ext	cdt/cdrt
+# URL:	http://product.corel.com/help/CorelDRAW/540240626/Main/EN/Doc/CorelDRAW-Other-file-formats.html
+>>>62	string	zcf.pattern+zip		Draw pattern, version 22
+!:mime	application/x-vnd.corel.zcf.pattern+zip
+!:ext	pat
+# URL:		https://en.wikipedia.org/wiki/Corel_Designer
+# Reference:	http://fileformats.archiveteam.org/wiki/Corel_Designer
+# Note:		called by TrID "Corel DESIGN graphics"
+>>>62	string	designer.document+zip		DESIGNER graphics, version 14-16
+!:mime	application/x-vnd.corel.designer.document+zip
+!:ext	des
+>>>62	string	zcf.designer.document+zip	DESIGNER graphics, version 17-21
+!:mime	application/x-vnd.corel.zcf.designer.document+zip
+!:ext	des
+# URL:	http://product.corel.com/help/CorelDRAW/540223850/Main/EN/Documentation/
+#	CorelDRAW-Corel-Symbol-Library-CSL.html
+>>>62	string	symbol.library+zip		Symbol Library, version 6-16.3
+!:mime	application/x-vnd.corel.symbol.library+zip
+!:ext	csl
+>>>62	string	zcf.symbol.library+zip		Symbol Library, version 17-22
+!:mime	application/x-vnd.corel.zcf.symbol.library+zip
+!:ext	csl
+
+#  Catch other ZIP-with-mimetype formats
+#	In a ZIP file, the bytes immediately after a member's contents are
+#	always "PK". The 2 regex rules here print the "mimetype" member's
+#	contents up to the first 'P'. Luckily, most MIME types don't contain
+#	any capital 'P's. This is a kludge.
+#    (mimetype contains "application/<OTHER>")
+>>50		default	x			Zip data
+>>>38		regex	[!-OQ-~]+		(MIME type "%s"?)
+!:mime	application/zip
+#    (mimetype contents other than "application/*")
+>26		string	\x8\0\0\0mimetype
+>>38		string	!application/
+>>>38		regex	[!-OQ-~]+		Zip data (MIME type "%s"?)
+!:mime	application/zip
+
+# Java Jar files (see also APK files above)
+>(26.s+30)	leshort	0xcafe		Java archive data (JAR)
+!:mime	application/java-archive
+!:ext	jar
+
+# iOS App
+>(26.s+30)	leshort	!0xcafe
+>>26		string	!\x8\0\0\0mimetype
+>>>30		string	Payload/
+>>>>38		search/64       .app/   iOS App
+!:mime application/x-ios-app
+
+# Dup, see above.
+#>30	search/100/b application/epub+zip	EPUB document
+#!:mime application/epub+zip
+
+# Generic zip archives (Greg Roelofs, c/o zip-bugs@wkuvx1.wku.edu)
+#   Next line excludes specialized formats:
+>(26.s+30)	leshort	!0xcafe
+>>30	search/100/b !application/epub+zip
+>>>26    string          !\x8\0\0\0mimetype	Zip archive data
+!:mime	application/zip
+>>>>4	beshort		x			\b, at least
+>>>>4	use		zipversion
+>>>>4	beshort		x			to extract
+>>>>8	beshort		x			\b, compression method=
+>>>>8	use		zipcompression
+>>>>0x161	string		WINZIP		\b, WinZIP self-extracting
+
+# StarView Metafile
+# From Pierre Ducroquet <pinaraf@pinaraf.info>
+0	string	VCLMTF	StarView MetaFile
+>6	beshort	x	\b, version %d
+>8	belong	x	\b, size %d
+
+# Zoo archiver
+# Update: Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Zoo_(file_format)
+#		http://fileformats.archiveteam.org/wiki/Zoo
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/a/ark-zoo-strict.trid.xml
+#		http://distcache.freebsd.org/ports-distfiles/zoo-2.10pl1.tar.gz/zoo.h 
+# Note:		called "ZOO compressed archive (strict)" by TrID and "ZOO Compressed Archive" by DROID via PUID x-fmt/269 
+#		verified by command like `deark -m zoo -l -d2 WHRCGA.ZOO`
+20	lelong		0xfdc4a7dc
+# skip DROID x-fmt-269-signature-id-621.zoo by looking for valid major version to manipulate archive
+>32	byte		>0		Zoo archive data
+!:mime	application/x-zoo
+# bak is extension of backup-ed zoo
+!:ext	zoo/bak
+# version in text form like: 1.50 2.00 2.10
+>>4	byte		>48		\b, v%c.
+>>>6	byte		>47		\b%c
+>>>>7	byte		>47		\b%c
+# ZOO files typically start with "ZOO ?.?? Archive.", followed by the bytes 0x1a 0x0 0x0; not used by Zoo and they may be anything
+>>8	string		!\040Archive.\032 \b, at 8
+>>>8	string		x		text "%0.10s"
+# major_ver.minor_ver; minimum version needed to manipulate archive like: 1.0 2.0
+>>32	byte		>0		\b, modify: v%d
+>>>33	byte		x		\b.%d+
+# major_ver.minor_ver; minimum version needed to extract after modify like in old versions
+>>(24.l+28)	ubyte	x		\b, extract: v%u
+>>(24.l+29)	ubyte	x		\b.%u+
+# with zoo 2.00 additional fields have been added in the archive header
+>>32	byte		>1
+# type; type of archive header like: 1 2
+>>>34		ubyte	!1		\b, header type %u
+# acmt_pos; position of archive comment like: 6258 30599 61369 149501
+>>>35		lelong	>0		\b, at %d
+# acmt_len; length of archive comment like: 258
+>>>>39			uleshort x	%u bytes comment
+#>>>>(35.l)		ubequad	x	COMMENT=%16.16llx
+# 1st character of comment maybe is CarriageReturn (0x0d)
+>>>>(35.l) 		ubyte	<040
+# 2nd character of comment maybe is LineFeed (0x0a)
+>>>>>(35.l+1) 		ubyte	<040
+# comment string after CRLF like "Anonymous ftp site garbo.uwasa.fi 128.214.87.1 moderated by"
+>>>>>>(35.l+2)		string	x	%s
+# next character of remaining comment maybe is CarriageReturn (0x0d)
+>>>>>>>&0		ubyte	<040
+>>>>>>>>&0		ubyte	<040
+# 2nd comment part like: Timo Salmi ts@chyde.uwasa.fi      PC directories and uploads\015\012Harri Valkama hv@chyde.uwasa.fi   PC, Mac, Unix files, and upload
+>>>>>>>>>&0		string	>037	%s
+# vdata; archive-level versioning byte like: 1 3
+>>>41		ubyte	!1		\b, vdata %#x
+# zoo_start; pointer to 1st entry header 
+>>24	lelong		x		\b; at %u
+# zoo_minus; zoo_start -1 for consistency checking
+#>>28	lelong		x		\b, zoo_minus %#x
+# zoo_tag; tag for check
+#>>(24.l+0) ulelong	!0xfdc4a7dc	\b, zoo_tag=%8.8x
+# type; type of directory entry like: 1 2
+>>(24.l+4)	ubyte	!2		type=%u
+# packing_method; 0~no packing 1~normal LZW 2~lzh
+>>(24.l+5)	ubyte		x	method=
+>>>(24.l+5)	ubyte		0	\bnot-compressed
+>>>(24.l+5)	ubyte		1	\blzd
+>>>(24.l+5)	ubyte		2	\blzh
+# next; position of next directory entry
+>>(24.l+6)	ulelong		x	\b, next entry at %u
+# offset; position of file data for this entry
+#>>(24.l+10) ulelong		x	\b, data at %u
+# file_crc; CRC-16 of file data
+>>(24.l+18)	uleshort	x	\b, CRC %#4.4x
+# comment; zero if none or points to entry comment like ADD9h (WHRCGA.ZOO)
+>>(24.l+32)	lelong		>0	\b, at %#x
+# cmt_size; if not 0 for none then length of entry comment like: 46
+>>>(24.l+36)	uleshort	>0	%u bytes comment
+# entry comment itself like: "CGA .GL file showing menu input from keyboard"
+>>>>(&-6.l)	string		x	"%s"
+# org_size; original size of file
+>>(24.l+20)	ulelong		x	\b, size %u
+# size_now; compressed size of file
+>>(24.l+24)	ulelong		x	(%u compressed)
+# major_ver.minor_ver; minimum version needed to extract already done
+# deleted; will be 1 if deleted, 0 if not
+>>(24.l+30)	ubyte		=1	\b, deleted
+# struc; file structure if any; WHAT IS THAT?
+>>(24.l+31)	ubyte		!0	\b, structured
+# fname[13]; short/DOS file name like 12345678.012
+>>(24.l+38)	string	x		\b, %0.13s
+# for directory entry type 2 with variable part
+>>(24.l+4)	ubyte	=2
+# var_dir_len; length of variable part of dir entry
+>>>(24.l+51)		uleshort >0
+#>>>(24.l+51)		uleshort >0	\b, variable part length %u
+# namlen; length of long filename
+#>>>>(24.l+56)		ubyte	x	\b, namlen %u
+# dirlen; length of directory name
+#>>>>(24.l+57)		ubyte	x	\b, dirlen %u
+# if file length positive then show long file name
+>>>>(24.l+56)		ubyte	>0
+# lfname[256]; long file name \0-terminated
+>>>>>(24.l+58)		string	x	"%s"
+# if directory length positive then jump before file name field and then jump this addtional length plus 2 (\0-terminator + dirlen field) to following directory name
+>>>>(24.l+57)		ubyte	>0
+>>>>>(24.l+55)		ubyte	x
+# dirname[256]; directory name \0-terminated
+>>>>>>&(&0.b+2)		string	x	in "%s"
+# dir_crc; CRC of directory entry
+#>>>(24.l+54)		uleshort x	\b, entry CRC %#4.4x
+# tz; timezone where file was archived; 7Fh~unknown 4~1.00hoursWestOfUTC 12 16 20~5.00hoursWestOfUTC -107~26.75hoursEastOfUTC -4~1.00hoursEastOfUTC
+>>>(24.l+53)		byte	!0x7f	\b, time zone %d/4
+# date; last mod file date in DOS format
+>>>(24.l+14)		lemsdosdate x	\b, modified %s
+# time; last mod file time in DOS format
+>>>(24.l+16)		lemsdostime x	%s
+
+# Shell archives
+10	string		#\ This\ is\ a\ shell\ archive	shell archive text
+!:mime	application/octet-stream
+
+#
+# LBR. NB: May conflict with the questionable
+#          "binary Computer Graphics Metafile" format.
+#
+0       string  \0\ \ \ \ \ \ \ \ \ \ \ \0\0    LBR archive data
+#
+# PMA (CP/M derivative of LHA)
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/LHA_(file_format)
+#
+#2       string          -pm0-           PMarc archive data [pm0]
+2	string		-pm0-
+>0	use	lharc-file
+#2       string          -pm1-           PMarc archive data [pm1]
+2	string		-pm1-
+>0	use	lharc-file
+#2       string          -pm2-           PMarc archive data [pm2]
+2	string		-pm2-
+>0	use	lharc-file
+2       string          -pms-           PMarc SFX archive (CP/M, DOS)
+#!:mime	application/x-foobar-exec
+!:ext com
+5       string          -pc1-           PopCom compressed executable (CP/M)
+#!:mime	application/x-
+#!:ext com
+
+# From Rafael Laboissiere <rafael@laboissiere.net>
+# The Project Revision Control System (see
+# http://prcs.sourceforge.net) generates a packaged project
+# file which is recognized by the following entry:
+0	leshort		0xeb81	PRCS packaged project
+
+# Microsoft cabinets
+# by David Necas (Yeti) <yeti@physics.muni.cz>
+#0	string	MSCF\0\0\0\0	Microsoft cabinet file data,
+#>25	byte	x		v%d
+#>24	byte	x		\b.%d
+# MPi: All CABs have version 1.3, so this is pointless.
+# Better magic in debian-additions.
+
+# GTKtalog catalogs
+# by David Necas (Yeti) <yeti@physics.muni.cz>
+4	string	gtktalog\ 	GTKtalog catalog data,
+>13	string	3		version 3
+>>14	beshort	0x677a		(gzipped)
+>>14	beshort	!0x677a		(not gzipped)
+>13	string	>3		version %s
+
+############################################################################
+# Parity archive reconstruction file, the 'par' file format now used on Usenet.
+0       string          PAR\0	PARity archive data
+>48	leshort		=0	- Index file
+>48	leshort		>0	- file number %d
+
+# Felix von Leitner <felix-file@fefe.de>
+0	string	d8:announce	BitTorrent file
+!:mime	application/x-bittorrent
+!:ext	torrent
+# Durval Menezes, <jmgthbfile at durval dot com>
+0	string	d13:announce-list	BitTorrent file
+!:mime	application/x-bittorrent
+!:ext	torrent
+0	string	d7:comment	BitTorrent file
+!:mime	application/x-bittorrent
+!:ext	torrent
+0	string	d4:info		BitTorrent file
+!:mime	application/x-bittorrent
+!:ext	torrent
+
+# Atari MSA archive - Teemu Hukkanen <tjhukkan@iki.fi>
+# URL:		http://fileformats.archiveteam.org/wiki/MSA_(Magic_Shadow_Archiver)
+# Reference:	http://info-coach.fr/atari/documents/_mydoc/FD_Image_File_Format.pdf
+#		http://mark0.net/download/triddefs_xml.7z/defs/m/msa.trid.xml
+# Update:	Joerg Jenderek
+# Note:		called by TrID "Atari MSA Disk Image" and verified by
+#		command like `deark -l -m msa -d2 PDATS578.msa` as " Atari ST floppy disk image"
+# GRR: line below is too general as it matches setup.skin
+0	beshort 0x0e0f
+# skip foo setup.skin with unrealistic high number 52255 of sides by check for valid "low" value
+>4	ubeshort <2		Atari MSA archive data
+#!:mime	application/octet-stream
+!:mime	application/x-atari-msa
+!:ext	msa
+# sectors per track like: 9 10
+>>2	beshort x		\b, %d sectors per track
+# sides (0 or 1; add 1 to this to get correct number of sides)
+>>4	beshort 0		\b, 1 sided
+>>4	beshort 1		\b, 2 sided
+# starting track like: 0
+>>6	beshort x		\b, starting track: %d
+# ending track like: 39 79 80 81
+>>8	beshort x		\b, ending track: %d
+# tracks content
+#>>10	ubequad x		\b, track content %#16.16llx
+
+# Alternate ZIP string (amc@arwen.cs.berkeley.edu)
+0	string	PK00PK\003\004	Zip archive data
+!:mime	application/zip
+!:ext zip/cbz
+
+# Recognize ZIP archives with prepended data by end-of-central-directory record
+# https://en.wikipedia.org/wiki/ZIP_(file_format)#End_of_central_directory_record_(EOCD)
+# by Michal Gorny <mgorny@gentoo.org>
+-2	uleshort	0
+>&-22	string	PK\005\006
+# without #!
+>>0	string	!#!	Zip archive, with extra data prepended
+!:mime	application/zip
+!:ext zip/cbz
+# with #!
+>>0	string/w	#!\ 	a
+>>>&-1	string/T	x	%s script executable (Zip archive)
+
+# ACE archive (from http://www.wotsit.org/download.asp?f=ace)
+# by Stefan `Sec` Zehl <sec@42.org>
+7	string		**ACE**		ACE archive data
+!:mime	application/x-ace-compressed
+!:ext	ace
+>15	byte	>0		version %d
+>16	byte	=0x00		\b, from MS-DOS
+>16	byte	=0x01		\b, from OS/2
+>16	byte	=0x02		\b, from Win/32
+>16	byte	=0x03		\b, from Unix
+>16	byte	=0x04		\b, from MacOS
+>16	byte	=0x05		\b, from WinNT
+>16	byte	=0x06		\b, from Primos
+>16	byte	=0x07		\b, from AppleGS
+>16	byte	=0x08		\b, from Atari
+>16	byte	=0x09		\b, from Vax/VMS
+>16	byte	=0x0A		\b, from Amiga
+>16	byte	=0x0B		\b, from Next
+>14	byte	x		\b, version %d to extract
+>5	leshort &0x0080		\b, multiple volumes,
+>>17	byte	x		\b (part %d),
+>5	leshort &0x0002		\b, contains comment
+>5	leshort	&0x0200		\b, sfx
+>5	leshort	&0x0400		\b, small dictionary
+>5	leshort	&0x0800		\b, multi-volume
+>5	leshort	&0x1000		\b, contains AV-String
+>>30	string	\x16*UNREGISTERED\x20VERSION*	(unregistered)
+>5	leshort &0x2000		\b, with recovery record
+>5	leshort &0x4000		\b, locked
+>5	leshort &0x8000		\b, solid
+# Date in MS-DOS format (whatever that is)
+#>18	lelong	x		Created on
+
+# sfArk : compression program for Soundfonts (sf2) by Dirk Jagdmann
+# <doj@cubic.org>
+0x1A	string	sfArk		sfArk compressed Soundfont
+>0x15	string	2
+>>0x1	string	>\0		Version %s
+>>0x2A	string	>\0		: %s
+
+# DR-DOS 7.03 Packed File *.??_
+# Reference: http://www.antonis.de/dos/dos-tuts/mpdostip/html/nwdostip.htm
+# Note:	unpacked by PNUNPACK.EXE
+0	string	Packed\ File\ 
+# by looking for Control-Z skip ASCII text starting with Packed File 
+>0x18	ubyte	0x1a		Personal NetWare Packed File
+!:mime	application/x-novell-compress
+!:ext	??_
+>>12	string	x		\b, was "%.12s"
+# 1 or 2
+#>>0x19	ubyte	x		\b, at 0x19 %u
+>>0x1b	ulelong	x		with %u bytes
+
+# EET archive
+# From: Tilman Sauerbeck <tilman@code-monkey.de>
+0	belong	0x1ee7ff00	EET archive
+!:mime	application/x-eet
+
+# rzip archives
+0	string	RZIP		rzip compressed data
+>4	byte	x		- version %d
+>5	byte	x		\b.%d
+>6	belong	x		(%d bytes)
+
+# From:		Joerg Jenderek
+# URL:		https://help.foxitsoftware.com/kb/install-fzip-file.php
+# reference:	http://mark0.net/download/triddefs_xml.7z/
+#		defs/f/fzip.trid.xml
+# Note: unknown compression; No "PK" zip magic; normally in directory like
+#	"%APPDATA%\Foxit Software\Addon\Foxit Reader\Install"
+0	ubequad	0x2506781901010000	Foxit add-on/update
+!:mime	application/x-fzip
+!:ext	fzip
+
+# From: "Robert Dale" <robdale@gmail.com>
+0	belong	123		dar archive,
+>4	belong	x		label "%.8x
+>>8	belong	x		%.8x
+>>>12	beshort	x		%.4x"
+>14	byte	0x54		end slice
+>14	beshort	0x4e4e		multi-part
+>14	beshort	0x4e53		multi-part, with -S
+
+# Symbian installation files
+#  https://www.thouky.co.uk/software/psifs/sis.html
+#  http://developer.symbian.com/main/downloads/papers/SymbianOSv91/softwareinstallsis.pdf
+8	lelong	0x10000419	Symbian installation file
+!:mime	application/vnd.symbian.install
+>4	lelong	0x1000006D	(EPOC release 3/4/5)
+>4	lelong	0x10003A12	(EPOC release 6)
+0	lelong	0x10201A7A	Symbian installation file (Symbian OS 9.x)
+!:mime	x-epoc/x-sisx-app
+
+# From "Nelson A. de Oliveira" <naoliv@gmail.com>
+0	string	MPQ\032		MoPaQ (MPQ) archive
+
+# From: "Nelson A. de Oliveira" <naoliv@gmail.com>
+# .kgb
+0	string KGB_arch		KGB Archiver file
+>10	string x		with compression level %.1s
+
+# xar (eXtensible ARchiver) archive
+# URL: https://en.wikipedia.org/wiki/Xar_(archiver)
+# xar archive format: https://code.google.com/p/xar/
+# From: "David Remahl" <dremahl@apple.com>
+# Update: Joerg Jenderek
+# TODO: lzma compression; X509Data for pkg and xip
+# Note: verified by `xar --dump-header -f FullBundleUpdate.xar` or
+# 7z t -txar Xcode_10.2_beta_4.xip`
+0	string	xar!		xar archive
+!:mime	application/x-xar
+# pkg for Mac OSX installer package like FullBundleUpdate.pkg
+# xip for signed Apple software like Xcode_10.2_beta_4.xip
+!:ext	xar/pkg/xip
+# always 28 in older archives
+>4	ubeshort >28		\b, header size %u
+# currently there exit only version 1 since about 2014
+>6	ubeshort >1		version %u,
+>8	ubequad	x		compressed TOC: %llu,
+#>16	ubequad	x		uncompressed TOC: %llu,
+# cksum_alg 0-2 in older and also 3-4 in newer
+>24	belong	0		no checksum
+>24	belong	1		SHA-1 checksum
+>24	belong	2		MD5 checksum
+>24	belong	3		SHA-256 checksum
+>24	belong	4		SHA-512 checksum
+>24	belong	>4		unknown %#x checksum
+#>24	belong	>4		checksum
+#			For no compression jump 0 bytes
+>24	belong	0
+>>0		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+#>>>>&(8.Q)	ubequad	x	\b, heap data %#llx
+>>>>&(8.Q)	ubyte	x
+# look for data by ./compress after message with 1 space at end
+>>>>>&-3	indirect x	\b, contains 
+#			For SHA-1 jump 20 minus 2 bytes
+>24	belong	1
+>>18		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+>>>>&(8.Q)	ubyte	x
+# data compressed by gzip, bzip, lzma or none
+>>>>>&-1	indirect x	\b, contains 
+#			For SHA-256 jump 32 minus 2 bytes
+>24	belong	3
+>>30		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+>>>>&(8.Q)	ubyte	x
+>>>>>&-1	indirect x	\b, contains 
+#			For SHA-512 jump 64 minus 2 bytes
+>24	belong	4
+>>62		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+>>>>&(8.Q)	ubyte	x
+>>>>>&-1	indirect x	\b, contains 
+
+# Type: Parity Archive
+# From: Daniel van Eeden <daniel_e@dds.nl>
+0	string	PAR2		Parity Archive Volume Set
+
+# Bacula volume format. (Volumes always start with a block header.)
+# URL: https://bacula.org/3.0.x-manuals/en/developers/developers/Block_Header.html
+# From: Adam Buchbinder <adam.buchbinder@gmail.com>
+12	string	BB02		Bacula volume
+>20	bedate	x		\b, started %s
+
+# ePub is XHTML + XML inside a ZIP archive.  The first member of the
+#   archive must be an uncompressed file called 'mimetype' with contents
+#   'application/epub+zip'
+
+
+# From: "Michael Gorny" <mgorny@gentoo.org>
+# ZPAQ: http://mattmahoney.net/dc/zpaq.html
+0	string	zPQ	ZPAQ stream
+>3	byte	x	\b, level %d
+# From: Barry Carter <carter.barry@gmail.com>
+# https://encode.ru/threads/456-zpaq-updates/page32
+0	string	7kSt	ZPAQ file
+
+# BBeB ebook, unencrypted (LRF format)
+# URL: https://www.sven.de/librie/Librie/LrfFormat
+# From: Adam Buchbinder <adam.buchbinder@gmail.com>
+0	string	L\0R\0F\0\0\0	BBeB ebook data, unencrypted
+>8	beshort	x		\b, version %d
+>36	byte	1		\b, front-to-back
+>36	byte	16		\b, back-to-front
+>42	beshort	x		\b, (%dx,
+>44	beshort	x		%d)
+
+# Symantec GHOST image by Joerg Jenderek at May 2014
+# https://us.norton.com/ghost/
+# https://www.garykessler.net/library/file_sigs.html
+0		ubelong&0xFFFFf7f0	0xFEEF0100	Norton GHost image
+# *.GHO
+>2		ubyte&0x08		0x00		\b, first file
+# *.GHS or *.[0-9] with cns program option
+>2		ubyte&0x08		0x08		\b, split file
+# part of split index interesting for *.ghs
+>>4		ubyte			x		id=%#x
+# compression tag minus one equals numeric compression command line switch z[1-9]
+>3		ubyte			0		\b, no compression
+>3		ubyte			2		\b, fast compression (Z1)
+>3		ubyte			3		\b, medium compression (Z2)
+>3		ubyte			>3
+>>3		ubyte			<11		\b, compression (Z%d-1)
+>2		ubyte&0x08		0x00
+# ~ 30 byte password field only for *.gho
+>>12		ubequad			!0		\b, password protected
+>>44		ubyte			!1
+# 1~Image All, sector-by-sector only for *.gho
+>>>10		ubyte			1		\b, sector copy
+# 1~Image Boot track only for *.gho
+>>>43		ubyte			1		\b, boot track
+# 1~Image Disc only for *.gho implies Image Boot track and sector copy
+>>44		ubyte			1		\b, disc sector copy
+# optional image description only *.gho
+>>0xff		string			>\0		"%-.254s"
+# look for DOS sector end sequence
+>0xE08	search/7776		\x55\xAA
+>>&-512	indirect		x		\b; contains
+
+# Google Chrome extensions
+# https://developer.chrome.com/extensions/crx
+# https://developer.chrome.com/extensions/hosting
+0	string	Cr24	Google Chrome extension
+!:mime	application/x-chrome-extension
+>4	ulong	x	\b, version %u
+
+# SeqBox - Sequenced container
+# ext: sbx, seqbox
+# Marco Pontello marcopon@gmail.com
+# reference: https://github.com/MarcoPon/SeqBox
+0	string	SBx	SeqBox,
+>3	byte	x	version %d
+
+# LyNX archive
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Lynx_archive
+# Reference:	http://ist.uwaterloo.ca/~schepers/formats/LNX.TXT
+#		http://mark0.net/download/triddefs_xml.7z/defs/a/ark-lnx.trid.xml
+# Note:		called "Lynx archive" by TrID and "Commodore C64 BASIC program" with "POKE 53280" by ./c64
+# TODO:		merge and unify with Commodore C64 BASIC program
+56	string	USE\040LYNX\040TO\040DISSOLVE\040THIS\040FILE	 LyNX archive
+# display "Lynx archive" (strength=330) before Commodore C64 BASIC program (strength=50) handled by ./c64
+#!:strength +0
+#!:mime	application/octet-stream
+!:mime	application/x-commodore-lnx
+!:ext	lnx
+# afterwards look for BASIC tokenized GOTO (89h) 10, line terminator \0, end of programm tag \0\0 and CarriageReturn
+>86		search/10	\x8910\0\0\0\r	\b,
+# for DEBUGGING
+#>>&0		string		x	STRING="%s"
+# number in ASCII of directory blocks with spaces on both sides like: 1 2 3 5
+>>&0		regex		[0-9]{1,5}	%s directory blocks
+# signature like: "*LYNX XII BY WILL CORLEY" " LYNX IX  BY WILL CORLEY" "*LYNX BY CBMCONVERT 2.0*"
+>>>&2		regex		[^\r]{1,24}	\b, signature "%s"
+# number of files in ASCII surrounded by spaces and delimited by CR like: 2 3 6 13 69 144 (maximum?)
+>>>>&1		regex		[0-9]{1,3}	\b, %s files
+
+# From: Joerg Jenderek
+# URL: https://www.acronis.com/
+# Reference: https://en.wikipedia.org/wiki/TIB_(file_format)
+# Note: only tested with True Image 2013 Build 5962 and 2019 Build 14110
+0	ubequad		0xce24b9a220000000	Acronis True Image backup
+!:mime	application/x-acronis-tib
+!:ext	tib
+# 01000000
+#>20	ubelong		x			\b, at 20 %#x
+# 20000000
+#>28	ubelong		x			\b, at 28 %#x
+# strings like "Generic- SD/MMC 1.00" "Unknown Disk" "Msft Virtual Disk 1.0"
+# ???
+# strings like "\Device\0000011e" "\Device\0000015a"
+#>0	search/0x6852300/cs	\\Device\\
+#>>&-1	pstring		x			\b, %s
+# "\Device\HarddiskVolume30" "\Device\HarddiskVolume39"
+#>>>&1	search/180/cs	\\Device\\
+#>>>>&-1	pstring		x			\b, %s
+#>>>>>&0	search/29/cs	\0\0\xc8\0
+# disk label
+#>>>>>>&10	lestring16	x		\b, disk label %11.11s
+#>>>>>>&9	plestring16	x		\b, disk label "%11.11s"
+#>>>>>>&10	ubequad	x			%16.16llx
+
+
+# Gentoo XPAK binary package
+# by Michal Gorny <mgorny@gentoo.org>
+# https://gitweb.gentoo.org/proj/portage.git/tree/man/xpak.5
+-4	string	STOP
+>-16	string	XPAKSTOP	Gentoo binary package (XPAK)
+!:mime	application/vnd.gentoo.xpak
+
+# From:		Joerg Jenderek
+# URL:		https://kodi.wiki/view/TexturePacker
+# Reference:	https://mirrors.kodi.tv/releases/source/17.3-Krypton.tar.gz
+# /xbmc-Krypton/xbmc/guilib/XBTF.h
+# /xbmc-Krypton/xbmc/guilib/XBTF.cpp 
+0	string	XBTF
+# skip ASCII text by looking for terminating \0 of path
+>264	ubyte	0		XBMC texture package
+!:mime	application/x-xbmc-xbt
+!:ext	xbt
+# XBTF_VERSION 2
+>>4	string	!2		\b, version %-.1s
+# nofFiles /xbmc-Krypton/xbmc/guilib/XBTFReader.cpp
+>>5	ulelong	x		\b, %u file
+# plural s
+>>5	ulelong	>1		\bs
+# path[CXBTFFile[MaximumPathLength=256]
+>>9	string	x		\b, 1st %s
+
+# ALZIP archive
+# by Hyungjun Park <hyungjun.park@worksmobile.com>, Hajin Jang <hajin_jang@worksmobile.com>
+# http://kippler.com/win/unalz/
+# https://salsa.debian.org/l10n-korean-team/unalz
+0	string	ALZ\001		ALZ archive data
+!:ext   alz
+
+# https://cf-aldn.altools.co.kr/setup/EGG_Specification.zip
+0	string	EGGA		EGG archive data,
+!:ext   egg
+>5	byte	x		version %u
+>4	byte	x		\b.%u
+>>0x0E	ulelong	=0x08E28222
+>>0x0E	ulelong	=0x24F5A262	\b, split
+>>0x0E	ulelong	=0x24E5A060	\b, solid
+>>0x0E	default	x		\b, unknown
+
+# PAQ9A archive
+# URL: http://mattmahoney.net/dc/#paq9a
+# Note: Line 1186 of paq9a.cpp gives the magic bytes
+0	string	pQ9\001		PAQ9A archive
+
+# From wof (wof@stachelkaktus.net)
+0	string	Unison\ archive\ format	Unison archive format
+
+# https://ankiweb.net
+30	string	collection.anki2	Anki APKG file
+#!:ext	.apkg
+
+# Synology archive (DiskStation Manager 7.0+)
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# Note: These archives are signed and encrypted.
+0		ulelong&0xFFFFFF00	0xEFBEAD00
+# MessagePack header (fixarray of 5 elements starting with a bin of 32 bytes)
+>8  	ulelong&0x00FFFFFF	0x20C495	Synology archive
+!:ext	spk
+# Extract some properties from MessagePack third item
+>>43	search/0x10000		package=
+>>>&0	string				x			\b, package %s
+>>43	search/0x10000		arch=
+>>>&0	string				x			%s
+>>43	search/0x10000		version=
+>>>&0	string				x			%s
+>>43	search/0x10000		create_time=
+>>>&0	string				x			\b, created on %s
+
+# MonoGame/XNA processed assets archive
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://github.com/MonoGame/MonoGame/blob/v3.8.1/MonoGame.Framework/Content/ContentManager.cs
+0	string	XNB
+# XNB must be version 4 or 5
+>4	byte	<6
+>>4	byte	>3
+# Size must be positive
+>>>6	lelong	>0	MonoGame/XNA processed assets
+!:ext	xnb
+>>>>3	string	=w	\b, for Windows
+>>>>3	string	=x	\b, for Xbox360
+>>>>3	string	=i	\b, for iOS
+>>>>3	string	=a	\b, for Android
+>>>>3	string	=d	\b, for DesktopGL
+>>>>3	string	=X	\b, for MacOSX
+>>>>3	string	=W	\b, for WindowsStoreApp
+>>>>3	string	=n	\b, for NativeClient
+>>>>3	string	=M	\b, for WindowsPhone8
+>>>>3	string	=r	\b, for RaspberryPi
+>>>>3	string	=P	\b, for PlayStation4
+>>>>3	string	=5	\b, for PlayStation5
+>>>>3	string	=O	\b, for XboxOne
+>>>>3	string	=S	\b, for Nintendo Switch
+>>>>3	string	=G	\b, for Google Stadia
+>>>>3	string	=b	\b, for WebAssembly and Bridge.NET
+>>>>3	string	=m	\b, for WindowsPhone7.0 (XNA)
+>>>>3	string	=p	\b, for PlayStationMobile
+>>>>3	string	=v	\b, for PSVita
+>>>>3	string	=g	\b, for Windows (OpenGL)
+>>>>3	string	=l	\b, for Linux
+>>>>4	byte	x	\b, version %d
+>>>>5	byte	&0x80	\b, LZX compressed
+>>>>>10	lelong	x	\b, decompressed size: %d bytes
+>>>>5	byte	&0x40	\b, LZ4 compressed
+>>>>>10	lelong	x	\b, decompressed size: %d bytes
+
+# Electron ASAR archive
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://github.com/electron/asar
+0		ulelong	4
+# Match JSON header start and end
+>16		string	{"files":{"
+>>(12.l+12)	string }}}}		Electron ASAR archive
+!:ext	asar
+>>>12		ulelong	x		\b, header length: %d bytes
diff --git a/magic/Magdir/aria b/magic/Magdir/aria
new file mode 100644
index 0000000..c3a6bf5
--- /dev/null
+++ b/magic/Magdir/aria
@@ -0,0 +1,38 @@
+
+#------------------------------------------------------------------------------
+# URL: 		https://de.wikipedia.org/wiki/Aria_(Software)
+# Reference:	https://github.com/aria2/aria2/blob/master/doc/manual-src/en/technical-notes.rst
+# From:		Joerg Jenderek
+# Note:		only version 1 suited
+# check for valid version one
+0		beshort		0x0001
+# skip most uncompressed DEGAS med-res bitmap *.PI2 and GEM bitmap (v1) *.IMG
+# by test for valid infoHashCheck extension
+>2		ubelong&0xffFFffFE	0x00000000
+# skip DEGAS med-res bitmap DIAGRAM1.PI2 by test for valid length of download
+>>(6.L+14)	ubequad			>0
+>>>0	use     aria
+0	name	aria
+# version; (0x0000) or (0x0001); for 0 all multi-byte are in host byte order. For 1 big endian
+>0	beshort		x	aria2 control file, version %u
+#!:mime	application/octet-stream
+!:mime	application/x-aria
+!:ext	aria2
+# EXTension; if EXT[3]&1 == 1 checks whether saved InfoHash and current downloading the same; infoHashCheck extension
+>2		ubelong		!0	\b, infoHashCheck %#x
+# info hash length like: 0 14h
+>6		ubelong		!0	\b, %#x bytes info hash
+# info hash; BitTorrent InfoHash
+>>10		ubequad		x	%#16.16llx...
+# piece length; the length of the piece like: 400h 100000h
+>(6.L+10)	ubelong		x	\b, piece length 0x%x
+# total length; the total length of the download
+>(6.L+14)	ubequad		x	\b, total length %llu
+#>(6.L+14)	ubequad		x	\b, total length %#llx
+# upload length; the uploaded length of download like: 0 400h
+>(6.L+22)	ubequad		!0	\b, upload length %#llx
+# bitfield length; the length of bitfield like: 4 6 Ah 10h 13h 167h
+>(6.L+30)	ubelong		x	\b, %#x bytes bitfield
+# bitfield; bitfield which represents current download progress
+>(6.L+34)	ubequad		!0	%#llx...
+
diff --git a/magic/Magdir/arm b/magic/Magdir/arm
new file mode 100644
index 0000000..c514320
--- /dev/null
+++ b/magic/Magdir/arm
@@ -0,0 +1,50 @@
+#------------------------------------------------------------------------------
+# $File: arm,v 1.3 2022/10/31 14:35:39 christos Exp $
+# arm: file(1) magic for ARM COFF
+#
+# https://docs.microsoft.com/en-us/windows/win32/debug/pe-format
+
+# Aarch64
+0	leshort		0xaa64
+# test for unused flag bits in f_flags
+>18	uleshort&0x8E80	0
+# use little endian variant of subroutine to
+# display name+variables+flags for common object formatted files
+>>0	use				display-coff
+!:strength -10
+
+# ARM
+0	leshort		0x01c0
+# test for unused flag bits in f_flags
+>18	uleshort&0x8E80	0
+# use little endian variant of subroutine to
+# display name+variables+flags for common object formatted files
+>>0	use				display-coff
+!:strength -10
+
+# ARM Thumb
+0	leshort		0x01c2
+# test for unused flag bits in f_flags
+>18	uleshort&0x8E80	0
+# use little endian variant of subroutine to
+# display name+variables+flags for common object formatted files
+>>0	use				display-coff
+!:strength -10
+
+# ARMv7 Thumb
+0	leshort		0x01c4
+# test for unused flag bits in f_flags
+>18	uleshort&0x8E80	0
+# use little endian variant of subroutine to
+# display name+variables+flags for common object formatted files
+>>0	use				display-coff
+!:strength -10
+
+# ARM64EC
+0	leshort		0xa641
+# test for unused flag bits in f_flags
+>18	uleshort&0x8E80	0
+# use little endian variant of subroutine to
+# display name+variables+flags for common object formatted files
+>>0	use				display-coff
+!:strength -10
diff --git a/magic/Magdir/asf b/magic/Magdir/asf
new file mode 100644
index 0000000..744a0af
--- /dev/null
+++ b/magic/Magdir/asf
@@ -0,0 +1,132 @@
+
+#------------------------------------------------------------------------------
+# $File: asf,v 1.4 2022/10/31 13:22:26 christos Exp $
+# asf:  file(1) magic for Microsoft Advanced Systems Format (ASF) files
+# http://www.staroceans.org/e-book/ASF_Specification.pdf
+
+0	name	asf-name
+# ASF_Data_Object
+#>0	guid	75B22636-668E-11CF-A6D9-00AA0062CE6C
+#>16	lequad	>0
+#>>(16.q)	use	asf-object
+# ASF_Simple_Index_Object
+>0	guid	33000890-E5B1-11CF-89F4-00A0C90349CB
+>0	guid	D6E229D3-35DA-11D1-9034-00A0C90349BE ASF_Index_Object
+>0	guid	FEB103F8-12AD-4C64-840F-2A1D2F7AD48C ASF_Media_Object_Index_Object
+>0	guid	3CB73FD0-0C4A-4803-953D-EDF7B6228F0C ASF_Timecode_Index_Object
+
+# ASF_File_Properties_Object
+>0	guid	8CABDCA1-A947-11CF-8EE4-00C00C205365 
+
+# ASF_Stream_Properties_Object
+>0	guid	B7DC0791-A9B7-11CF-8EE6-00C00C205365
+#>>56	lequad	x		Time Offset %lld
+#>>64	lelong	x		Type-Specific Data Length %d
+#>>68	lelong	x		Error Correction Data Length %d
+#>>72	leshort	x		Flags %#x
+#>>74	lelong	x		Reserved %x
+# ASF_Audio_Media
+>>24	guid	F8699E40-5B4D-11CF-A8FD-00805F5C442B \b, Audio Media (
+>>>78	leshort	x	\bCodec Id %d
+>>>80	leshort	x	\b, Number of channels %d
+>>>82	lelong	x	\b, Samples Per Second %d
+>>>86	lelong	x	\b, Average Number of Bytes Per Second %d
+>>>90	lelong	x	\b, Block Alignment %d
+>>>94	leshort	x	\b, Bits Per Sample %d
+# ASF_Video_Media
+>>24	guid	BC19EFC0-5B4D-11CF-A8FD-00805F5C442B \b, Video Media (
+>>>78	lelong	x	\bEncoded Image Width %d
+>>>82	lelong	x	\b, Encoded Image Height %d
+#>>>85	leshort	x	\b, Format Data Size %x
+>>>93	lelong	x	\b, Image Width %d
+>>>97	lelong	x	\b, Image Height %d
+#>>>101	leshort	x	\b, Reserved %#x
+>>>103	leshort	x	\b, Bits Per Pixel Count %d
+#>>>105	lelong	x 	\b, Compression ID %d
+#>>>109	lelong	x	\b, Image Size %d
+#>>>113	lelong	x	\b, Horizontal Pixels Per Meter %d
+#>>>117	lelong	x	\b, Vertical Pixels Per Meter %d
+#>>>121	lelong	x	\b, Colors Used Count %d
+#>>>125	lelong	x	\b, Important Colors Count %d
+>>0	lelong	x	\b, Error correction type
+>>40	use	asf-name 
+>>0	lelong	x	\b)
+#ASF_Header_Extension_Object
+>0	guid	5FBF03B5-A92E-11CF-8EE3-00C00C205365
+# ASF_Codec_List_Object
+>0	guid	86D15240-311D-11D0-A3A4-00A0C90348F6
+>0	guid	1EFB1A30-0B62-11D0-A39B-00A0C90348F6 ASF_Script_Command_Object
+>0	guid	F487CD01-A951-11CF-8EE6-00C00C205365 ASF_Marker_Object
+>0	guid	D6E229DC-35DA-11D1-9034-00A0C90349BE ASF_Bitrate_Mutual_Exclusion_Object
+>0	guid	75B22635-668E-11CF-A6D9-00AA0062CE6C ASF_Error_Correction_Object
+# ASF_Content_Description_Object
+>0	guid	75B22633-668E-11CF-A6D9-00AA0062CE6C
+#>>24	leshort	title length %d
+#>>26	leshort	author length %d
+#>>28	leshort	copyright length %d
+#>>30	leshort	descriptor length %d
+#>>32	leshort	rating length %d
+>0	guid	D2D0A440-E307-11D2-97F0-00A0C95EA850 ASF_Extended_Content_Description_Object
+>0	guid	2211B3FA-BD23-11D2-B4B7-00A0C955FC6E ASF_Content_Branding_Object
+>0	guid	7BF875CE-468D-11D1-8D82-006097C9A2B2 ASF_Stream_Bitrate_Properties_Object
+>0	guid	2211B3FB-BD23-11D2-B4B7-00A0C955FC6E ASF_Content_Encryption_Object
+>0	guid	298AE614-2622-4C17-B935-DAE07EE9289C ASF_Extended_Content_Encryption_Object
+>0	guid	2211B3FC-BD23-11D2-B4B7-00A0C955FC6E ASF_Digital_Signature_Object
+# ASF_Padding_Object
+>0	guid	1806D474-CADF-4509-A4BA-9AABCB96AAE8
+>0	guid	14E6A5CB-C672-4332-8399-A96952065B5A ASF_Extended_Stream_Properties_Object
+>0	guid	A08649CF-4775-4670-8A16-6E35357566CD ASF_Advanced_Mutual_Exclusion_Object
+>0	guid	D1465A40-5A79-4338-B71B-E36B8FD6C249 ASF_Group_Mutual_Exclusion_Object
+>0	guid	D4FED15B-88D3-454F-81F0-ED5C45999E24 ASF_Stream_Prioritization_Object
+>0	guid	A69609E6-517B-11D2-B6AF-00C04FD908E9 ASF_Bandwidth_Sharing_Object
+>0	guid	7C4346A9-EFE0-4BFC-B229-393EDE415C85 ASF_Language_List_Object
+>0	guid	C5F8CBEA-5BAF-4877-8467-AA8C44FA4CCA ASF_Metadata_Object
+>0	guid	44231C94-9498-49D1-A141-1D134E457054 ASF_Metadata_Library_Object
+>0	guid	D6E229DF-35DA-11D1-9034-00A0C90349BE ASF_Index_Parameters_Object
+>0	guid	6B203BAD-3F11-48E4-ACA8-D7613DE2CFA7 ASF_Media_Object_Index_Parameters_Object
+>0	guid	F55E496D-9797-4B5D-8C8B-604DFE9BFB24 ASF_Timecode_Index_Parameters_Object
+>0	guid	26F18B5D-4584-47EC-9F5F-0E651F0452C9 ASF_Compatibility_Object
+>0	guid	43058533-6981-49E6-9B74-AD12CB86D58C ASF_Advanced_Content_Encryption_Object
+>0	guid	59DACFC0-59E6-11D0-A3AC-00A0C90348F6 ASF_Command_Media
+>0	guid	B61BE100-5B4E-11CF-A8FD-00805F5C442B ASF_JFIF_Media
+>0	guid	35907DE0-E415-11CF-A917-00805F5C442B ASF_Degradable_JPEG_Media
+>0	guid	91BD222C-F21C-497A-8B6D-5AA86BFC0185 ASF_File_Transfer_Media
+>0	guid	3AFB65E2-47EF-40F2-AC2C-70A90D71D343 ASF_Binary_Media
+>0	guid	776257D4-C627-41CB-8F81-7AC7FF1C40CC ASF_Web_Stream_Media_Subtype
+>0	guid	DA1E6B13-8359-4050-B398-388E965BF00C ASF_Web_Stream_Format
+>0	guid	20FB5700-5B55-11CF-A8FD-00805F5C442B ASF_No_Error_Correction
+>0	guid	BFC3CD50-618F-11CF-8BB2-00AA00B4E220 ASF_Audio_Spread
+>0	guid	ABD3D211-A9BA-11cf-8EE6-00C00C205365 ASF_Reserved_1
+>0	guid	7A079BB6-DAA4-4e12-A5CA-91D38DC11A8D ASF_Content_Encryption_System_Windows_Media_DRM
+# _Network_Devices
+>0	guid	86D15241-311D-11D0-A3A4-00A0C90348F6 ASF_Reserved_2
+>0	guid	4B1ACBE3-100B-11D0-A39B-00A0C90348F6 ASF_Reserved_3
+>0	guid	4CFEDB20-75F6-11CF-9C0F-00A0C90349CB ASF_Reserved_4
+>0	guid	D6E22A00-35DA-11D1-9034-00A0C90349BE ASF_Mutex_Language
+>0	guid	D6E22A01-35DA-11D1-9034-00A0C90349BE ASF_Mutex_Bitrate
+>0	guid	D6E22A02-35DA-11D1-9034-00A0C90349BE ASF_Mutex_Unknown
+>0	guid	AF6060AA-5197-11D2-B6AF-00C04FD908E9 ASF_Bandwidth_Sharing_Exclusive
+>0	guid	AF6060AB-5197-11D2-B6AF-00C04FD908E9 ASF_Bandwidth_Sharing_Partial
+>0	guid	399595EC-8667-4E2D-8FDB-98814CE76C1E ASF_Payload_Extension_System_Timecode
+>0	guid	E165EC0E-19ED-45D7-B4A7-25CBD1E28E9B ASF_Payload_Extension_System_File_Name
+>0	guid	D590DC20-07BC-436C-9CF7-F3BBFBF1A4DC ASF_Payload_Extension_System_Content_Type
+>0	guid	1B1EE554-F9EA-4BC8-821A-376B74E4C4B8 ASF_Payload_Extension_System_Pixel_Aspect_Ratio
+>0	guid	C6BD9450-867F-4907-83A3-C77921B733AD ASF_Payload_Extension_System_Sample_Duration
+>0	guid	6698B84E-0AFA-4330-AEB2-1C0A98D7A44D ASF_Payload_Extension_System_Encryption_Sample_ID
+>0	guid	00E1AF06-7BEC-11D1-A582-00C04FC29CFB ASF_Payload_Extension_System_Degradable_JPEG
+
+0	name	asf-object
+>0	use	asf-name
+#>>16	lequad	>0					(size %lld) [
+>>16	lequad	>0
+>>>(16.q)	use	asf-object
+#>>16	lequad	0	]
+
+# Microsoft Advanced Streaming Format (ASF) <mpruett@sgi.com>
+0	guid	75B22630-668E-11CF-A6D9-00AA0062CE6C	Microsoft ASF
+!:mime  video/x-ms-asf 
+#>16	lequad	>0					(size %lld
+#>>24	lelong	x					\b, %d header objects)
+>16	lequad	>0
+>>30	use	asf-object
+>>(16.q)	use	asf-object
diff --git a/magic/Magdir/assembler b/magic/Magdir/assembler
new file mode 100644
index 0000000..805a326
--- /dev/null
+++ b/magic/Magdir/assembler
@@ -0,0 +1,18 @@
+#------------------------------------------------------------------------------
+# $File: assembler,v 1.6 2013/12/11 14:14:20 christos Exp $
+# make:  file(1) magic for assembler source
+#
+0	regex	\^[\040\t]{0,50}\\.asciiz		assembler source text
+!:mime	text/x-asm
+0	regex	\^[\040\t]{0,50}\\.byte		assembler source text
+!:mime	text/x-asm
+0	regex	\^[\040\t]{0,50}\\.even		assembler source text
+!:mime	text/x-asm
+0	regex	\^[\040\t]{0,50}\\.globl		assembler source text
+!:mime	text/x-asm
+0	regex	\^[\040\t]{0,50}\\.text		assembler source text
+!:mime	text/x-asm
+0	regex	\^[\040\t]{0,50}\\.file		assembler source text
+!:mime	text/x-asm
+0	regex	\^[\040\t]{0,50}\\.type		assembler source text
+!:mime	text/x-asm
diff --git a/magic/Magdir/asterix b/magic/Magdir/asterix
new file mode 100644
index 0000000..a9ea885
--- /dev/null
+++ b/magic/Magdir/asterix
@@ -0,0 +1,18 @@
+
+#------------------------------------------------------------------------------
+# $File: asterix,v 1.5 2009/09/19 16:28:08 christos Exp $
+# asterix:  file(1) magic for Aster*x; SunOS 5.5.1 gave the 4-character
+# strings as "long" - we assume they're just strings:
+# From: guy@netapp.com (Guy Harris)
+#
+0	string		*STA		Aster*x
+>7	string		WORD			Words Document
+>7	string		GRAP			Graphic
+>7	string		SPRE			Spreadsheet
+>7	string		MACR			Macro
+0	string		2278		Aster*x Version 2
+>29	byte		0x36			Words Document
+>29	byte		0x35			Graphic
+>29	byte		0x32			Spreadsheet
+>29	byte		0x38			Macro
+
diff --git a/magic/Magdir/att3b b/magic/Magdir/att3b
new file mode 100644
index 0000000..b83ae2e
--- /dev/null
+++ b/magic/Magdir/att3b
@@ -0,0 +1,41 @@
+
+#------------------------------------------------------------------------------
+# $File: att3b,v 1.10 2017/03/17 21:35:28 christos Exp $
+# att3b:  file(1) magic for AT&T 3B machines
+#
+# The `versions' should be un-commented if they work for you.
+# (Was the problem just one of endianness?)
+#
+# 3B20
+#
+# The 3B20 conflicts with SCCS.
+#0	beshort		0550		3b20 COFF executable
+#>12	belong		>0		not stripped
+#>22	beshort		>0		- version %d
+#0	beshort		0551		3b20 COFF executable (TV)
+#>12	belong		>0		not stripped
+#>22	beshort		>0		- version %d
+#
+# WE32K
+#
+0	beshort		0560		WE32000 COFF
+>18	beshort		^00000020	object
+>18	beshort		&00000020	executable
+>12	belong		>0		not stripped
+>18	beshort		^00010000	N/A on 3b2/300 w/paging
+>18	beshort		&00020000	32100 required
+>18	beshort		&00040000	and MAU hardware required
+>20	beshort		0407		(impure)
+>20	beshort		0410		(pure)
+>20	beshort		0413		(demand paged)
+>20	beshort		0443		(target shared library)
+>22	beshort		>0		- version %d
+0	beshort		0561		WE32000 COFF executable (TV)
+>12	belong		>0		not stripped
+#>18	beshort		&00020000	- 32100 required
+#>18	beshort		&00040000	and MAU hardware required
+#>22	beshort		>0		- version %d
+#
+# core file for 3b2
+0	string		\000\004\036\212\200	3b2 core file
+>364	string		>\0		of '%s'
diff --git a/magic/Magdir/audio b/magic/Magdir/audio
new file mode 100644
index 0000000..55c5cd0
--- /dev/null
+++ b/magic/Magdir/audio
@@ -0,0 +1,1291 @@
+
+#------------------------------------------------------------------------------
+# $File: audio,v 1.127 2023/03/05 20:15:49 christos Exp $
+# audio:  file(1) magic for sound formats (see also "iff")
+#
+# Jan Nicolai Langfeldt (janl@ifi.uio.no), Dan Quinlan (quinlan@yggdrasil.com),
+# and others
+#
+
+# Sun/NeXT audio data
+0	string		.snd		Sun/NeXT audio data:
+>12	belong		1		8-bit ISDN mu-law,
+!:mime	audio/basic
+>12	belong		2		8-bit linear PCM [REF-PCM],
+!:mime	audio/basic
+>12	belong		3		16-bit linear PCM,
+!:mime	audio/basic
+>12	belong		4		24-bit linear PCM,
+!:mime	audio/basic
+>12	belong		5		32-bit linear PCM,
+!:mime	audio/basic
+>12	belong		6		32-bit IEEE floating point,
+!:mime	audio/basic
+>12	belong		7		64-bit IEEE floating point,
+!:mime	audio/basic
+>12	belong		8		Fragmented sample data,
+>12	belong		10		DSP program,
+>12	belong		11		8-bit fixed point,
+>12	belong		12		16-bit fixed point,
+>12	belong		13		24-bit fixed point,
+>12	belong		14		32-bit fixed point,
+>12	belong		18		16-bit linear with emphasis,
+>12	belong		19		16-bit linear compressed,
+>12	belong		20		16-bit linear with emphasis and compression,
+>12	belong		21		Music kit DSP commands,
+>12	belong		23		8-bit ISDN mu-law compressed (CCITT G.721 ADPCM voice enc.),
+!:mime  audio/x-adpcm
+>12	belong		24		compressed (8-bit CCITT G.722 ADPCM)
+>12	belong		25		compressed (3-bit CCITT G.723.3 ADPCM),
+>12	belong		26		compressed (5-bit CCITT G.723.5 ADPCM),
+>12	belong		27		8-bit A-law (CCITT G.711),
+>20	belong		1		mono,
+>20	belong		2		stereo,
+>20	belong		4		quad,
+>16	belong		>0		%d Hz
+
+# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format
+# that uses little-endian encoding and has a different magic number
+0	lelong		0x0064732E	DEC audio data:
+>12	lelong		1		8-bit ISDN mu-law,
+!:mime	audio/x-dec-basic
+>12	lelong		2		8-bit linear PCM [REF-PCM],
+!:mime	audio/x-dec-basic
+>12	lelong		3		16-bit linear PCM,
+!:mime	audio/x-dec-basic
+>12	lelong		4		24-bit linear PCM,
+!:mime	audio/x-dec-basic
+>12	lelong		5		32-bit linear PCM,
+!:mime	audio/x-dec-basic
+>12	lelong		6		32-bit IEEE floating point,
+!:mime	audio/x-dec-basic
+>12	lelong		7		64-bit IEEE floating point,
+!:mime	audio/x-dec-basic
+>12	belong		8		Fragmented sample data,
+>12	belong		10		DSP program,
+>12	belong		11		8-bit fixed point,
+>12	belong		12		16-bit fixed point,
+>12	belong		13		24-bit fixed point,
+>12	belong		14		32-bit fixed point,
+>12	belong		18		16-bit linear with emphasis,
+>12	belong		19		16-bit linear compressed,
+>12	belong		20		16-bit linear with emphasis and compression,
+>12	belong		21		Music kit DSP commands,
+>12	lelong		23		8-bit ISDN mu-law compressed (CCITT G.721 ADPCM voice enc.),
+!:mime	audio/x-dec-basic
+>12	belong		24		compressed (8-bit CCITT G.722 ADPCM)
+>12	belong		25		compressed (3-bit CCITT G.723.3 ADPCM),
+>12	belong		26		compressed (5-bit CCITT G.723.5 ADPCM),
+>12	belong		27		8-bit A-law (CCITT G.711),
+>20	lelong		1		mono,
+>20	lelong		2		stereo,
+>20	lelong		4		quad,
+>16	lelong		>0		%d Hz
+
+# Creative Labs AUDIO stuff
+0	string	MThd			Standard MIDI data
+!:mime	audio/midi
+>8 	beshort	x			(format %d)
+>10	beshort	x			using %d track
+>10	beshort		>1		\bs
+>12	beshort&0x7fff	x		at 1/%d
+>12	beshort&0x8000	>0		SMPTE
+
+0	string	CTMF			Creative Music (CMF) data
+!:mime	audio/x-unknown
+0	string	SBI			SoundBlaster instrument data
+!:mime	audio/x-unknown
+0	string	Creative\ Voice\ File	Creative Labs voice data
+!:mime	audio/x-unknown
+# is this next line right?  it came this way...
+>19	byte	0x1A
+>23	byte	>0			- version %d
+>22	byte	>0			\b.%d
+
+# first entry is also the string "NTRK"
+0	belong		0x4e54524b	MultiTrack sound data
+>4	belong		x		- version %d
+
+# Extended MOD format (*.emd) (Greg Roelofs, newt@uchicago.edu); NOT TESTED
+# [based on posting 940824 by "Dirk/Elastik", husberg@lehtori.cc.tut.fi]
+0	string		EMOD		Extended MOD sound data,
+>4	byte&0xf0	x		version %d
+>4	byte&0x0f	x		\b.%d,
+>45	byte		x		%d instruments
+>83	byte		0		(module)
+>83	byte		1		(song)
+
+# Real Audio (Magic .ra\0375)
+0	belong		0x2e7261fd	RealAudio sound file
+!:mime	audio/x-pn-realaudio
+0	string		.RMF\0\0\0	RealMedia file
+!:mime	application/vnd.rn-realmedia
+#video/x-pn-realvideo
+#video/vnd.rn-realvideo
+#application/vnd.rn-realmedia
+#	sigh, there are many mimes for that but the above are the most common.
+
+# MTM/669/FAR/S3M/ULT/XM format checking [Aaron Eppert, aeppert@dialin.ind.net]
+# Oct 31, 1995
+# fixed by <doj@cubic.org> 2003-06-24
+# Too short...
+#0	string		MTM		MultiTracker Module sound file
+#0	string		if		Composer 669 Module sound data
+#0	string		JN		Composer 669 Module sound data (extended format)
+0	string		MAS_U		ULT(imate) Module sound data
+
+#0	string		FAR		Module sound data
+#>4	string		>\15		Title: "%s"
+
+0x2c	string		SCRM		ScreamTracker III Module sound data
+>0	string		>\0		Title: "%s"
+!:mime	audio/x-s3m
+
+# .stm before it got above .s3m extension
+0x16	string		\!Scream\!	ScreamTracker Module sound data
+>0	string		>\0		Title: "%s"
+
+# Gravis UltraSound patches
+# From <ache@nagual.ru>
+
+0	string		GF1PATCH110\0ID#000002\0	GUS patch
+0	string		GF1PATCH100\0ID#000002\0	Old GUS	patch
+
+# mime types according to http://www.geocities.com/nevilo/mod.htm:
+#	audio/it	.it
+#	audio/x-zipped-it	.itz
+#	audio/xm	fasttracker modules
+#	audio/x-s3m	screamtracker modules
+#	audio/s3m	screamtracker modules
+#	audio/x-zipped-mod	mdz
+#	audio/mod	mod
+#	audio/x-mod	All modules (mod, s3m, 669, mtm, med, xm, it, mdz, stm, itz, xmz, s3z)
+
+#
+# Taken from loader code from mikmod version 2.14
+# by Steve McIntyre (stevem@chiark.greenend.org.uk)
+# <doj@cubic.org> added title printing on 2003-06-24
+0	string	MAS_UTrack_V00
+>14	string	>/0		ultratracker V1.%.1s module sound data
+!:mime	audio/x-mod
+#audio/x-tracker-module
+
+0	string	UN05		MikMod UNI format module sound data
+
+0	string	Extended\ Module: Fasttracker II module sound data
+!:mime	audio/x-mod
+#audio/x-tracker-module
+>17	string	>\0		Title: "%s"
+
+21	string/c	=!SCREAM!	Screamtracker 2 module sound data
+!:mime	audio/x-mod
+#audio/x-screamtracker-module
+21	string	BMOD2STM	Screamtracker 2 module sound data
+!:mime	audio/x-mod
+#audio/x-screamtracker-module
+
+1080	string	\!PM!		4-channel Protracker module sound data
+!:mime	audio/x-mod
+#audio/x-protracker-module
+>0	string	>\0		Title: "%s"
+
+1080	string	M.K.		4-channel Protracker module sound data
+!:mime	audio/x-mod
+#audio/x-protracker-module
+>0	string	>\0		Title: "%s"
+
+1080	string	M!K!		4-channel Protracker module sound data
+!:mime	audio/x-mod
+#audio/x-protracker-module
+>0	string	>\0		Title: "%s"
+
+1080	string	FLT4		4-channel Startracker module sound data
+!:mime	audio/x-mod
+#audio/x-startracker-module
+>0	string	>\0		Title: "%s"
+
+1080	string	FLT8		8-channel Startracker module sound data
+!:mime	audio/x-mod
+#audio/x-startracker-module
+>0	string	>\0		Title: "%s"
+
+1080	string	4CHN		4-channel Fasttracker module sound data
+!:mime	audio/x-mod
+#audio/x-fasttracker-module
+>0	string	>\0		Title: "%s"
+
+1080	string	6CHN		6-channel Fasttracker module sound data
+!:mime	audio/x-mod
+#audio/x-fasttracker-module
+>0	string	>\0		Title: "%s"
+
+1080	string	8CHN		8-channel Fasttracker module sound data
+!:mime	audio/x-mod
+#audio/x-fasttracker-module
+>0	string	>\0		Title: "%s"
+
+1080	string	CD81		8-channel Octalyser module sound data
+!:mime	audio/x-mod
+#audio/x-octalysertracker-module
+>0	string	>\0		Title: "%s"
+
+1080	string	OKTA		8-channel Octalyzer module sound data
+!:mime	audio/x-mod
+#audio/x-octalysertracker-module
+>0	string	>\0		Title: "%s"
+
+# Not good enough.
+#1082	string	CH
+#>1080	string	>/0		%.2s-channel Fasttracker "oktalyzer" module sound data
+1080	string	16CN		16-channel Taketracker module sound data
+!:mime	audio/x-mod
+#audio/x-taketracker-module
+>0	string	>\0		Title: "%s"
+1080	string	32CN		32-channel Taketracker module sound data
+!:mime	audio/x-mod
+#audio/x-taketracker-module
+>0	string	>\0		Title: "%s"
+
+# TOC sound files -Trevor Johnson <trevor@jpj.net>
+#
+0       string          TOC             TOC sound file
+
+# sidfiles <pooka@iki.fi>
+# added name,author,(c) and new RSID type by <doj@cubic.org> 2003-06-24
+0	string		SIDPLAY\ INFOFILE	Sidplay info file
+
+0	string		PSID			PlaySID v2.2+ (AMIGA) sidtune
+>4	beshort		>0			w/ header v%d,
+>14	beshort		=1			single song,
+>14	beshort		>1			%d songs,
+>16	beshort		>0			default song: %d
+>0x16	string		>\0			name: "%s"
+>0x36	string		>\0			author: "%s"
+>0x56	string		>\0			copyright: "%s"
+
+0	string		RSID			RSID sidtune PlaySID compatible
+>4	beshort		>0			w/ header v%d,
+>14	beshort		=1			single song,
+>14	beshort		>1			%d songs,
+>16	beshort		>0			default song: %d
+>0x16	string		>\0			name: "%s"
+>0x36	string		>\0			author: "%s"
+>0x56	string		>\0			copyright: "%s"
+
+# IRCAM sound files - Michael Pruett <michael@68k.org>
+# http://www-mmsp.ece.mcgill.ca/documents/AudioFormats/IRCAM/IRCAM.html
+0	belong		0x64a30100		IRCAM file (VAX little-endian)
+0	belong		0x0001a364		IRCAM file (VAX big-endian)
+0	belong		0x64a30200		IRCAM file (Sun big-endian)
+0	belong		0x0002a364		IRCAM file (Sun little-endian)
+0	belong		0x64a30300		IRCAM file (MIPS little-endian)
+0	belong		0x0003a364		IRCAM file (MIPS big-endian)
+0	belong		0x64a30400		IRCAM file (NeXT big-endian)
+0	belong		0x64a30400		IRCAM file (NeXT big-endian)
+0	belong		0x0004a364		IRCAM file (NeXT little-endian)
+
+# NIST SPHERE <mpruett@sgi.com>
+0	string		NIST_1A\n\ \ \ 1024\n	NIST SPHERE file
+
+# Sample Vision <mpruett@sgi.com>
+0	string		SOUND\ SAMPLE\ DATA\ 	Sample Vision file
+
+# Audio Visual Research <tonigonenstein@users.sourceforge.net>
+0	string		2BIT			Audio Visual Research file,
+>12	beshort		=0			mono,
+>12	beshort		=-1			stereo,
+>14	beshort		x			%d bits
+>16	beshort		=0			unsigned,
+>16	beshort		=-1			signed,
+>22	belong&0x00ffffff	x		%d Hz,
+>18	beshort		=0			no loop,
+>18	beshort		=-1			loop,
+>21	ubyte		<128			note %d,
+>22	byte		=0			replay 5.485 KHz
+>22	byte		=1			replay 8.084 KHz
+>22	byte		=2			replay 10.971 KHz
+>22	byte		=3			replay 16.168 KHz
+>22	byte		=4			replay 21.942 KHz
+>22	byte		=5			replay 32.336 KHz
+>22	byte		=6			replay 43.885 KHz
+>22	byte		=7			replay 47.261 KHz
+
+# SGI SoundTrack <mpruett@sgi.com>
+0	string		_SGI_SoundTrack		SGI SoundTrack project file
+# ID3 version 2 tags <waschk@informatik.uni-rostock.de>
+0	string		ID3	Audio file with ID3 version 2
+>3	byte		x	\b.%d
+>4	byte		x	\b.%d
+>>5	byte		&0x80	\b, unsynchronized frames
+>>5	byte		&0x40	\b, extended header
+>>5	byte		&0x20	\b, experimental
+>>5	byte		&0x10	\b, footer present
+>(6.I+10)	indirect	x	\b, contains:
+
+# NSF (NES sound file) magic
+0	string		NESM\x1a	NES Sound File
+>14	string		>\0		("%s" by
+>46	string		>\0		%s, copyright
+>78	string		>\0		%s),
+>5	byte		x		version %d,
+>6	byte		x		%d tracks,
+>122	byte&0x2	=1		dual PAL/NTSC
+>122	byte&0x1	=1		PAL
+>122	byte&0x1	=0		NTSC
+
+# NSFE (Extended NES sound file) magic
+# http://slickproductions.org/docs/NSF/nsfespec.txt
+# From: David Pflug <david@pflug.email>
+0	string		NSFE		Extended NES Sound File
+>48	search/0x1000	auth
+>>&0	string		>\0		("%s"
+>>>&1	string		>\0		by %s
+>>>>&1	string		>\0		\b, copyright %s
+>>>>>&1	string		>\0		\b, ripped by %s
+>20	byte		x		\b), %d tracks,
+>18	byte&0x2	=1		dual PAL/NTSC
+>18     byte&0x2	=0
+>>18	byte&0x1	=1		PAL
+>>18	byte&0x1	=0		NTSC
+
+# Type: SNES SPC700 sound files
+# From: Josh Triplett <josh@freedesktop.org>
+0	string	SNES-SPC700\ Sound\ File\ Data\ v	SNES SPC700 sound file
+>&0	string	0.30					\b, version %s
+>>0x23	byte	0x1B					\b, without ID666 tag
+>>0x23	byte	0x1A					\b, with ID666 tag
+>>>0x2E	string	>\0					\b, song "%.32s"
+>>>0x4E	string	>\0					\b, game "%.32s"
+
+# Impulse tracker module (audio/x-it)
+0	string		IMPM		Impulse Tracker module sound data -
+!:mime	audio/x-mod
+>4	string		>\0		"%s"
+>40	leshort		!0		compatible w/ITv%x
+>42	leshort		!0		created w/ITv%x
+
+# Imago Orpheus module (audio/x-imf)
+60	string		IM10		Imago Orpheus module sound data -
+>0	string		>\0		"%s"
+
+# From <collver1@attbi.com>
+# These are the /etc/magic entries to decode modules, instruments, and
+# samples in Impulse Tracker's native format.
+
+0	string		IMPS		Impulse Tracker Sample
+>18	byte		&2		16 bit
+>18	byte		^2		8 bit
+>18	byte		&4		stereo
+>18	byte		^4		mono
+0	string		IMPI		Impulse Tracker Instrument
+>28	leshort		!0		ITv%x
+>30	byte		!0		%d samples
+
+# Yamaha TX Wave:  file(1) magic for Yamaha TX Wave audio files
+# From <collver1@attbi.com>
+0	string		LM8953		Yamaha TX Wave
+>22	byte		0x49		looped
+>22	byte		0xC9		non-looped
+>23	byte		1		33kHz
+>23	byte		2		50kHz
+>23	byte		3		16kHz
+
+# scream tracker:  file(1) magic for Scream Tracker sample files
+#
+# From <collver1@attbi.com>
+76	string		SCRS		Scream Tracker Sample
+>0	byte		1		sample
+>0	byte		2		adlib melody
+>0	byte		>2		adlib drum
+>31	byte		&2		stereo
+>31	byte		^2		mono
+>31	byte		&4		16bit little endian
+>31	byte		^4		8bit
+>30	byte		0		unpacked
+>30	byte		1		packed
+
+# audio
+# From: Cory Dikkers <cdikkers@swbell.net>
+0	string		MMD0		MED music file, version 0
+0	string		MMD1		OctaMED Pro music file, version 1
+0	string		MMD3		OctaMED Soundstudio music file, version 3
+0	string		OctaMEDCmpr	OctaMED Soundstudio compressed file
+0	string		MED		MED_Song
+0	string		SymM		Symphonie SymMOD music file
+#
+# Track Length (TRL), Tracks (TRK), Samples (SMP), Subsongs (SS)
+# http://lclevy.free.fr/exotica/ahx/ahxformat.txt
+0	string		THX		AHX version
+>3	byte		=0		1 module data
+>3	byte		=1		2 module data
+>11	ubyte		x		TRK: %u
+>10	ubyte		x		TRL: %u
+>12	ubyte		x		SMP: %u
+>13	ubyte		x		SS: %u
+>(4.H)		string		x		Title: "%.128s"
+
+# header is mostly AHX format
+0		string		HVL
+>3		byte		<2	Hively Tracker Song
+>3		byte		=0		v1 module data
+>3		byte		=1		v2 module data
+>11		ubyte		x		TRK: %u
+>10		ubyte		x		TRL: %u
+>12		ubyte		x		SMP: %u
+>13		ubyte		x		SS: %u
+>8		ubyte/4		=0		CHN: 4
+>8		ubyte/4		>0		CHN: 4+%u
+#>-0		offset		<0xffff
+>(4.H)		string		x		Title: "%.128s"
+
+#
+0	string		OKTASONG	Oktalyzer module data
+#
+0	string		DIGI\ Booster\ module\0	%s
+>20	byte		>0		%c
+>>21	byte		>0		\b%c
+>>>22	byte		>0		\b%c
+>>>>23	byte		>0		\b%c
+>610	string		>\0		\b, "%s"
+#
+0	string		DBM0	   	DIGI Booster Pro Module
+>4	byte		>0		V%X.
+>>5	byte		x		\b%02X
+>16	string		>\0		\b, "%s"
+#
+0	string		FTMN		FaceTheMusic module
+>16	string		>\0d		\b, "%s"
+
+# From: <doj@cubic.org> 2003-06-24
+0	string		AMShdr\32	Velvet Studio AMS Module v2.2
+0	string		Extreme		Extreme Tracker AMS Module v1.3
+0	string		DDMF		Xtracker DMF Module
+>4	byte		x		v%i
+>0xD	string		>\0		Title: "%s"
+>0x2B	string		>\0		Composer: "%s"
+0	string		DSM\32		Dynamic Studio Module DSM
+0	string		SONG		DigiTrekker DTM Module
+0	string		DMDL		DigiTrakker MDL Module
+0	string		PSM\32		Protracker Studio PSM Module
+44	string		PTMF		Poly Tracker PTM Module
+>0	string		>\32		Title: "%s"
+0	string		MT20		MadTracker 2.0 Module MT2
+0	string		RAD\40by\40REALiTY!! RAD Adlib Tracker Module RAD
+0	string		RTMM		RTM Module
+0x426	string		MaDoKaN96	XMS Adlib Module
+>0	string		>\0		Composer: "%s"
+0	string		AMF		AMF Module
+>4	string		>\0		Title: "%s"
+0	string		MODINFO1	Open Cubic Player Module Information MDZ
+0	string		Extended\40Instrument: Fast Tracker II Instrument
+
+# From: Takeshi Hamasaki <hma@syd.odn.ne.jp>
+# NOA Nancy Codec file
+0	string		\210NOA\015\012\032	NOA Nancy Codec Movie file
+# Yamaha SMAF format
+0	string		MMMD		Yamaha SMAF file
+# Sharp Jisaku Melody format for PDC
+0	string		\001Sharp\040JisakuMelody	SHARP Cell-Phone ringing Melody
+>20	string		Ver01.00	Ver. 1.00
+>>32	byte		x		, %d tracks
+
+# Free lossless audio codec <http://flac.sourceforge.net>
+# From: Przemyslaw Augustyniak <silvathraec@rpg.pl>
+0	string			fLaC		FLAC audio bitstream data
+!:mime	audio/flac
+>4	byte&0x7f		>0		\b, unknown version
+>4	byte&0x7f		0		\b
+# some common bits/sample values
+>>20	beshort&0x1f0		0x030		\b, 4 bit
+>>20	beshort&0x1f0		0x050		\b, 6 bit
+>>20	beshort&0x1f0		0x070		\b, 8 bit
+>>20	beshort&0x1f0		0x0b0		\b, 12 bit
+>>20	beshort&0x1f0		0x0f0		\b, 16 bit
+>>20	beshort&0x1f0		0x170		\b, 24 bit
+>>20	byte&0xe		0x0		\b, mono
+>>20	byte&0xe		0x2		\b, stereo
+>>20	byte&0xe		0x4		\b, 3 channels
+>>20	byte&0xe		0x6		\b, 4 channels
+>>20	byte&0xe		0x8		\b, 5 channels
+>>20	byte&0xe		0xa		\b, 6 channels
+>>20	byte&0xe		0xc		\b, 7 channels
+>>20	byte&0xe		0xe		\b, 8 channels
+# sample rates derived from known oscillator frequencies;
+# 24.576 MHz (video/fs=48kHz), 22.5792 (audio/fs=44.1kHz) and
+# 16.384 (other/fs=32kHz).
+>>17	belong&0xfffff0       	0x02b110	\b, 11.025 kHz
+>>17	belong&0xfffff0       	0x03e800	\b, 16 kHz
+>>17	belong&0xfffff0       	0x056220	\b, 22.05 kHz
+>>17	belong&0xfffff0       	0x05dc00	\b, 24 kHz
+>>17	belong&0xfffff0       	0x07d000	\b, 32 kHz
+>>17	belong&0xfffff0       	0x0ac440	\b, 44.1 kHz
+>>17	belong&0xfffff0       	0x0bb800	\b, 48 kHz
+>>17	belong&0xfffff0       	0x0fa000	\b, 64 kHz
+>>17	belong&0xfffff0       	0x158880	\b, 88.2 kHz
+>>17	belong&0xfffff0       	0x177000	\b, 96 kHz
+>>17	belong&0xfffff0       	0x1f4000	\b, 128 kHz
+>>17	belong&0xfffff0       	0x2b1100	\b, 176.4 kHz
+>>17	belong&0xfffff0       	0x2ee000	\b, 192 kHz
+>>17	belong&0xfffff0       	0x3e8000	\b, 256 kHz
+>>17	belong&0xfffff0       	0x562200	\b, 352.8 kHz
+>>17	belong&0xfffff0       	0x5dc000	\b, 384 kHz
+>>21	byte&0xf		>0		\b, >4G samples
+>>21	byte&0xf		0		\b
+>>>22	belong			>0		\b, %u samples
+>>>22	belong			0		\b, length unknown
+
+# (ISDN) VBOX voice message file (Wolfram Kleff)
+0       string          VBOX            VBOX voice message data
+
+# ReBorn Song Files (.rbs)
+# David J. Singer <doc@deadvirgins.org.uk>
+8       string          RB40             RBS Song file
+>29     string          ReBorn           created by ReBorn
+>37     string          Propellerhead    created by ReBirth
+
+# Synthesizer Generator and Kimwitu share their file format
+0	string		A#S#C#S#S#L#V#3	    Synthesizer Generator or Kimwitu data
+# Kimwitu++ uses a slightly different magic
+0	string		A#S#C#S#S#L#HUB	    Kimwitu++ data
+
+# From "Simon Hosie
+0       string  TFMX-SONG       TFMX module sound data
+
+# Monkey's Audio compressed audio format (.ape)
+# From danny.milo@gmx.net (Danny Milosavljevic)
+# New version from Abel Cheung <abel (@) oaka.org>
+0		string		MAC\040		Monkey's Audio compressed format
+!:mime audio/x-ape
+>4		uleshort	>0x0F8B		version %d
+>>(0x08.l)	uleshort	=1000		with fast compression
+>>(0x08.l)	uleshort	=2000		with normal compression
+>>(0x08.l)	uleshort	=3000		with high compression
+>>(0x08.l)	uleshort	=4000		with extra high compression
+>>(0x08.l)	uleshort	=5000		with insane compression
+>>(0x08.l+18)	uleshort	=1		\b, mono
+>>(0x08.l+18)	uleshort	=2		\b, stereo
+>>(0x08.l+20)	ulelong		x		\b, sample rate %d
+>4		uleshort	<0x0F8C		version %d
+>>6		uleshort	=1000		with fast compression
+>>6		uleshort	=2000		with normal compression
+>>6		uleshort	=3000		with high compression
+>>6		uleshort	=4000		with extra high compression
+>>6		uleshort	=5000		with insane compression
+>>10		uleshort	=1		\b, mono
+>>10		uleshort	=2		\b, stereo
+>>12		ulelong		x		\b, sample rate %d
+
+# adlib sound files
+# From: Alex Myczko <alex@aiei.ch>
+
+# https://github.com/rerrahkr/BambooTracker
+0	string	BambooTracker	BambooTracker
+>13	string	Mod		Module
+>13	string	Ist		Instrument
+>13	string	Bnk		Bank
+>22	byte	x		\b, version %u
+>21	byte	x		\b.%u
+>20	byte	x		\b.%u
+
+0	string		CC2x		CheeseCutter 2 song
+
+0    	string		RAWADATA	RdosPlay RAW
+
+1068	string		RoR		AMUSIC Adlib Tracker
+
+0	string		JCH		EdLib
+
+0	string		mpu401tr	MPU-401 Trakker
+
+0	string		SAdT		Surprise! Adlib Tracker
+>4	byte		x		Version %d
+
+0	string		XAD!		eXotic ADlib
+
+0	string		ofTAZ!		eXtra Simple Music
+
+0	string		FMK!		FM Kingtracker Song
+
+0	string		DFM		DFM Song
+
+0	string		\<CUD-FM-File\>	CFF Song
+
+0	string		_A2module	A2M Song
+
+# Spectrum 128 tunes (.ay files).
+# From: Emanuel Haupt <ehaupt@critical.ch>
+0	string		ZXAYEMUL	Spectrum 128 tune
+
+0	string		\0BONK		BONK,
+#>5	byte		x		version %d
+>14	byte		x		%d channel(s),
+>15	byte		=1		lossless,
+>15	byte		=0		lossy,
+>16	byte		x		mid-side
+
+384	string		LockStream	LockStream Embedded file (mostly MP3 on old Nokia phones)
+
+# format VQF (proprietary codec for sound)
+# some infos on the header file available at :
+# http://www.twinvq.org/english/technology_format.html
+0	string		TWIN97012000	VQF data
+>27	short		0		\b, Mono
+>27	short		1		\b, Stereo
+>31	short 		>0		\b, %d kbit/s
+>35	short 		>0		\b, %d kHz
+
+# Nelson A. de Oliveira (naoliv@gmail.com)
+# .eqf
+0	string	Winamp\ EQ\ library\ file	%s
+# it will match only versions like v<digit>.<digit>
+# Since I saw only eqf files with version v1.1 I think that it's OK
+>23	string	x	\b%.4s
+# .preset
+0	string	[Equalizer\ preset]	XMMS equalizer preset
+# .m3u
+0	search/1	#EXTM3U 	M3U playlist text
+# .pls
+0	search/1	[playlist]	PLS playlist text
+# licq.conf
+1	string	[licq]			LICQ configuration file
+
+# Atari ST audio files by Dirk Jagdmann <doj@cubic.org>
+# NOTE: Most SNDH music is packed using ICE, which has
+# magic numbers "ICE!" and "Ice!". Some SNDH music is
+# not packed, so we check for both packed and unpacked.
+12	string			SNDH	SNDH Atari ST music
+0	belong&0xFFDFDFFF	0x49434521
+>14	search/40		NDH	SNDH Atari ST music
+>14	search/40		TITL	SNDH Atari ST music
+0	string		SC68\ Music-file\ /\ (c)\ (BeN)jami	sc68 Atari ST music
+
+# musepak support From: "Jiri Pejchal" <jiri.pejchal@gmail.com>
+0       string          MP+     Musepack audio (MP+)
+!:mime	audio/x-musepack
+>3      byte            255     \b, SV pre8
+>3      byte&0xF        0x6     \b, SV 6
+>3      byte&0xF        0x8     \b, SV 8
+>3      byte&0xF        0x7     \b, SV 7
+>>3     byte&0xF0       0x0     \b.0
+>>3     byte&0xF0       0x10    \b.1
+>>3     byte&0xF0       240     \b.15
+>>10    byte&0xF0       0x0     \b, no profile
+>>10    byte&0xF0       0x10    \b, profile 'Unstable/Experimental'
+>>10    byte&0xF0       0x50    \b, quality 0
+>>10    byte&0xF0       0x60    \b, quality 1
+>>10    byte&0xF0       0x70    \b, quality 2 (Telephone)
+>>10    byte&0xF0       0x80    \b, quality 3 (Thumb)
+>>10    byte&0xF0       0x90    \b, quality 4 (Radio)
+>>10    byte&0xF0       0xA0    \b, quality 5 (Standard)
+>>10    byte&0xF0       0xB0    \b, quality 6 (Xtreme)
+>>10    byte&0xF0       0xC0    \b, quality 7 (Insane)
+>>10    byte&0xF0       0xD0    \b, quality 8 (BrainDead)
+>>10    byte&0xF0       0xE0    \b, quality 9
+>>10    byte&0xF0       0xF0    \b, quality 10
+>>27    byte            0x0     \b, Buschmann 1.7.0-9, Klemm 0.90-1.05
+>>27    byte            102     \b, Beta 1.02
+>>27    byte            104     \b, Beta 1.04
+>>27    byte            105     \b, Alpha 1.05
+>>27    byte            106     \b, Beta 1.06
+>>27    byte            110     \b, Release 1.1
+>>27    byte            111     \b, Alpha 1.11
+>>27    byte            112     \b, Beta 1.12
+>>27    byte            113     \b, Alpha 1.13
+>>27    byte            114     \b, Beta 1.14
+>>27    byte            115     \b, Alpha 1.15
+
+0       string          MPCK    Musepack audio (MPCK)
+!:mime	audio/x-musepack
+
+# IMY
+# from http://filext.com/detaillist.php?extdetail=IMY
+# https://cellphones.about.com/od/cellularfaqs/f/rf_imelody.htm
+# http://download.ncl.ie/doc/api/ie/ncl/media/music/IMelody.html
+# http://www.wx800.com/msg/download/irda/iMelody.pdf
+0	string	BEGIN:IMELODY	iMelody Ringtone Format
+
+# From: "Mateus Caruccio" <mateus@caruccio.com>
+# guitar pro v3,4,5 from http://filext.com/file-extension/gp3
+0	string	\030FICHIER\ GUITAR\ PRO\ v3.	Guitar Pro Ver. 3 Tablature
+
+# From: "Leslie P. Polzer" <leslie.polzer@gmx.net>
+60	string	SONG		SoundFX Module sound file
+
+# Type: Adaptive Multi-Rate Codec
+# URL:  http://filext.com/detaillist.php?extdetail=AMR
+# From: Russell Coker <russell@coker.com.au>
+0	string	#!AMR		Adaptive Multi-Rate Codec (GSM telephony)
+!:mime	audio/amr
+!:ext  amr
+
+# Type: SuperCollider 3 Synth Definition File Format
+# From: Mario Lang <mlang@debian.org>
+0	string	SCgf	SuperCollider3 Synth Definition file,
+>4	belong	x	version %d
+
+# Type: True Audio Lossless Audio
+# URL:  https://wiki.multimedia.cx/index.php?title=True_Audio
+# From: Mike Melanson <mike@multimedia.cx>
+0	string	TTA1	True Audio Lossless Audio
+
+# Type: WavPack Lossless Audio
+# URL:  https://wiki.multimedia.cx/index.php?title=WavPack
+# From: Mike Melanson <mike@multimedia.cx>
+0	string	wvpk	WavPack Lossless Audio
+
+# From Fabio R. Schmidlin <frs@pop.com.br>
+# VGM music file
+0	string		Vgm\040
+>9	ubyte		>0	VGM Video Game Music dump v
+!:mime	audio/x-vgm
+!:ext	vgm
+>>9	ubyte/16	>0	\b%d
+>>9	ubyte&0x0F	x	\b%d
+>>8	ubyte/16	x	\b.%d
+>>8	ubyte&0x0F	>0	\b%d
+#Get soundchips
+>>8	ubyte		x	\b, soundchip(s)=
+>>0x0C	ulelong		>0	SN76489 (PSG),
+>>0x10	ulelong		>0	YM2413 (OPLL),
+>>0x2C	ulelong		>0	YM2612 (OPN2),
+>>0x30	ulelong		>0	YM2151 (OPM),
+>>0x38	ulelong		>0	Sega PCM,
+>>0x34	ulelong		>0xC
+>>>0x40	ulelong		>0	RF5C68 (PCM),
+>>0x34	ulelong		>0x10
+>>>0x44	ulelong		>0	YM2203 (OPN),
+>>0x34	ulelong		>0x14
+>>>0x48	ulelong		>0	YM2608 (OPNA),
+>>0x34	ulelong		>0x18
+>>>0x4C	lelong		>0	YM2610 (OPNB),
+>>>0x4C	lelong		<0	YM2610B (OPNB+2FM),
+>>0x34	ulelong		>0x1C
+>>>0x50	ulelong		>0	YM3812 (OPL2),
+>>0x34	ulelong		>0x20
+>>>0x54	ulelong		>0	YM3526 (OPL),
+>>0x34	ulelong		>0x24
+>>>0x58	ulelong		>0	Y8950 (MSX-Audio),
+>>0x34	ulelong		>0x28
+>>>0x5C	ulelong		>0	YMF262 (OPL3),
+>>0x34	ulelong		>0x2C
+>>>0x60	ulelong		>0	YMF278B (OPL4),
+>>0x34	ulelong		>0x30
+>>>0x64	ulelong		>0	YMF271 (OPX),
+>>0x34	ulelong		>0x34
+>>>0x68	ulelong		>0	YMZ280B (PCMD8),
+>>0x34	ulelong		>0x38
+>>>0x6C	ulelong		>0	RF5C164 (PCM),
+>>0x34	ulelong		>0x3C
+>>>0x70	ulelong		>0	PWM,
+>>0x34	ulelong		>0x40
+>>>0x74	ulelong		>0
+>>>>0x78 ubyte		0x00	AY-3-8910,
+>>>>0x78 ubyte		0x01	AY-3-8912,
+>>>>0x78 ubyte		0x02	AY-3-8913,
+>>>>0x78 ubyte		0x03	AY-3-8930,
+>>>>0x78 ubyte		0x10	YM2149,
+>>>>0x78 ubyte		0x11	YM3439,
+>>>>0x78 ubyte		0x12	YMZ284,
+>>>>0x78 ubyte		0x13	YMZ294,
+# VGM 1.61
+>>0x34	ulelong		>0x4C
+>>>0x80	ulelong		>0	DMG,
+>>0x34	ulelong		>0x50
+>>>0x84	lelong		>0	NES APU,
+>>>0x84	lelong		<0	NES APU with FDS,
+>>0x34	ulelong		>0x54
+>>>0x88	ulelong		>0	MultiPCM,
+>>0x34	ulelong		>0x58
+>>>0x8C	ulelong		>0	uPD7759 (ADPCM Speech),
+>>0x34	ulelong		>0x5C
+>>>0x90	ulelong		>0	OKIM6258 (ADPCM Speech),
+>>0x34	ulelong		>0x64
+>>>0x98	ulelong		>0	OKIM6295 (ADPCM),
+>>0x34	ulelong		>0x68
+>>>0x9C	ulelong		>0	K051649,
+>>0x34	ulelong		>0x6C
+>>>0xA0	ulelong		>0	K054539,
+>>0x34	ulelong		>0x70
+>>>0xA4	ulelong		>0	HuC6280,
+>>0x34	ulelong		>0x74
+>>>0xA8	ulelong		>0	C140,
+>>0x34	ulelong		>0x78
+>>>0xAC	ulelong		>0	K053260,
+>>0x34	ulelong		>0x7C
+>>>0xB0	ulelong		>0	Pokey,
+>>0x34	ulelong		>0x80
+>>>0xB4	ulelong		>0	QSound,
+# VGM 1.71
+>>0x34	ulelong		>0x84
+>>>0xB8	ulelong		>0	SCSP,
+>>0x34	ulelong		>0x8C
+>>>0xC0	ulelong		>0	WonderSwan,
+>>0x34	ulelong		>0x90
+>>>0xC4	ulelong		>0	VSU,
+>>0x34	ulelong		>0x94
+>>>0xC8	ulelong		>0	SAA1099,
+>>0x34	ulelong		>0x98
+>>>0xCC	ulelong		>0	ES5503 (DOC),
+>>0x34	ulelong		>0x9C
+>>>0xD0	lelong		>0	ES5505 (OTIS),
+>>>0xD0	lelong		<0	ES5506 (OTTO),
+>>0x34	ulelong		>0xA4
+>>>0xD8	ulelong		>0	X1-010,
+>>0x34	ulelong		>0xA8
+>>>0xDC	ulelong		>0	C352,
+>>0x34	ulelong		>0xAC
+>>>0xE0	ulelong		>0	GA20,
+
+# GVOX Encore file format
+# Since this is a proprietary file format and there is no publicly available
+# format specification, this is just based on induction
+#
+0	string	SCOW
+>4	byte	0xc4	GVOX Encore music, version 5.0 or above
+>4	byte	0xc2	GVOX Encore music, version < 5.0
+
+0	string	ZBOT
+>4	byte	0xc5	GVOX Encore music, version < 5.0
+
+# Summary:	Garmin Voice Processing Module (WAVE audios)
+# From:		Joerg Jenderek
+# URL:		https://www.garmin.com/
+# Reference:	http://www.poi-factory.com/node/19580
+# NOTE:		there exist 2 other Garmin VPM formats
+0		string	AUDIMG
+# skip text files starting with string "AUDIMG"
+>13		ubyte		<13	Garmin Voice Processing Module
+!:mime	audio/x-vpm-wav-garmin
+!:ext	vpm
+# 3 bytes indicating the voice version (200,220)
+>>6		string		x	\b, version %3.3s
+# day of release (01-31)
+>>12		ubyte		x	\b, %.2d
+# month of release (01-12)
+>>13		ubyte		x	\b.%.2d
+# year of release (like 2006, 2007, 2008)
+>>14		uleshort	x	\b.%.4d
+# hour of release (0-23)
+>>11		ubyte		x	%.2d
+# minute of release (0-59)
+>>10		ubyte		x	\b:%.2d
+# second of release (0-59)
+>>9		ubyte		x	\b:%.2d
+# if you select a language like german on your garmin device
+# you can only select voice modules with corresponding language byte ID like 1
+>>18		ubyte		x	\b, language ID %d
+# structure for phrases/sentences?
+# number of voice sample in the 1st phrase?
+#>>19		uleshort		x	\b, %#x samples
+#>>>21		uleshort		>0	\b, at %#4.4x
+#>>>(21.s)	ubequad			x	%#llx
+# 2nd phrase?
+#>>23		uleshort		x	\b, %#x samples
+#>>>25		uleshort		>0	\b, at %#4.4x
+#>>>(25.s)	ubequad			x	%#llx
+# pointer to 1st audio WAV sample
+>>16		uleshort	>0
+>>>(16.s)	ulelong		>0	\b, at %#x
+# WAV length
+# 1 space char after "bytes" to get phrase "bytes RIFF"
+>>>>(16.s+4)	ulelong		>0	%u bytes 
+# look for magic
+>>>>>(&-8.l)	string		RIFF
+# determine type by ./riff
+>>>>>>&-4	indirect	x
+# 2 - ~ 131 WAV samples following same way
+#
+# Summary:	encrypted Garmin Voice Processing Module
+# From:		Joerg Jenderek
+# URL:		https://www.garmin.com/us/products/ontheroad/voicestudio
+# NOTE:		Encrypted variant used in voices like DrNightmare, Elfred, Yeti.
+#		There exist 2 other Garmin VPM formats
+0	ubequad		0xa141190fecc8ced6	Garmin Voice Processing Module (encrypted)
+!:mime	audio/x-vpm-garmin
+!:ext	vpm
+
+# From Martin Mueller Skarbiniks Pedersen
+0		string		GDM
+>0x3		byte		0xFE	General Digital Music.
+>0x4		string		>\0	title: "%s"
+>0x24		string		>\0	musician: "%s"
+>>0x44		beshort		0x0D0A
+>>>0x46		byte		0x1A
+>>>>0x47	string		GMFS	Version
+>>>>0x4B	byte		x	%d.
+>>>>0x4C	byte		x	\b%02d
+>>>>0x4D	beshort		0x000	(2GDM v
+>>>>0x4F	byte		x	\b%d.
+>>>>>0x50	byte		x	\b%d)
+
+0		string		MTM	Multitracker
+>0x3		byte/16		x	Version %d.
+>0x3		byte&0x0F	x	\b%02d
+>>0x4		string		>\0	title: "%s"
+
+0		string		MO3
+>3		ubyte		<6	MOdule with MP3
+>>3		byte		0	Version	0	(With MP3 and lossless)
+>>3		byte		1	Version	1	(With ogg and lossless)
+>>3		byte		3	Version 2.2
+>>3		byte		4	(With no LAME header)
+>>3		byte		5	Version 2.4
+
+0		string		ADRVPACK	AProSys	module
+
+# ftp://ftp.modland.com/pub/documents/format_documentation/\
+# Art%20Of%20Noise%20(.aon).txt
+0		string		AON
+>4		string		"ArtOfNoise by Bastian Spiegel(twice/lego)"
+>0x2e		string		NAME	Art of Noise Tracker Song
+>3		string		<9
+>3		string		4	(4 voices)
+>3		string		8	(8 voices)
+>>0x36		string		>\0	Title: "%s"
+
+0		string		FAR
+>0x2c		byte		0x0d
+>0x2d		byte		0x0a
+>0x2e		byte		0x1a
+>>0x3		byte		0xFE	Farandole Tracker Song
+>>>0x31		byte/16		x	Version %d.
+>>>0x31		byte&0x0F	x	\b%02d
+>>>>0x4		string		>\0	\b, title: "%s"
+
+# magic for Klystrack, https://kometbomb.github.io/klystrack/
+# from Alex Myczko <alex@aiei.ch>
+0	string	cyd!song	Klystrack song
+>8	byte	>0		\b, version %u
+>8	byte	>26
+#>>9	byte	x		\b, channels %u
+#>>10	leshort	x		\b, time signature %u
+#>>12	leshort	x		\b, sequence step %u
+#>>14	byte	x		\b, instruments %u
+#>>15	leshort	x		\b, patterns %u
+#>>17	leshort	x		\b, sequences %u
+#>>19	leshort	x		\b, length %u
+#>>21	leshort	x		\b, loop point %u
+#>>23	byte	x		\b, master volume %u
+#>>24	byte	x		\b, song speed %u
+#>>25	byte	x		\b, song speed2 %u
+#>>26	byte	x		\b, song rate %u
+#>>27	belong	x		\b, flags %#x
+#>>31	byte	x		\b, multiplex period %u
+#>>32	byte	x		\b, pitch inaccuracy %u
+>>149	pstring	x		\b, title %s
+
+0	string	cyd!inst	Klystrack instrument
+
+# magic for WOPL instrument files, https://github.com/Wohlstand/OPL3BankEditor
+# see Specifications/WOPL-and-OPLI-Specification.txt
+
+0	string	WOPL3-INST\0	WOPL instrument
+>11	leshort	x	\b, version %u
+0	string	WOPL3-BANK\0	WOPL instrument bank
+>11	leshort	x	\b, version %u
+
+# AdLib/OPL instrument files. Format specifications on
+#  http://www.shikadi.net/moddingwiki
+0	string	Junglevision\ Patch\ File	Junglevision instrument data
+0	string	#OPL_II#	DMX OP2 instrument data
+0	string	IBK\x1a		IBK instrument data
+0	string	2OP\x1a		IBK instrument data, 2 operators
+0	string	4OP\x1a		IBK instrument data, 4 operators
+2	string	ADLIB-		AdLib instrument data
+>0	byte	x		\b, version %u
+>1	byte	x		\b.%u
+
+# CRI ADX ADPCM audio
+# Used by various Sega games.
+# https://en.wikipedia.org/wiki/ADX_(file_format)
+# https://wiki.multimedia.cx/index.php/CRI_ADX_file
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0x00		beshort		0x8000
+>(2.S-2)	string		(c)CRI		CRI ADX ADPCM audio
+!:ext adx
+!:mime audio/x-adx
+!:strength +50
+>>0x12		byte		x		v%u
+>>0x04		byte		0x02		\b, pre-set prediction coefficients
+>>0x04		byte		0x03		\b, standard ADX
+>>0x04		byte		0x04		\b, exponential scale
+>>0x04		byte		0x10		\b, AHX (Dreamcast)
+>>0x04		byte		0x11		\b, AHX
+>>0x08		belong		x		\b, %u Hz
+>>0x12		byte		0x03
+>>>0x02		beshort		>0x2B
+>>>>0x18	belong		!0		\b, looping
+>>0x12		byte		0x04
+>>>0x02		beshort		>0x37
+>>>>0x24	belong		!0		\b, looping
+>>0x13		byte&0x08	0x08		\b, encrypted
+
+# Lossless audio (.la) (http://www.lossless-audio.com/)
+0	string	LA
+>2	string	03	Lossless audio version 0.3
+>2	string	04	Lossless audio version 0.4
+
+# Sony PlayStation Audio (.xa)
+0	leshort 0x4158	Sony PlayStation Audio
+
+# Portable Sound Format
+# Used for audio rips for various consoles.
+# http://fileformats.archiveteam.org/wiki/Portable_Sound_Format
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string	PSF
+>3	byte	0x01
+>3	byte	0x02
+>3	byte	0x11
+>3	byte	0x12
+>3	byte	0x13
+>3	byte	0x21
+>3	byte	0x22
+>3	byte	0x23
+>3	byte	0x41
+>>0	string	PSF	Portable Sound Format
+!:mime	audio/x-psf
+>>>3	byte	0x01	(Sony PlayStation)
+>>>3	byte	0x02	(Sony PlayStation 2)
+>>>3	byte	0x11	(Sega Saturn)
+>>>3	byte	0x12	(Sega Dreamcast)
+>>>3	byte	0x13	(Sega Mega Drive)
+>>>3	byte	0x21	(Nintendo 64)
+>>>3	byte	0x22	(Game Boy Advance)
+>>>3	byte	0x23	(Super NES)
+>>>3	byte	0x41	(Capcom QSound)
+
+# Atari 8-bit SAP audio format
+# http://asap.sourceforge.net/sap-format.html
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		SAP\r\n	Atari 8-bit SAP audio file
+!:mime	audio/x-sap
+!:ext	sap
+>5	search/1024	NAME
+>>&1	string		x	\b: %s
+>>5	search/1024	AUTHOR
+>>>&1	string		x	by %s
+
+# Nintendo Wii BRSTM audio format (fields)
+# NOTE: Assuming HEAD starts at 0x40.
+# FIXME: Replace 0x48 with HEAD offset plus 8.
+0	name	nintendo-wii-brstm-fields
+>(0x10.L)	string	HEAD	\b:
+>>(0x10.L+0x0C)	belong	x
+>>>(&-4.L+0x48)	belong	x
+>>>>&-4		byte	0	PCM, signed 8-bit,
+>>>>&-4		byte	1	PCM, signed 16-bit,
+>>>>&-4		byte	2	THP ADPCM,
+>>>>&-3		byte	!0	looping,
+>>>>&-2		byte	1	mono
+>>>>&-2		byte	2	stereo
+>>>>&-2		byte	3	3 channels
+>>>>&-2		byte	4	quad
+>>>>&-2		byte	>4	%u channels
+>>>>&0		beshort	!0	%u Hz
+
+# Nintendo Wii BRSTM audio format
+# https://wiibrew.org/wiki/BRSTM_file
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		RSTM	Nintendo Wii BRSTM audio file
+!:mime	audio/x-brstm
+!:ext	brstm
+# Wii is big-endian, so default to BE.
+>4	beshort		0xFEFF
+>>0	use		nintendo-wii-brstm-fields
+>4	leshort		0xFEFF
+>>0	use		\^nintendo-wii-brstm-fields
+
+# Nintendo 3DS BCSTM audio format (fields)
+0	name	nintendo-3ds-bcstm-fields
+>(0x18.l)	string	INFO	\b:
+# INFO block: Stream information starts at 0x20 (minus 4 for the 'INFO' magic)
+>>&0x1C		byte	0	PCM, signed 8-bit,
+>>&0x1C		byte	1	PCM, signed 16-bit,
+>>&0x1C		byte	2	DSP ADPCM,
+>>&0x1C		byte	3	IMA ADPCM,
+>>&0x1D		byte	!0	looping,
+>>&0x1E		byte	1	mono
+>>&0x1E		byte	2	stereo
+>>&0x1E		byte	3	3 channels
+>>&0x1E		byte	4	quad
+>>&0x1E		byte	>4	%u channels
+>>&0x20		lelong	!0	%u Hz
+
+# Nintendo 3DS BCSTM audio format
+# https://www.3dbrew.org/wiki/BCSTM
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		CSTM	Nintendo 3DS BCSTM audio file
+!:mime	audio/x-bcstm
+!:ext	bcstm
+# 3DS is little-endian, so default to LE.
+>4	leshort		0xFEFF
+>>0	use		nintendo-3ds-bcstm-fields
+>4	beshort		0xFEFF
+>>0	use		\^nintendo-3ds-bcstm-fields
+
+# Nintendo Wii U BFSTM audio format
+# http://mk8.tockdom.com/wiki/BFSTM_(File_Format)
+# NOTE: This format is very similar to BCSTM.
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		FSTM	Nintendo Wii U BFSTM audio file
+!:mime	audio/x-bfstm
+!:ext	bfstm
+# BFSTM is used on both Wii U (BE) and Switch (LE),
+# so default to LE.
+>4	leshort		0xFEFF
+>>0	use		nintendo-3ds-bcstm-fields
+>4	beshort		0xFEFF
+>>0	use		\^nintendo-3ds-bcstm-fields
+
+# Nintendo 3DS BCSTM audio format (fields)
+0	name	nintendo-3ds-bcwav-fields
+>(0x18.l)	string	INFO	\b:
+# INFO block (minus 4 for INFO magic)
+>>&0x4		byte	0	PCM, signed 8-bit,
+>>&0x4		byte	1	PCM, signed 16-bit,
+>>&0x4		byte	2	DSP ADPCM,
+>>&0x4		byte	3	IMA ADPCM,
+>>&0x5		byte	!0	looping,
+>>&0x8		lelong	x	stereo
+>>&0x8		lelong	!0	%u Hz
+
+# Nintendo 3DS BCWAV audio format
+# https://www.3dbrew.org/wiki/BCWAV
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		CWAV	Nintendo 3DS BCWAV audio file
+!:mime	audio/x-bcwav
+!:ext	bcwav
+# 3DS is little-endian, so default to LE.
+>4	leshort		0xFEFF
+>>0	use		nintendo-3ds-bcwav-fields
+>4	beshort		0xFEFF
+>>0	use		\^nintendo-3ds-bcwav-fields
+
+# Philips DSDIFF audio format (Direct Stream Digital Interchange File Format)
+# Used for DSD audio recordings and Super Audio CD (SACD) mastering annotations
+# https://dsd-guide.com/sites/default/files/white-papers/DSDIFF_1.5_Spec.pdf
+# From: Toni Ruottu <toni.ruottu@iki.fi>
+0		string		FRM8
+12		string		DSD\x20		DSDIFF audio bitstream data
+!:mime		audio/x-dff
+!:ext		dff
+
+# format version chunk
+>&0		string		FVER
+# version 1
+>>&8		byte		1
+
+# v1 / sampling resolution ( 1 bit PDM only )
+>>>&0		string		x		\b, 1 bit
+
+# v1 / sound property chunk
+>>>&0		search/0xff	PROP
+>>>>&8		string		SND
+
+# v1 / sound property chunk / channel configuration chunk
+>>>>>&0		search/0xff	CHNL
+>>>>>>&8	ubeshort	1							\b, mono
+>>>>>>&8	ubeshort	2
+>>>>>>>&0	string		SLFTSRGT						\b, stereo
+>>>>>>>&0	default		x							\b, 2 channels
+>>>>>>&8	ubeshort	3
+>>>>>>>&0	string		SLFTSRGTLFE\x20						\b, 2.1 stereo
+>>>>>>>&0	string		SLFTSRGTC\x20\x20\x20					\b, 3.0 stereo
+>>>>>>>&0	default		x							\b, 3 channels
+>>>>>>&8	ubeshort	4
+>>>>>>>&0	string		MLFTMRGTLS\x20\x20RS\x20\x20				\b, 4.0 surround
+>>>>>>>&0	string		SLFTSRGTC\x20\x20\x20LFE\x20				\b, 3.1 stereo
+>>>>>>>&0	default		x							\b, 4 channels
+>>>>>>&8	ubeshort	5
+>>>>>>>&0	string		MLFTMRGTC\x20\x20\x20LS\x20\x20RS\x20\x20		\b, 5.0 surround
+>>>>>>>&0	string		MLFTMRGTLFE\x20LS\x20\x20RS\x20\x20			\b, 4.1 surround
+>>>>>>>&0	default		x							\b, 5 channels
+>>>>>>&8	ubeshort	6
+>>>>>>>&0	string		MLFTMRGTC\x20\x20\x20LFE\x20LS\x20\x20RS\x20\x20	\b, 5.1 surround
+>>>>>>>&0	default		x							\b, 6 channels
+>>>>>>&8	ubeshort	>6							\b, %u channels
+
+# v1 / sound property chunk / sample rate chunk
+>>>>>&0		search/0xff	FS\x20\x20
+>>>>>>&0	string		x		\b,
+>>>>>>&8	ubelong%44100	0
+>>>>>>>&-4	ubelong/44100	x		"DSD %u"
+>>>>>>>&-4	ubelong		x		%u Hz
+
+# v1 / sound property chunk / compression type chunk
+>>>>>&0		search/0xff	CMPR
+>>>>>>&8	string		DSD\x20		\b, no compression
+>>>>>>&8	string		DST\x20		\b, DST compression
+>>>>>>&8	default		x		\b, unknown compression
+
+# v1 / quest for metadata
+>>>&0		string		x
+
+# v1 / quest for metadata / edited master information chunk
+>>>>&0		search		DIIN
+>>>>>&0		ubequad		>0		\b, "edited master" metadata
+
+# v1 / quest for metadata / ID3 chunk ( defacto standard )
+>>>>&0		search		ID3\x20
+>>>>>&8		string		ID3		\b, ID3 version 2
+>>>>>&0		byte		x		\b.%u
+>>>>>&1		byte		x		\b.%u
+
+# v1 / quest for metadata / failure ( possibly due to -P bytes=... being too low )
+>>>>&0		default		x		\b, ID3 missing (or unreachable)
+
+# version > 1 or 0
+>>&0		default		x		\b, unknown version
+
+# Sony DSF audio format (Direct Stream Digital Stream File)
+# Used for lossless digital storage of songs produced as DSD audio
+# Portable analog of a track stored on a Super Audio CD (SACD)
+# https://dsd-guide.com/sites/default/files/white-papers/DSFFileFormatSpec_E.pdf
+# From: Toni Ruottu <toni.ruottu@iki.fi>
+0		string		DSD\x20		DSF audio bitstream data
+!:mime		audio/x-dsf
+!:ext		dsf
+
+# format chunk
+>28		string		fmt\x20
+# version 1
+>>&8		ulelong		1
+
+# v1 / sampling resolution ( 1 bit PDM only )
+# NOTE: the spec incorrectly uses "bits per sample" instead of "bits per byte"
+>>>&0		string		x		\b, 1 bit
+
+# v1 / channel configuration
+>>>>&4		ulelong		1		\b, mono
+>>>>&4		ulelong		2		\b, stereo
+>>>>&4		ulelong		3		\b, 3.0 stereo
+>>>>&4		ulelong		4		\b, 4.0 surround
+>>>>&4		ulelong		5		\b, 3.1 stereo
+>>>>&4		ulelong		6		\b, 5.0 surround
+>>>>&4		ulelong		7		\b, 5.1 surround
+>>>>&0		default		x
+>>>>>&4		ulelong		x		\b, %u channels
+
+# v1 / sample rate chunk
+>>>>&0		string		x		\b,
+>>>>&12		ulelong%44100	0
+>>>>>&-4	ulelong/44100	x		"DSD %u"
+>>>>&12		ulelong		x		%u Hz
+
+# v1 / compression
+>>>>&0		string		x
+>>>>>&0		ulelong		0		\b, no compression
+>>>>>&0		default		x		\b, unknown compression
+
+# v1 / embedded ID3v2 metadata
+>>>0		string		x 		\b, ID3
+>>>>20		ulequad		!0
+>>>>>(20.q)	string		ID3		version 2
+>>>>>>&0	byte		x		\b.%u
+>>>>>>&1	byte		x		\b.%u
+# unable to verify ID3 ( possibly due to -P bytes=... being too low )
+>>>>>&0		default		x		unreachable
+>>>>&0		default		x		missing
+
+# version > 1 or 0
+>>&0		default		x		\b, unknown version
diff --git a/magic/Magdir/avm b/magic/Magdir/avm
new file mode 100644
index 0000000..86e96d1
--- /dev/null
+++ b/magic/Magdir/avm
@@ -0,0 +1,33 @@
+
+#------------------------------------------------------------------------------
+# $File: avm,v 1.1 2020/08/28 20:37:58 christos Exp $
+# avm:  file(1) magic for avm files; this is not use
+
+# Summary:	FRITZ!Box router configuration backup
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Fritz!Box
+# Reference:	http://www.mengelke.de/Projekte/FritzBoxTools2
+# Note:		only tested with models 4040 and 6490 Cable (lgi)
+0	string		****\ FRITZ!Box\ 	FRITZ!Box configuration backup
+#!:mime	text/plain
+!:mime	application/x-avm-export
+!:ext	export
+# router model name like "4040" , "6490 Cable (lgi)" followed by " CONFIGURATION EXPORT"
+>15	string		x			of %-.4s
+# on 2nd line hashed password
+#>41	search/54	Password=		\b, password
+# on 3rd line firmware version like: 141.06.24 141.06.50 141.07.10 ... 155.06.83
+>41	search/172	FirmwareVersion=	\b, firmware version
+>>&0	string		x			%s
+# on 5th line oem like: avme lgi
+>41	search/285	OEM=			\b, oem
+>>&0	string		x			%s
+# on 7th line language like: de en
+>41	search/305	Language=		\b, language
+>>&0	string		x			%s
+# on 10th line cfg file name like: /var/tmp.cfg
+>41	search/349	tmp.cfg
+# on 11th line date inside c-comment like: Thu Jun  4 22:25:19 2015
+>>&4	string		x			\b, %s
+#
+
diff --git a/magic/Magdir/basis b/magic/Magdir/basis
new file mode 100644
index 0000000..19dd463
--- /dev/null
+++ b/magic/Magdir/basis
@@ -0,0 +1,18 @@
+
+#----------------------------------------------------------------
+# $File: basis,v 1.5 2019/04/19 00:42:27 christos Exp $
+# basis: file(1) magic for BBx/Pro5-files
+#      Oliver Dammer <dammer@olida.de>	 2005/11/07
+# https://www.basis.com business-basic-files.
+#
+0	string		\074\074bbx\076\076	BBx
+>7	string		\000			indexed file
+>7	string		\001			serial file
+>7	string		\002			keyed file
+>>13	short		0			(sort)
+>7	string		\004			program
+>>18	byte		x			(LEVEL %d)
+>>>23	string		>\000			psaved
+>7	string		\006			mkeyed file
+>>13	short		0			(sort)
+>>8	string		\000			(mkey)
diff --git a/magic/Magdir/beetle b/magic/Magdir/beetle
new file mode 100644
index 0000000..94a835c
--- /dev/null
+++ b/magic/Magdir/beetle
@@ -0,0 +1,7 @@
+#------------------------------------------------------------------------------
+# $File: beetle,v 1.2 2018/02/05 23:42:17 rrt Exp $
+# beetle:  file(1) magic for Beetle VM object files
+# https://github.com/rrthomas/beetle/
+
+# Beetle object module
+0	string		BEETLE\000	Beetle VM object file
diff --git a/magic/Magdir/ber b/magic/Magdir/ber
new file mode 100644
index 0000000..15288c6
--- /dev/null
+++ b/magic/Magdir/ber
@@ -0,0 +1,65 @@
+
+#------------------------------------------------------------------------------
+# $File: ber,v 1.2 2019/04/19 00:42:27 christos Exp $
+# ber:  file(1) magic for several BER formats used in the mobile
+# telecommunications industry (Georg Sauthoff)
+
+# The file formats are standardized by the GSMA (GSM association).
+# They are specified via ASN.1 schemas and some prose. Basic encoding
+# rules (BER) is the used encoding. The formats are used for exchanging
+# call data records (CDRs) between mobile operators and associated
+# parties for roaming clearing purposes and fraud detection.
+
+# The magic file covers:
+
+# - TAP files (TD.57) - CDR batches and notifications
+# - RAP files (TD.32) - return batches and acknowledgements
+# - NRT files (TD.35) - CDR batches for 'near real time' processing
+
+#
+# TAP 3 Files
+# TAP -> Transferred Account Procedure
+# cf. https://www.gsma.com/newsroom/wp-content/uploads/TD.57-v32.31.pdf
+# TransferBatch short tag
+0	byte	0x61
+# BatchControlInfo short tag
+>&1	search/b5	\x64
+# Sender long tag #TAP 3.x (BER encoded)
+>>&1	search/b8	\x5f\x81\x44
+# <SpecificationVersionNumber>3</><ReleaseVersionNumber> block
+>>>&64	search/b64	\x5f\x81\x49\x01\x03\x5f\x81\x3d\x01
+>>>>&0	byte	x	TAP 3.%d Batch (TD.57, Transferred Account)
+
+# Notification short tag
+0	byte	0x62
+# Sender long tag
+>2	search/b8	\x5f\x81\x44
+# <SpecificationVersionNumber>3</><ReleaseVersionNumber> block
+>>&64	search/b64	\x5f\x81\x49\x01\x03\x5f\x81\x3d\x01
+>>>&0	byte	x	TAP 3.%d Notification (TD.57, Transferred Account)
+
+
+# NRT Files
+# NRT a.k.a. NRTRDE
+0	byte	0x61
+# <SpecificationVersionNumber>2</><ReleaseVersionNumber> block
+>&1	search/b8 \x5f\x29\x01\x02\x5f\x25\x01
+>>&0	byte	x	NRT 2.%d (TD.35, Near Real Time Roaming Data Exchange)
+
+# RAP Files
+# cf. https://www.gsma.com/newsroom/wp-content/uploads/TD.32-v6.11.pdf
+# Long ReturnBatch tag
+0	string	\x7f\x84\x16
+# Long RapBatchControlInfo tag
+>&1	search/b8	\x7f\x84\x19
+# <SpecificationVersionNumber>3</><ReleaseVersionNumber> block
+>>&64	search/b64	\x5f\x81\x49\x01\x03\x5f\x81\x3d\x01
+# <RapSpecificationVersionNumber>1</><RapReleaseVersionNumber> block
+>>>&1	string/b	\x5f\x84\x20\x01\x01\x5f\x84\x1f\x01
+>>>>&0	byte	x	RAP 1.%d Batch (TD.32, Returned Account Procedure),
+>>>&0	byte	x	TAP 3.%d
+
+# Long Acknowledgement tag
+0	string \x7f\x84\x17
+# Long Sender tag
+>&1	search/b5	\x5f\x81\x44	RAP Acknowledgement (TD.32, Returned Account Procedure)
diff --git a/magic/Magdir/bflt b/magic/Magdir/bflt
new file mode 100644
index 0000000..c46b4db
--- /dev/null
+++ b/magic/Magdir/bflt
@@ -0,0 +1,14 @@
+
+#------------------------------------------------------------------------------
+# $File: bflt,v 1.5 2014/04/30 21:41:02 christos Exp $
+# bFLT: file(1) magic for BFLT uclinux binary files
+#
+# From Philippe De Muyter <phdm@macqel.be>
+#
+0	string		bFLT		BFLT executable
+>4	belong		x		- version %d
+>4	belong		4
+>>36	belong&0x1	0x1		ram
+>>36	belong&0x2	0x2		gotpic
+>>36	belong&0x4	0x4		gzip
+>>36	belong&0x8	0x8		gzdata
diff --git a/magic/Magdir/bhl b/magic/Magdir/bhl
new file mode 100644
index 0000000..6f57f03
--- /dev/null
+++ b/magic/Magdir/bhl
@@ -0,0 +1,10 @@
+
+#------------------------------------------------------------------------------
+# $File: bhl,v 1.1 2017/06/11 22:20:02 christos Exp $
+# BlockHashLoc
+# ext: bhl
+# Marco Pontello marcopon@gmail.com
+# reference: https://github.com/MarcoPon/BlockHashLoc
+0	string	BlockHashLoc\x1a	BlockHashLoc recovery info,
+>13	byte	x			version %d
+!:ext   bhl
diff --git a/magic/Magdir/bioinformatics b/magic/Magdir/bioinformatics
new file mode 100644
index 0000000..2966fa6
--- /dev/null
+++ b/magic/Magdir/bioinformatics
@@ -0,0 +1,178 @@
+
+#------------------------------------------------------------------------------
+# $File: bioinformatics,v 1.5 2019/04/19 00:42:27 christos Exp $
+# bioinfomatics:  file(1) magic for Bioinfomatics file formats
+
+###############################################################################
+# BGZF (Blocked GNU Zip Format) - gzip compatible, but also indexable
+# used by SAMtools bgzip/tabix (http://samtools.sourceforge.net/tabix.shtml)
+###############################################################################
+0	string		\037\213
+>3	byte		&0x04
+>>12	string		BC
+>>>14	leshort		&0x02	Blocked GNU Zip Format (BGZF; gzip compatible)
+>>>>16	leshort		x	\b, block length %d
+!:mime	application/x-gzip
+
+
+###############################################################################
+# Tabix index file
+# used by SAMtools bgzip/tabix (http://samtools.sourceforge.net/tabix.shtml)
+###############################################################################
+0	string	TBI\1		SAMtools TBI (Tabix index format)
+>0x04	lelong	=1		\b, with %d reference sequence
+>0x04	lelong	>1		\b, with %d reference sequences
+>0x08	lelong	&0x10000	\b, using half-closed-half-open coordinates (BED style)
+>0x08	lelong	^0x10000
+>>0x08	lelong	=0		\b, using closed and one based coordinates (GFF style)
+>>0x08	lelong	=1		\b, using SAM format
+>>0x08	lelong	=2		\b, using VCF format
+>0x0c	lelong	x		\b, sequence name column: %d
+>0x10	lelong	x		\b, region start column: %d
+>0x08	lelong	=0
+>>0x14	lelong	x		\b, region end column: %d
+>0x18	byte	x		\b, comment character: %c
+>0x1c	lelong	x		\b, skip line count: %d
+
+
+###############################################################################
+# BAM (Binary Sequence Alignment/Map format)
+# used by SAMtools (http://samtools.sourceforge.net/SAM1.pdf)
+# data is normally present only within compressed BGZF blocks (CDATA), so use file -z to examine it
+###############################################################################
+0	string	BAM\1	SAMtools BAM (Binary Sequence Alignment/Map)
+>0x04	lelong	>0
+>>&0x00 regex	=^[@]HD\t.*VN:		\b, with SAM header
+>>>&0	regex	=[0-9.]+		\b version %s
+>>&(0x04)	lelong	>0	\b, with %d reference sequences
+
+
+###############################################################################
+# BAI (BAM indexing format)
+# used by SAMtools (http://samtools.sourceforge.net/SAM1.pdf)
+###############################################################################
+0		string	BAI\1	SAMtools BAI (BAM indexing format)
+>0x04		lelong	>0	\b, with %d reference sequences
+
+
+###############################################################################
+# CRAM (Binary Sequence Alignment/Map format)
+###############################################################################
+0	string	CRAM	CRAM
+>0x04	byte	>-1	version %d.
+>0x05	byte	>-1	\b%d
+>0x06	string	>\0	(identified as %s)
+
+
+###############################################################################
+# BCF (Binary Call Format), version 1
+# used by SAMtools & VCFtools (http://vcftools.sourceforge.net/bcf.pdf)
+# data is normally present only within compressed BGZF blocks (CDATA), so use file -z to examine it
+###############################################################################
+0		string	   BCF\4
+# length of seqnm data in bytes is positive
+>&0x00		lelong	  >0
+# length of smpl data in bytes is positive
+>>&(&-0x04)	lelong	  >0			SAMtools BCF (Binary Call Format)
+# length of meta in bytes
+>>>&(&-0x04)	lelong	  >0
+# have meta text string
+>>>>&0x00	search	  ##samtoolsVersion=
+>>>>>&0x00	string	  x			\b, generated by SAMtools version %s
+
+
+###############################################################################
+# BCF (Binary Call Format), version 2.1
+# used by SAMtools (https://samtools.github.io/hts-specs/BCFv2_qref.pdf)
+# data is normally present only within compressed BGZF blocks (CDATA), so use file -z to examine it
+###############################################################################
+0		string	   BCF\2\1    Binary Call Format (BCF) version 2.1
+# length of header text
+>&0x00		lelong	  >0
+# have header string
+>>&0x00 search	  ##samtoolsVersion=
+>>>&0x00	string	  x			\b, generated by SAMtools version %s
+
+
+###############################################################################
+# BCF (Binary Call Format), version 2.2
+# used by SAMtools (https://samtools.github.io/hts-specs/BCFv2_qref.pdf)
+# data is normally present only within compressed BGZF blocks (CDATA), so use file -z to examine it
+###############################################################################
+0		string	   BCF\2\2    Binary Call Format (BCF) version 2.2
+# length of header text
+>&0x00		lelong	  >0
+# have header string
+>>&0x00 search	  ##samtoolsVersion=
+>>>&0x00	string	  x			\b, generated by SAMtools version %s
+
+###############################################################################
+# VCF (Variant Call Format)
+# used by VCFtools (http://vcftools.sourceforge.net/)
+###############################################################################
+0      search	   ##fileformat=VCFv	Variant Call Format (VCF)
+>&0    string	   x			\b version %s
+
+###############################################################################
+# FASTQ
+# used by MAQ (http://maq.sourceforge.net/fastq.shtml)
+###############################################################################
+# XXX Broken?
+# @<seqname>
+#0	regex	=^@[A-Za-z0-9_.:-]+\?\n
+# <seq>
+#>&1	regex	=^[A-Za-z\n.~]++
+# +[<seqname>]
+#>>&1	regex	=^[A-Za-z0-9_.:-]*\?\n
+# <qual>
+#>>>&1	regex	=^[!-~\n]+\n		FASTQ
+
+###############################################################################
+# FASTA
+# used by FASTA (https://fasta.bioch.virginia.edu/fasta_www2/fasta_guide.pdf)
+###############################################################################
+#0	byte	0x3e
+# q>0	regex	=^[>][!-~\t\ ]+$
+# Amino Acid codes: [A-IK-Z*-]+
+#>>1	regex	!=[!-'Jj;:=?@^`|~\\]		FASTA
+# IUPAC codes/gaps: [ACGTURYKMSWBDHVNX-]+
+# not in IUPAC codes/gaps: [EFIJLOPQZ]
+#>>>1	regex	!=[EFIJLOPQZefijlopqz]		\b, with IUPAC nucleotide codes
+#>>>1	regex	=^[EFIJLOPQZefijlopqz]+$	\b, with Amino Acid codes
+
+###############################################################################
+# SAM (Sequence Alignment/Map format)
+# used by SAMtools (http://samtools.sourceforge.net/SAM1.pdf)
+###############################################################################
+# Short-cut version to recognise SAM files with (optional) header at beginning
+###############################################################################
+0      string	   @HD\t
+>4     search	   VN:		Sequence Alignment/Map (SAM), with header
+>>&0   regex	   [0-9.]+	\b version %s
+###############################################################################
+# Longer version to recognise SAM alignment lines using (many) regexes
+###############################################################################
+# SAM Alignment QNAME
+0		regex	=^[!-?A-~]{1,255}(\t[^\t]+){11}
+# SAM Alignment FLAG
+>0		regex	=^([^\t]+\t){1}[0-9]{1,5}\t
+# SAM Alignment RNAME
+>>0		regex	=^([^\t]+\t){2}\\*|[^*=]*\t
+# SAM Alignment POS
+>>>0		regex	=^([^\t]+\t){3}[0-9]{1,9}\t
+# SAM Alignment MAPQ
+>>>>0		regex	=^([^\t]+\t){4}[0-9]{1,3}\t
+# SAM Alignment CIGAR
+>>>>>0		regex	=\t(\\*|([0-9]+[MIDNSHPX=])+)\t
+# SAM Alignment RNEXT
+>>>>>>0		regex	=\t(\\*|=|[!-()+->?-~][!-~]*)\t
+# SAM Alignment PNEXT
+>>>>>>>0	regex	=^([^\t]+\t){7}[0-9]{1,9}\t
+# SAM Alignment TLEN
+>>>>>>>>0	regex	=\t[+-]{0,1}[0-9]{1,9}\t.*\t
+# SAM Alignment SEQ
+>>>>>>>>>0	regex	=^([^\t]+\t){9}(\\*|[A-Za-z=.]+)\t
+# SAM Alignment QUAL
+>>>>>>>>>>0	regex	=^([^\t]+\t){10}[!-~]+	Sequence Alignment/Map (SAM)
+>>>>>>>>>>>0	regex	=^[@]HD\t.*VN:		\b, with header
+>>>>>>>>>>>>&0	regex	=[0-9.]+		\b version %s
diff --git a/magic/Magdir/biosig b/magic/Magdir/biosig
new file mode 100644
index 0000000..7d41713
--- /dev/null
+++ b/magic/Magdir/biosig
@@ -0,0 +1,154 @@
+
+##############################################################################
+#
+#    Magic ids for biomedical signal file formats 
+#    Copyright (C) 2018 Alois Schloegl <alois.schloegl@gmail.com>
+#
+#    The list has been derived from biosig projects
+#      http://biosig.sourceforge.net
+#      https://pub.ist.ac.at/~schloegl/matlab/eeg/
+#      https://pub.ist.ac.at/~schloegl/biosig/TESTED
+#
+##############################################################################
+#
+0	string  ABF\x20					Biosig/Axon Binary format
+!:mime biosig/abf2
+0	string  ABF2\0\0				Biosig/Axon Binary format
+!:mime biosig/abf2
+#
+0	string  ATES\x20MEDICA\x20SOFT.\x20EEG\x20for\x20Windows	Biosig/ATES MEDICA SOFT. EEG for Windows
+!:mime biosig/ates
+#
+0	string  ATF\x09					Biosig/Axon Text format
+!:mime biosig/atf
+#
+0	string  ADU1					Biosig/Axona file format
+!:mime biosig/axona
+0	string  ADU2					Biosig/Axona file format
+!:mime biosig/axona
+#
+0	string  ALPHA-TRACE-MEDICAL			Biosig/alpha trace 
+!:mime biosig/alpha
+#
+0       string  AxGr					Biosig/AXG
+0       string  axgx					Biosig/AXG
+!:mime biosig/axg
+#
+0	string  HeaderLen=				Biosig/BCI2000
+0	string  BCI2000V				Biosig/BCI2000
+!:mime biosig/bci2000
+#
+### Specification: https://www.biosemi.com/faq/file_format.htm
+0	string  \xffBIOSEMI				Biosig/Biosemi data format
+!:mime biosig/bdf
+#
+0	string  Brain\x20Vision\x20Data\x20Exchange\x20Header\x20File			Biosig/Brainvision data file
+0	string  Brain\x20Vision\x20V-Amp\x20Data\x20Header\x20File\x20Version		Biosig/Brainvision V-Amp file
+0	string  Brain\x20Vision\x20Data\x20Exchange\x20Marker\x20File,\x20Version	Biosig/Brainvision Marker file
+!:mime biosig/brainvision
+#
+0	string  CEDFILE					Biosig/CFS: Cambridge Electronic devices File format 
+!:mime biosig/ced
+#
+### Specification: https://www.edfplus.info/specs/index.html
+0	string	0\x20\x20\x20\x20\x20\x20\x20		Biosig/EDF: European Data format
+!:mime biosig/edf
+#
+### Specifications: https://arxiv.org/abs/cs/0608052
+0	string  GDF					Biosig/GDF: General data format for biosignals
+!:mime biosig/gdf
+#
+0	string  DATA\0\0\0\0				Biosig/Heka Patchmaster
+0	string  DAT1\0\0\0\0				Biosig/Heka Patchmaster
+0	string  DAT2\0\0\0\0				Biosig/Heka Patchmaster
+!:mime biosig/heka
+#
+0	string  (C)\x20CED\x2087			Biosig/CED SMR 
+!:mime biosig/ced-smr
+#
+0	string  CFWB\1\0\0\0				Biosig/CFWB
+!:mime biosig/cfwb
+#
+0	string  DEMG					Biosig/DEMG
+!:mime biosig/demg
+#
+0	string  EBS\x94\x0a\x13\x1a\x0d			Biosig/EBS
+!:mime biosig/ebs
+#
+0	string  Embla\x20data\x20file			Biosig/Embla
+!:mime biosig/embla
+#
+0	string  Header\r\nFile Version			Biosig/ETG4000
+!:mime biosig/etg4000
+#
+0	string  GALILEO\x20EEG\x20TRACE\x20FILE		Biosig/Galileo 
+!:mime biosig/galileo
+#
+0	string  IGOR					Biosig/IgorPro ITX file
+!:mime biosig/igorpro
+#
+#	Specification: http://www.ampsmedical.com/uploads/2017-12-7/The_ISHNE_Format.pdf
+0	string  ISHNE1.0				Biosig/ISHNE
+!:mime biosig/ishne
+#
+# 	CEN/ISO 11073/22077 series, http://www.mfer.org/en/document.htm
+0	string  @\x20\x20MFER\x20			Biosig/MFER
+0	string  @\x20MFR\x20				Biosig/MFER
+!:mime biosig/mfer
+#
+0	string  NEURALEV				Biosig/NEV
+0	string  N.EV.\0					Biosig/NEV
+!:mime biosig/nev
+#
+0	string  NEX1					Biosig/NEX
+!:mime biosig/nex1
+#
+0	string  PLEX 					Biosig/Plexon v1.0
+10	string  PLEXON 					Biosig/Plexon v2.0
+!:mime biosig/plexon
+#
+0	string  \x02\x27\x91\xC6			Biosig/RHD2000: Intan RHD2000 format
+#
+#	Specification: CEN 1064:2005/ISO 11073:91064
+16	string  SCPECG\0\0 				Biosig/SCP-ECG format CEN 1064:2005/ISO 11073:91064
+!:mime biosig/scpecg
+#
+0	string  IAvSFo									Biosig/SIGIF
+!:mime biosig/sigif
+#
+0	string  POLY\x20SAMPLE\x20FILEversion\x20					Biosig/TMS32
+!:mime biosig/tms32
+#
+0	string  FileId=TMSi\x20PortiLab\x20sample\x20log\x20file\x0a\x0dVersion=	Biosig/TMSiLOG
+!:mime biosig/tmsilog
+#
+4	string	Synergy\0\48\49\50\46\48\48\51\46\48\48\48\46\48\48\48\0\28\0\0\0\2\0\0\0
+>63	string	CRawDataElement
+>>85	string	CRawDataBuffer								Biosig/SYNERGY
+!:mime biosig/synergy
+#
+4	string	\40\0\4\1\44\1\102\2\146\3\44\0\190\3					Biosig/UNIPRO
+!:mime biosig/unipro
+#
+0	string	VER=9\r\nCTIME=								Biosig/WCP
+!:mime biosig/wcp
+#
+0	string	\xAF\xFE\xDA\xDA							Biosig/Walter Graphtek
+0	string	\xDA\xDA\xFE\xAF							Biosig/Walter Graphtek
+0	string	\x55\x55\xFE\xAF							Biosig/Walter Graphtek
+!:mime biosig/walter-graphtek
+#
+0	string  V3.0\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20
+>32	string  [PatInfo]								Biosig/Sigma
+!:mime biosig/sigma
+#
+0	string  \067\069\078\013\010\0x1a\04\0x84					Biosig/File exchange format (FEF)
+!:mime biosig/fef
+0	string  \67\69\78\0x13\0x10\0x1a\4\0x84						Biosig/File exchange format (FEF)
+!:mime biosig/fef
+#
+0	string  \0\0\0\x64\0\0\0\x1f\0\0\0\x14\0\0\0\0\0\1
+>36  	string  \0\0\0\x65\0\0\0\3\0\0\0\4\0\0
+>>56	string  \0\0\0\x6a\0\0\0\3\0\0\0\4\0\0\0\0\xff\xff\xff\xff\0\0			Biosig/FIFF
+!:mime biosig/fiff
+#
diff --git a/magic/Magdir/blackberry b/magic/Magdir/blackberry
new file mode 100644
index 0000000..2e38a54
--- /dev/null
+++ b/magic/Magdir/blackberry
@@ -0,0 +1,8 @@
+
+#------------------------------------------------------------------------------
+# $File: blackberry,v 1.2 2017/03/17 21:35:28 christos Exp $
+# blackberry:  file(1) magic for BlackBerry file formats
+#
+5	belong	0
+>8	belong  010010010	BlackBerry RIM ETP file
+>>22	string	x		\b for %s
diff --git a/magic/Magdir/blcr b/magic/Magdir/blcr
new file mode 100644
index 0000000..d2f901a
--- /dev/null
+++ b/magic/Magdir/blcr
@@ -0,0 +1,25 @@
+# Berkeley Lab Checkpoint Restart (BLCR) checkpoint context files
+# https://ftg.lbl.gov/checkpoint
+0	string	C\0\0\0R\0\0\0	BLCR
+>16	lelong	1	x86
+>16	lelong	3	alpha
+>16	lelong	5	x86-64
+>16	lelong	7	ARM
+>8	lelong	x	context data (little endian, version %d)
+# Uncomment the following only of your "file" program supports "search"
+#>0	search/1024	VMA\06	for kernel
+#>>&1	byte	x	%d.
+#>>&2	byte	x	%d.
+#>>&3	byte	x	%d
+0	string	\0\0\0C\0\0\0R	BLCR
+>16	belong	2	SPARC
+>16	belong	4	ppc
+>16	belong	6	ppc64
+>16	belong	7	ARMEB
+>16	belong	8	SPARC64
+>8	belong	x	context data (big endian, version %d)
+# Uncomment the following only of your "file" program supports "search"
+#>0	search/1024	VMA\06	for kernel
+#>>&1	byte	x	%d.
+#>>&2	byte	x	\b%d.
+#>>&3	byte	x	\b%d
diff --git a/magic/Magdir/blender b/magic/Magdir/blender
new file mode 100644
index 0000000..5a89711
--- /dev/null
+++ b/magic/Magdir/blender
@@ -0,0 +1,50 @@
+
+#------------------------------------------------------------------------------
+# $File: blender,v 1.9 2022/12/21 15:53:27 christos Exp $
+# blender: file(1) magic for Blender 3D related files
+#
+# Native format rule v1.2. For questions use the developers list
+# https://lists.blender.org/mailman/listinfo/bf-committers
+# GLOB chunk was moved near start and provides subversion info since 2.42
+# Update:	Joerg Jenderek
+# URL: 		http://fileformats.archiveteam.org/wiki/BLEND
+#		http://www.blender.org/
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/b/blend.trid.xml
+#		http://formats.kaitai.io/blender_blend/index.html
+# Note:		called "Blender 3D data" by TrID
+#		and gzip compressed variant handled by ./compress
+0		string	=BLENDER	Blender3D,
+#!:mime		application/octet-stream
+!:mime		application/x-blender
+!:ext		blend
+# no sample found with extension blender
+#!:ext		blend/blender
+>7		string	=_		saved as 32-bits
+>>8		string	=v		little endian
+>>>9		byte	x		with version %c.
+>>>10		byte	x		\b%c
+>>>11		byte	x		\b%c
+>>>0x40		string	=GLOB		\b.
+>>>>0x58	leshort	x		\b%.4d
+>>8		string	=V		big endian
+>>>9		byte	x		with version %c.
+>>>10		byte	x		\b%c
+>>>11		byte	x		\b%c
+>>>0x40		string	=GLOB		\b.
+>>>>0x58	beshort	x		\b%.4d
+>7		string	=-		saved as 64-bits
+>>8		string	=v		little endian
+>>9		byte	x		with version %c.
+>>10		byte	x		\b%c
+>>11		byte	x		\b%c
+>>0x44		string	=GLOB		\b.
+>>>0x60		leshort	x		\b%.4d
+>>8		string	=V		big endian
+>>>9		byte	x		with version %c.
+>>>10		byte	x		\b%c
+>>>11		byte	x		\b%c
+>>>0x44		string	=GLOB		\b.
+>>>>0x60	beshort	x		\b%.4d
+
+# Scripts that run in the embedded Python interpreter
+0		string	#!BPY		Blender3D BPython script
diff --git a/magic/Magdir/blit b/magic/Magdir/blit
new file mode 100644
index 0000000..5ce7870
--- /dev/null
+++ b/magic/Magdir/blit
@@ -0,0 +1,24 @@
+
+#------------------------------------------------------------------------------
+# $File: blit,v 1.9 2021/07/03 14:01:46 christos Exp $
+# blit:  file(1) magic for 68K Blit stuff as seen from 680x0 machine
+#
+# Note that this 0407 conflicts with several other a.out formats...
+#
+# XXX - should this be redone with "be" and "le", so that it works on
+# little-endian machines as well?  If so, what's the deal with
+# "VAX-order" and "VAX-order2"?
+#
+#0	long		0407		68K Blit (standalone) executable
+#0	short		0407		VAX-order2 68K Blit (standalone) executable
+0	short		03401		VAX-order 68K Blit (standalone) executable
+0	long		0406		68k Blit mpx/mux executable
+0	short		0406		VAX-order2 68k Blit mpx/mux executable
+# GRR: line below is too general as it matches also TTComp archive, ASCII, 4K handled by ./archive
+0	short		03001		VAX-order 68k Blit mpx/mux executable
+# TODO:
+# skip TTComp archive, ASCII, 4K by looking for executable keyword like main
+#>0	search/5536	main\0		VAX-order 68k Blit mpx/mux executable
+# Need more values for WE32 DMD executables.
+# Note that 0520 is the same as COFF
+#0	short		0520		tty630 layers executable
diff --git a/magic/Magdir/bm b/magic/Magdir/bm
new file mode 100644
index 0000000..a9a1d5b
--- /dev/null
+++ b/magic/Magdir/bm
@@ -0,0 +1,10 @@
+
+#------------------------------------------------------------------------------
+# $File: bm,v 1.2 2021/03/14 16:56:51 christos Exp $
+# bm:  file(1) magic for "Birtual Machine", cf. https://github.com/tsoding/bm
+
+0	string	bm\001\244	Birtual Machine
+>4	leshort	x		\b, version %d
+>6	lelong	x		\b, program size %u
+>14	lelong	x		\b, memory size %u
+>22	lelong	x		\b, memory capacity %u
diff --git a/magic/Magdir/bout b/magic/Magdir/bout
new file mode 100644
index 0000000..693cc2a
--- /dev/null
+++ b/magic/Magdir/bout
@@ -0,0 +1,11 @@
+
+#------------------------------------------------------------------------------
+# $File: bout,v 1.5 2009/09/19 16:28:08 christos Exp $
+# i80960 b.out objects and archives
+#
+0	long		0x10d		i960 b.out relocatable object
+>16	long		>0		not stripped
+#
+# b.out archive (hp-rt on i960)
+0	string		=!<bout>	b.out archive
+>8	string		__.SYMDEF	random library
diff --git a/magic/Magdir/bsdi b/magic/Magdir/bsdi
new file mode 100644
index 0000000..8499b0c
--- /dev/null
+++ b/magic/Magdir/bsdi
@@ -0,0 +1,33 @@
+
+#------------------------------------------------------------------------------
+# $File: bsdi,v 1.7 2014/03/29 15:40:34 christos Exp $
+# bsdi:  file(1) magic for BSD/OS (from BSDI) objects
+# Some object/executable formats use the same magic numbers as are used
+# in other OSes; those are handled by entries in aout.
+#
+
+0	lelong		0314		386 compact demand paged pure executable
+>16	lelong		>0		not stripped
+>32	byte		0x6a		(uses shared libs)
+
+# same as in SunOS 4.x, except for static shared libraries
+0	belong&077777777	0600413		SPARC demand paged
+>0	byte		&0x80
+>>20	belong		<4096		shared library
+>>20	belong		=4096		dynamically linked executable
+>>20	belong		>4096		dynamically linked executable
+>0	byte		^0x80		executable
+>16	belong		>0		not stripped
+>36	belong		0xb4100001	(uses shared libs)
+
+0	belong&077777777	0600410		SPARC pure
+>0	byte		&0x80		dynamically linked executable
+>0	byte		^0x80		executable
+>16	belong		>0		not stripped
+>36	belong		0xb4100001	(uses shared libs)
+
+0	belong&077777777	0600407		SPARC
+>0	byte		&0x80		dynamically linked executable
+>0	byte		^0x80		executable
+>16	belong		>0		not stripped
+>36	belong		0xb4100001	(uses shared libs)
diff --git a/magic/Magdir/bsi b/magic/Magdir/bsi
new file mode 100644
index 0000000..87e0fec
--- /dev/null
+++ b/magic/Magdir/bsi
@@ -0,0 +1,10 @@
+# Chiasmus is an encryption standard developed by the German Federal
+# Office for Information Security (Bundesamt fuer Sicherheit in der
+# Informationstechnik).
+
+# https://www.bsi.bund.de/EN/Topics/OtherTopics/Chiasmus/Chiasmus_node.html
+0	string		XIA1\r		Chiasmus Encrypted data
+!:ext xia
+
+0	string	XIS	Chiasmus key
+!:ext xis
diff --git a/magic/Magdir/btsnoop b/magic/Magdir/btsnoop
new file mode 100644
index 0000000..d72daad
--- /dev/null
+++ b/magic/Magdir/btsnoop
@@ -0,0 +1,13 @@
+
+#------------------------------------------------------------------------------
+# $File: btsnoop,v 1.5 2009/09/19 16:28:08 christos Exp $
+# BTSnoop:  file(1) magic for BTSnoop files
+#
+# From <marcel@holtmann.org>
+0	string		btsnoop\0		BTSnoop
+>8	belong		x			version %d,
+>12	belong		1001			Unencapsulated HCI
+>12	belong		1002			HCI UART (H4)
+>12	belong		1003			HCI BCSP
+>12	belong		1004			HCI Serial (H5)
+>>12	belong		x			type %d
diff --git a/magic/Magdir/burp b/magic/Magdir/burp
new file mode 100644
index 0000000..460d18c
--- /dev/null
+++ b/magic/Magdir/burp
@@ -0,0 +1,7 @@
+
+#------------------------------------------------------------
+# $File: burp,v 1.1 2022/07/04 17:15:09 christos Exp $
+# Burp file, I don't know the version
+#------------------------------------------------------------
+# From wof (wof@stachelkaktus.net)
+0	bequad	0x6685828000000001	Burp project save file
diff --git a/magic/Magdir/bytecode b/magic/Magdir/bytecode
new file mode 100644
index 0000000..dca961c
--- /dev/null
+++ b/magic/Magdir/bytecode
@@ -0,0 +1,41 @@
+
+#------------------------------------------------------------
+# $File: bytecode,v 1.5 2023/02/20 16:25:05 christos Exp $
+# magic for various bytecodes
+
+# From: Mikhail Gusarov <dottedmag@dottedmag.net>
+# NekoVM (https://nekovm.org/) bytecode
+0	string		NEKO	NekoVM bytecode
+>4	lelong		x	(%d global symbols,
+>8	lelong		x	%d global fields,
+>12	lelong		x	%d bytecode ops)
+!:mime	application/x-nekovm-bytecode
+
+# https://www.iana.org/assignments/media-types/application/vnd.resilient.logic
+# From: Benedikt Muessig <benedikt@resilient-group.de>
+0	belong		0x07524c4d	Resilient Logic bytecode
+!:mime	application/vnd.resilient.logic
+>4	byte/16		x	\b, version %d
+>4	byte&0x0f	x	\b.%d
+
+# Guile file magic from <dalepsmith@gmail.com>
+# https://www.gnu.org/s/guile/
+# https://git.savannah.gnu.org/gitweb/?p=guile.git;f=libguile/_scm.h;hb=HEAD#l250
+
+0	string	GOOF----	Guile Object
+>8	string	LE		\b, little endian
+>8	string	BE		\b, big endian
+>11	string	4		\b, 32bit
+>11	string	8		\b, 64bit
+>13	regex	.\\..		\b, bytecode v%s
+
+# Racket file magic
+# From: Haelwenn (lanodan) Monnier <contact+libmagic@hacktivis.me>
+# https://racket-lang.org/
+# https://github.com/racket/racket/blob/master/racket/src/expander/compile/write-linklet.rkt
+0	string	#~
+>&0	pstring	x
+>>&0	pstring	racket
+>>>0	string	#~	Racket bytecode
+>>>>&0	pstring	x       (version %s)
+
diff --git a/magic/Magdir/c-lang b/magic/Magdir/c-lang
new file mode 100644
index 0000000..6e375a0
--- /dev/null
+++ b/magic/Magdir/c-lang
@@ -0,0 +1,110 @@
+#------------------------------------------------------------------------------
+# $File: c-lang,v 1.32 2023/06/16 19:57:19 christos Exp $
+# c-lang:  file(1) magic for C and related languages programs
+#
+# The strength is to beat standard HTML
+
+# BCPL
+0	search/8192	"libhdr"	BCPL source text
+!:mime	text/x-bcpl
+0	search/8192	"LIBHDR"	BCPL source text
+!:mime	text/x-bcpl
+
+# C
+# Check for class if include is found, otherwise class is beaten by include because of lowered strength
+0	search/8192	#include
+>0	regex	\^#include			C
+>>0	regex	\^class[[:space:]]+
+>>>&0	regex 	\\{[\.\*]\\}(;)?$			\b++
+>>&0	clear	x				source text
+!:strength + 15
+!:mime	text/x-c
+0	search/8192	pragma
+>0	regex	\^#[[:space:]]*pragma	C source text
+!:mime	text/x-c
+0	search/8192	endif
+>0	regex	\^#[[:space:]]*(if\|ifn)def
+>>&0	regex	\^#[[:space:]]*endif$	C source text
+!:mime	text/x-c
+0	search/8192	define
+>0	regex	\^#[[:space:]]*(if\|ifn)def
+>>&0	regex	\^#[[:space:]]*define	C source text
+!:mime	text/x-c
+0	search/8192	char
+>0	regex	\^[[:space:]]*char(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
+!:mime	text/x-c
+0	search/8192	double
+>0	regex	\^[[:space:]]*double(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
+!:mime	text/x-c
+0	search/8192	extern
+>0	regex	\^[[:space:]]*extern[[:space:]]+		C source text
+!:mime	text/x-c
+0	search/8192	float
+>0	regex	\^[[:space:]]*float(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
+!:mime	text/x-c
+0	search/8192	struct
+>0	regex	\^struct[[:space:]]+		C source text
+!:mime	text/x-c
+0	search/8192	union
+>0	regex	\^union[[:space:]]+		C source text
+!:mime	text/x-c
+0	search/8192	main(
+>&0	search/64	String			Java source text
+!:mime	text/x-java
+>&0	default		x
+>>&0 regex	\\)[[:space:]]*\\{		C source text
+!:mime	text/x-c
+
+# C++
+# The strength of these rules is increased so they beat the C rules above
+0	search/8192	namespace
+>0	regex	\^namespace[[:space:]]+[_[:alpha:]]{1,30}[[:space:]]*\\{	C++ source text
+!:strength + 30
+!:mime	text/x-c++
+# using namespace [namespace] or using std::[lib]
+0	search/8192	using
+>0	regex	\^using[[:space:]]+(namespace\ )?std(::)?[[:alpha:]]*[[:space:]]*;		C++ source text
+!:strength + 30
+!:mime	text/x-c++
+0	search/8192	template
+>0	regex	\^[[:space:]]*template[[:space:]]*<.*>[[:space:]]*$	C++ source text
+!:strength + 30
+!:mime	text/x-c++
+0	search/8192	virtual
+>0	regex	\^[[:space:]]*virtual[[:space:]]+.*[};][[:space:]]*$		C++ source text
+!:strength + 30
+!:mime	text/x-c++
+# But class alone is reduced to avoid beating php (Jens Schleusener)
+0	search/8192	class
+>0	regex	\^[[:space:]]*class[[:space:]]+[[:digit:][:alpha:]:_]+[[:space:]]*\\{(.*[\n]*)*\\}(;)?$		C++ source text
+!:strength + 13
+!:mime	text/x-c++
+0	search/8192	public
+>0	regex	\^[[:space:]]*public:		C++ source text
+!:strength + 30
+!:mime	text/x-c++
+0	search/8192	private
+>0	regex	\^[[:space:]]*private:		C++ source text
+!:strength + 30
+!:mime	text/x-c++
+0	search/8192	protected
+>0	regex	\^[[:space:]]*protected:	C++ source text
+!:strength + 30
+!:mime	text/x-c++
+
+# Objective-C
+0	search/8192	#import
+>0	regex	\^#import[[:space:]]+["<]	Objective-C source text
+!:strength + 25
+!:mime	text/x-objective-c
+
+# From: Mikhail Teterin <mi@aldan.algebra.com>
+0	string		cscope		cscope reference data
+>7	string		x		version %.2s
+# We skip the path here, because it is often long (so file will
+# truncate it) and mostly redundant.
+# The inverted index functionality was added some time between
+# versions 11 and 15, so look for -q if version is above 14:
+>7	string		>14
+>>10	search/100	\ -q\ 		with inverted index
+>10	search/100	\ -c\ 		text (non-compressed)
diff --git a/magic/Magdir/c64 b/magic/Magdir/c64
new file mode 100644
index 0000000..6c87320
--- /dev/null
+++ b/magic/Magdir/c64
@@ -0,0 +1,549 @@
+
+#------------------------------------------------------------------------------
+# $File: c64,v 1.14 2023/06/16 19:24:06 christos Exp $
+# c64:  file(1) magic for various commodore 64 related files
+#
+# From: Dirk Jagdmann <doj@cubic.org>
+
+0x16500	belong		0x12014100	D64 Image
+0x16500	belong		0x12014180	D71 Image
+0x61800 belong		0x28034400	D81 Image
+0	belong		0x43154164	X64 Image
+
+# C64 (and other CBM) cartridges
+# Extended by David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://vice-emu.sourceforge.io/vice_17.html#SEC391
+
+0	string		C64\40CARTRIDGE	Commodore 64 cartridge
+>0x20	ubyte	0	\b,
+>0x20	ubyte	!0
+>>0x20	string/T	x	\b: "%.32s",
+>0x16	beshort	0
+>>0x18	beshort	0x0000	16 KB game
+>>0x18	beshort	0x0001	8 KB game
+>>0x18	beshort	0x0100	UltiMax mode
+>>0x18	beshort	0x0101	RAM/disabled
+>0x16	beshort	1	Action Replay
+>0x16	beshort	2	KCS Power Cartridge
+>0x16	beshort	3	Final Cartridge III
+>0x16	beshort	4	Simons' BASIC
+>0x16	beshort	5	Ocean type 1
+>0x16	beshort	6	Expert Cartridge
+>0x16	beshort	7	Fun Play, Power Play
+>0x16	beshort	8	Super Games
+>0x16	beshort	9	Atomic Power
+>0x16	beshort	10	Epyx Fastload
+>0x16	beshort	11	Westermann Learning
+>0x16	beshort	12	Rex Utility
+>0x16	beshort	13	Final Cartridge I
+>0x16	beshort	14	Magic Formel
+>0x16	beshort	15	C64 Game System, System 3
+>0x16	beshort	16	Warp Speed
+>0x16	beshort	17	Dinamic
+>0x16	beshort	18	Zaxxon / Super Zaxxon (Sega)
+>0x16	beshort	19	Magic Desk, Domark, HES Australia
+>0x16	beshort	20	Super Snapshot V5
+>0x16	beshort	21	Comal-80
+>0x16	beshort	22	Structured BASIC
+>0x16	beshort	23	Ross
+>0x16	beshort	24	Dela EP64
+>0x16	beshort	25	Dela EP7x8
+>0x16	beshort	26	Dela EP256
+>0x16	beshort	27	Rex EP256
+>0x16	beshort	28	Mikro Assembler
+>0x16	beshort	29	Final Cartridge Plus
+>0x16	beshort	30	Action Replay 4
+>0x16	beshort	31	Stardos
+>0x16	beshort	32	EasyFlash
+>0x16	beshort	33	EasyFlash Xbank
+>0x16	beshort	34	Capture
+>0x16	beshort	35	Action Replay 3
+>0x16	beshort	36
+>>0x1A	ubyte	1	Nordic Replay
+>>0x1A	ubyte	!1	Retro Replay
+>0x16	beshort	37	MMC64
+>0x16	beshort	38	MMC Replay
+>0x16	beshort	39	IDE64
+>0x16	beshort	40	Super Snapshot V4
+>0x16	beshort	41	IEEE-488
+>0x16	beshort	42	Game Killer
+>0x16	beshort	43	Prophet64
+>0x16	beshort	44	EXOS
+>0x16	beshort	45	Freeze Frame
+>0x16	beshort	46	Freeze Machine
+>0x16	beshort	47	Snapshot64
+>0x16	beshort	48	Super Explode V5.0
+>0x16	beshort	49	Magic Voice
+>0x16	beshort	50	Action Replay 2
+>0x16	beshort	51	MACH 5
+>0x16	beshort	52	Diashow-Maker
+>0x16	beshort	53	Pagefox
+>0x16	beshort	54	Kingsoft
+>0x16	beshort	55	Silverrock 128K Cartridge
+>0x16	beshort	56	Formel 64
+>0x16	beshort	57
+>>0x1A	ubyte	1	Hucky
+>>0x1A	ubyte	!1	RGCD
+>0x16	beshort	58	RR-Net MK3
+>0x16	beshort	59	EasyCalc
+>0x16	beshort	60	GMod2
+>0x16	beshort	61	MAX Basic
+>0x16	beshort	62	GMod3
+>0x16	beshort	63	ZIPP-CODE 48
+>0x16	beshort	64	Blackbox V8
+>0x16	beshort	65	Blackbox V3
+>0x16	beshort	66	Blackbox V4
+>0x16	beshort	67	REX RAM-Floppy
+>0x16	beshort	68	BIS-Plus
+>0x16	beshort	69	SD-BOX
+>0x16	beshort	70	MultiMAX
+>0x16	beshort	71	Blackbox V9
+>0x16	beshort	72	Lt. Kernal Host Adaptor
+>0x16	beshort	73	RAMLink
+>0x16	beshort	74	H.E.R.O.
+>0x16	beshort	75	IEEE Flash! 64
+>0x16	beshort	76	Turtle Graphics II
+>0x16	beshort	77	Freeze Frame MK2
+
+0	string		C128\40CARTRIDGE	Commodore 128 cartridge
+>0x20	ubyte	0	\b,
+>0x20	ubyte	!0
+>>0x20	string/T	x	\b: "%.32s",
+>0x16	beshort	0	generic cartridge
+>0x16	beshort	1	Warpspeed128
+>>0x1A	ubyte	1	\b, REU support
+>>0x1A	ubyte	2	\b, REU support, with I/O and ROM banking
+
+0	string		CBM2\40CARTRIDGE	Commodore CBM-II cartridge
+>0x20	ubyte	!0
+>>0x20	string/T	x	\b: "%.32s"
+
+0	string		VIC20\40CARTRIDGE	Commodore VIC-20 cartridge
+>0x20	ubyte	0	\b,
+>0x20	ubyte	!0
+>>0x20	string/T	x	\b: "%.32s",
+>0x16	beshort	0	generic cartridge
+>0x16	beshort	1	Mega-Cart
+>0x16	beshort	2	Behr Bonz
+>0x16	beshort	3	Vic Flash Plugin
+>0x16	beshort	4	UltiMem
+>0x16	beshort	5	Final Expansion
+
+0	string		PLUS4\40CARTRIDGE	Commodore 16/Plus4 cartridge
+>0x20	ubyte	!0
+>>0x20	string/T	x	\b: "%.32s"
+
+
+# DreamLoad archives see:
+# https://www.lemon64.com/forum/viewtopic.php?t=37415\
+# &sid=494dc2ca91289e05dadf80a7f8a968fe (at the bottom).
+# https://www.c64-wiki.com/wiki/DreamLoad.
+# Example HVSC Commodore 64 music collection:
+# https://kohina.duckdns.org/HVSC/C64Music/10_Years_HVSC.dfi
+
+0	byte	0
+>1	string	DREAMLOAD\40FILE\40ARCHIVE
+>>0x17	byte	0	DFI Image
+>>>0x1a	leshort	x	version: %d.
+>>>0x18	leshort	x	\b%d
+>>>0x1c	lelong	x	tracks: %d
+
+0	string		GCR-1541	GCR Image
+>8	byte		x		version: %i
+>9	byte		x		tracks: %i
+
+9	string		PSUR		ARC archive (c64)
+2	string		-LH1-		LHA archive (c64)
+
+0	string		C64File		PC64 Emulator file
+>8	string		>\0		"%s"
+0	string		C64Image	PC64 Freezer Image
+
+0	beshort		0x38CD		C64 PCLink Image
+0	string		CBM\144\0\0	Power 64 C64 Emulator Snapshot
+
+0	belong		0xFF424CFF	WRAptor packer (c64)
+
+0	string		C64S\x20tape\x20file	T64 tape Image
+>32	leshort		x		Version:%#x
+>36	leshort		!0		Entries:%i
+>40	string		x		Name:%.24s
+
+0	string		C64\x20tape\x20image\x20file\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0	T64 tape Image
+>32	leshort		x		Version:%#x
+>36	leshort		!0		Entries:%i
+>40	string		x		Name:%.24s
+
+0	string		C64S\x20tape\x20image\x20file\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0	T64 tape Image
+>32	leshort		x		Version:%#x
+>36	leshort		!0		Entries:%i
+>40	string		x		Name:%.24s
+
+# Raw tape file format (.tap files)
+# Esa Hyyti <esa@netlab.tkk.fi>
+0	string		C64-TAPE-RAW	C64 Raw Tape File (.tap),
+>0x0c	byte		x		Version:%u,
+>0x10	lelong		x		Length:%u cycles
+
+# magic for Goattracker2, http://covertbitops.c64.org/
+# from Alex Myczko <alex@aiei.ch>
+0	string		GTS5		GoatTracker 2 song
+>4	string		>\0		\b, "%s"
+>36	string		>\0		\b by %s
+>68	string		>\0		\b (C) %s
+>100	byte		>0		\b, %u subsong(s)
+
+# CBM BASIC (cc65 compiled)
+# Summary:	binary executable or Basic program for Commodore C64 computers
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Commodore_BASIC_tokenized_file
+# Reference:	https://www.c64-wiki.com/wiki/BASIC_token
+#		https://github.com/thezerobit/bastext/blob/master/bastext.doc
+#		http://mark0.net/download/triddefs_xml.7z/defs/p/prg-c64.trid.xml
+# TODO:		unify Commodore BASIC/program sub routines
+# Note:		"PUCrunch archive data" moved from ./archive and merged with c64-exe
+0	leshort		0x0801
+# display Commodore C64 BASIC program (strength=50) after "Lynx archive" (strength=330) handled by ./archive
+#!:strength +0
+# if first token is not SYS this implies BASIC program in most cases
+>6		ubyte		!0x9e
+# but sELF-ExTRACTING-zIP executable unzp6420.prg contains SYS token at end of second BASIC line (at 0x35)
+>>23		search/30	\323ELF-E\330TRACTING-\332IP
+>>>0		use		c64-exe
+>>23		default		x
+>>>0		use		c64-prg
+# if first token is SYS this implies binary executable
+>6		ubyte		=0x9e
+>>0		use		c64-exe
+# display information about C64 binary executable (memory address, line number, token)
+0	name	c64-exe
+>0		uleshort	x	Commodore C64
+# http://a1bert.kapsi.fi/Dev/pucrunch/
+# start address 0801h; next offset 080bh; BASIC line number is 239=00EFh; BASIC instruction is SYS 2061
+# the above combination appartly also occur for other Commodore programs like: gunzip111.c64.prg
+# and there exist PUCrunch archive for other machines like C16 with other magics
+>0		string	\x01\x08\x0b\x08\xef\x00\x9e\x32\x30\x36\x31	program, probably PUCrunch archive data
+!:mime	application/x-compress-pucrunch
+!:ext	prg/pck
+>0		string	!\x01\x08\x0b\x08\xef\x00\x9e\x32\x30\x36\x31	program
+!:mime	application/x-commodore-exec
+!:ext	prg/
+# start address like: 801h
+>0		uleshort	!0x0801	\b, start address %#4.4x
+# 1st BASIC fragment
+>2		use		basic-line
+# jump to 1 byte before next BASIC fragment; this must be zero-byte marking the end of line
+>(2.s-0x800)	ubyte		x
+>>&-1		ubyte		!0	\b, no EOL=%#x
+# valid 2nd BASIC fragment found only in sELF-ExTRACTING-zIP executable unzp6420.prg
+>>23		search/30	\323ELF-E\330TRACTING-\332IP
+# jump again from beginning
+>>>(2.s-0x800)	ubyte		x
+>>>>&0		use		basic-line
+# Zero-byte marking the end of the BASIC line
+>-3		ubyte		!0	\b, 3 last bytes %#2.2x
+# Two zero-bytes in place of the pointer to next BASIC line indicates the end of the program
+>>-2		ubeshort	x	\b%4.4x
+# display information about tokenized C64 BASIC program (memory address, line number, token)
+0	name	c64-prg
+>0		uleshort	x	Commodore C64 BASIC program
+!:mime	application/x-commodore-basic
+# Tokenized BASIC programs were stored by Commodore as file type program "PRG" in separate field in directory structures.
+# So file name can have no suffix like in saveroms; When transferring to other platforms, they are often saved with .prg extensions.
+# BAS suffix is typically used for the BASIC source but also found in program pods.bas
+!:ext	prg/bas/
+# start address like: 801h
+>0		uleshort	!0x0801	\b, start address %#4.4x
+# 1st BASIC fragment
+>2		use		basic-line
+# jump to 1 byte before next BASIC fragment; this must be zero-byte marking the end of line
+>(2.s-0x0800)	ubyte		x	
+>>&-1		ubyte		!0	\b, no EOL=%#x
+# 2nd BASIC fragment
+>>&0		use		basic-line
+# zero-byte marking the end of the BASIC line
+>-3		ubyte		!0	\b, 3 last bytes %#2.2x
+# Two zero-bytes in place of the pointer to next BASIC line indicates the end of the program
+>>-2		ubeshort	x	\b%4.4x
+# Summary:	binary executable or Basic program for Commodore C128 computers
+# URL:		https://en.wikipedia.org/wiki/Commodore_128
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p/prg-c128.trid.xml
+# From:		Joerg Jenderek
+# Note:		Commodore 128 BASIC 7.0 variant; there exist varaints with different start addresses
+0		leshort		0x1C01
+!:strength	+1
+# GRR: line above with strength 51 (50+1) is too generic because it matches SVr3 curses screen image, big-endian with strength (50) handled by ./terminfo
+# probably skip SVr3 curses images with "invalid high" second line offset 
+>2		uleshort	<0x1D02
+# skip foo with "invalid low" second line offset
+>>2		uleshort	>0x1C06
+# if first token is not SYS this implies BASIC program
+>>>6		ubyte		!0x9e
+>>>>0			use	c128-prg
+# if first token is SYS this implies binary executable
+>>>6		ubyte		=0x9e
+>>>>0		use		c128-exe
+# Summary:	binary executable or Basic program for Commodore C128 computers
+# Note:		Commodore 128 BASIC 7.1 extension by Rick Simon
+# start adress 132Dh
+#0		leshort		0x132D	THIS_IS_C128_7.1
+#>0			use	c128-prg
+# Summary:	binary executable or Basic program for Commodore C128 computers
+# Note:		Commodore 128 BASIC 7.0 saved with graphics mode enabled
+# start adress 4001h
+#0		leshort		0x4001	THIS_IS_C128_GRAPHIC
+#>0			use	c128-prg
+# display information about tokenized C128 BASIC program (memory address, line number, token)
+0	name	c128-prg
+>0		uleshort	x	Commodore C128 BASIC program
+!:mime	application/x-commodore-basic
+!:ext	prg
+# start address like: 1C01h
+>0		uleshort	!0x1C01	\b, start address %#4.4x
+# 1st BASIC fragment
+>2		use		basic-line
+# jump to 1 byte before next BASIC fragment; this must be zero-byte marking the end of line
+>(2.s-0x1C00)	ubyte		x
+>>&-1		ubyte		!0	\b, no EOL=%#x
+# 2nd BASIC fragment
+>>&0		use		basic-line
+# Zero-byte marking the end of the BASIC line
+>-3		ubyte		!0	\b, 3 last bytes %#2.2x
+# Two zero-bytes in place of the pointer to next BASIC line indicates the end of the program
+>>-2		ubeshort	x	\b%4.4x
+# display information about C128 program (memory address, line number, token)
+0	name	c128-exe
+>0		uleshort	x	Commodore C128 program
+!:mime	application/x-commodore-exec
+!:ext	prg/
+# start address like: 1C01h
+>0		uleshort	!0x1C01	\b, start address %#4.4x
+# 1st BASIC fragment
+>2		use		basic-line
+# jump to 1 byte before next BASIC fragment; this must be zero-byte marking the end of line
+>(2.s-0x1C00)	ubyte		x
+>>&-1		ubyte		!0	\b, no EOL=%#x
+# no valid 2nd BASIC fragment in Commodore executables
+#>>&0		use		basic-line
+# Zero-byte marking the end of the BASIC line
+>-3		ubyte		!0	\b, 3 last bytes %#2.2x
+# Two zero-bytes in place of the pointer to next BASIC line indicates the end of the program
+>>-2		ubeshort	x	\b%4.4x
+# Summary:	binary executable or Basic program for Commodore C16/VIC-20/Plus4 computers
+# URL:		https://en.wikipedia.org/wiki/Commodore_Plus/4
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p/prg-vic20.trid.xml
+#		defs/p/prg-plus4.trid.xml
+# From:		Joerg Jenderek
+# Note:		there exist VIC-20 variants with different start address
+# GRR: line below is too generic because it matches Novell LANalyzer capture
+# with regular trace header record handled by ./sniffer
+0		leshort		0x1001
+# skip regular Novell LANalyzer capture (novell-2.tr1 novell-lanalyzer.tr1 novell-win10.tr1) with "invalid low" token value 54h
+>6		ubyte		>0x7F
+# skip regular Novell LANalyzer capture (novell-2.tr1 novell-lanalyzer.tr1 novell-win10.tr1) with "invalid low" second line offset 4Ch
+#>>2		uleshort	>0x1006	OFFSET_NOT_TOO_LOW
+# skip foo with "invalid high" second line offset but not for 0x123b (Minefield.prg)
+#>>>2		uleshort	<0x1102	OFFSET_NOT_TOO_HIGH
+# if first token is not SYS this implies BASIC program
+>>6		ubyte		!0x9e
+# valid second end of line separator implies BASIC program
+>>>(2.s-0x1000)		ubyte	=0
+>>>>0			use	c16-prg
+# invalid second end of line separator !=0 implies binary executable like: Minefield.prg
+>>>(2.s-0x1000)		ubyte	!0
+>>>>0			use	c16-exe
+# if first token is SYS this implies binary executable
+>>6		ubyte		=0x9e
+>>>0		use		c16-exe
+# display information about C16 program (memory address, line number, token)
+0	name	c16-exe
+>0		uleshort	x	Commodore C16/VIC-20/Plus4 program
+!:mime	application/x-commodore-exec
+!:ext	prg/
+# start address like: 1001h
+>0		uleshort	!0x1001	\b, start address %#4.4x
+# 1st BASIC fragment
+>2		use		basic-line
+# jump to 1 byte before next BASIC fragment; this must be zero-byte marking the end of line
+>(2.s-0x1000)	ubyte		x
+>>&-1		ubyte		!0	\b, no EOL=%#x
+# no valid 2nd BASIC fragment in excutables
+#>>&0		use		basic-line
+# Zero-byte marking the end of the BASIC line
+>-3		ubyte		!0	\b, 3 last bytes %#2.2x
+# Two zero-bytes in place of the pointer to next BASIC line indicates the end of the program
+>>-2		ubeshort	x	\b%4.4x
+# display information about tokenized C16 BASIC program (memory address, line number, token)
+0	name	c16-prg
+>0		uleshort	x	Commodore C16/VIC-20/Plus4 BASIC program
+!:mime	application/x-commodore-basic
+!:ext	prg
+# start address like: 1001h
+>0		uleshort	!0x1001	\b, start address %#4.4x
+# 1st BASIC fragment
+>2		use		basic-line
+# jump to 1 byte before next BASIC fragment; this must be zero-byte marking the end of line
+>(2.s-0x1000)	ubyte		x
+>>&-1		ubyte		!0	\b, no EOL=%#x
+# 2nd BASIC fragment
+>>&0		use		basic-line
+# Zero-byte marking the end of the BASIC line
+>-3		ubyte		!0	\b, 3 last bytes %#2.2x
+# Two zero-bytes in place of the pointer to next BASIC line indicates the end of the program
+>>-2		ubeshort	x	\b%4.4x
+# Summary:	binary executable or Basic program for Commodore VIC-20 computer with 8K RAM expansion
+# URL:		https://en.wikipedia.org/wiki/VIC-20
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p/prg-vic20-8k.trid.xml
+# From:		Joerg Jenderek
+# Note:		Basic v2.0 with Basic v4.0 extension (VIC20); there exist VIC-20 variants with different start addresses
+# start adress 1201h
+0		leshort		0x1201
+# if first token is not SYS this implies BASIC program
+>6		ubyte		!0x9e
+>>0		use		vic-prg
+# if first token is SYS this implies binary executable
+>6		ubyte		=0x9e
+>>0		use		vic-exe
+# display information about Commodore VIC-20 BASIC+8K program (memory address, line number, token)
+0	name	vic-prg
+>0		uleshort	x	Commodore VIC-20 +8K BASIC program
+!:mime	application/x-commodore-basic
+!:ext	prg
+# start address like: 1201h
+>0		uleshort	!0x1201	\b, start address %#4.4x
+# 1st BASIC fragment
+>2		use		basic-line
+# jump to 1 byte before next BASIC fragment; this must be zero-byte marking the end of line
+>(2.s-0x1200)	ubyte		x
+>>&-1		ubyte		!0	\b, no EOL=%#x
+# 2nd BASIC fragment
+>>&0		use		basic-line
+# Zero-byte marking the end of the BASIC line
+>-3		ubyte		!0	\b, 3 last bytes %#2.2x
+# Two zero-bytes in place of the pointer to next BASIC line indicates the end of the program
+>>-2		ubeshort	x	\b%4.4x
+# display information about Commodore VIC-20 +8K program (memory address, line number, token)
+0	name	vic-exe
+>0		uleshort	x	Commodore VIC-20 +8K program
+!:mime	application/x-commodore-exec
+!:ext	prg/
+# start address like: 1201h
+>0		uleshort	!0x1201	\b, start address %#4.4x
+# 1st BASIC fragment
+>2		use		basic-line
+# jump to 1 byte before next BASIC fragment; this must be zero-byte marking the end of line
+>(2.s-0x0400)	ubyte		x
+>>&-1		ubyte		!0	\b, no EOL=%#x
+# no valid 2nd BASIC fragment in excutables
+#>>&0		use		basic-line
+# Zero-byte marking the end of the BASIC line
+>-3		ubyte		!0	\b, 3 last bytes %#2.2x
+# Two zero-bytes in place of the pointer to next BASIC line indicates the end of the program
+>>-2		ubeshort	x	\b%4.4x
+# Summary:	binary executable or Basic program for Commodore PET computers
+# URL:		https://en.wikipedia.org/wiki/Commodore_PET
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p/prg-pet.trid.xml
+# From:		Joerg Jenderek
+# start adress 0401h
+0		leshort		0x0401
+!:strength	+1
+# GRR: line above with strength 51 (50+1) is too generic because it matches TTComp archive data, ASCII, 1K dictionary
+# (strength=48=50-2) handled by ./archive and shared library (strength=50) handled by ./ibm6000
+# skip TTComp archive data, ASCII, 1K dictionary ttcomp-ascii-1k.bin with "invalid high" second line offset 4162h
+>2		uleshort	<0x0502
+# skip foo with "invalid low" second line offset
+#>>2		uleshort	>0x0406	OFFSET_NOT_TOO_LOW
+# skip bar with "invalid end of line" 
+#>>>(2.s-0x0400)	ubyte		=0	END_OF_LINE_OK
+# if first token is not SYS this implies BASIC program
+>>6		ubyte		!0x9e
+>>>0		use		pet-prg
+# if first token is SYS this implies binary executable
+>>6		ubyte		=0x9e
+>>>0		use		pet-exe
+# display information about Commodore PET BASIC program (memory address, line number, token)
+0	name	pet-prg
+>0		uleshort	x	Commodore PET BASIC program
+!:mime	application/x-commodore-basic
+!:ext	prg
+# start address like: 0401h
+>0		uleshort	!0x0401	\b, start address %#4.4x
+# 1st BASIC fragment
+>2		use		basic-line
+# jump to 1 byte before next BASIC fragment; this must be zero-byte marking the end of line
+>(2.s-0x0400)	ubyte		x
+# 2nd BASIC fragment
+>>&0		use		basic-line
+# zero-byte marking the end of the BASIC line
+>-3		ubyte		!0	\b, 3 last bytes %#2.2x
+# Two zero-bytes in place of the pointer to next BASIC line indicates the end of the program
+>>-2		ubeshort	x	\b%4.4x
+# display information about Commodore PET program (memory address, line number, token)
+0	name	pet-exe
+>0		uleshort	x	Commodore PET program
+!:mime	application/x-commodore-exec
+!:ext	prg/
+# start address like: 0401h
+>0		uleshort	!0x0401	\b, start address %#4.4x
+# 1st BASIC fragment
+>2		use		basic-line
+# jump to 1 byte before next BASIC fragment; this must be zero-byte marking the end of line
+>(2.s-0x0400)	ubyte		x
+>>&-1		ubyte		!0	\b, no EOL=%#x
+# no valid 2nd BASIC fragment in excutables
+#>>&0		use		basic-line
+# Zero-byte marking the end of the BASIC line
+>-3		ubyte		!0	\b, 3 last bytes %#2.2x
+# Two zero-bytes in place of the pointer to next BASIC line indicates the end of the program
+>>-2		ubeshort	x	\b%4.4x
+# display information about tokenized BASIC line (memory address, line number, Token)
+0	name	basic-line
+# pointer to memory address of beginning of "next" BASIC line
+# greater then previous offset but maximal 100h difference
+>0		uleshort	x	\b, offset %#4.4x
+# offset 0x0000 indicates the end of BASIC program; so bytes afterwards may be some other data
+>0		uleshort	0
+# not line number but first 2 data bytes 
+>>2		ubeshort	x	\b, data %#4.4x
+# not token but next 2 data bytes 
+>>4		ubeshort	x	\b%4.4x
+# not token arguments but next data bytes 
+>>6		ubequad		x 	\b%16.16llx
+>>14		ubequad		x 	\b%16.16llx...
+# like 0x0d20352020204c594e5820495820204259205749 "\r 5   LYNX IX  BY WILL CORLEY" for LyNX archive Darkon.lnx handled by ./archive
+#>>3		string		x 	"%-0.30s"
+>0		uleshort	>0
+# BASIC line number with range from 0 to 65520; practice to increment numbers by some value (5, 10 or 100)
+>>2		uleshort	x	\b, line %u
+# https://www.c64-wiki.com/wiki/BASIC_token
+# The "high-bit" bytes from #128-#254 stood for the various BASIC commands and mathematical operators
+>>4		ubyte		x	\b, token (%#x)
+# https://www.c64-wiki.com/wiki/REM
+>>4		string		\x8f	REM
+# remark string like: ** SYNTHESIZER BY RICOCHET **
+>>>5		string		>\0	%s
+#>>>>&1		uleshort	x	\b, NEXT OFFSET %#4.4x
+# https://www.c64-wiki.com/wiki/PRINT
+>>4		string		\x99	PRINT
+# string like: "Hello world" "\021 \323ELF-E\330TRACTING-\332IP (64 ONLY)\016\231":\2362141
+>>>5		string		x	%s
+#>>>>&0		ubequad		x	AFTER_PRINT=%#16.16llx
+# https://www.c64-wiki.com/wiki/POKE
+>>4		string		\x97	POKE
+# <Memory address>,<number>
+>>>5		regex		\^[0-9,\040]+	%s
+# BASIC command delimiter colon (:=3Ah)
+>>>>&-2		ubyte		=0x3A
+# after BASIC command delimiter colon remaining (<255) other tokenized BASIC commands
+>>>>>&0		string		x		"%s"
+# https://www.c64-wiki.com/wiki/SYS	0x9e=\236
+>>4		string		\x9e	SYS
+# SYS <Address> parameter is a 16-bit unsigned integer; in the range 0 - 65535
+>>>5		regex		\^[0-9]{1,5}	%s
+# maybe followed by spaces, "control-characters" or colon (:) followed by next commnds or in victracker.prg
+# (\302(43)\252256\254\302(44)\25236) /T.L.R/
+#>>>5		string		x	SYS_STRING="%s"
+# https://www.c64-wiki.com/wiki/GOSUB
+>>4		string		\x8d	GOSUB
+# <line>
+>>>5		string		>\0	%s
diff --git a/magic/Magdir/cad b/magic/Magdir/cad
new file mode 100644
index 0000000..0bead6e
--- /dev/null
+++ b/magic/Magdir/cad
@@ -0,0 +1,437 @@
+
+#------------------------------------------------------------------------------
+# $File: cad,v 1.31 2022/12/09 15:36:23 christos Exp $
+# autocad:  file(1) magic for cad files
+#
+
+# Microstation DGN/CIT Files (www.bentley.com)
+# Last updated July 29, 2005 by Lester Hightower
+# DGN is the default file extension of Microstation/Intergraph CAD files.
+# CIT is the proprietary raster format (similar to TIFF) used to attach
+# raster underlays to Microstation DGN (vector) drawings.
+#
+# http://www.wotsit.org/search.asp
+# https://filext.com/detaillist.php?extdetail=DGN
+# https://filext.com/detaillist.php?extdetail=CIT
+#
+# https://www.bentley.com/products/default.cfm?objectid=97F351F5-9C35-4E5E-89C2
+# 3F86C928&method=display&p_objectid=97F351F5-9C35-4E5E-89C280A93F86C928
+# https://www.bentley.com/products/default.cfm?objectid=A5C2FD43-3AC9-4C71-B682
+# 721C479F&method=display&p_objectid=A5C2FD43-3AC9-4C71-B682C7BE721C479F
+# 
+# URL:		https://en.wikipedia.org/wiki/MicroStation
+# reference:	http://dgnlib.maptools.org/dgn.html
+#		http://dgnlib.maptools.org/dl/ref18.pdf
+# Update:	Joerg Jenderek
+# Note: verfied by command like `dgndump seed2d_b.dgn`
+# test for level 8 and type 5 or 9
+0	beshort&0x3F73	0x0801
+# level of element like 8
+#>0	ubyte&0x3F	x			\b, level %u
+#>0	ubyte		&0x80			\b, complex
+#>0	ubyte		&0x40			\b, reserved
+# type of element 9~TCB 8~Digitizer setup 5~Group Data Elements
+#>1	ubyte&0x7F	x			\b, type %u
+# words to follow in element: 17H~CEL library 2FEh~DGN 9FEh,DFEh~CIT
+#>2	uleshort	x			\b, words %#4.4x to follow
+# test for 3 reserved 0 bytes in CIT or "conversion" in ViewInfo structure (DGN CEL)
+#>508	ubelong		x			\b, RESERVED %8.8x
+>508	ubelong&0xFFffFF00	=0
+# test for level 8 and type 9 for INGR raster image
+>>0	beshort		0x0809
+# test for length of 1st element is multiple of blocks a 512 bytes
+>>>2	ubyte		0xfe
+>>>>0 	use		ingr-image
+# test for DGN or CEL by jump words (uleshort) forward to next element
+>(2.s*2)	ulong		x
+# 2nd element type: 8~Digitizer~DesiGNfile 1~library cell header other~CIT
+#>>&1		ubyte&0x7F	x		\b, 2nd type %u
+# DGN
+>>&1		ubyte&0x7F	8
+>>>2		uleshort	=0x02FE		Bentley/Intergraph Microstation CAD drawing
+!:mime		application/x-bentley-dgn
+!:ext		dgn
+# The 0x40 bit of this byte is 1 if the file is 3D, otherwise 0
+>>>>1214	ubyte  		&0x40		3D
+>>>>1214	ubyte  		^0x40		2D
+# 2 chars for name of subunits like ft FT in IN mu m mm '\0 '\040
+>>>>1120	string		x		\b, units %-.2s
+# 2 chars for name of master unit like IN in ML SU tn th TH HU mm "\0 "\040 \0\0
+>>>>1122	string		>\0		%-.2s
+#>>>>1120	ubelong		x		\b, units %#8.8x
+# element range low,high x y z like xlow=0 08010000h 01080000h
+#>>>>4		ubelong	  	!0		\b, xlow %8.8x
+#>>>>8		ubelong	  	!0		\b, ylow %8.8x
+#>>>>12		ubelong	  	!0		\b, zlow %8.8x
+#>>>>16		ubelong	  	!0		\b, xhigh %8.8x
+#>>>>20		ubelong	  	!0		\b, yhigh %8.8x
+#>>>>24		ubelong	  	!0		\b, zhigh %8.8x
+# graphic group number; all other elements in that group have same non-0 number
+#>>>>28		leshort		x		\b, grphgrp %#4.4x
+# words to optional attribute linkage
+#>>>>30		ubyte		x		\b, attindx \%o
+#>>>>31		ubyte		x		\b\%o
+# >>30	string	\026\105			DGNFile
+# >>30	string	\034\105			DGNFile
+# >>30	string	\073\107			DGNFile
+# >>30	string	\073\110			DGNFile
+# >>30	string	\106\107			DGNFile
+# >>30	string	\110\103			DGNFile
+# >>30	string	\120\104			DGNFile
+# >>30	string	\172\104			DGNFile
+# >>30	string	\172\105			DGNFile
+# >>30	string	\172\106			DGNFile
+# >>30	string	\234\106			DGNFile
+# >>30	string	\273\105			DGNFile
+# >>30	string	\306\106			DGNFile
+# >>30	string	\310\104			DGNFile
+# >>30	string	\341\104			DGNFile
+# >>30	string	\372\103			DGNFile
+# >>30	string	\372\104			DGNFile
+# >>30	string	\372\106			DGNFile
+# >>30	string	\376\103			DGNFile
+# elements properties indicator
+#>>>>32		uleshort	!0		\b, properties %#4.4x
+# class 0~Primary
+#>>>>>32		uleshort&0x000F	!0		\b, class %#4.4x
+# Symbology
+#>>>>>34		uleshort	x		\b, Symbology %#4.4x
+# test for 2nd element type 1~library cell header
+>>&1		ubyte&0x7F	1
+# test for 1st element with level 8 and type 5 for cell library
+>>>0		beshort		0x0805		Bentley/Intergraph Microstation CAD cell library
+!:mime		application/x-bentley-cel
+!:ext		cel
+#
+# URL:		http://fileformats.archiveteam.org/wiki/Intergraph_Raster
+# reference:	https://web.archive.org/web/20140903185431/
+#		http://oreilly.com/www/centers/gff/formats/ingr/index.htm
+# note:		verfied by command like `nconvert -fullinfo LONGLAT.CIT`
+# display information for intergraph raster bitmap
+0	name	ingr-image
+# in 5.37 "Microstation CITFile" "Bentley/Intergraph MicroStation CIT raster CAD"
+# DataTypeCode indicates format, depth of the pixel data and used compression 
+>4	uleshort	x			Intergraph raster image
+>>4	uleshort	0x0009			\b, Run-Length Encoded 1-bit
+!:mime	image/x-intergraph-rle
+!:ext	rel
+>>4	uleshort	0x0018			\b, CCITT Group 4 1-bit
+!:mime	image/x-intergraph-cit
+!:ext	cit
+>>4	uleshort	27			\b, Adaptive RLE RGB
+!:mime	image/x-intergraph-rgb
+!:ext	rgb
+>>4	default		x
+>>>4	uleshort	x			\b, Type %u
+!:mime	image/x-intergraph
+# TODO:
+#>4	uleshort	0			\b, no data
+# ...
+#>4	uleshort	0x0045			\b, Continuous Tone CMKY (Uncompressed)
+# ApplicationType: 0~generic raster image 3~drawing, scanning
+# 8~I/IMAGE and MicroStation Imager 9~ModelView
+>6	uleshort	!0			\b, ApplicationType %u
+#>6	uleshort	x			\b, ApplicationType %u
+# XViewOrigin; Raster grid data X origin
+#>8	ulequad		!0			\b, XViewOrigin %llx
+# PixelsPerLine is the number of pixels in a scan line of bitmapp
+>184	ulelong		x			\b, %u x
+# NumberOfLines is height of the raster data in scanlines
+>188	ulelong		x			%u
+# DeviceResolution; resolution of scanning device
+# positive indicates number of micros between lines; negative indicates DPI
+#>192	leshort		x			\b, DeviceResolution %d
+# ScanlineOrient indicates the origin and the orientation of the scan lines
+#>194	ubyte		x			\b, ScanlineOrient %x
+>194	ubyte		x			\b, orientation
+>194	ubyte		&0x01			right
+>194	ubyte		^0x01			left
+>194	ubyte		&0x02			down
+>194	ubyte		^0x02			top
+>194	ubyte		&0x04			horizontal
+>194	ubyte		^0x04			vertical
+# ScannableFlag; Scanline indexing method used
+#>195	ubyte		!0			\b, ScannableFlag %#x
+# RotationAngle; Rotation angle of raster data
+#>196	ubequad		!0			\b, RotationAngle %#llx
+# SkewAngle; Skew angle of raster data
+#>204	ubequad		!0			\b, SkewAngle %llx
+# DataTypeModifier; Additional raster data format info
+#>212	uleshort	!0			\b, DataTypeModifier %#4.4x
+# DesignFile[66]; Name of the design file
+>214	string		>\0			\b, DesignFile %-.66s
+# DatabaseFile[66]; Name of the database file
+>280	string		>\0			\b, DatabaseFile %-.66s
+# ParentGridFile[66]; Name of parent grid file
+>346	string		>\0			\b, ParentGridFile %-.66s
+# FileDescription[80]; Text description of file and contents
+>412	string		>\0			\b, FileDescription %-.80s
+# MinValue
+#>492	ubequad		!0			\b, MinValue %#llx
+# MaxValue
+#>500	ubequad		!0			\b, MaxValue %#llx
+# Reserved[3]; Unused (always 0)
+#>508	ubelong&0xFFffFF00	x		\b, RESERVED %8.8x
+# GridFileVersion; Grid File Version like 2 3
+#>511	ubyte		x			\b, GridFileVersion %x
+
+# AutoCAD
+# Merge of the different contributions and updates from https://en.wikipedia.org/wiki/Dwg
+# and https://www.iana.org/assignments/media-types/image/vnd.dwg
+0	string	MC0.0	DWG AutoDesk AutoCAD Release 1.0
+!:mime image/vnd.dwg
+0	string	AC1.2	DWG AutoDesk AutoCAD Release 1.2
+!:mime image/vnd.dwg
+0	string	AC1.3	DWG AutoDesk AutoCAD Release 1.3
+!:mime image/vnd.dwg
+0	string	AC1.40	DWG AutoDesk AutoCAD Release 1.40
+!:mime image/vnd.dwg
+0	string	AC1.50	DWG AutoDesk AutoCAD Release 2.05
+!:mime image/vnd.dwg
+0	string	AC2.10	DWG AutoDesk AutoCAD Release 2.10
+!:mime image/vnd.dwg
+0	string	AC2.21	DWG AutoDesk AutoCAD Release 2.21
+!:mime image/vnd.dwg
+0	string	AC2.22	DWG AutoDesk AutoCAD Release 2.22
+!:mime image/vnd.dwg
+0	string	AC1001	DWG AutoDesk AutoCAD Release 2.22
+!:mime image/vnd.dwg
+0	string	AC1002	DWG AutoDesk AutoCAD Release 2.50
+!:mime image/vnd.dwg
+0	string	AC1003	DWG AutoDesk AutoCAD Release 2.60
+!:mime image/vnd.dwg
+0	string	AC1004	DWG AutoDesk AutoCAD Release 9
+!:mime image/vnd.dwg
+0	string	AC1006	DWG AutoDesk AutoCAD Release 10
+!:mime image/vnd.dwg
+0	string	AC1009	DWG AutoDesk AutoCAD Release 11/12
+!:mime image/vnd.dwg
+# AutoCAD DWG versions R13/R14 (www.autodesk.com)
+# Written December 01, 2003 by Lester Hightower
+# Based on the DWG File Format Specifications at http://www.opendwg.org/
+# AutoCad, from Nahuel Greco
+# AutoCAD DWG versions R12/R13/R14 (www.autodesk.com)
+0	string	AC1012	DWG AutoDesk AutoCAD Release 13
+!:mime image/vnd.dwg
+0	string	AC1013	DWG AutoDesk AutoCAD Release 13c3
+!:mime image/vnd.dwg
+0	string	AC1014	DWG AutoDesk AutoCAD Release 14
+!:mime image/vnd.dwg
+0	string	AC1015	DWG AutoDesk AutoCAD 2000
+!:mime image/vnd.dwg
+
+# A new version of AutoCAD DWG
+# Sergey Zaykov (mail_of_sergey@mail.ru, sergey_zaikov@rambler.ru,
+# ICQ 358572321)
+# From various sources like:
+# https://autodesk.blogs.com/between_the_lines/autocad-release-history.html
+0	string	AC1018	DWG AutoDesk AutoCAD 2004/2005/2006
+!:mime image/vnd.dwg
+0	string	AC1021	DWG AutoDesk AutoCAD 2007/2008/2009
+!:mime image/vnd.dwg
+0	string	AC1024	DWG AutoDesk AutoCAD 2010/2011/2012
+!:mime image/vnd.dwg
+0	string	AC1027	DWG AutoDesk AutoCAD 2013-2017
+!:mime image/vnd.dwg
+
+# From GNU LibreDWG
+0	string	AC1032	DWG AutoDesk AutoCAD 2018/2019/2020
+!:mime image/vnd.dwg
+0	string	AC1035	DWG AutoDesk AutoCAD 2021
+!:mime image/vnd.dwg
+
+# KOMPAS 2D drawing from ASCON
+# This is KOMPAS 2D drawing or fragment of drawing but is not detailed nor
+# gathered nor specification
+# ASCON https://ascon.net/main/ in English,
+#	https://ascon.ru/ main site in Russian
+# Extension is CDW for drawing and FRW for fragment of drawing
+# Sergey Zaykov (mail_of_sergey@mail.ru, sergey_zaikov@rambler.ru,
+# ICQ 358572321, https://vkontakte.ru/id16076543)
+# From:
+# https://sd.ascon.ru/otrs/customer.pl?Action=CustomerFAQ&CategoryID=4&ItemID=292
+# (in russian) and my experiments
+0	string	KF
+>2	belong	0x4E00000C	Kompas drawing 12.0 SP1
+>2	belong	0x4D00000C	Kompas drawing 12.0
+>2	belong	0x3200000B	Kompas drawing 11.0 SP1
+>2	belong	0x3100000B	Kompas drawing 11.0
+>2	belong	0x2310000A	Kompas drawing 10.0 SP1
+>2	belong	0x2110000A	Kompas drawing 10.0
+>2	belong	0x08000009	Kompas drawing 9.0 SP1
+>2	belong	0x05000009	Kompas drawing 9.0
+>2	belong	0x33010008	Kompas drawing 8+
+>2	belong	0x1A000008	Kompas drawing 8.0
+>2	belong	0x2C010107	Kompas drawing 7+
+>2	belong	0x05000007	Kompas drawing 7.0
+>2	belong	0x32000006	Kompas drawing 6+
+>2	belong	0x09000006	Kompas drawing 6.0
+>2	belong	0x5C009005	Kompas drawing 5.11R03
+>2	belong	0x54009005	Kompas drawing 5.11R02
+>2	belong	0x51009005	Kompas drawing 5.11R01
+>2	belong	0x22009005	Kompas drawing 5.10R03
+>2	belong	0x22009005	Kompas drawing 5.10R02 mar
+>2	belong	0x21009005	Kompas drawing 5.10R02 febr
+>2	belong	0x19009005	Kompas drawing 5.10R01
+>2	belong	0xF4008005	Kompas drawing 5.9R01.003
+>2	belong	0x1C008005	Kompas drawing 5.9R01.002
+>2	belong	0x11008005	Kompas drawing 5.8R01.003
+
+# CAD: file(1) magic for computer aided design files
+# Phillip Griffith <phillip dot griffith at gmail dot com>
+# AutoCAD magic taken from the Open Design Alliance's OpenDWG specifications.
+#
+
+# 3DS (3d Studio files)
+0	leshort		0x4d4d
+>6	leshort		0x2
+>>8	lelong		0xa
+>>>16	leshort		0x3d3d	3D Studio model
+# Beat sgi MMV
+!:strength +20
+!:mime	image/x-3ds
+!:ext 3ds
+
+# MegaCAD 2D/3D drawing (.prt)
+# https://megacad.de/
+# From: Markus Heidelberg <markus.heidelberg@web.de>
+0	string	MegaCad23\0	MegaCAD 2D/3D drawing
+
+# Hoops CAD files
+# https://docs.techsoft3d.com/visualize/3df/latest/build/general/hsf/\
+# HSF_architecture.html
+# Stephane Charette <stephane.charette@gmail.com>
+0	string	;;\040HSF\040V		OpenHSF (Hoops Stream Format)
+>7	regex/9 V[.0-9]{4,5}\040	%s
+!:ext hsf
+
+# AutoCAD Drawing Exchange Format
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/DXF
+#		https://en.wikipedia.org/wiki/AutoCAD_DXF
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/d/
+#		dxf-var0.trid.xml dxf-var0u.trid.xml dxf-var2.trid.xml dxf-var2u.trid.xml
+# Note:		called "AutoCAD Drawing eXchange Format" by TrID and
+#		"Drawing Interchange File Format (ASCII)" by DROID
+# GRR: some samples does not match 1st test like: abydos.dxf
+0	regex		\^[\ \t]*0\r?\000$
+>1	regex		\^[\ \t]*SECTION\r?$
+>>2	regex		\^[\ \t]*2\r?$
+# GRR: some samples without HEADER section like: airplan2.dxf
+>>>3	regex		\^[\ \t]*HEADER\r?$	AutoCAD Drawing Exchange Format
+#!:mime	application/x-dxf
+!:mime	image/vnd.dxf
+!:ext	dxf
+# DROID PUID fmt/64	fmt-64-signature-id-99.dxf
+>>>>&1	search/8192	MC0.0			\b, 1.0
+# DROID PUID fmt/65	fmt-65-signature-id-100.dxf
+>>>>&1	search/8192	AC1.2			\b, 1.2
+# DROID PUID fmt/66	fmt-66-signature-id-101.dxf
+>>>>&1	search/8192	AC1.3			\b, 1.3
+# DROID PUID fmt/67	fmt-67-signature-id-102.dxf
+>>>>&1	search/8192	AC1.40			\b, 1.4
+# DROID PUID fmt/68	fmt-68-signature-id-103.dxf
+>>>>&1	search/8192	AC1.50			\b, 2.0
+# DROID PUID fmt/69	fmt-69-signature-id-104.dxf
+>>>>&1	search/8192	AC2.10			\b, 2.1
+# DROID PUID fmt/70	fmt-70-signature-id-105.dxf
+>>>>&1	search/8192	AC2.21			\b, 2.2
+# DROID PUID fmt/71	fmt-71-signature-id-106.dxf
+>>>>&1	search/8192	AC1002			\b, 2.5
+# DROID PUID fmt/72	fmt-72-signature-id-107.dxf
+>>>>&1	search/8192	AC1003			\b, 2.6
+# DROID PUID fmt/73	fmt-73-signature-id-108.dxf
+>>>>&1	search/8192	AC1004			\b, R9
+>>>>&1	search/8192	AC1006			\b, R10
+# http://cd.textfiles.com/amigaenv/DXF/OBJEKTE/LASTMINUTE/apple.dxf
+#>>>>&1	search/8192	AC1008			\b, Rfoo
+>>>>&1	search/8192	AC1009			\b, R11/R12
+>>>>&1	search/8192	AC1012			\b, R13
+>>>>&1	search/8192	AC1013			\b, R13c3
+>>>>&1	search/8192	AC1014			\b, R14
+>>>>&1	search/8192	AC1015			\b, version 2000
+>>>>&1	search/8192	AC1018			\b, version 2004
+>>>>&1	search/8192	AC1021			\b, version 2007
+>>>>&1	search/8192	AC1024			\b, version 2010
+>>>>&1	search/8192	AC1027			\b, version 2013
+>>>>&1	search/8192	AC1032			\b, version 2018
+>>>>&1	search/8192	AC1035			\b, version 2021
+
+# The Sketchup 3D model format https://www.sketchup.com/
+0	string	\xff\xfe\xff\x0e\x53\x00\x6b\x00\x65\x00\x74\x00\x63\x00\x68\x00\x55\x00\x70\x00\x20\x00\x4d\x00\x6f\x00\x64\x00\x65\x00\x6c\x00	SketchUp Model
+!:mime application/vnd.sketchup.skp
+!:ext skp
+
+4	regex/b	P[0-9][0-9]\\.[0-9][0-9][0-9][0-9]\\.[0-9][0-9][0-9][0-9]\\.[0-9]	NAXOS CAD System file from version %s
+!:strength +40
+
+# glTF (GL Transmission Format) - by the Khronos Group
+# Reference: https://github.com/KhronosGroup/glTF/tree/master/specification/2.0#glb-file-format-specification
+0	string		glTF		glTF binary model
+>4	ulelong		x		\b, version %d
+>8	ulelong		x		\b, length %d bytes
+!:mime	model/gltf-binary
+!:ext	glb
+
+# FBX (FilmBoX) - by Kaydara/Autodesk
+# Reference: https://code.blender.org/2013/08/fbx-binary-file-format-specification
+0	string	Kaydara\ FBX\ Binary\ \ \0	Kaydara FBX model,
+>&2	ulelong	x	version %d
+!:ext	fbx
+
+# PLY (Polygon File Format/Stanford Triangle Format) - by Greg Turk
+# Reference: https://web.archive.org/web/20161204152348/http://www.dcs.ed.ac.uk/teaching/cs4/www/graphics/Web/ply.html
+0	string	ply\n          	PLY model,
+!:ext	ply
+>4	string	format\ ascii\ 	ASCII,
+>>&0	regex/6	[0-9.]+        	version %s
+>4	string	format\ binary  	binary,
+>>&0	string	_little_endian\ 	little endian,
+>>>&0	regex/6	[0-9.]+         	version %s
+>>&0	string	_big_endian\ 	big endian,
+>>>&0	regex/6	[0-9.]+      	version %s
+
+# VRML (Virtual Reality Modeling Language) - by the Web3D Consortium
+# From:      Michel Briand <michelbriand@free.fr>
+# Reference: https://www.web3d.org/standards
+0	string/w	#VRML\ V1.0\ ascii	VRML 1 file
+!:mime	model/vrml
+!:ext	wrl
+0	string/w	#VRML\ V2.0\ utf8	ISO/IEC 14772 VRML 97 file
+!:mime	model/vrml
+!:ext	wrl
+# X3D, VRML encoded
+0	string	#X3D	X3D (Extensible 3D) model, VRML format
+>4	string	V
+>>5	regex/6	[0-9.]+	\b, version %s
+!:mime	model/x3d+vrml
+!:ext	x3dv
+
+## XML-based 3D CAD Formats
+# From: Michel Briand <michelbriand@free.fr>, Oliver Galvin <odg@riseup.net>
+0	string/w        \<?xml\ version=
+!:strength + 5
+# X3D (Extensible 3D)
+# Schema:    https://www.web3d.org/specifications/x3d-3.2.dtd
+# MIME Type: https://www.iana.org/assignments/media-types/model/x3d+xml
+# Example:   https://www.web3d.org/x3d/content/examples/Basic/course/CreateX3DFromStringRandomSpheres.x3d
+>20	search/1000/w   \<!DOCTYPE\ X3D         X3D (Extensible 3D) model, XML document
+!:mime	model/x3d+xml
+!:ext	x3d
+# COLLADA (COLLAborative Design Activity) - by the Khronos Group
+# Schema:    http://www.collada.org/2005/11/COLLADASchema
+# Reference: https://www.khronos.org/collada
+>20	search/1000/w	\<COLLADA	COLLADA model, XML document
+!:mime	model/vnd.collada+xml
+!:ext	dae
+# 3MF (3D Manufacturing Format) - by the 3MF Consortium
+# Schema:    http://schemas.microsoft.com/3dmanufacturing/core/2015/02
+# Reference: https://3mf.io/specification
+>20	search/1000/w	xmlns="http://schemas.microsoft.com/3dmanufacturing	3MF (3D Manufacturing Format) model, XML document
+!:mime	model/3mf
+!:ext	3mf
+# AMF (Additive Manufacturing File)
+# Reference: https://www.astm.org/Standards/ISOASTM52915.htm
+>20	search/1000/w	\<amf	AMF (Additive Manufacturing Format) model, XML document
+!:mime	application/x-amf
+!:ext	amf
diff --git a/magic/Magdir/cafebabe b/magic/Magdir/cafebabe
new file mode 100644
index 0000000..4f97cc0
--- /dev/null
+++ b/magic/Magdir/cafebabe
@@ -0,0 +1,107 @@
+
+#------------------------------------------------------------------------------
+# $File: cafebabe,v 1.28 2022/07/01 23:24:47 christos Exp $
+# Cafe Babes unite!
+#
+# Since Java bytecode and Mach-O universal binaries have the same magic number,
+# the test must be performed in the same "magic" sequence to get both right.
+# The long at offset 4 in a Mach-O universal binary tells the number of
+# architectures; the short at offset 4 in a Java bytecode file is the JVM minor
+# version and the short at offset 6 is the JVM major version.  Since there are only
+# only 18 labeled Mach-O architectures at current, and the first released
+# Java class format was version 43.0, we can safely choose any number
+# between 18 and 39 to test the number of architectures against
+# (and use as a hack). Let's not use 18, because the Mach-O people
+# might add another one or two as time goes by...
+#
+### JAVA START ###
+# Reference:	http://en.wikipedia.org/wiki/Java_class_file
+# Update:	Joerg Jenderek
+0	belong		0xcafebabe
+>4	ubelong		>30		compiled Java class data,
+!:mime	application/x-java-applet
+#!:mime	application/java-byte-code
+!:ext	class
+>>6	ubeshort	x	        version %d.
+>>4	ubeshort	x       	\b%d
+# for debugging purpose version as hexadecimal to compare with Mach-O universal binary
+#>>4	ubelong		x       	(%#8.8x)
+# Which is which?
+# https://docs.oracle.com/javase/specs/jvms/se6/html/ClassFile.doc.html
+#>>4	belong		0x002b		(Java 0.?)
+#>>4	belong		0x032d		(Java 1.0)
+#>>4	belong		0x032d		(Java 1.1)
+>>4	belong		0x002e		(Java 1.2)
+>>4	belong		0x002f		(Java 1.3)
+>>4	belong		0x0030		(Java 1.4)
+>>4	belong		0x0031		(Java 1.5)
+>>4	belong		0x0032		(Java 1.6)
+>>4	belong		0x0033		(Java 1.7)
+>>4	belong		0x0034		(Java 1.8)
+>>4	belong		0x0035		(Java SE 9)
+>>4	belong		0x0036		(Java SE 10)
+>>4	belong		0x0037		(Java SE 11)
+>>4	belong		0x0038		(Java SE 12)
+>>4	belong		0x0039		(Java SE 13)
+>>4	belong		0x003A		(Java SE 14)
+>>4	belong		0x003B		(Java SE 15)
+>>4	belong		0x003C		(Java SE 16)
+>>4	belong		0x003D		(Java SE 17)
+>>4	belong		0x003E		(Java SE 18)
+>>4	belong		0x003F		(Java SE 19)
+>>4	belong		0x0040		(Java SE 20)
+# pool count unequal zero
+#>>8	beshort		x	        \b, pool count %#x
+# pool table
+#>>10	ubequad		x	        \b, pool %#16.16llx...
+
+0	belong		0xcafed00d	JAR compressed with pack200,
+>5	byte		x		version %d.
+>4	byte		x		\b%d
+!:mime	application/x-java-pack200
+
+
+0	belong		0xcafed00d	JAR compressed with pack200,
+>5	byte		x		version %d.
+>4	byte		x		\b%d
+!:mime	application/x-java-pack200
+
+### JAVA END ###
+### MACH-O START ###
+# URL:		https://en.wikipedia.org/wiki/Mach-O
+
+0	name		mach-o		\b [
+# for debugging purpose CPU type as hexadecimal
+#>0	ubequad		x		CPU=%16.16llx 
+# display CPU type as string like: i386 x86_64 ... armv7 armv7k ...
+>0	use		mach-o-cpu	\b
+# for debugging purpose print offset to 1st mach_header like:
+# 1000h 4000h seldom 2d000h 88000h 5b000h 10e000 h
+#>8	ubelong		x		at %#x offset
+>(8.L)	indirect	x		\b:
+>0	belong		x		\b]
+
+# Reference:	https://opensource.apple.com/source/cctools/cctools-949.0.1/
+#		include/mach-o/fat.h
+#		include/mach/machine.h
+0	belong		0xcafebabe
+>4	belong		1		Mach-O universal binary with 1 architecture:
+!:mime application/x-mach-binary
+>>8	use		mach-o		\b
+# nfat_arch; number of CPU architectures; highest is 18 for CPU_TYPE_POWERPC in 2020
+>4	ubelong		>1
+>>4	ubelong		<20		Mach-O universal binary with %d architectures:
+!:mime application/x-mach-binary
+>>>8	use		mach-o		\b
+>>>4	ubelong		>1
+>>>>28	use		mach-o		\b
+>>>4	ubelong		>2
+>>>>48	use		mach-o		\b
+>>>4	ubelong		>3
+>>>>68	use		mach-o		\b
+>>>4	ubelong		>4
+>>>>88	use		mach-o		\b
+>>>4	ubelong		>5
+>>>>108	use		mach-o		\b
+
+### MACH-O END ###
diff --git a/magic/Magdir/cbor b/magic/Magdir/cbor
new file mode 100644
index 0000000..c780dc6
--- /dev/null
+++ b/magic/Magdir/cbor
@@ -0,0 +1,21 @@
+
+#------------------------------------------------------------------------------
+# $File: cbor,v 1.1 2015/01/28 01:05:21 christos Exp $
+# cbor:  file(1) magic for CBOR files as defined in RFC 7049
+
+0	string	\xd9\xd9\xf7 Concise Binary Object Representation (CBOR) container
+!:mime	application/cbor
+>3	ubyte	<0x20	(positive integer)
+>3	ubyte	<0x40
+>>3	ubyte	>0x1f	(negative integer)
+>3	ubyte	<0x60
+>>3	ubyte	>0x3f	(byte string)
+>3	ubyte	<0x80
+>>3	ubyte	>0x5f	(text string)
+>3	ubyte	<0xa0
+>3	ubyte	>0x7f	(array)
+>3	ubyte	<0xc0
+>>3	ubyte	>0x9f	(map)
+>3	ubyte	<0xe0
+>>3	ubyte	>0xbf	(tagged)
+>3	ubyte	>0xdf	(other)
diff --git a/magic/Magdir/ccf b/magic/Magdir/ccf
new file mode 100644
index 0000000..1d5ba19
--- /dev/null
+++ b/magic/Magdir/ccf
@@ -0,0 +1,14 @@
+
+#------------------------------------------------------------------------------
+# $File: ccf,v 1.1 2022/02/15 12:57:45 christos Exp $
+# file(1) magic(5) data for Phillips remote controls
+
+# Exchange format for Philips Pronto universal infrared remote controls
+# A CCF file describes a learned/customized remote control,
+# i.e. it contains button UI and infrared pulse code definitions
+# (Georg Sauthoff)
+# http://files.remotecentral.com/download/45/pan-air-csakr.zip.html
+# https://github.com/gsauthof/pronto-ccf/blob/
+
+8	string	@\xa5Z@_CCF
+>32	string	CCF\x00		Philips Pronto IR remote control CCF
diff --git a/magic/Magdir/cddb b/magic/Magdir/cddb
new file mode 100644
index 0000000..5d8a851
--- /dev/null
+++ b/magic/Magdir/cddb
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: cddb,v 1.4 2009/09/19 16:28:08 christos Exp $
+# CDDB: file(1) magic for CDDB(tm) format CD text data files
+#
+# From <steve@gracenote.com>
+#
+# This is the /etc/magic entry to decode datafiles as used by
+# CDDB-enabled CD player applications.
+#
+
+0	search/1/w	#\040xmcd	CDDB(tm) format CD text data
diff --git a/magic/Magdir/chord b/magic/Magdir/chord
new file mode 100644
index 0000000..00d0bec
--- /dev/null
+++ b/magic/Magdir/chord
@@ -0,0 +1,15 @@
+
+#------------------------------------------------------------------------------
+# $File: chord,v 1.5 2010/09/20 19:19:16 rrt Exp $
+# chord: file(1) magic for Chord music sheet typesetting utility input files
+#
+# From Philippe De Muyter <phdm@macqel.be>
+# File format is actually free, but many distributed files begin with `{title'
+#
+0	string		{title		Chord text file
+
+# Type:	PowerTab file format
+# URL:	http://www.power-tab.net/
+# From:	Jelmer Vernooij <jelmer@samba.org>
+0	string		ptab\003\000	Power-Tab v3 Tablature File
+0	string		ptab\004\000	Power-Tab v4 Tablature File
diff --git a/magic/Magdir/cisco b/magic/Magdir/cisco
new file mode 100644
index 0000000..0279bbb
--- /dev/null
+++ b/magic/Magdir/cisco
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: cisco,v 1.4 2009/09/19 16:28:08 christos Exp $
+# cisco:  file(1) magic for cisco Systems routers
+#
+# Most cisco file-formats are covered by the generic elf code
+#
+# Microcode files are non-ELF, 0x8501 conflicts with NetBSD/alpha.
+0	belong&0xffffff00	0x85011400  cisco IOS microcode
+>7	string		>\0		    for '%s'
+0	belong&0xffffff00	0x8501cb00  cisco IOS experimental microcode
+>7	string		>\0		    for '%s'
diff --git a/magic/Magdir/citrus b/magic/Magdir/citrus
new file mode 100644
index 0000000..1801a55
--- /dev/null
+++ b/magic/Magdir/citrus
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: citrus,v 1.5 2021/01/04 19:48:31 christos Exp $
+# citrus locale declaration
+#
+
+0	string		RuneCT		Citrus locale declaration for LC_CTYPE
+0	string		CtrsME		Citrus locale declaration for LC_MESSAGES
+0	string		CtrsMO		Citrus locale declaration for LC_MONETARY
+0	string		CtrsNU		Citrus locale declaration for LC_NUMERIC
+0	string		CtrsTI		Citrus locale declaration for LC_TIME
+
diff --git a/magic/Magdir/clarion b/magic/Magdir/clarion
new file mode 100644
index 0000000..9fa0049
--- /dev/null
+++ b/magic/Magdir/clarion
@@ -0,0 +1,27 @@
+
+#------------------------------------------------------------------------------
+# $File: clarion,v 1.5 2014/04/30 21:41:02 christos Exp $
+# clarion:  file(1) magic for # Clarion Personal/Professional Developer
+# (v2 and above)
+# From: Julien Blache <jb@jblache.org>
+
+# Database files
+# signature
+0	leshort	0x3343	Clarion Developer (v2 and above) data file
+# attributes
+>2	leshort	&0x0001	\b, locked
+>2	leshort	&0x0004	\b, encrypted
+>2	leshort	&0x0008	\b, memo file exists
+>2	leshort	&0x0010	\b, compressed
+>2	leshort	&0x0040	\b, read only
+# number of records
+>5	lelong	x	\b, %d records
+
+# Memo files
+0	leshort	0x334d	Clarion Developer (v2 and above) memo data
+
+# Key/Index files
+# No magic? :(
+
+# Help files
+0	leshort	0x49e0	Clarion Developer (v2 and above) help data
diff --git a/magic/Magdir/claris b/magic/Magdir/claris
new file mode 100644
index 0000000..6a1b68f
--- /dev/null
+++ b/magic/Magdir/claris
@@ -0,0 +1,48 @@
+
+#------------------------------------------------------------------------------
+# $File: claris,v 1.8 2016/07/18 19:23:38 christos Exp $
+# claris:  file(1) magic for claris
+# "H. Nanosecond" <aldomel@ix.netcom.com>
+# Claris Works a word processor, etc.
+# Version 3.0
+
+# .pct claris works clip art files
+#0000000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000 000
+#*
+#0001000 #010 250 377 377 377 377 000 213 000 230 000 021 002 377 014 000
+#null to byte 1000 octal
+514	string	\377\377\377\377\000
+>0	string	\0\0\0\0\0\0\0\0\0\0\0\0\0	Claris clip art
+514	string	\377\377\377\377\001
+>0	string	\0\0\0\0\0\0\0\0\0\0\0\0\0	Claris clip art
+
+# Claris works files
+# .cwk
+# Moved to Apple AppleWorks document
+#0	string	\002\000\210\003\102\117\102\117\000\001\206 Claris works document
+# .plt
+0	string	\020\341\000\000\010\010	Claris Works palette files .plt
+
+# .msp a dictionary file I am not sure about this I have only one .msp file
+0	string	\002\271\262\000\040\002\000\164	Claris works dictionary
+
+# .usp are user dictionary bits
+# I am not sure about a magic header:
+#0000000 001 123 160 146 070 125 104 040 136 123 015 012 160 157 144 151
+#        soh   S   p   f   8   U   D  sp   ^   S  cr  nl   p   o   d   i
+#0000020 141 164 162 151 163 164 040 136 123 015 012 144 151 166 040 043
+#          a   t   r   i   s   t  sp   ^   S  cr  nl   d   i   v  sp   #
+
+# .mth Thesaurus
+# starts with \0 but no magic header
+
+# .chy Hyphenation file
+# I am not sure: 000 210 034 000 000
+
+# other claris files
+#./windows/claris/useng.ndx: data
+#./windows/claris/xtndtran.l32: data
+#./windows/claris/xtndtran.lst: data
+#./windows/claris/clworks.lbl: data
+#./windows/claris/clworks.prf: data
+#./windows/claris/userd.spl: data
diff --git a/magic/Magdir/clipper b/magic/Magdir/clipper
new file mode 100644
index 0000000..484caeb
--- /dev/null
+++ b/magic/Magdir/clipper
@@ -0,0 +1,65 @@
+
+#------------------------------------------------------------------------------
+# $File: clipper,v 1.9 2020/12/15 23:57:27 christos Exp $
+# clipper:  file(1) magic for Intergraph (formerly Fairchild) Clipper.
+#
+# XXX - what byte order does the Clipper use?
+#
+# XXX - what's the "!" stuff:
+#
+# >18	short		!074000,000000	C1 R1
+# >18	short		!074000,004000	C2 R1
+# >18	short		!074000,010000	C3 R1
+# >18	short		!074000,074000	TEST
+#
+# I shall assume it's ANDing the field with the first value and
+# comparing it with the second, and rewrite it as:
+#
+# >18	short&074000	000000		C1 R1
+# >18	short&074000	004000		C2 R1
+# >18	short&074000	010000		C3 R1
+# >18	short&074000	074000		TEST
+#
+# as SVR3.1's "file" doesn't support anything of the "!074000,000000"
+# sort, nor does SunOS 4.x, so either it's something Intergraph added
+# in CLIX, or something AT&T added in SVR3.2 or later, or something
+# somebody else thought was a good idea; it's not documented in the
+# man page for this version of "magic", nor does it appear to be
+# implemented (at least not after I blew off the bogus code to turn
+# old-style "&"s into new-style "&"s, which just didn't work at all).
+#
+0	short		0575		CLIPPER COFF executable (VAX #)
+>20	short		0407		(impure)
+>20	short		0410		(5.2 compatible)
+>20	short		0411		(pure)
+>20	short		0413		(demand paged)
+>20	short		0443		(target shared library)
+>12	long		>0		not stripped
+>22	short		>0		- version %d
+0	short		0577		CLIPPER COFF executable
+>18	short&074000	000000		C1 R1
+>18	short&074000	004000		C2 R1
+>18	short&074000	010000		C3 R1
+>18	short&074000	074000		TEST
+>20	short		0407		(impure)
+>20	short		0410		(pure)
+>20	short		0411		(separate I&D)
+>20	short		0413		(paged)
+>20	short		0443		(target shared library)
+>12	long		>0		not stripped
+>22	short		>0		- version %d
+>48	long&01		01		alignment trap enabled
+>52	byte		1		-Ctnc
+>52	byte		2		-Ctsw
+>52	byte		3		-Ctpw
+>52	byte		4		-Ctcb
+>53	byte		1		-Cdnc
+>53	byte		2		-Cdsw
+>53	byte		3		-Cdpw
+>53	byte		4		-Cdcb
+>54	byte		1		-Csnc
+>54	byte		2		-Cssw
+>54	byte		3		-Cspw
+>54	byte		4		-Cscb
+#4	string		pipe		CLIPPER instruction trace
+#4	string		prof		CLIPPER instruction profile
diff --git a/magic/Magdir/clojure b/magic/Magdir/clojure
new file mode 100644
index 0000000..1f1cddf
--- /dev/null
+++ b/magic/Magdir/clojure
@@ -0,0 +1,30 @@
+#------------------------------------------------------------------------------
+# file:  file(1) magic for Clojure
+# URL:  https://clojure.org/
+# From: Jason Felice <jason.m.felice@gmail.com>
+
+0	string/w	#!\ /usr/bin/clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/w	#!\ /usr/local/bin/clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/w	#!\ /usr/bin/clojure	Clojure script text executable
+!:mime	text/x-clojure
+0	string/w	#!\ /usr/local/bin/clojure	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!/usr/bin/env\ clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!/usr/bin/env\ clojure	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!\ /usr/bin/env\ clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!\ /usr/bin/env\ clojure	Clojure script text executable
+!:mime	text/x-clojure
+
+0	regex	\^\\\(ns[[:space:]]+[a-z]	Clojure module source text
+!:mime	text/x-clojure
+
+0	regex	\^\\\(ns[[:space:]]+\\\^\\{:	Clojure module source text
+!:mime	text/x-clojure
+
+0	regex	\^\\\(defn-?[[:space:]]	Clojure module source text
+!:mime	text/x-clojure
diff --git a/magic/Magdir/coff b/magic/Magdir/coff
new file mode 100644
index 0000000..5123b72
--- /dev/null
+++ b/magic/Magdir/coff
@@ -0,0 +1,98 @@
+
+#------------------------------------------------------------------------------
+# $File: coff,v 1.7 2022/11/21 22:30:22 christos Exp $
+# coff: file(1) magic for Common Object Files not specific to known cpu types or manufactures
+#
+# COFF
+#
+# by Joerg Jenderek at Oct 2015, Feb 2021
+# https://en.wikipedia.org/wiki/COFF
+# https://de.wikipedia.org/wiki/Common_Object_File_Format
+# http://www.delorie.com/djgpp/doc/coff/filhdr.html
+
+# display name+variables+flags of Common Object Files Format (32bit)
+# Maybe used also in adi,att3b,clipper,hitachi-sh,hp,ibm6000,intel,
+# mips,motorola,msdos,osf1,sharc,varied.out,vax
+0	name				display-coff
+# test for unused flag bits (0x8000,0x0800,0x0400,0x0200,x0080) in f_flags
+>18	uleshort&0x8E80	0
+# skip DOCTOR.DAILY READER.NDA REDBOX.ROOT by looking for positive number of sections
+>>2	uleshort	>0
+# skip ega80woa.fnt svgafix.fnt HP3FNTS1.DAT HP3FNTS2.DAT INTRO.ACT LEARN.PIF by looking for low number of sections
+>>>2	uleshort	<4207
+>>>>0	clear		x
+# f_magic - magic number
+# DJGPP, 80386 COFF executable, MS Windows COFF Intel 80386 object file (./intel)
+>>>>0	uleshort	0x014C		Intel 80386
+# Hitachi SH big-endian COFF (./hitachi-sh)
+>>>>0	uleshort	0x0500		Hitachi SH big-endian
+# Hitachi SH little-endian COFF (./hitachi-sh)
+>>>>0	uleshort	0x0550		Hitachi SH little-endian
+# executable (RISC System/6000 V3.1) or obj module (./ibm6000)
+#>>>>0	uleshort	0x01DF
+# MS Windows COFF Intel Itanium, AMD64
+# https://msdn.microsoft.com/en-us/library/windows/desktop/ms680313(v=vs.85).aspx
+>>>>0	uleshort	0x0200		Intel ia64
+>>>>0	uleshort	0x8664		Intel amd64
+# ARM COFF (./arm)
+>>>>0	uleshort	0xaa64		Aarch64
+>>>>0	uleshort	0x01c0		ARM
+>>>>0	uleshort	0xa641		ARM64EC
+>>>>0	uleshort	0x01c2		ARM Thumb
+>>>>0	uleshort	0x01c4		ARMv7 Thumb
+# TODO for other COFFs
+#>>>>0	uleshort	0xABCD		COFF_TEMPLATE
+>>>>0	default		x
+>>>>>0	uleshort	x		type %#04x
+>>>>0	uleshort	x		COFF
+# F_EXEC flag bit
+>>>>18	leshort		^0x0002		object file
+!:mime	application/x-coff
+!:ext	o/obj/lib
+# no cof sample found
+#!:ext	cof/o/obj/lib
+>>>>18	leshort		&0x0002		executable
+#!:mime	application/x-coffexec
+# F_RELFLG flag bit,static object
+>>>>18	leshort		&0x0001		\b, no relocation info
+# F_LNNO flag bit
+>>>>18	leshort		&0x0004		\b, no line number info
+# F_LSYMS flag bit
+>>>>18	leshort		&0x0008		\b, stripped
+>>>>18	leshort		^0x0008		\b, not stripped
+# flags in other COFF versions
+#0x0010    F_FDPR_PROF
+#0x0020    F_FDPR_OPTI
+#0x0040    F_DSA
+# F_AR32WR flag bit
+#>>>>18	leshort		&0x0100		\b, 32 bit little endian
+#0x1000    F_DYNLOAD
+#0x2000    F_SHROBJ
+#0x4000    F_LOADONLY
+# f_nscns - number of sections like: 1 2 3 4 5 7 8 9 11 12 15 16 19 20 21 22 26 30 36 40 42 56 80 89 96 124
+>>>>2	uleshort	<2		\b, %u section
+>>>>2	uleshort	>1		\b, %u sections
+# f_symptr - symbol table pointer, only for not stripped
+# like: 0 0x7c 0xf4 0x104 0x182 0x1c2 0x1c6 0x468 0x948 0x416e 0x149a6 0x1c9d8 0x23a68 0x35120 0x7afa0
+>>>>8	ulelong		>0		\b, symbol offset=%#x
+# f_nsyms - number of symbols, only for not stripped
+# like: 0 2 7 9 10 11 20 35 41 63 71 80 105 146 153 158 170 208 294 572 831 1546
+>>>>12	ulelong		>0		\b, %d symbols
+# f_opthdr - optional header size. An object file should have a value of 0
+>>>>16	uleshort	>0		\b, optional header size %u
+# f_timdat - file time & date stamp only for little endian
+>>>>4	ledate		>0		\b, created %s
+# at offset 20 can be optional header, extra bytes FILHSZ-20 because
+# do not rely on sizeof(FILHDR) to give the correct size for header.
+# or first section header
+# additional variables for other COFF files
+>>>>16	uleshort	=0
+# first section name s_name[8] like: .text .data .debug$S .drectve .testseg
+>>>>>20	string		x		\b, 1st section name "%.8s"
+# >20	beshort		0407		(impure)
+# >20	beshort		0410		(pure)
+# >20	beshort		0413		(demand paged)
+# >20	beshort		0421		(standalone)
+# >22	leshort		>0		- version %d
+# >168	string		.lowmem		Apple toolbox
+
diff --git a/magic/Magdir/commands b/magic/Magdir/commands
new file mode 100644
index 0000000..6ad87fd
--- /dev/null
+++ b/magic/Magdir/commands
@@ -0,0 +1,201 @@
+
+#------------------------------------------------------------------------------
+# $File: commands,v 1.73 2022/11/06 18:39:23 christos Exp $
+# commands:  file(1) magic for various shells and interpreters
+#
+#0	string/w	:			shell archive or script for antique kernel text
+0	string/fwt	#!\ /bin/sh		POSIX shell script text executable
+!:mime	text/x-shellscript
+0	string/fwb	#!\ /bin/sh		POSIX shell script executable (binary data)
+!:mime	text/x-shellscript
+>10	string	#\040This\040script\040was\040generated\040using\040Makeself	\b, self-executable archive
+>>53	string	x	\b, Makeself %s
+
+0	string/fwt	#!\ /bin/csh		C shell script text executable
+!:mime	text/x-shellscript
+
+# korn shell magic, sent by George Wu, gwu@clyde.att.com
+0	string/fwt	#!\ /bin/ksh		Korn shell script text executable
+!:mime	text/x-shellscript
+0	string/fwb	#!\ /bin/ksh		Korn shell script executable (binary data)
+!:mime	text/x-shellscript
+
+0	string/fwt 	#!\ /bin/tcsh		Tenex C shell script text executable
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/bin/tcsh	Tenex C shell script text executable
+!:mime	text/x-shellscript
+0	string/fwt 	#!\ /usr/local/tcsh	Tenex C shell script text executable
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/local/bin/tcsh	Tenex C shell script text executable
+!:mime	text/x-shellscript
+
+#
+# zsh/ash/ae/nawk/gawk magic from cameron@cs.unsw.oz.au (Cameron Simpson)
+0	string/fwt	#!\ /bin/zsh		Paul Falstad's zsh script text executable
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/bin/zsh	Paul Falstad's zsh script text executable
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/local/bin/zsh	Paul Falstad's zsh script text executable
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/bin/env\ zsh	Paul Falstad's zsh script text executable
+!:mime	text/x-shellscript
+
+0	string/fwt	#!\ /bin/ash		Neil Brown's ash script text executable
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/bin/ash	Neil Brown's ash script text executable
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/local/bin/ash	Neil Brown's ash script text executable
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/local/bin/ae	Neil Brown's ae script text executable
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /bin/nawk		new awk script text executable
+!:mime	text/x-nawk
+0	string/fwt	#!\ /usr/bin/nawk	new awk script text executable
+!:mime	text/x-nawk
+0	string/fwt	#!\ /usr/local/bin/nawk	new awk script text executable
+!:mime	text/x-nawk
+0	string/fwt	#!\ /bin/gawk		GNU awk script text executable
+!:mime	text/x-gawk
+0	string/wt	#!\ /usr/bin/gawk	GNU awk script text executable
+!:mime	text/x-gawk
+0	string/fwt	#!\ /usr/local/bin/gawk	GNU awk script text executable
+!:mime	text/x-gawk
+#
+0	string/fwt	#!\ /bin/awk		awk script text executable
+!:mime	text/x-awk
+0	string/fwt	#!\ /usr/bin/awk	awk script text executable
+!:mime	text/x-awk
+0	regex/4096	=^[\040\t\f\r\n]{0,100}BEGIN[\040\t\f\r\n]{0,100}[{]	awk or perl script text
+
+# AT&T Bell Labs' Plan 9 shell
+0	string/fwt	#!\ /bin/rc	Plan 9 rc shell script text executable
+
+# bash shell magic, from Peter Tobias (tobias@server.et-inf.fho-emden.de)
+0	string/fwt	#!\ /bin/bash	Bourne-Again shell script text executable
+!:mime	text/x-shellscript
+0	string/fwb	#!\ /bin/bash	Bourne-Again shell script executable (binary data)
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/bin/bash	Bourne-Again shell script text executable
+!:mime	text/x-shellscript
+0	string/fwb	#!\ /usr/bin/bash	Bourne-Again shell script executable (binary data)
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/local/bash	Bourne-Again shell script text executable
+!:mime	text/x-shellscript
+0	string/fwb	#!\ /usr/local/bash	Bourne-Again shell script executable (binary data)
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/local/bin/bash	Bourne-Again shell script text executable
+!:mime	text/x-shellscript
+0	string/fwb	#!\ /usr/local/bin/bash	Bourne-Again shell script executable (binary data)
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/bin/env\ bash	Bourne-Again shell script text executable
+!:mime	text/x-shellscript
+
+# Fish shell magic
+# From: Benjamin Lowry <ben@ben.gmbh>
+0	string/fwt	#!\ /usr/local/bin/fish		fish shell script text executable
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/bin/fish		fish shell script text executable
+!:mime	text/x-shellscript
+0	string/fwt	#!\ /usr/bin/env\ fish		fish shell script text executable
+!:mime	text/x-shellscript
+
+0	search/1/fwt	#!\ /usr/bin/tclsh	Tcl/Tk script text executable
+!:mime  text/x-tcl
+
+0	search/1/fwt	#!\ /usr/bin/texlua	LuaTex script text executable
+!:mime	text/x-luatex
+
+0	search/1/fwt	#!\ /usr/bin/luatex	LuaTex script text executable
+!:mime	text/x-luatex
+
+0	search/1/fwt	#!\ /usr/bin/stap	Systemtap script text executable
+!:mime  text/x-systemtap
+
+# From: Kylie McClain <kylie@somas.is>
+# Type: execline scripts
+# URL:  https://skarnet.org/software/execline/
+0	string/fwt	#!\ /command/execlineb		execline script text executable
+!:mime	text/x-execline
+0	string/fwt	#!\ /bin/execlineb		execline script text executable
+!:mime	text/x-execline
+0	string/fwt	#!\ /usr/bin/execlineb		execline script text executable
+!:mime	text/x-execline
+0	string/fwt	#!\ /usr/bin/env\ execlineb		execline script text executable
+!:mime	text/x-execline
+
+0	string	#!
+>0	regex	\^#!.*/bin/execlineb([[:space:]].*)*$	execline script text executable
+!:mime	text/x-execline
+
+# PHP scripts
+# Ulf Harnhammar <ulfh@update.uu.se>
+0	search/1/c	=<?php			PHP script text
+!:strength + 30
+!:mime	text/x-php
+0	search/1	=<?\n			PHP script text
+!:mime	text/x-php
+0	search/1	=<?\r			PHP script text
+!:mime	text/x-php
+0	search/1/w	#!\ /usr/local/bin/php	PHP script text executable
+!:strength + 10
+!:mime	text/x-php
+0	search/1/w	#!\ /usr/bin/php	PHP script text executable
+!:strength + 10
+!:mime	text/x-php
+# Smarty compiled template, https://www.smarty.net/
+# Elan Ruusamae <glen@delfi.ee>
+0	string	=<?php
+>5	regex	[\ \n]
+>>6	string	/*\ Smarty\ version		Smarty compiled template
+>>>24	regex	[0-9.]+				\b, version %s
+!:mime	text/x-php
+
+0	string		Zend\x00		PHP script Zend Optimizer data
+
+# From: Anatol Belski <ab@php.net>
+0	string		OPCACHE
+>7	ubyte		0			PHP opcache filecache data
+
+0	search/64	--TEST--
+>16	search/64	--FILE--
+>24	search/8192	--EXPECT		PHP core test
+!:ext	phpt
+
+# https://www.php.net/manual/en/phar.fileformat.signature.php
+-4	string		GBMB			PHP phar archive
+>-8	ubyte		0x1			with MD5 signature
+!:ext	phar
+>-8	ubyte		0x2			with SHA1 signature
+!:ext	phar
+>-8	ubyte		0x3			with SHA256 signature
+!:ext	phar
+>-8	ubyte		0x4			with SHA512 signature
+!:ext	phar
+>-8	ubyte		0x10			with OpenSSL signature
+!:ext	phar
+>-8	ubyte		0x11			with OpenSSL SHA256 signature
+!:ext	phar
+>-8	ubyte		0x12			with OpenSSL SHA512 signature
+!:ext	phar
+
+0	string/t	$!			DCL command file
+
+# Type: Pdmenu
+# URL:  https://packages.debian.org/pdmenu
+# From: Edward Betts <edward@debian.org>
+0	string		#!/usr/bin/pdmenu	Pdmenu configuration file text
+
+# From Danny Weldon
+0	string	\x0b\x13\x08\x00
+>0x04   uleshort	<4      ksh byte-code version %d
+
+# From: arno <arenevier@fdn.fr>
+# mozilla xpconnect typelib
+# see https://www.mozilla.org/scriptable/typelib_file.html
+0	string 		XPCOM\nTypeLib\r\n\032		XPConnect Typelib
+>0x10  byte        x       version %d
+>>0x11 byte        x      \b.%d
+
+0	string/fwt	#!\ /usr/bin/env\ runghc	GHC script executable
+0	string/fwt	#!\ /usr/bin/env\ runhaskell	Haskell script executable
+0	string/fwt	#!\ /usr/bin/env\ julia	Julia script executable
diff --git a/magic/Magdir/communications b/magic/Magdir/communications
new file mode 100644
index 0000000..8e1d908
--- /dev/null
+++ b/magic/Magdir/communications
@@ -0,0 +1,22 @@
+
+#----------------------------------------------------------------------------
+# $File: communications,v 1.5 2009/09/19 16:28:08 christos Exp $
+# communication
+
+# TTCN is the Tree and Tabular Combined Notation described in ISO 9646-3.
+# It is used for conformance testing of communication protocols.
+# Added by W. Borgert <debacle@debian.org>.
+0	string		$Suite			TTCN Abstract Test Suite
+>&1	string		$SuiteId
+>>&1	string		>\n			%s
+>&2	string		$SuiteId
+>>&1	string		>\n			%s
+>&3	string		$SuiteId
+>>&1	string		>\n			%s
+
+# MSC (message sequence charts) are a formal description technique,
+# described in ITU-T Z.120, mainly used for communication protocols.
+# Added by W. Borgert <debacle@debian.org>.
+0	string		mscdocument	Message Sequence Chart (document)
+0	string		msc		Message Sequence Chart (chart)
+0	string		submsc		Message Sequence Chart (subchart)
diff --git a/magic/Magdir/compress b/magic/Magdir/compress
new file mode 100644
index 0000000..c3f93fa
--- /dev/null
+++ b/magic/Magdir/compress
@@ -0,0 +1,461 @@
+#------------------------------------------------------------------------------
+# $File: compress,v 1.91 2023/06/16 19:37:47 christos Exp $
+# compress:  file(1) magic for pure-compression formats (no archives)
+#
+# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, etc.
+#
+# Formats for various forms of compressed data
+# Formats for "compress" proper have been moved into "compress.c",
+# because it tries to uncompress it to figure out what's inside.
+
+# standard unix compress
+0	string		\037\235	compress'd data
+!:mime	application/x-compress
+!:apple	LZIVZIVU
+!:ext	Z
+>2	byte&0x80	>0		block compressed
+>2	byte&0x1f	x		%d bits
+
+# gzip (GNU zip, not to be confused with Info-ZIP or PKWARE zip archiver)
+# URL: https://en.wikipedia.org/wiki/Gzip
+# Reference: https://tools.ietf.org/html/rfc1952
+# Update: Joerg Jenderek, Apr 2019, Dec 2022
+#   Edited by Chris Chittleborough <cchittleborough@yahoo.com.au>, March 2002
+#	* Original filename is only at offset 10 if "extra field" absent
+#	* Produce shorter output - notably, only report compression methods
+#         other than 8 ("deflate", the only method defined in RFC 1952).
+# Note: find defs -iname '*.trid.xml' -exec grep -q '<Bytes>1F8B08' {} \; -ls
+# TODO:
+# FBR	Blueberry FlashBack screen Record	https://www.flashbackrecorder.com/
+# KPR	KOffice/Calligra KPresenter		application/x-kpresenter
+# KPT	KOffice/Calligra KPresenter template?	application/x-kpresenter
+# SAV	Diggles Saved Game File			http://www.innonics.com
+# SAV	FarCry (demo) saved game		http://www.farcry-thegame.com
+# DAT	ZOAGZIP game data format		http://en.wikipedia.org/wiki/SD_Gundam_Capsule_Fighter
+0       string          \037\213
+# to display gzip compressed (strength=100=2*50) before other (strength=50)?
+#!:strength * 2
+# no FNAME and FCOMMENT bit implies no file name/comment. That means only binary
+>3	byte&0x18	=0
+# For binary gzipped no ASCII text should occur
+#	mcd-monu-cad.trid.xml
+>>10	string		MCD			Monu-Cad Drawing, Component or Font
+#>>36	string		Created\ with\ MONU-CAD	
+#!:mime	application/octet-stream
+# http://fileformats.archiveteam.org/wiki/Monu-CAD
+#	http://www.monucad.com/downloads/FullDemo-2005.EXE
+#	/HANDS96.MCC	Component
+#	/DEMO_DD01.MCD	Drawing
+#	/MCALF020.FNT	Font
+!:ext	mcc/mcd/fnt
+# http://www.generalcadd.com
+>>10	string		GXD			General CADD, Drawing or Component
+#!:mime	application/octet-stream
+#	/gxc/BUILDINGEDGE.gxc			Component
+#	/gxd/HOCKETT-STPAUL-WRHSE.gxd		Drawing
+#	/gxd/POWERLAND-MILL-ADD-11.gxd		Drawing		v9.1.06
+!:ext	gxc/gxd
+#>>>13	ubyte		0			\b, version 0
+>>>13	string		09			\b, version 9
+# other gzipped binary like gzipped tar, VirtualBox extension package,...
+>>10	default		x		gzip compressed data
+!:mime	application/gzip
+>>>0	use	gzip-info
+# size of the original (uncompressed) input data modulo 2^32
+# TODO: check for GXD MCD cad the reported size
+>>>-4	ulelong		x		\b, original size modulo 2^32 %u
+# gzipped TAR or VirtualBox extension package
+#!:mime	application/x-compressed-tar
+#!:mime	application/x-virtualbox-vbox-extpack
+# https://www.w3.org/TR/SVG/mimereg.html
+#!:mime	image/svg+xml-compressed
+#	zlib.3.gz
+#	microcode-20180312.tgz
+#	tpz same as tgz
+#	lua-md5_1.2-1_i386_i486.ipk	https://en.wikipedia.org/wiki/Opkg
+#	Oracle_VM_VirtualBox_Extension_Pack-5.0.12-104815.vbox-extpack
+#	trees.blend			http://fileformats.archiveteam.org/wiki/BLEND
+#	2020-07-19-Note-16-24.xoj	https://xournal.sourceforge.net/manual.html
+#	MYgnucash-gz.gnucash		https://wiki.gnucash.org/wiki/GnuCash_XML_format
+#	text-rotate.dia			https://en.wikipedia.org/wiki/Dia_(software)
+#	MYrdata.RData			https://en.wikipedia.org/wiki/R_(programming_language)
+!:ext	gz/tgz/tpz/ipk/vbox-extpack/svgz/blend/dia/gnucash/rdata/xoj
+# FNAME/FCOMMENT bit implies file name/comment as iso-8859-1 text
+>3	byte&0x18	>0		gzip compressed data
+!:mime	application/gzip
+# gzipped tar, gzipped Abiword document
+#!:mime	application/x-compressed-tar
+#!:mime	application/x-abiword-compressed
+#!:mime	image/image/svg+xml-compressed
+#	kleopatra_splashscreen.svgz	gzipped .svg
+#	RSI-Mega-Demo_Disk1.adz		gzipped .adf	http://fileformats.archiveteam.org/wiki/ADF_(Amiga)
+#	PostbankTest.kmy		gzipped XML	https://docs.kde.org/stable5/en/kmymoney/kmymoney/details.formats.compressed.html
+#	Logo.xcfgz			gzipped .xcf	http://fileformats.archiveteam.org/wiki/XCF
+!:ext	gz/tgz/tpz/zabw/svgz/adz/kmy/xcfgz
+>>0	use	gzip-info
+# size of the original (uncompressed) input data modulo 2^32
+>>-4	ulelong		x		\b, original size modulo 2^32 %u
+#	display information of gzip compressed files
+0	name				gzip-info
+#>2	byte		x		THIS iS GZIP
+>2	byte		<8		\b, reserved method
+>2	byte		>8		\b, unknown method
+>3	byte		&0x01		\b, ASCII
+>3	byte		&0x02		\b, has CRC
+>3	byte		&0x04		\b, extra field
+>3	byte&0xC	=0x08
+>>10	string		x		\b, was "%s"
+>3	byte		&0x10		\b, has comment
+>3	byte		&0x20		\b, encrypted
+>4	ledate		>0		\b, last modified: %s
+>8	byte		2		\b, max compression
+>8	byte		4		\b, max speed
+>9	byte		=0x00		\b, from FAT filesystem (MS-DOS, OS/2, NT)
+>9	byte		=0x01		\b, from Amiga
+>9	byte		=0x02		\b, from VMS
+>9	byte		=0x03		\b, from Unix
+>9	byte		=0x04		\b, from VM/CMS
+>9	byte		=0x05		\b, from Atari
+>9	byte		=0x06		\b, from HPFS filesystem (OS/2, NT)
+>9	byte		=0x07		\b, from MacOS
+>9	byte		=0x08		\b, from Z-System
+>9	byte		=0x09		\b, from CP/M
+>9	byte		=0x0A		\b, from TOPS/20
+>9	byte		=0x0B		\b, from NTFS filesystem (NT)
+>9	byte		=0x0C		\b, from QDOS
+>9	byte		=0x0D		\b, from Acorn RISCOS
+# size of the original (uncompressed) input data modulo 2^32
+#>-4	ulelong		x		\b, original size modulo 2^32 %u
+#ERROR: line 114: non zero offset 1048572 at level 1
+
+# packed data, Huffman (minimum redundancy) codes on a byte-by-byte basis
+0	string		\037\036	packed data
+!:mime	application/octet-stream
+!:ext	z
+>2	belong		>1		\b, %d characters originally
+>2	belong		=1		\b, %d character originally
+#
+# This magic number is byte-order-independent.
+0	short		0x1f1f		old packed data
+!:mime	application/octet-stream
+
+# XXX - why *two* entries for "compacted data", one of which is
+# byte-order independent, and one of which is byte-order dependent?
+#
+0	short		0x1fff		compacted data
+!:mime	application/octet-stream
+# This string is valid for SunOS (BE) and a matching "short" is listed
+# in the Ultrix (LE) magic file.
+0	string		\377\037	compacted data
+!:mime	application/octet-stream
+0	short		0145405		huf output
+!:mime	application/octet-stream
+
+# bzip2
+0	string		BZh		bzip2 compressed data
+!:mime	application/x-bzip2
+!:ext	bz2
+>3	byte		>47		\b, block size = %c00k
+
+# bzip	a block-sorting file compressor
+#	by Julian Seward <sewardj@cs.man.ac.uk> and others
+0	string		BZ0		bzip compressed data
+!:mime	application/x-bzip
+>3	byte		>47		\b, block size = %c00k
+
+# lzip
+0	string		LZIP		lzip compressed data
+!:mime application/x-lzip
+!:ext lz
+>4	byte		x		\b, version: %d
+
+# squeeze and crunch
+# Michael Haardt <michael@cantor.informatik.rwth-aachen.de>
+0	beshort		0x76FF		squeezed data,
+>4	string		x		original name %s
+0	beshort		0x76FE		crunched data,
+>2	string		x		original name %s
+0	beshort		0x76FD		LZH compressed data,
+>2	string		x		original name %s
+
+# Freeze
+0	string		\037\237	frozen file 2.1
+0	string		\037\236	frozen file 1.0 (or gzip 0.5)
+
+# SCO compress -H (LZH)
+0	string		\037\240	SCO compress -H (LZH) data
+
+# European GSM 06.10 is a provisional standard for full-rate speech
+# transcoding, prI-ETS 300 036, which uses RPE/LTP (residual pulse
+# excitation/long term prediction) coding at 13 kbit/s.
+#
+# There's only a magic nibble (4 bits); that nibble repeats every 33
+# bytes.  This isn't suited for use, but maybe we can use it someday.
+#
+# This will cause very short GSM files to be declared as data and
+# mismatches to be declared as data too!
+#0	byte&0xF0	0xd0		data
+#>33	byte&0xF0	0xd0
+#>66	byte&0xF0	0xd0
+#>99	byte&0xF0	0xd0
+#>132	byte&0xF0	0xd0		GSM 06.10 compressed audio
+
+# lzop from <markus.oberhumer@jk.uni-linz.ac.at>
+0	string		\x89\x4c\x5a\x4f\x00\x0d\x0a\x1a\x0a	lzop compressed data
+!:ext	lzo
+>9	beshort		<0x0940
+>>9	byte&0xf0	=0x00		- version 0.
+>>9	beshort&0x0fff	x		\b%03x,
+>>13	byte		1		LZO1X-1,
+>>13	byte		2		LZO1X-1(15),
+>>13	byte		3		LZO1X-999,
+## >>22	bedate		>0		last modified: %s,
+>>14	byte		=0x00		os: MS-DOS
+>>14	byte		=0x01		os: Amiga
+>>14	byte		=0x02		os: VMS
+>>14	byte		=0x03		os: Unix
+>>14	byte		=0x05		os: Atari
+>>14	byte		=0x06		os: OS/2
+>>14	byte		=0x07		os: MacOS
+>>14	byte		=0x0A		os: Tops/20
+>>14	byte		=0x0B		os: WinNT
+>>14	byte		=0x0E		os: Win32
+>9	beshort		>0x0939
+>>9	byte&0xf0	=0x00		- version 0.
+>>9	byte&0xf0	=0x10		- version 1.
+>>9	byte&0xf0	=0x20		- version 2.
+>>9	beshort&0x0fff	x		\b%03x,
+>>15	byte		1		LZO1X-1,
+>>15	byte		2		LZO1X-1(15),
+>>15	byte		3		LZO1X-999,
+## >>25	bedate		>0		last modified: %s,
+>>17	byte		=0x00		os: MS-DOS
+>>17	byte		=0x01		os: Amiga
+>>17	byte		=0x02		os: VMS
+>>17	byte		=0x03		os: Unix
+>>17	byte		=0x05		os: Atari
+>>17	byte		=0x06		os: OS/2
+>>17	byte		=0x07		os: MacOS
+>>17	byte		=0x0A		os: Tops/20
+>>17	byte		=0x0B		os: WinNT
+>>17	byte		=0x0E		os: Win32
+
+# 4.3BSD-Quasijarus Strong Compression
+# https://minnie.tuhs.org/Quasijarus/compress.html
+0	string		\037\241	Quasijarus strong compressed data
+
+# From: Cory Dikkers <cdikkers@swbell.net>
+0	string		XPKF		Amiga xpkf.library compressed data
+0	string		PP11		Power Packer 1.1 compressed data
+0	string		PP20		Power Packer 2.0 compressed data,
+>4	belong		0x09090909	fast compression
+>4	belong		0x090A0A0A	mediocre compression
+>4	belong		0x090A0B0B	good compression
+>4	belong		0x090A0C0C	very good compression
+>4	belong		0x090A0C0D	best compression
+
+# 7-zip archiver, from Thomas Klausner (wiz@danbala.tuwien.ac.at)
+# https://www.7-zip.org or DOC/7zFormat.txt
+#
+0	string		7z\274\257\047\034	7-zip archive data,
+>6	byte		x			version %d
+>7	byte		x			\b.%d
+!:mime	application/x-7z-compressed
+!:ext 7z/cb7
+
+0	name		lzma			LZMA compressed data,
+!:mime	application/x-lzma
+!:ext	lzma
+>5	lequad		=0xffffffffffffffff	streamed
+>5	lequad		!0xffffffffffffffff	non-streamed, size %lld
+
+# Type: LZMA
+0	lelong&0xffffff	=0x5d
+>12	leshort		0xff
+>>0	use		lzma
+>12	leshort		0
+>>0	use		lzma
+
+# http://tukaani.org/xz/xz-file-format.txt
+0	ustring		\xFD7zXZ\x00		XZ compressed data, checksum
+!:strength * 2
+!:mime	application/x-xz
+!:ext	xz
+>7	byte&0xf	0x0			NONE
+>7	byte&0xf	0x1			CRC32
+>7	byte&0xf	0x4			CRC64
+>7	byte&0xf	0xa			SHA-256
+
+# https://github.com/ckolivas/lrzip/blob/master/doc/magic.header.txt
+0	string		LRZI			LRZIP compressed data
+!:mime  application/x-lrzip
+>4	byte		x			- version %d
+>5	byte		x			\b.%d
+>22	byte		1			\b, encrypted
+
+# https://fastcompression.blogspot.fi/2013/04/lz4-streaming-format-final.html
+0	lelong		0x184d2204	LZ4 compressed data (v1.4+)
+!:mime	application/x-lz4
+!:ext	lz4
+# Added by osm0sis@xda-developers.com
+0 	lelong		0x184c2103	LZ4 compressed data (v1.0-v1.3)
+!:mime	application/x-lz4
+0	lelong		0x184c2102	LZ4 compressed data (v0.1-v0.9)
+!:mime	application/x-lz4
+
+# Zstandard/LZ4 skippable frames
+# https://github.com/facebook/zstd/blob/dev/zstd_compression_format.md
+0         lelong&0xFFFFFFF0  0x184D2A50
+>(4.l+8)  indirect	x
+
+# Zstandard Dictionary ID subroutine
+0     name        zstd-dictionary-id
+# Single Segment = True
+>0    byte        &0x20   \b, Dictionary ID:
+>>0   byte&0x03   0       None
+>>0   byte&0x03   1
+>>>1  byte        x       %u
+>>0   byte&0x03   2
+>>>1  leshort     x       %u
+>>0   byte&0x03   3
+>>>1  lelong      x       %u
+# Single Segment = False
+>0    byte        ^0x20   \b, Dictionary ID:
+>>0   byte&0x03   0       None
+>>0   byte&0x03   1
+>>>2  byte        x       %u
+>>0   byte&0x03   2
+>>>2  leshort     x       %u
+>>0   byte&0x03   3
+>>>2  lelong      x       %u
+
+# Zstandard compressed data
+# https://github.com/facebook/zstd/blob/dev/zstd_compression_format.md
+0     lelong       0xFD2FB522  Zstandard compressed data (v0.2)
+!:mime  application/zstd
+!:ext zst
+0     lelong       0xFD2FB523  Zstandard compressed data (v0.3)
+!:mime  application/zstd
+!:ext zst
+0     lelong       0xFD2FB524  Zstandard compressed data (v0.4)
+!:mime  application/zstd
+!:ext zst
+0     lelong       0xFD2FB525  Zstandard compressed data (v0.5)
+!:mime  application/zstd
+!:ext zst
+0     lelong       0xFD2FB526  Zstandard compressed data (v0.6)
+!:mime  application/zstd
+!:ext zst
+0     lelong       0xFD2FB527  Zstandard compressed data (v0.7)
+!:mime  application/zstd
+!:ext zst
+>4    use          zstd-dictionary-id
+0     lelong       0xFD2FB528  Zstandard compressed data (v0.8+)
+!:mime  application/zstd
+!:ext zst
+>4    use          zstd-dictionary-id
+
+# https://github.com/facebook/zstd/blob/dev/zstd_compression_format.md
+0  lelong    0xEC30A437  Zstandard dictionary
+!:mime  application/x-std-dictionary
+>4 lelong    x           (ID %u)
+
+# AFX compressed files (Wolfram Kleff)
+2	string		-afx-		AFX compressed file data
+
+# Supplementary magic data for the file(1) command to support
+# rzip(1).  The format is described in magic(5).
+#
+# Copyright (C) 2003 by Andrew Tridgell.  You may do whatever you want with
+# this file.
+#
+0	string		RZIP		rzip compressed data
+>4	byte		x		- version %d
+>5	byte		x		\b.%d
+>6	belong		x		(%d bytes)
+
+0	string		ArC\x01		FreeArc archive <http://freearc.org>
+
+# Type:	DACT compressed files
+0	long	0x444354C3	DACT compressed data
+>4	byte	>-1		(version %i.
+>5	byte	>-1		%i.
+>6	byte	>-1		%i)
+>7	long	>0		, original size: %i bytes
+>15	long	>30		, block size: %i bytes
+
+# Valve Pack (VPK) files
+0	lelong	0x55aa1234	Valve Pak file
+>0x4	lelong	x		\b, version %u
+>0x8	lelong	x		\b, %u entries
+
+# Snappy framing format
+# https://code.google.com/p/snappy/source/browse/trunk/framing_format.txt
+0	string	\377\006\0\0sNaPpY	snappy framed data
+!:mime	application/x-snappy-framed
+
+# qpress, https://www.quicklz.com/
+0	string	qpress10	qpress compressed data
+!:mime	application/x-qpress
+
+# Zlib https://www.ietf.org/rfc/rfc6713.txt
+0	string/b	x
+>0	beshort%31	=0
+>>0	byte&0xf	=8
+>>>0	byte&0x80 	=0	zlib compressed data
+!:mime	application/zlib
+
+# BWC compression
+0	string		BWC
+>3	byte		0	BWC compressed data
+
+# UCL compression
+0	bequad		0x00e955434cff011a	UCL compressed data
+
+# Softlib archive
+0	string		SLIB	Softlib archive
+>4	leshort		x	\b, version %d
+>6	leshort		x	(contains %d files)
+
+# URL:  https://github.com/lzfse/lzfse/blob/master/src/lzfse_internal.h#L276
+# From: Eric Hall <eric.hall@darkart.com>
+0	string	bvx-	lzfse encoded, no compression
+0	string	bvx1	lzfse compressed, uncompressed tables
+0	string	bvx2	lzfse compressed, compressed tables
+0	string	bvxn	lzfse encoded, lzvn compressed
+
+# pcxLib.exe compression program
+# http://www.shikadi.net/moddingwiki/PCX_Library
+0	string/b	pcxLib
+>0x0A	string/b	Copyright\020(c)\020Genus\020Microprogramming,\020Inc.	pcxLib compressed
+
+# https://support-docs.illumina.com/SW/ORA_Format_Specification/Content/SW/ORA/ORAFormatSpecification.htm
+0	uleshort	0x7c49	
+>2	lelong		0x80	ORA FASTQ compressed file
+>>6	ulelong		x	\b, DNA size %u
+>>10	ulelong		x	\b, read names size %u
+>>14	ulelong		x	\b, quality buffer 1 size %u
+>>18	ulelong		x	\b, quality buffer 2 size %u
+>>22	ulelong		x	\b, sequence buffer size %u
+>>26	ulelong		x	\b, N-position buffer size %u
+>>30	ulelong		x	\b, crypto buffer size %u
+>>34	ulelong		x	\b, misc  buffer 1 size %u
+>>38	ulelong		x	\b, misc  buffer 2 size %u
+>>42	ulelong		x	\b, flags %#x
+>>46	lelong		x	\b, read size %d
+>>50	lelong		x	\b, number of reads %d
+>>54	leshort		x	\b, version %d
+
+# https://github.com/kspalaiologos/bzip3/blob/master/doc/file_format.md
+0	string/b	BZ3v1	bzip3 compressed data
+>5	ulelong		x	\b, blocksize %u
+
+
+# https://support-docs.illumina.com/SW/ORA_Format_Specification/Content/\
+# SW/ORA/ORAFormatSpecification.htm
+# From Guillaume Rizk
+0	short	=0x7C49 DRAGEN ORA file,
+>-261	short	=0x7C49 with metadata:
+>-125	u8	x	NB reads: %llu,
+>-109	u8	x	NB bases: %llu.
+>-219	u4&0x02	2	File contains interleaved paired reads
diff --git a/magic/Magdir/console b/magic/Magdir/console
new file mode 100644
index 0000000..0ed53fe
--- /dev/null
+++ b/magic/Magdir/console
@@ -0,0 +1,1226 @@
+
+#------------------------------------------------------------------------------
+# $File: console,v 1.72 2023/06/16 19:24:06 christos Exp $
+# Console game magic
+# Toby Deshane <hac@shoelace.digivill.net>
+
+# ines: file(1) magic for Marat's iNES Nintendo Entertainment System ROM dump format
+# Updated by David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://wiki.nesdev.com/w/index.php/INES
+# - https://wiki.nesdev.com/w/index.php/NES_2.0
+
+# Common header for iNES, NES 2.0, and Wii U iNES.
+0	name		nes-rom-image-ines
+>7	byte&0x0C	=0x8		(NES 2.0)
+>4	byte		x		\b: %ux16k PRG
+>5	byte		x		\b, %ux8k CHR
+>6	byte&0x08	=0x8		[4-Scr]
+>6	byte&0x09	=0x0		[H-mirror]
+>6	byte&0x09	=0x1		[V-mirror]
+>6	byte&0x02	=0x2		[SRAM]
+>6	byte&0x04	=0x4		[Trainer]
+>7	byte&0x03	=0x2		[PC10]
+>7	byte&0x03	=0x1		[VS]
+>>7	byte&0x0C	=0x8
+# NES 2.0: VS PPU
+>>>13	byte&0x0F	=0x0		\b, RP2C03B
+>>>13	byte&0x0F	=0x1		\b, RP2C03G
+>>>13	byte&0x0F	=0x2		\b, RP2C04-0001
+>>>13	byte&0x0F	=0x3		\b, RP2C04-0002
+>>>13	byte&0x0F	=0x4		\b, RP2C04-0003
+>>>13	byte&0x0F	=0x5		\b, RP2C04-0004
+>>>13	byte&0x0F	=0x6		\b, RP2C03B
+>>>13	byte&0x0F	=0x7		\b, RP2C03C
+>>>13	byte&0x0F	=0x8		\b, RP2C05-01
+>>>13	byte&0x0F	=0x9		\b, RP2C05-02
+>>>13	byte&0x0F	=0xA		\b, RP2C05-03
+>>>13	byte&0x0F	=0xB		\b, RP2C05-04
+>>>13	byte&0x0F	=0xC		\b, RP2C05-05
+# TODO: VS protection hardware?
+>>7	byte		x		\b]
+# NES 2.0-specific flags.
+>7	byte&0x0C	=0x8
+>>12	byte&0x03	=0x0		[NTSC]
+>>12	byte&0x03	=0x1		[PAL]
+>>12	byte&0x02	=0x2		[NTSC+PAL]
+
+# Standard iNES ROM header.
+0	string		NES\x1A		NES ROM image (iNES)
+!:mime	application/x-nes-rom
+>0	use		nes-rom-image-ines
+
+# Wii U Virtual Console iNES ROM header.
+0	belong		0x4E455300	NES ROM image (Wii U Virtual Console)
+!:mime	application/x-nes-rom
+>0	use		nes-rom-image-ines
+
+#------------------------------------------------------------------------------
+# unif: file(1) magic for UNIF-format Nintendo Entertainment System ROM images
+# Reference: https://wiki.nesdev.com/w/index.php/UNIF
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+#
+# NOTE: The UNIF format uses chunks instead of a fixed header,
+# so most of the data isn't easily parseable.
+#
+0	string	UNIF
+>4	lelong	<16	NES ROM image (UNIF v%d format)
+!:mime	application/x-nes-rom
+
+#------------------------------------------------------------------------------
+# fds: file(1) magic for Famicom Disk System disk images
+# Reference: https://wiki.nesdev.com/w/index.php/Family_Computer_Disk_System#.FDS_format
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# TODO: Check "Disk info block" and get info from that in addition to the optional header.
+
+# Disk info block. (block 1)
+0	name	nintendo-fds-disk-info-block
+>23	byte	!1		FMC-
+>23	byte	1		FSC-
+>16	string	x		\b%.3s
+>15	ubyte	x		\b, mfr %02X
+>20	ubyte	x		(Rev.%02u)
+
+# Headered version.
+0	string	FDS\x1A
+>0x11	string	*NINTENDO-HVC*	Famicom Disk System disk image:
+!:mime	application/x-fds-disk
+>>0x10	use	nintendo-fds-disk-info-block
+>4	byte	1	(%u side)
+>4	byte	!1	(%u sides)
+
+# Unheadered version.
+1	string	*NINTENDO-HVC*	Famicom Disk System disk image:
+!:mime	application/x-fds-disk
+>0	use	nintendo-fds-disk-info-block
+
+#------------------------------------------------------------------------------
+# tnes: file(1) magic for TNES-format Nintendo Entertainment System ROM images
+# Used by Nintendo 3DS NES Virtual Console games.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+#
+0		string	TNES	NES ROM image (Nintendo 3DS Virtual Console)
+!:mime		application/x-nes-rom
+>4		byte	100	\b: FDS,
+>>0x2010	use	nintendo-fds-disk-info-block
+>4		byte	!100	\b: TNES mapper %u
+>>5	byte		x		\b, %ux8k PRG
+>>6	byte		x		\b, %ux8k CHR
+>>7	byte&0x08	=1		[WRAM]
+>>8	byte&0x09	=1		[H-mirror]
+>>8	byte&0x09	=2		[V-mirror]
+>>8	byte&0x02	=3		[VRAM]
+
+#------------------------------------------------------------------------------
+# gameboy: file(1) magic for the Nintendo (Color) Gameboy raw ROM format
+# Reference: http://gbdev.gg8.se/wiki/articles/The_Cartridge_Header
+#
+0x104		bequad		0xCEED6666CC0D000B	Game Boy ROM image
+# TODO: application/x-gameboy-color-rom for GBC.
+!:mime		application/x-gameboy-rom
+>0x143		byte&0x80	0x80
+>>0x134		string		>\0			\b: "%.15s"
+>0x143		byte&0x80	!0x80
+>>0x134		string		>\0			\b: "%.16s"
+>0x14c		byte		x			(Rev.%02u)
+
+# Machine type. (SGB, CGB, SGB+CGB)
+# Old licensee code 0x33 is required for SGB, but not CGB.
+>0x14b		byte		0x33
+>>0x146		byte		0x03
+>>>0x143	byte&0x80	0x80	[SGB+CGB]
+>>>0x143	byte&0x80	!0x80	[SGB]
+>>0x146		byte		!0x03
+>>>0x143	byte&0xC0	0x80	[CGB]
+>>>0x143	byte&0xC0	0xC0	[CGB ONLY]
+>0x14b		byte		!0x33
+>>0x143		byte&0xC0	0x80	[CGB]
+>>0x143		byte&0xC0	0xC0	[CGB ONLY]
+
+# Mapper.
+>0x147 byte 0x00  [ROM ONLY]
+>0x147 byte 0x01  [MBC1]
+>0x147 byte 0x02  [MBC1+RAM]
+>0x147 byte 0x03  [MBC1+RAM+BATT]
+>0x147 byte 0x05  [MBC2]
+>0x147 byte 0x06  [MBC2+BATTERY]
+>0x147 byte 0x08  [ROM+RAM]
+>0x147 byte 0x09  [ROM+RAM+BATTERY]
+>0x147 byte 0x0B  [MMM01]
+>0x147 byte 0x0C  [MMM01+SRAM]
+>0x147 byte 0x0D  [MMM01+SRAM+BATT]
+>0x147 byte 0x0F  [MBC3+TIMER+BATT]
+>0x147 byte 0x10  [MBC3+TIMER+RAM+BATT]
+>0x147 byte 0x11  [MBC3]
+>0x147 byte 0x12  [MBC3+RAM]
+>0x147 byte 0x13  [MBC3+RAM+BATT]
+>0x147 byte 0x19  [MBC5]
+>0x147 byte 0x1A  [MBC5+RAM]
+>0x147 byte 0x1B  [MBC5+RAM+BATT]
+>0x147 byte 0x1C  [MBC5+RUMBLE]
+>0x147 byte 0x1D  [MBC5+RUMBLE+SRAM]
+>0x147 byte 0x1E  [MBC5+RUMBLE+SRAM+BATT]
+>0x147 byte 0xFC  [Pocket Camera]
+>0x147 byte 0xFD  [Bandai TAMA5]
+>0x147 byte 0xFE  [Hudson HuC-3]
+>0x147 byte 0xFF  [Hudson HuC-1]
+
+# ROM size.
+>0x148 byte 0     \b, ROM: 256Kbit
+>0x148 byte 1     \b, ROM: 512Kbit
+>0x148 byte 2     \b, ROM: 1Mbit
+>0x148 byte 3     \b, ROM: 2Mbit
+>0x148 byte 4     \b, ROM: 4Mbit
+>0x148 byte 5     \b, ROM: 8Mbit
+>0x148 byte 6     \b, ROM: 16Mbit
+>0x148 byte 7     \b, ROM: 32Mbit
+>0x148 byte 0x52  \b, ROM: 9Mbit
+>0x148 byte 0x53  \b, ROM: 10Mbit
+>0x148 byte 0x54  \b, ROM: 12Mbit
+
+# RAM size.
+>0x149 byte 1     \b, RAM: 16Kbit
+>0x149 byte 2     \b, RAM: 64Kbit
+>0x149 byte 3     \b, RAM: 256Kbit
+>0x149 byte 4     \b, RAM: 1Mbit
+>0x149 byte 5     \b, RAM: 512Kbit
+
+#------------------------------------------------------------------------------
+# genesis: file(1) magic for various Sega Mega Drive / Genesis ROM image and disc formats
+# Updated by David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://www.retrodev.com/segacd.html
+# - http://devster.monkeeh.com/sega/32xguide1.txt
+#
+
+# Common Sega Mega Drive header format.
+# FIXME: Name fields are 48 bytes, but have spaces for padding instead of 00s.
+0		name	sega-mega-drive-header
+# ROM title. (Use domestic if present; if not, use international.)
+>0x120		byte	>0x20
+>>0x120		string	>\0	\b: "%.16s"
+>0x120		byte	<0x21
+>>0x150		string	>\0	\b: "%.16s"
+# Other information.
+>0x180		string	>\0	(%.14s
+>>0x110		string  >\0	\b, %.16s
+>0x180		byte	0
+>>0x110		string  >\0	(%.16s
+>0		byte	x	\b)
+
+# TODO: Check for 32X CD?
+# Sega Mega CD disc images: 2048-byte sectors.
+0	string	SEGADISCSYSTEM\ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
+>0	use	sega-mega-drive-header
+>0	byte	x			\b, 2048-byte sectors
+0	string	SEGABOOTDISC\ \ \ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
+>0	use	sega-mega-drive-header
+>0	byte	x			\b, 2048-byte sectors
+# Sega Mega CD disc images: 2352-byte sectors.
+0x10	string	SEGADISCSYSTEM\ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
+>0x10	use	sega-mega-drive-header
+>0	byte	x			\b, 2352-byte sectors
+0x10	string	SEGABOOTDISC\ \ \ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
+>0x10	use	sega-mega-drive-header
+>0	byte	x			\b, 2352-byte sectors
+
+# Sega Mega Drive: Identify the system ID.
+0x100		string	SEGA
+>0x3C0		string	MARS\ CHECK\ MODE	Sega 32X ROM image
+!:mime		application/x-genesis-32x-rom
+>>0		use	sega-mega-drive-header
+>0x104		string	\ PICO			Sega Pico ROM image
+!:mime		application/x-sega-pico-rom
+>>0		use	sega-mega-drive-header
+>0x104		string	TOYS\ PICO		Sega Pico ROM image
+!:mime		application/x-sega-pico-rom
+>>0		use	sega-mega-drive-header
+>0x104		string	\ TOYS\ PICO		Sega Pico ROM image
+!:mime		application/x-sega-pico-rom
+>>0		use	sega-mega-drive-header
+>0x104		string	\ IAC			Sega Pico ROM image
+!:mime		application/x-sega-pico-rom
+>>0		use	sega-mega-drive-header
+>0x104		string	\ TERA68K		Sega Teradrive (68K) ROM image
+!:mime		application/x-sega-teradrive-rom
+>>0		use	sega-mega-drive-header
+>0x104		string	\ TERA286		Sega Teradrive (286) ROM image
+!:mime		application/x-sega-teradrive-rom
+>>0		use	sega-mega-drive-header
+>0x180		string	BR			Sega Mega CD Boot ROM image
+!:mime		application/x-genesis-rom
+>>0		use	sega-mega-drive-header
+>0x104		default	x			Sega Mega Drive / Genesis ROM image
+!:mime		application/x-genesis-rom
+>>0		use	sega-mega-drive-header
+
+# Sega Mega Drive: Some ROMs have "SEGA" at 0x101, not 0x100.
+0x100		string	\ SEGA			Sega Mega Drive / Genesis ROM image
+>0		use	sega-mega-drive-header
+
+# Sega Pico ROMs that don't start with "SEGA".
+0x100		string	SAMSUNG\ PICO		Samsung Pico ROM image
+!:mime		application/x-sega-pico-rom
+>0		use	sega-mega-drive-header
+0x100		string	IMA\ IKUNOUJYUKU	Samsung Pico ROM image
+!:mime		application/x-sega-pico-rom
+>0		use	sega-mega-drive-header
+0x100		string	IMA IKUNOJYUKU		Samsung Pico ROM image
+!:mime		application/x-sega-pico-rom
+>0		use	sega-mega-drive-header
+
+# Sega Picture Magic (modified 32X)
+0x100		string	Picture\ Magic
+>0x3C0		string	PICTURE MAGIC-01	Sega 32X ROM image
+!:mime		application/x-genesis-32x-rom
+>>0		use	sega-mega-drive-header
+
+#------------------------------------------------------------------------------
+# genesis: file(1) magic for the Super MegaDrive ROM dump format
+#
+
+# NOTE: Due to interleaving, we can't display anything
+# other than the copier header information.
+0      name    sega-genesis-smd-header
+>0     byte    x       %dx16k blocks
+>2     byte    0       \b, last in series or standalone
+>2     byte    >0      \b, split ROM
+
+# "Sega Genesis" header.
+0x280	string EAGN
+>8	beshort	0xAABB	Sega Mega Drive / Genesis ROM image (SMD format):
+!:mime	application/x-genesis-rom
+>>0	use     sega-genesis-smd-header
+
+# "Sega Mega Drive" header.
+0x280	string EAMG
+>8	beshort	0xAABB	Sega Mega Drive / Genesis ROM image (SMD format):
+!:mime	application/x-genesis-rom
+>>0	use     sega-genesis-smd-header
+
+#------------------------------------------------------------------------------
+# smsgg:  file(1) magic for Sega Master System and Game Gear ROM images
+# Detects all Game Gear and export Sega Master System ROM images,
+# and some Japanese Sega Master System ROM images.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://www.smspower.org/Development/ROMHeader
+#
+
+# General SMS header rule.
+# The SMS boot ROM checks the header at three locations.
+0	name	sega-master-system-rom-header
+# Machine type.
+>0x0F	byte&0xF0	0x30	Sega Master System
+!:mime	application/x-sms-rom
+>0x0F	byte&0xF0	0x40	Sega Master System
+!:mime	application/x-sms-rom
+>0x0F	byte&0xF0	0x50	Sega Game Gear
+!:mime	application/x-gamegear-rom
+>0x0F	byte&0xF0	0x60	Sega Game Gear
+!:mime	application/x-gamegear-rom
+>0x0F	byte&0xF0	0x70	Sega Game Gear
+!:mime	application/x-gamegear-rom
+>0x0F	default		x	Sega Master System / Game Gear
+!:mime	application/x-sms-rom
+>0	byte		x	ROM image:
+# Product code.
+>0x0E	byte&0xF0	0x10	1
+>0x0E	byte&0xF0	0x20	2
+>0x0E	byte&0xF0	0x30	3
+>0x0E	byte&0xF0	0x40	4
+>0x0E	byte&0xF0	0x50	5
+>0x0E	byte&0xF0	0x60	6
+>0x0E	byte&0xF0	0x70	7
+>0x0E	byte&0xF0	0x80	8
+>0x0E	byte&0xF0	0x90	9
+>0x0E	byte&0xF0	0xA0	10
+>0x0E	byte&0xF0	0xB0	11
+>0x0E	byte&0xF0	0xC0	12
+>0x0E	byte&0xF0	0xD0	13
+>0x0E	byte&0xF0	0xE0	14
+>0x0E	byte&0xF0	0xF0	15
+# If the product code is 5 digits, we'll need to backspace here.
+>0x0E	byte&0xF0	!0
+>>0x0C	leshort		x	\b%04x
+>0x0E	byte&0xF0	0
+>>0x0C	leshort		x	%04x
+# Revision.
+>0x0E	byte&0x0F	x	(Rev.%02d)
+# ROM size. (Used for the boot ROM checksum routine.)
+>0x0F	byte&0x0F	0x0A	(8 KB)
+>0x0F	byte&0x0F	0x0B	(16 KB)
+>0x0F	byte&0x0F	0x0C	(32 KB)
+>0x0F	byte&0x0F	0x0D	(48 KB)
+>0x0F	byte&0x0F	0x0E	(64 KB)
+>0x0F	byte&0x0F	0x0F	(128 KB)
+>0x0F	byte&0x0F	0x00	(256 KB)
+>0x0F	byte&0x0F	0x01	(512 KB)
+>0x0F	byte&0x0F	0x02	(1 MB)
+
+# SMS/GG header locations.
+0x7FF0	string	TMR\ SEGA
+>0x7FF0	use	sega-master-system-rom-header
+0x3FF0	string	TMR\ SEGA
+>0x3FF0	use	sega-master-system-rom-header
+0x1FF0	string	TMR\ SEGA
+>0x1FF0	use	sega-master-system-rom-header
+
+#------------------------------------------------------------------------------
+# saturn: file(1) magic for the Sega Saturn disc image format.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+#
+
+# Common Sega Saturn disc header format.
+# NOTE: Title is 112 bytes, but we're only showing 32 due to space padding.
+# TODO: Release date, device information, region code, others?
+0	name	sega-saturn-disc-header
+>0x60	string	>\0	\b: "%.32s"
+>0x20	string	>\0	(%.10s
+>>0x2A	string	>\0	\b, %.6s)
+>>0x2A	byte	0	\b)
+
+# 2048-byte sector version.
+0	string	SEGA\ SEGASATURN\ 	Sega Saturn disc image
+!:mime	application/x-saturn-rom
+>0	use	sega-saturn-disc-header
+>0	byte	x			(2048-byte sectors)
+# 2352-byte sector version.
+0x10	string	SEGA\ SEGASATURN\ 	Sega Saturn disc image
+!:mime	application/x-saturn-rom
+>0x10	use	sega-saturn-disc-header
+>0	byte	x			(2352-byte sectors)
+
+#------------------------------------------------------------------------------
+# dreamcast: file(1) magic for the Sega Dreamcast disc image format.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://mc.pp.se/dc/ip0000.bin.html
+#
+
+# Common Sega Dreamcast disc header format.
+# NOTE: Title is 128 bytes, but we're only showing 32 due to space padding.
+# TODO: Release date, device information, region code, others?
+0	name	sega-dreamcast-disc-header
+>0x80	string	>\0	\b: "%.32s"
+>0x40	string	>\0	(%.10s
+>>0x4A	string	>\0	\b, %.6s)
+>>0x4A	byte	0	\b)
+
+# 2048-byte sector version.
+0	string	SEGA\ SEGAKATANA\ 	Sega Dreamcast disc image
+!:mime	application/x-dc-rom
+>0	use	sega-dreamcast-disc-header
+>0	byte	x			(2048-byte sectors)
+# 2352-byte sector version.
+0x10	string	SEGA\ SEGAKATANA\ 	Sega Dreamcast disc image
+!:mime	application/x-dc-rom
+>0x10	use	sega-dreamcast-disc-header
+>0	byte	x			(2352-byte sectors)
+
+#------------------------------------------------------------------------------
+# dreamcast:  file(1) uncertain magic for the Sega Dreamcast VMU image format
+#
+0 belong 0x21068028   Sega Dreamcast VMU game image
+0 string LCDi         Dream Animator file
+
+#------------------------------------------------------------------------------
+# z64: file(1) magic for the Z64 format N64 ROM dumps
+# Reference: http://forum.pj64-emu.com/showthread.php?t=2239
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+#
+0	bequad	0x803712400000000F	Nintendo 64 ROM image
+!:mime	application/x-n64-rom
+>0x20	string	>\0	\b: "%.20s"
+>0x3B	string	x	(%.4s
+>0x3F	byte	x	\b, Rev.%02u)
+
+#------------------------------------------------------------------------------
+# v64: file(1) magic for the V64 format N64 ROM dumps
+# Same as z64 format, but with 16-bit byteswapping.
+#
+0	bequad	0x3780401200000F00	Nintendo 64 ROM image (V64)
+!:mime	application/x-n64-rom
+
+#------------------------------------------------------------------------------
+# n64-swap2: file(1) magic for the swap2 format N64 ROM dumps
+# Same as z64 format, but with swapped 16-bit words.
+#
+0	bequad	0x12408037000F0000	Nintendo 64 ROM image (wordswapped)
+!:mime	application/x-n64-rom
+
+#------------------------------------------------------------------------------
+# n64-le32: file(1) magic for the 32-bit byteswapped format N64 ROM dumps
+# Same as z64 format, but with 32-bit byteswapping.
+#
+0	bequad	0x401237800F000000	Nintendo 64 ROM image (32-bit byteswapped)
+!:mime	application/x-n64-rom
+
+#------------------------------------------------------------------------------
+# gba: file(1) magic for the Nintendo Game Boy Advance raw ROM format
+# Reference: https://problemkaputt.de/gbatek.htm#gbacartridgeheader
+#
+# Original version from: "Nelson A. de Oliveira" <naoliv@gmail.com>
+# Updated version from: David Korth <gerbilsoft@gerbilsoft.com>
+#
+4	bequad	0x24FFAE51699AA221	Game Boy Advance ROM image
+!:mime	application/x-gba-rom
+>0xA0	string	>\0	\b: "%.12s"
+>0xAC	string	x	(%.6s
+>0xBC	byte	x	\b, Rev.%02u)
+
+#------------------------------------------------------------------------------
+# nds: file(1) magic for the Nintendo DS(i) raw ROM format
+# Reference: https://problemkaputt.de/gbatek.htm#dscartridgeheader
+#
+# Original version from: "Nelson A. de Oliveira" <naoliv@gmail.com>
+# Updated version from: David Korth <gerbilsoft@gerbilsoft.com>
+#
+0xC0	bequad	0x24FFAE51699AA221	Nintendo DS ROM image
+!:mime	application/x-nintendo-ds-rom
+>0x00	string	>\0		\b: "%.12s"
+>0x0C	string	x		(%.6s
+>0x1E	byte	x		\b, Rev.%02u)
+>0x12	byte	2		(DSi enhanced)
+>0x12	byte	3		(DSi only)
+# Secure Area check.
+>0x20		lelong	<0x4000		(homebrew)
+>0x20		lelong	>0x3FFF
+>>0x4000	lequad	0x0000000000000000	(multiboot)
+>>0x4000	lequad	!0x0000000000000000
+>>>0x4000	lequad	0xE7FFDEFFE7FFDEFF	(decrypted)
+>>>0x4000	lequad	!0xE7FFDEFFE7FFDEFF
+>>>>0x1000	lequad	0x0000000000000000	(encrypted)
+>>>>0x1000	lequad	!0x0000000000000000	(mask ROM)
+
+#------------------------------------------------------------------------------
+# nds_passme: file(1) magic for Nintendo DS ROM images for GBA cartridge boot.
+# This is also used for loading .nds files using the MSET exploit on 3DS.
+# Reference: https://github.com/devkitPro/ndstool/blob/master/source/ndscreate.cpp
+0xC0	bequad	0xC8604FE201708FE2	Nintendo DS Slot-2 ROM image (PassMe)
+!:mime	application/x-nintendo-ds-rom
+
+#------------------------------------------------------------------------------
+# ngp: file(1) magic for the Neo Geo Pocket (Color) raw ROM format.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://neogpc.googlecode.com/svn-history/r10/trunk/src/core/neogpc.cpp
+# - https://www.devrs.com/ngp/files/ngpctech.txt
+#
+0x0A	string		BY\ SNK\ CORPORATION	Neo Geo Pocket
+!:mime	application/x-neo-geo-pocket-rom
+>0x23	byte		0x10			Color
+>0	byte		x			ROM image
+>0x24	string		>\0			\b: "%.12s"
+>0x21	uleshort	x			\b, NEOP%04X
+>0x1F	ubyte		0xFF			(debug mode enabled)
+
+#------------------------------------------------------------------------------
+# msx: file(1) magic for MSX game cartridge dumps
+# Too simple - MPi
+#0 beshort 0x4142 MSX game cartridge dump
+
+#------------------------------------------------------------------------------
+# Sony Playstation executables (Adam Sjoegren <asjo@diku.dk>) :
+0	string	PS-X\ EXE	Sony Playstation executable
+>16	lelong	x		PC=%#08x,
+>20	lelong	!0		GP=%#08x,
+>24	lelong	!0		.text=[%#08x,
+>>28	lelong	x		\b%#x],
+>32	lelong	!0		.data=[%#08x,
+>>36	lelong	x		\b%#x],
+>40	lelong	!0		.bss=[%#08x,
+>>44	lelong	x		\b%#x],
+>48	lelong	!0		Stack=%#08x,
+>48	lelong	=0		No Stack!,
+>52	lelong	!0		StackSize=%#x,
+#>76	string	>\0		(%s)
+#  Area:
+>113	string	x		(%s)
+
+# CPE executables
+0	string	CPE		CPE executable
+>3	byte	x		(version %d)
+
+# Sony PlayStation archive (PSARC)
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://www.psdevwiki.com/ps3/PlayStation_archive_(PSARC)
+0	string		PSAR	Sony PlayStation Archive
+!:ext	psarc
+>4	ubeshort	x	\b, version %d.
+>6	ubeshort	x	\b%d
+>8	string		zlib	\b, zlib compression
+>8	string		lzma	\b, LZMA compression
+>28	ubeshort&2	0	\b, relative paths
+>28	ubeshort&2	2	\b, absolute paths
+>28	ubeshort&1	1	\b, ignore case
+
+#------------------------------------------------------------------------------
+# Microsoft Xbox executables .xbe (Esa Hyytia <ehyytia@cc.hut.fi>)
+0	string	XBEH	Microsoft Xbox executable
+!:mime	audio/x-xbox-executable
+!:ext	xbe
+# expect base address of 0x10000
+>0x0104                 ulelong =0x10000
+>>(0x0118.l-0x0FFF4)    lestring16 x       \b: "%.40s"
+>>(0x0118.l-0x0FFF5)    byte     x         (%c
+>>(0x0118.l-0x0FFF6)    byte     x         \b%c-
+>>(0x0118.l-0x0FFF8)    uleshort x         \b%03u)
+>>(0x0118.l-0x0FF60)    ulelong&0x80000007  0x80000007 \b, all regions
+>>(0x0118.l-0x0FF60)    ulelong&0x80000007  !0x80000007
+>>>(0x0118.l-0x0FF60)   ulelong >0           (regions:
+>>>>(0x0118.l-0x0FF60)  ulelong &0x00000001  NA
+>>>>(0x0118.l-0x0FF60)  ulelong &0x00000002  Japan
+>>>>(0x0118.l-0x0FF60)  ulelong &0x00000004  Rest_of_World
+>>>>(0x0118.l-0x0FF60)  ulelong &0x80000000  Manufacturer
+>>>(0x0118.l-0x0FF60)   ulelong >0           \b)
+# probabilistic checks whether signed or not
+>0x0004 ulelong =0x0
+>>&2    ulelong =0x0
+>>>&2   ulelong =0x0  \b, not signed
+>0x0004 ulelong >0
+>>&2    ulelong >0
+>>>&2   ulelong >0    \b, signed
+
+# --------------------------------
+# Microsoft Xbox data file formats
+0       string          XIP0            XIP, Microsoft Xbox data
+0       string          XTF0            XTF, Microsoft Xbox data
+
+#------------------------------------------------------------------------------
+# Microsoft Xbox 360 executables (.xex)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://free60project.github.io/wiki/XEX.html
+# - https://github.com/xenia-project/xenia/blob/HEAD/src/xenia/kernel/util/xex2_info.h
+
+# Title ID (part of Execution ID section)
+0		name	xbox-360-xex-execution-id
+>(0.L+0xC)	byte	x	(%c
+>(0.L+0xD)	byte	x	\b%c
+>(0.L+0xE)	beshort	x	\b-%04u, media ID:
+>(0.L)		belong	x	%08X)
+
+# Region code (part of Security Info)
+0	name	xbox-360-xex-region-code
+>0	ubelong	0xFFFFFFFF	\b, all regions
+>0	ubelong	!0xFFFFFFFF
+>>0	ubelong	>0		(regions:
+>>0	ubelong&0x000000FF	0x000000FF	USA
+>>0	ubelong&0x00000100	0x00000100	Japan
+>>0	ubelong&0x00000200	0x00000200	China
+>>0	ubelong&0x0000FC00	0x0000FC00	Asia
+>>0	ubelong&0x00FF0000	0x00FF0000	PAL
+>>0	ubelong&0x00FF0000	0x00FE0000	PAL [except AU/NZ]
+>>0	ubelong&0x00FF0000	0x00010000	AU/NZ
+>>0	ubelong&0xFF000000	0xFF000000	Other
+>>0	ubelong	>0		\b)
+
+0	string	XEX2	Microsoft Xbox 360 executable
+!:mime	audio/x-xbox360-executable
+!:ext	xex
+>0x18	search/0x100	\x00\x04\x00\x06
+>>&0	use	xbox-360-xex-execution-id
+>(0x010.L+0x178)	use	xbox-360-xex-region-code
+
+0	string	XEX1	Microsoft Xbox 360 executable (XEX1)
+!:mime	audio/x-xbox360-executable
+!:ext	xex
+>0x18	search/0x100	\x00\x04\x00\x06
+>>&0	use	xbox-360-xex-execution-id
+>(0x010.L+0x154)	use	xbox-360-xex-region-code
+
+#------------------------------------------------------------------------------
+# Microsoft Xbox 360 packages
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://free60project.github.io/wiki/STFS.html
+# - https://github.com/xenia-project/xenia/blob/HEAD/src/xenia/kernel/util/xex2_info.h
+
+# TODO: More information for console-signed packages.
+
+0	name	xbox-360-package
+>0x360	byte	x	(%c
+>0x361	byte	x	\b%c
+>0x362	beshort	x	\b-%04u, media ID:
+>0x354	belong	x	%08X)
+>0x344	belong	x	\b, content type:
+>>0x344	belong	0x1		Saved Game
+>>0x344	belong	0x2		Marketplace Content
+>>0x344	belong	0x3		Publisher
+>>0x344	belong	0x1000		Xbox 360 Title
+>>0x344	belong	0x2000		IPTV Pause Buffer
+>>0x344	belong	0x4000		Installed Game
+>>0x344	belong	0x5000		Original Xbox Game
+>>0x344	belong	0x9000		Avatar Item
+>>0x344	belong	0x10000		Profile
+>>0x344	belong	0x20000		Gamer Picture
+>>0x344	belong	0x30000		Theme
+>>0x344	belong	0x40000		Cache File
+>>0x344	belong	0x50000		Storage Download
+>>0x344	belong	0x60000		Xbox Saved Game
+>>0x344	belong	0x70000		Xbox Download
+>>0x344	belong	0x80000		Game Demo
+>>0x344	belong	0x90000		Video
+>>0x344	belong	0xA0000		Game
+>>0x344	belong	0xB0000		Installer
+>>0x344	belong	0xC0000		Game Trailer
+>>0x344	belong	0xD0000		Arcade Title
+>>0x344	belong	0xE0000		XNA
+>>0x344	belong	0xF0000		License Store
+>>0x344	belong	0x100000	Movie
+>>0x344	belong	0x200000	TV
+>>0x344	belong	0x300000	Music Video
+>>0x344	belong	0x400000	Game Video
+>>0x344	belong	0x500000	Podcast Video
+>>0x344	belong	0x600000	Viral Video
+>>0x344	belong	0x2000000	Community Game
+
+0	string	CON\x20	Microsoft Xbox 360 package (console-signed)
+>0	use	xbox-360-package
+0	string	PIRS
+>0	belong	0	Microsoft Xbox 360 package (non-Xbox Live)
+>>0	use	xbox-360-package
+0	string	LIVE
+>0x104	belong	0	Microsoft Xbox 360 package (Xbox Live)
+>>0	use	xbox-360-package
+
+# Atari Lynx cartridge dump (EXE/BLL header)
+# From: "Stefan A. Haubenthal" <polluks@sdf.lonestar.org>
+# Reference:
+# https://raw.githubusercontent.com/cc65/cc65/master/libsrc/lynx/exehdr.s
+# Double-check that the image type matches too, 0x8008 conflicts with
+# 8 character OMF-86 object file headers.
+0	beshort		0x8008
+>6	string		BS93		Lynx homebrew cartridge
+!:mime	application/x-atari-lynx-rom
+>>2	beshort		x		\b, RAM start $%04x
+# Update:	Joerg Jenderek
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/l/lnx.trid.xml
+# Note:		called "Atari Lynx ROM" by TrID
+0	string		LYNX		Lynx cartridge
+!:mime	application/x-atari-lynx-rom
+!:ext	lnx
+# bank 0 page size like: 128 256 512
+>4	leshort/4	>0		\b, bank 0 %dk
+>6	leshort/4	>0		\b, bank 1 %dk
+# 32 bytes cart name like: "jconnort.lyx" "viking~1.lyx" "Eye of the Beholder" "C:\EMU\LYNX\ROMS\ULTCHESS.LYX"
+>10	string		>\0		\b, "%.32s"
+# 16 bytes manufacturer like: "Atari" "NuFX Inc." "Matthias Domin"
+>42	string		>\0		\b, "%.16s"
+# version number
+#>8	leshort		!1		\b, version number %u
+# rotation: 1~left Lexis (NA).lnx 2~right Centipede (Prototype).lnx
+>58	ubyte		>0		\b, rotation %u
+# spare
+#>59	lelong		!0		\b, spare %#x
+
+# Opera file system that is used on the 3DO console
+# From: Serge van den Boom <svdb@stack.nl>
+0	string		\x01ZZZZZ\x01	3DO "Opera" file system
+
+# From: Alex Myczko <alex@aiei.ch>
+# From: David Pflug <david@pflug.email>
+# is the offset 12 or the offset 16 correct?
+# GBS (Game Boy Sound) magic
+# ftp://ftp.modland.com/pub/documents/format_documentation/\
+# Gameboy%20Sound%20System%20(.gbs).txt
+0	string		GBS		Nintendo Gameboy Music/Audio Data
+#12	string		GameBoy\ Music\ Module	Nintendo Gameboy Music Module
+>16	string		>\0	("%.32s" by
+>48	string		>\0	%.32s, copyright
+>80	string		>\0	%.32s),
+>3	byte		x	version %u,
+>4	byte		x	%u tracks
+
+# IPS Patch Files from: From: Thomas Klausner <tk@giga.or.at>
+# see https://zerosoft.zophar.net/ips.php
+0	string	PATCH			IPS patch file
+!:ext	ips
+
+# BPS Patch Files - from: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://www.romhacking.net/documents/746/
+0	string	BPS1			BPS patch file
+!:ext	bps
+
+# APS Patch Files - from: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://github.com/btimofeev/UniPatcher/wiki/APS-(N64)
+0	string	APS10			APS patch file
+!:ext	aps
+>5	byte	0			\b, simple patch
+>5	byte	1			\b, N64-specific patch for
+>>58	byte	x			N%c
+>>59	byte	x			\b%c
+>>60	byte	x			\b%c
+>7	byte	!0x20
+# FIXME: /T specifier isn't working with a fixed-length string.
+>>7	string	x			\b: "%.50s"
+
+# UPS Patch Files - from: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: http://fileformats.archiveteam.org/wiki/UPS_(binary_patch_format)
+0	string	UPS1			UPS patch file
+!:ext	ups
+
+# Playstations Patch Files from: From: Thomas Klausner <tk@giga.or.at>
+0	string	PPF30			Playstation Patch File version 3.0
+>5	byte	0			\b, PPF 1.0 patch
+>5	byte	1			\b, PPF 2.0 patch
+>5	byte	2			\b, PPF 3.0 patch
+>>56	byte	0			\b, Imagetype BIN (any)
+>>56	byte	1			\b, Imagetype GI (PrimoDVD)
+>>57	byte	0			\b, Blockcheck disabled
+>>57	byte	1			\b, Blockcheck enabled
+>>58	byte	0			\b, Undo data not available
+>>58	byte	1			\b, Undo data available
+>6	string	x			\b, description: %s
+
+0	string	PPF20			Playstation Patch File version 2.0
+>5	byte	0			\b, PPF 1.0 patch
+>5	byte	1			\b, PPF 2.0 patch
+>>56	lelong	>0			\b, size of file to patch %d
+>6	string	x			\b, description: %s
+
+0	string	PPF10			Playstation Patch File version 1.0
+>5	byte	0			\b, Simple Encoding
+>6	string	x			\b, description: %s
+
+# Compressed ISO disc image (used mostly by PSP, PS2 and MegaDrive)
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://en.wikipedia.org/wiki/.CSO
+# NOTE: This is NOT the same as Compact ISO or GameCube/Wii disc image,
+# though it has the same magic number.
+0               string                  CISO
+# Match CISO version 1 with ISO-9660 sector size
+>20             ubyte                   <2
+>>16            ulelong                 =2048           CSO v1 disk image
+!:mime  application/x-compressed-iso
+!:ext   ciso/cso
+>>>8            ulequad                 x               \b, original size %llu bytes
+>>>16           ulelong                 x               \b, datablock size %u bytes
+# Match CISO version 2
+>20             ubyte                   =2
+>>22            uleshort                =0
+>>>4            ulelong                 =24             CSO v2 disk image
+!:mime  application/x-compressed-iso
+!:ext   ciso/cso
+>>>>8           ulequad                 x               \b, original size %llu bytes
+>>>>16          ulelong                 x               \b, datablock size %u bytes
+
+# From: Daniel Dawson <ddawson@icehouse.net>
+# SNES9x .smv "movie" file format.
+0		string		SMV\x1A	SNES9x input recording
+>0x4		lelong		x	\b, version %d
+# version 4 is latest so far
+>0x4		lelong		<5
+>>0x8		ledate		x	\b, recorded at %s
+>>0xc		lelong		>0	\b, rerecorded %d times
+>>0x10		lelong		x	\b, %d frames long
+>>0x14		byte		>0	\b, data for controller(s):
+>>>0x14		byte		&0x1	#1
+>>>0x14		byte		&0x2	#2
+>>>0x14		byte		&0x4	#3
+>>>0x14		byte		&0x8	#4
+>>>0x14		byte		&0x10	#5
+>>0x15		byte		^0x1	\b, begins from snapshot
+>>0x15		byte		&0x1	\b, begins from reset
+>>0x15		byte		^0x2	\b, NTSC standard
+>>0x15		byte		&0x2	\b, PAL standard
+>>0x17		byte		&0x1    \b, settings:
+# WIP1Timing not used as of version 4
+>>>0x4		lelong		<4
+>>>>0x17	byte		&0x2	WIP1Timing
+>>>0x17		byte		&0x4	Left+Right
+>>>0x17		byte		&0x8	VolumeEnvX
+>>>0x17		byte		&0x10	FakeMute
+>>>0x17		byte		&0x20	SyncSound
+# New flag as of version 4
+>>>0x4		lelong		>3
+>>>>0x17	byte		&0x80	NoCPUShutdown
+>>0x4		lelong		<4
+>>>0x18		lelong		>0x23
+>>>>0x20	leshort		!0
+>>>>>0x20	lestring16	x	\b, metadata: "%s"
+>>0x4		lelong		>3
+>>>0x24		byte		>0	\b, port 1:
+>>>>0x24	byte		1	joypad
+>>>>0x24	byte		2	mouse
+>>>>0x24	byte		3	SuperScope
+>>>>0x24	byte		4	Justifier
+>>>>0x24	byte		5	multitap
+>>>0x24		byte		>0	\b, port 2:
+>>>>0x25	byte		1	joypad
+>>>>0x25	byte		2	mouse
+>>>>0x25	byte		3	SuperScope
+>>>>0x25	byte		4	Justifier
+>>>>0x25	byte		5	multitap
+>>>0x18		lelong		>0x43
+>>>>0x40	leshort		!0
+>>>>>0x40	lestring16	x	\b, metadata: "%s"
+>>0x17		byte		&0x40   \b, ROM:
+>>>(0x18.l-26)	lelong		x	CRC32 %#08x
+>>>(0x18.l-23)	string		x	"%s"
+
+# Type: scummVM savegame files
+# From: Sven Hartge <debian@ds9.argh.org>
+0	string	SCVM	ScummVM savegame
+>12	string	>\0	"%s"
+
+#------------------------------------------------------------------------------
+# Nintendo GameCube / Wii file formats.
+#
+
+# Type: Nintendo GameCube/Wii common disc header data.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://wiibrew.org/wiki/Wii_Disc
+0	name	nintendo-gcn-disc-common
+>0x20	string	x	"%.64s"
+>0x00	string	x	(%.6s
+>0x06	byte	>0
+>>0x06	byte	1	\b, Disc 2
+>>0x06	byte	2	\b, Disc 3
+>>0x06	byte	3	\b, Disc 4
+>0x07	byte	x	\b, Rev.%02u)
+>0x18	belong	0x5D1C9EA3
+>>0x60	beshort	0x0101	\b (Unencrypted)
+>0x200	string	NKIT	\b (NKit compressed)
+
+
+# Type: Nintendo GameCube disc image
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://wiibrew.org/wiki/Wii_Disc
+0x1C	belong	0xC2339F3D	Nintendo GameCube disc image:
+!:mime	application/x-gamecube-rom
+>0	use	nintendo-gcn-disc-common
+
+# Type: Nintendo GameCube embedded disc image
+# Commonly found on demo discs.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: http://hitmen.c02.at/files/yagcd/yagcd/index.html#idx14.8
+0		belong	0xAE0F38A2
+>0x0C		belong	0x00100000
+>>(8.L+0x1C)	belong	0xC2339F3D	Nintendo GameCube embedded disc image:
+!:mime	application/x-gamecube-rom
+>>>(8.L)	use	nintendo-gcn-disc-common
+
+# Type: Nintendo Wii disc image
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://wiibrew.org/wiki/Wii_Disc
+0x18	belong	0x5D1C9EA3	Nintendo Wii disc image:
+>0	use	nintendo-gcn-disc-common
+
+# Type: Nintendo Wii disc image (WBFS format)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://wiibrew.org/wiki/Wii_Disc
+0	string	WBFS
+>0x218	belong	0x5D1C9EA3	Nintendo Wii disc image (WBFS format):
+!:mime	application/x-wii-rom
+>>0x200	use	nintendo-gcn-disc-common
+
+# Type: Nintendo GameCube/Wii disc image (CISO format)
+# NOTE: This is NOT the same as Compact ISO or PSP CISO,
+# though it has the same magic number.
+0		string	CISO
+# Other fields are used to determine what type of CISO this is:
+# - 0x04 == 0x00200000: GameCube/Wii CISO (block_size)
+# - 0x10 == 0x00000800: PSP CISO (ISO-9660 sector size)
+# - None of the above: Compact ISO.
+>4		lelong	0x200000
+>>8		byte	1
+>>>0x801C	belong	0xC2339F3D	Nintendo GameCube disc image (CISO format):
+!:mime	application/x-wii-rom
+>>>>0x8000	use	nintendo-gcn-disc-common
+>>>0x8018	belong	0x5D1C9EA3	Nintendo Wii disc image (CISO format):
+!:mime	application/x-wii-rom
+>>>>0x8000	use	nintendo-gcn-disc-common
+
+# Type: Nintendo GameCube/Wii disc image (GCZ format)
+# Due to zlib compression, we can't get the actual disc information.
+0	lelong	0xB10BC001
+>4	lelong	0		Nintendo GameCube disc image (GCZ format)
+!:mime	application/x-gamecube-rom
+>4	lelong	1		Nintendo Wii disc image (GCZ format)
+!:mime	application/x-wii-rom
+>4	default	x		Nintendo GameCube/Wii disc image (GCZ format)
+
+# Type: Nintendo GameCube/Wii disc image (WDF format)
+0		string	WII\001DISC
+>8		belong	1
+# WDFv1
+>>0x54		belong	0xC2339F3D	Nintendo GameCube disc image (WDFv1 format):
+!:mime	application/x-gamecube-rom
+>>>0x38		use	nintendo-gcn-disc-common
+>>0x58		belong	0x5D1C9EA3	Nintendo Wii disc image (WDFv1 format):
+!:mime	application/x-wii-rom
+>>>0x38		use	nintendo-gcn-disc-common
+>8		belong	2
+# WDFv2
+>>(12.L+0x1C)	belong	0xC2339F3D	Nintendo GameCube disc image (WDFv2 format):
+!:mime	application/x-gamecube-rom
+>>>(12.L)	use	nintendo-gcn-disc-common
+>>(12.L+0x18)	belong	0x5D1C9EA3	Nintendo Wii disc image (WDFv2 format):
+!:mime	application/x-wii-rom
+>>>(12.L)	use	nintendo-gcn-disc-common
+
+# Type: Nintendo GameCube/Wii disc image (WIA format)
+0	string	WIA\001	Nintendo
+>0x48	belong	1	GameCube
+!:mime	application/x-gamecube-rom
+>0x48	belong	2	Wii
+!:mime	application/x-wii-rom
+>0x48	default	x	GameCube/Wii
+>0x48	belong	x	disc image (WIA format):
+>>0x58	use	nintendo-gcn-disc-common
+
+# Type: Nintendo GameCube/Wii disc image (with SDK header)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://wiibrew.org/wiki/Wii_Disc
+0		belong	0xFFFF0000
+>0x18		belong	0x00000000
+>>0x1C		belong	0x00000000
+>>>0x8018	belong	0x5D1C9EA3	Nintendo Wii SDK disc image:
+!:mime	application/x-wii-rom
+>>>>0x8000	use	nintendo-gcn-disc-common
+>>>0x801C	belong	0xC2339F3D	Nintendo GameCube SDK disc image:
+!:mime	application/x-gamecube-rom
+>>>>0x8000	use	nintendo-gcn-disc-common
+
+# Type: Nintendo GameCube/Wii disc image (RVZ format)
+0	string		RVZ\001	Nintendo
+>0x48	belong		1	GameCube
+!:mime	application/x-gamecube-rom
+>0x48	belong		2	Wii
+!:mime	application/x-wii-rom
+>0x48	default		x	GameCube/Wii
+>0x48	belong		x	disc image (RVZ format):
+>>0x58	use		nintendo-gcn-disc-common
+
+#------------------------------------------------------------------------------
+# Nintendo 3DS file formats.
+#
+
+# Type: Nintendo 3DS "NCSD" image. (game cards and eMMC)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://www.3dbrew.org/wiki/NCSD
+0x100		string		NCSD
+>0x118		lequad		0		Nintendo 3DS Game Card image
+# NCCH header for partition 0. (game data)
+>>0x1150	string		>\0	\b: "%.16s"
+>>0x312		byte		x	(Rev.%02u)
+>>0x118C	byte		2	(New3DS only)
+>>0x18D		byte		0		(inner device)
+>>0x18D		byte		1		(Card1)
+>>0x18D		byte		2		(Card2)
+>>0x18D		byte		3		(extended device)
+>0x118		bequad		0x0102020202000000	Nintendo 3DS eMMC dump (Old3DS)
+>0x118		bequad		0x0102020203000000	Nintendo 3DS eMMC dump (New3DS)
+
+# Nintendo 3DS version code.
+# Reference: https://www.3dbrew.org/wiki/Titles
+# Format: leshort containing three fields:
+# - 6-bit: Major
+# - 6-bit: Minor
+# - 4-bit: Revision
+# NOTE: Only supporting major/minor versions from 0-15 right now.
+# NOTE: Should be prefixed with "v".
+0	name	nintendo-3ds-version-code
+# Raw version.
+>0	leshort	x	\b%u,
+# Major version.
+>0	leshort&0xFC00	0x0000	0
+>0	leshort&0xFC00	0x0400	1
+>0	leshort&0xFC00	0x0800	2
+>0	leshort&0xFC00	0x0C00	3
+>0	leshort&0xFC00	0x1000	4
+>0	leshort&0xFC00	0x1400	5
+>0	leshort&0xFC00	0x1800	6
+>0	leshort&0xFC00	0x1C00	7
+>0	leshort&0xFC00	0x2000	8
+>0	leshort&0xFC00	0x2400	9
+>0	leshort&0xFC00	0x2800	10
+>0	leshort&0xFC00	0x2C00	11
+>0	leshort&0xFC00	0x3000	12
+>0	leshort&0xFC00	0x3400	13
+>0	leshort&0xFC00	0x3800	14
+>0	leshort&0xFC00	0x3C00	15
+# Minor version.
+>0	leshort&0x03F0	0x0000	\b.0
+>0	leshort&0x03F0	0x0010	\b.1
+>0	leshort&0x03F0	0x0020	\b.2
+>0	leshort&0x03F0	0x0030	\b.3
+>0	leshort&0x03F0	0x0040	\b.4
+>0	leshort&0x03F0	0x0050	\b.5
+>0	leshort&0x03F0	0x0060	\b.6
+>0	leshort&0x03F0	0x0070	\b.7
+>0	leshort&0x03F0	0x0080	\b.8
+>0	leshort&0x03F0	0x0090	\b.9
+>0	leshort&0x03F0	0x00A0	\b.10
+>0	leshort&0x03F0	0x00B0	\b.11
+>0	leshort&0x03F0	0x00C0	\b.12
+>0	leshort&0x03F0	0x00D0	\b.13
+>0	leshort&0x03F0	0x00E0	\b.14
+>0	leshort&0x03F0	0x00F0	\b.15
+# Revision.
+>0	leshort&0x000F	x	\b.%u
+
+# Type: Nintendo 3DS "NCCH" container.
+# https://www.3dbrew.org/wiki/NCCH
+0x100		string	NCCH	Nintendo 3DS
+>0x18D		byte&2	0	File Archive (CFA)
+>0x18D		byte&2	2	Executable Image (CXI)
+>0x150		string	>\0	\b: "%.16s"
+>0x18D		byte	0x05
+>>0x10E		leshort	x	(Old3DS System Update v
+>>0x10E		use	nintendo-3ds-version-code
+>>0x10E		leshort	x	\b)
+>0x18D		byte	0x15
+>>0x10E		leshort	x	(New3DS System Update v
+>>0x10E		use	nintendo-3ds-version-code
+>>0x10E		leshort	x	\b)
+>0x18D		byte	!0x05
+>>0x18D		byte	!0x15
+>>>0x112	byte	x	(v
+>>>0x112	use	nintendo-3ds-version-code
+>>>0x112	byte	x	\b)
+>0x18C		byte	2	(New3DS only)
+
+# Type: Nintendo 3DS "SMDH" file. (application description)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://3dbrew.org/wiki/SMDH
+0		string		SMDH		Nintendo 3DS SMDH file
+>0x208		leshort		!0
+>>0x208		lestring16	x		\b: "%.128s"
+>>0x388		leshort		!0
+>>>0x388	lestring16	x		by %.128s
+>0x208		leshort		0
+>>0x008		leshort		!0
+>>>0x008	lestring16	x		\b: "%.128s"
+>>>0x188	leshort		!0
+>>>>0x188	lestring16	x		by %.128s
+
+# Type: Nintendo 3DS Homebrew Application.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://3dbrew.org/wiki/3DSX_Format
+0	string	3DSX	Nintendo 3DS Homebrew Application (3DSX)
+
+# Type: Nintendo 3DS Banner Model Data.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://3dbrew.org/wiki/CBMD
+0	string	CBMD\0\0\0\0	Nintendo 3DS Banner Model Data
+
+#------------------------------------------------------------------------------
+# a7800: file(1) magic for the Atari 7800 raw ROM format.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://sites.google.com/site/atari7800wiki/a78-header
+
+0	byte	>0
+>0	byte	<3
+>>1	string	ATARI7800	Atari 7800 ROM image
+!:mime	application/x-atari-7800-rom
+>>>0x11	string	>\0	\b: "%.32s"
+# Display type.
+>>>0x39	byte	0	(NTSC)
+>>>0x39	byte	1	(PAL)
+>>>0x36	byte&1	1	(POKEY)
+
+#------------------------------------------------------------------------------
+# vectrex: file(1) magic for the GCE Vectrex raw ROM format.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: http://www.playvectrex.com/designit/chrissalo/hello1.htm
+#
+# NOTE: Title is terminated with 0x80, not 0.
+# The header is terminated with a 0, so that will
+# terminate the title as well.
+#
+0	string	g\ GCE	Vectrex ROM image
+>0x11	string	>\0	\b: "%.16s"
+
+#------------------------------------------------------------------------------
+# amiibo: file(1) magic for Nintendo amiibo NFC dumps.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://www.3dbrew.org/wiki/Amiibo
+0x00		byte	0x04
+>0x0A		beshort	0x0FE0
+>>0x0C		belong	0xF110FFEE
+>>>0x208	beshort	0x0100
+>>>>0x020A	byte	0x0F
+>>>>>0x020C	bequad	0x000000045F000000
+>>>>>>0x5B	byte	0x02
+>>>>>>>0x54	belong	x	Nintendo amiibo NFC dump - amiibo ID: %08X-
+>>>>>>>0x58	belong	x	\b%08X
+
+#------------------------------------------------------------------------------
+# Type: Nintendo Switch XCI (Game Cartridge Image)
+# From: Benjamin Lowry <ben@ben.gmbh>
+# Reference: https://switchbrew.org/wiki/Gamecard_Format
+0x100		string	HEAD
+>0x10D		byte	0xFA	Nintendo Switch cartridge image (XCI), 1GB
+>0x10D		byte	0xF8	Nintendo Switch cartridge image (XCI), 2GB
+>0x10D		byte	0xF0	Nintendo Switch cartridge image (XCI), 4GB
+>0x10D		byte	0xE0	Nintendo Switch cartridge image (XCI), 8GB
+>0x10D		byte	0xE1	Nintendo Switch cartridge image (XCI), 16GB
+>0x10D		byte	0xE2	Nintendo Switch cartridge image (XCI), 32GB
+
+#------------------------------------------------------------------------------
+# Type: Nintendo Switch Executable
+# From: Benjamin Lowry <ben@ben.gmbh>
+# Reference: https://switchbrew.org/wiki/NSO
+0x00		string	NSO0	Nintendo Switch executable (NSO)
+
+#------------------------------------------------------------------------------
+# Type: Nintendo Switch PFS0
+# From: Benjamin Lowry <ben@ben.gmbh>
+# Reference: https://switchbrew.org/wiki/NCA_Format#PFS0
+0x00		string	PFS0	Nintendo Switch partition filesystem (PFS0)
+>0x04		ulelong	x	\b, %d files
+
+#------------------------------------------------------------------------------
+# amiibo: file(1) magic for Nintendo Badge Arcade files.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://github.com/GerbilSoft/rom-properties/issues/92
+# - https://github.com/CaitSith2/BadgeArcadeTool
+# - https://github.com/TheMachinumps/Advanced-badge-editor
+
+# PRBS: Individual badge and/or mega badge.
+0		string	PRBS
+>0x44		byte	>0x20	Nintendo Badge Arcade
+>>0xB8		ulelong	<2
+>>>0xBC		ulelong	<2	badge:
+>>>0xBC		ulelong	>1	Mega Badge
+>>>>0xB8	ulelong	x	(%ux
+>>>>0xBC	ulelong	x	\b%u):
+>>0xB8		ulelong	>1	Mega Badge
+>>>0xB8		ulelong	x	(%ux
+>>>0xBC		ulelong	x	\b%u):
+>0x44		string	x	"%s"
+>0x3C		ulelong	x	\b, badge ID: %u
+>0x74		byte	>0x20
+>>0x74		string	x	\b, set: "%s"
+>0xA8		ulelong	!0xFFFFFFFF
+>>0xA8		ulelong	x	\b, launch title ID: %08X
+>>0xA4		ulelong	x	\b-%08X
+
+# CABS: Badge set.
+0	string	CABS
+>0x2C	byte	>0x20	Nintendo Badge Arcade badge set:
+>>0x2C	string	x	"%.48s"
+>>0x24	ulelong	x	\b, set ID: %u
+
+#------------------------------------------------------------------------------
+# sufami: file(1) magic for Sufami Turbo ROM images.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://problemkaputt.de/fullsnes.htm#snescartsufamiturbominicartridgeadaptor
+0	string		BANDAI\ SFC-ADX
+>0x10	string		!SFC-ADX\ BACKUP	Sufami Turbo ROM image:
+>>0x10	string/T	x	"%.14s"
+>>0x30	byte		x	\b, ID %02X
+>>0x31	byte		x	\b%02X
+>>0x32	byte		x	\b%02X
+>>0x33	ubyte		>0	\b, series index %u
+>>0x34	ubyte		0	[SlowROM]
+>>0x34	ubyte		1	[FastROM]
+>>0x35	ubyte		1	[SRAM]
+>>0x35	ubyte		3	[Special]
diff --git a/magic/Magdir/convex b/magic/Magdir/convex
new file mode 100644
index 0000000..6b28f76
--- /dev/null
+++ b/magic/Magdir/convex
@@ -0,0 +1,69 @@
+
+#------------------------------------------------------------------------------
+# $File: convex,v 1.8 2012/10/03 23:44:43 christos Exp $
+# convex:  file(1) magic for Convex boxes
+#
+# Convexes are big-endian.
+#
+# /*\
+#  * Below are the magic numbers and tests added for Convex.
+#  * Added at beginning, because they are expected to be used most.
+# \*/
+0	belong	0507	Convex old-style object
+>16	belong	>0	not stripped
+0	belong	0513	Convex old-style demand paged executable
+>16	belong	>0	not stripped
+0	belong	0515	Convex old-style pre-paged executable
+>16	belong	>0	not stripped
+0	belong	0517	Convex old-style pre-paged, non-swapped executable
+>16	belong	>0	not stripped
+0	belong	0x011257	Core file
+#
+# The following are a series of dump format magic numbers.  Each one
+# corresponds to a drastically different dump format.  The first on is
+# the original dump format on a 4.1 BSD or earlier file system.  The
+# second marks the change between the 4.1 file system and the 4.2 file
+# system.  The Third marks the changing of the block size from 1K
+# to 2K to be compatible with an IDC file system.  The fourth indicates
+# a dump that is dependent on Convex Storage Manager, because data in
+# secondary storage is not physically contained within the dump.
+# The restore program uses these number to determine how the data is
+# to be extracted.
+#
+24	belong	=60013	dump format, 4.2 or 4.3 BSD (IDC compatible)
+24	belong	=60014	dump format, Convex Storage Manager by-reference dump
+#
+# what follows is a bunch of bit-mask checks on the flags field of the opthdr.
+# If there is no `=' sign, assume just checking for whether the bit is set?
+#
+0	belong	0601		Convex SOFF
+>88	belong&0x000f0000	=0x00000000	c1
+>88	belong			&0x00010000	c2
+>88	belong			&0x00020000	c2mp
+>88	belong			&0x00040000	parallel
+>88	belong			&0x00080000	intrinsic
+>88	belong			&0x00000001	demand paged
+>88	belong			&0x00000002	pre-paged
+>88	belong			&0x00000004	non-swapped
+>88	belong			&0x00000008	POSIX
+#
+>84	belong			&0x80000000	executable
+>84	belong			&0x40000000	object
+>84	belong&0x20000000	=0		not stripped
+>84	belong&0x18000000	=0x00000000	native fpmode
+>84	belong&0x18000000	=0x10000000	ieee fpmode
+>84	belong&0x18000000	=0x18000000	undefined fpmode
+#
+0	belong			0605		Convex SOFF core
+#
+0	belong			0607		Convex SOFF checkpoint
+>88	belong&0x000f0000	=0x00000000	c1
+>88	belong			&0x00010000	c2
+>88	belong			&0x00020000	c2mp
+>88	belong			&0x00040000	parallel
+>88	belong			&0x00080000	intrinsic
+>88	belong			&0x00000008	POSIX
+#
+>84	belong&0x18000000	=0x00000000	native fpmode
+>84	belong&0x18000000	=0x10000000	ieee fpmode
+>84	belong&0x18000000	=0x18000000	undefined fpmode
diff --git a/magic/Magdir/coverage b/magic/Magdir/coverage
new file mode 100644
index 0000000..9f2c3dc
--- /dev/null
+++ b/magic/Magdir/coverage
@@ -0,0 +1,91 @@
+
+#------------------------------------------------------------------------------
+# $File: coverage,v 1.3 2021/02/23 00:51:10 christos Exp $
+# xoverage:  file(1) magic for test coverage data
+
+# File formats used to store test coverage data
+# 2016-05-21, Georg Sauthoff <mail@georg.so>
+
+
+# - GCC gcno - written by GCC at compile time when compiling with
+# 	gcc -ftest-coverage
+# - GCC gcda - written by a program that was compiled with
+#	gcc -fprofile-arcs
+# - LLVM raw profiles - generated by a program compiled with
+#	clang -fprofile-instr-generate -fcoverage-mapping ...
+# - LLVM indexed profiles - generated by
+#	llvm-profdata
+# - GCOV reports, i.e. the annotated source code
+# - LCOV trace files, i.e. aggregated GCC profiles
+#
+# GCC coverage tracefiles
+# .gcno file are created during compile time,
+# while data collected during runtime is stored in .gcda files
+# cf. gcov-io.h
+# https://gcc.gnu.org/onlinedocs/gcc-5.3.0/gcc/Gcov-Data-Files.html
+# Examples:
+# Fedora 23/x86-64/gcc-5.3.1: 6f 6e 63 67 52 33 30 35
+# Debian 8 PPC64/gcc-4.9.2  : 67 63 6e 6f 34 30 39 2a
+0	lelong	0x67636e6f	GCC gcno coverage (-ftest-coverage),
+>&3	byte	x	version %c.
+>&1	byte	x	\b%c
+
+# big endian
+0	belong	0x67636e6f	GCC gcno coverage (-ftest-coverage),
+>&0	byte	x	version %c.
+>&2	byte	x	\b%c (big-endian)
+
+# Examples:
+# Fedora 23/x86-64/gcc-5.3.1: 61 64 63 67 52 33 30 35
+# Debian 8 PPC64/gcc-4.9.2  : 67 63 64 61 34 30 39 2a
+0	lelong	0x67636461	GCC gcda coverage (-fprofile-arcs),
+>&3	byte	x	version %c.
+>&1	byte	x	\b%c
+
+# big endian
+0	belong	0x67636461	GCC gcda coverage (-fprofile-arcs),
+>&0	byte	x	version %c.
+>&2	byte	x	\b%c (big-endian)
+
+
+# LCOV tracefiles
+# cf. http://ltp.sourceforge.net/coverage/lcov/geninfo.1.php
+0	string	TN:
+>&0	search/64	\nSF:/	LCOV coverage tracefile
+
+
+# Coverage reports generated by gcov
+# i.e. source code annotated with coverage information
+0	string	\x20\x20\x20\x20\x20\x20\x20\x20-:\x20\x20\x20\ 0:Source:
+>&0	search/128	\x20\x20\x20\x20\x20\x20\x20\x20-:\x20\x20\x20\ 0:Graph:
+>>&0	search/128	\x20\x20\x20\x20\x20\x20\x20\x20-:\x20\x20\x20\ 0:Data:	GCOV coverage report
+
+
+# LLVM coverage files
+
+# raw data after running a program compiled with:
+# `clang -fprofile-instr-generate -fcoverage-mapping ...`
+# default name: default.profraw
+# magic is: \xFF lprofr \x81
+# cf. https://llvm.org/docs/doxygen/html/InstrProfData_8inc_source.html
+0	lequad	0xff6c70726f667281	LLVM raw profile data,
+>&0	byte	x	version %d
+
+# big endian
+0	bequad	0xff6c70726f667281	LLVM raw profile data,
+>&7	byte	x	version %d (big-endian)
+
+
+# LLVM indexed instruction profile (as generated by llvm-profdata)
+# magic is: reverse(\xFF lprofi \x81)
+# cf. https://llvm.org/docs/CoverageMappingFormat.html
+# https://llvm.org/docs/doxygen/html/namespacellvm_1_1IndexedInstrProf.html
+# https://llvm.org/docs/CommandGuide/llvm-cov.html
+# https://llvm.org/docs/CommandGuide/llvm-profdata.html
+0	lequad	0x8169666f72706cff	LLVM indexed profile data,
+>&0	byte	x	version %d
+
+# big endian
+0	bequad	0x8169666f72706cff	LLVM indexed profile data,
+>&7	byte	x	version %d (big-endian)
+
diff --git a/magic/Magdir/cracklib b/magic/Magdir/cracklib
new file mode 100644
index 0000000..1676596
--- /dev/null
+++ b/magic/Magdir/cracklib
@@ -0,0 +1,14 @@
+
+#------------------------------------------------------------------------------
+# $File: cracklib,v 1.7 2009/09/19 16:28:08 christos Exp $
+# cracklib:  file (1) magic for cracklib v2.7
+
+0	lelong	0x70775631	Cracklib password index, little endian
+>4	long	>0		(%i words)
+>4	long	0		("64-bit")
+>>8	long	>-1		(%i words)
+0	belong	0x70775631	Cracklib password index, big endian
+>4	belong	>-1		(%i words)
+# really bellong 0x0000000070775631
+0	search/1	\0\0\0\0pwV1	Cracklib password index, big endian ("64-bit")
+>12	belong	>0		(%i words)
diff --git a/magic/Magdir/crypto b/magic/Magdir/crypto
new file mode 100644
index 0000000..910df8d
--- /dev/null
+++ b/magic/Magdir/crypto
@@ -0,0 +1,49 @@
+
+#------------------------------------------------------------------------------
+# $File: crypto,v 1.4 2023/07/17 16:41:48 christos Exp $
+# crypto:  file(1) magic for crypto formats
+#
+# Bitcoin block files
+0		lelong			0xD9B4BEF9	Bitcoin
+>(4.l+40)	lelong			0xD9B4BEF9	reverse block
+>>4		lelong			x		\b, size %u
+# normal block below
+>0		default			x		block
+>>4		lelong			x		\b, size %u
+>>8		lelong&0xE0000000	0x20000000
+>>>8		lelong			x		\b, BIP9 0x%x
+>>8		lelong&0xE0000000	!0x20000000
+>>>8		lelong			x		\b, version 0x%x
+>>76		ledate			x		\b, %s UTC
+# VarInt counter
+>>88		ubyte			<0xfd		\b, txcount %u
+>>88		ubyte			0xfd
+>>>89		leshort			x		\b, txcount %u
+>>88		ubyte			0xfe
+>>>89		lelong			x		\b, txcount %u
+>>88		ubyte			0xff
+>>>89		lequad			x		\b, txcount %llu
+!:ext	dat
+# option to find more blocks in the file
+#>>(4.l+8)	indirect	x			;
+
+# LevelDB
+-8		lequad		0xdb4775248b80fb57	LevelDB table data
+
+# http://www.tarsnap.com/scrypt.html
+# see scryptenc_setup() in lib/scryptenc/scryptenc.c
+0	string		scrypt\0	scrypt encrypted file
+>7	byte		x		\b, N=2**%d
+>8	belong		x		\b, r=%d
+>12	belong		x		\b, p=%d
+
+# https://age-encryption.org/
+# Only the first recipient is printed in detail to prevent repetitive output
+# in extreme cases ("ssh-rsa, ssh-rsa, ssh-rsa, ...").
+0	string		age-encryption.org/v1\n age encrypted file
+>25	regex/128	\^[^\040]+	\b, %s recipient
+>>25	string		scrypt
+>>>&0 regex/64		[0-9]+\$	(N=2**%s)
+>>&0	search/256	\n->\040 	\b, among others
+
+0	string		-----BEGIN\040AGE\040ENCRYPTED\040FILE-----	age encrypted file, ASCII armored
diff --git a/magic/Magdir/ctags b/magic/Magdir/ctags
new file mode 100644
index 0000000..f480d32
--- /dev/null
+++ b/magic/Magdir/ctags
@@ -0,0 +1,6 @@
+
+# ----------------------------------------------------------------------------
+# $File: ctags,v 1.6 2009/09/19 16:28:08 christos Exp $
+# ctags:  file (1) magic for Exuberant Ctags files
+# From: Alexander Mai <mai@migdal.ikp.physik.tu-darmstadt.de>
+0	search/1	=!_TAG	Exuberant Ctags tag file text
diff --git a/magic/Magdir/ctf b/magic/Magdir/ctf
new file mode 100644
index 0000000..d91684d
--- /dev/null
+++ b/magic/Magdir/ctf
@@ -0,0 +1,23 @@
+
+#--------------------------------------------------------------
+# ctf:  file(1) magic for CTF (Common Trace Format) trace files
+#
+# Specs. available here: <https://www.efficios.com/ctf>
+#--------------------------------------------------------------
+
+# CTF trace data
+0	lelong	0xc1fc1fc1	Common Trace Format (CTF) trace data (LE)
+0	belong	0xc1fc1fc1	Common Trace Format (CTF) trace data (BE)
+
+# CTF metadata (packetized)
+0	lelong	0x75d11d57	Common Trace Format (CTF) packetized metadata (LE)
+>35	byte	x		\b, v%d
+>36	byte	x		\b.%d
+0	belong	0x75d11d57	Common Trace Format (CTF) packetized metadata (BE)
+>35	byte	x		\b, v%d
+>36	byte	x		\b.%d
+
+# CTF metadata (plain text)
+0	string	/*\x20CTF\x20   Common Trace Format (CTF) plain text metadata
+!:strength + 5			# this is to make sure we beat C
+>&0	regex	[0-9]+\\.[0-9]+	\b, v%s
diff --git a/magic/Magdir/cubemap b/magic/Magdir/cubemap
new file mode 100644
index 0000000..e2f87d8
--- /dev/null
+++ b/magic/Magdir/cubemap
@@ -0,0 +1,8 @@
+
+#------------------------------------------------------------------------------
+# $File: cubemap,v 1.1 2012/06/06 13:03:20 christos Exp $
+# file(1) magic(5) data for cubemaps  Martin Erik Werner <martinerikwerner@gmail.com>
+#
+0	string	ACMP	Map file for the AssaultCube FPS game
+0	string	CUBE	Map file for cube and cube2 engine games
+0	string	MAPZ)	Map file for the Blood Frontier/Red Eclipse FPS games
diff --git a/magic/Magdir/cups b/magic/Magdir/cups
new file mode 100644
index 0000000..6dd14ac
--- /dev/null
+++ b/magic/Magdir/cups
@@ -0,0 +1,56 @@
+
+#------------------------------------------------------------------------------
+# $File: cups,v 1.6 2019/04/19 00:42:27 christos Exp $
+# Cups: file(1) magic for the cups raster file format
+# From: Laurent Martelli <martellilaurent@gmail.com>
+# https://www.cups.org/documentation.php/spec-raster.html
+#
+
+0	name		cups-le
+>280	lelong		x		\b, %d
+>284	lelong		x		\bx%d dpi
+>376	lelong		x		\b, %dx
+>380	lelong		x		\b%d pixels
+>388	lelong		x		%d bits/color
+>392	lelong		x		%d bits/pixel
+>400	lelong		0		ColorOrder=Chunky
+>400	lelong		1		ColorOrder=Banded
+>400	lelong		2		ColorOrder=Planar
+>404	lelong		0		ColorSpace=gray
+>404	lelong		1		ColorSpace=RGB
+>404	lelong		2		ColorSpace=RGBA
+>404	lelong		3		ColorSpace=black
+>404	lelong		4		ColorSpace=CMY
+>404	lelong		5		ColorSpace=YMC
+>404	lelong		6		ColorSpace=CMYK
+>404	lelong		7		ColorSpace=YMCK
+>404	lelong		8		ColorSpace=KCMY
+>404	lelong		9		ColorSpace=KCMYcm
+>404	lelong		10		ColorSpace=GMCK
+>404	lelong		11		ColorSpace=GMCS
+>404	lelong		12		ColorSpace=WHITE
+>404	lelong		13		ColorSpace=GOLD
+>404	lelong		14		ColorSpace=SILVER
+>404	lelong		15		ColorSpace=CIE XYZ
+>404	lelong		16		ColorSpace=CIE Lab
+>404	lelong		17		ColorSpace=RGBW
+>404	lelong		18		ColorSpace=sGray
+>404	lelong		19		ColorSpace=sRGB
+>404	lelong		20		ColorSpace=AdobeRGB
+
+# Cups Raster image format, Big Endian
+0	string		RaS
+>3	string		t		Cups Raster version 1, Big Endian
+>3	string		2		Cups Raster version 2, Big Endian
+>3	string		3		Cups Raster version 3, Big Endian
+!:mime	application/vnd.cups-raster
+>0	use		\^cups-le
+
+
+# Cups Raster image format, Little Endian
+1	string		SaR
+>0	string		t		Cups Raster version 1, Little Endian
+>0	string		2		Cups Raster version 2, Little Endian
+>0	string		3		Cups Raster version 3, Little Endian
+!:mime	application/vnd.cups-raster
+>0	use		cups-le
diff --git a/magic/Magdir/dact b/magic/Magdir/dact
new file mode 100644
index 0000000..04627c9
--- /dev/null
+++ b/magic/Magdir/dact
@@ -0,0 +1,11 @@
+
+#------------------------------------------------------------------------------
+# $File: dact,v 1.4 2009/09/19 16:28:08 christos Exp $
+# dact:  file(1) magic for DACT compressed files
+#
+0	long		0x444354C3	DACT compressed data
+>4	byte		>-1		(version %i.
+>5	byte		>-1		$BS%i.
+>6	byte		>-1		$BS%i)
+>7	long		>0		$BS, original size: %i bytes
+>15	long		>30		$BS, block size: %i bytes
diff --git a/magic/Magdir/database b/magic/Magdir/database
new file mode 100644
index 0000000..03ac423
--- /dev/null
+++ b/magic/Magdir/database
@@ -0,0 +1,886 @@
+
+#------------------------------------------------------------------------------
+# $File: database,v 1.69 2023/01/12 00:14:04 christos Exp $
+# database:  file(1) magic for various databases
+#
+# extracted from header/code files by Graeme Wilford (eep2gw@ee.surrey.ac.uk)
+#
+#
+# GDBM magic numbers
+#  Will be maintained as part of the GDBM distribution in the future.
+#  <downsj@teeny.org>
+0	belong	0x13579acd	GNU dbm 1.x or ndbm database, big endian, 32-bit
+!:mime	application/x-gdbm
+0	belong	0x13579ace	GNU dbm 1.x or ndbm database, big endian, old
+!:mime	application/x-gdbm
+0	belong	0x13579acf	GNU dbm 1.x or ndbm database, big endian, 64-bit
+!:mime	application/x-gdbm
+0	lelong	0x13579acd	GNU dbm 1.x or ndbm database, little endian, 32-bit
+!:mime	application/x-gdbm
+0	lelong	0x13579ace	GNU dbm 1.x or ndbm database, little endian, old
+!:mime	application/x-gdbm
+0	lelong	0x13579acf	GNU dbm 1.x or ndbm database, little endian, 64-bit
+!:mime	application/x-gdbm
+0	string	GDBM		GNU dbm 2.x database
+!:mime	application/x-gdbm
+#
+# Berkeley DB
+#
+# Ian Darwin's file /etc/magic files: big/little-endian version.
+#
+# Hash 1.85/1.86 databases store metadata in network byte order.
+# Btree 1.85/1.86 databases store the metadata in host byte order.
+# Hash and Btree 2.X and later databases store the metadata in host byte order.
+
+0	long	0x00061561	Berkeley DB
+!:mime	application/x-dbm
+>8	belong	4321
+>>4	belong	>2		1.86
+>>4	belong	<3		1.85
+>>4	belong	>0		(Hash, version %d, native byte-order)
+>8	belong	1234
+>>4	belong	>2		1.86
+>>4	belong	<3		1.85
+>>4	belong	>0		(Hash, version %d, little-endian)
+
+0	belong	0x00061561	Berkeley DB
+>8	belong	4321
+>>4	belong	>2		1.86
+>>4	belong	<3		1.85
+>>4	belong	>0		(Hash, version %d, big-endian)
+>8	belong	1234
+>>4	belong	>2		1.86
+>>4	belong	<3		1.85
+>>4	belong	>0		(Hash, version %d, native byte-order)
+
+0	long	0x00053162	Berkeley DB 1.85/1.86
+>4	long	>0		(Btree, version %d, native byte-order)
+0	belong	0x00053162	Berkeley DB 1.85/1.86
+>4	belong	>0		(Btree, version %d, big-endian)
+0	lelong	0x00053162	Berkeley DB 1.85/1.86
+>4	lelong	>0		(Btree, version %d, little-endian)
+
+12	long	0x00061561	Berkeley DB
+>16	long	>0		(Hash, version %d, native byte-order)
+12	belong	0x00061561	Berkeley DB
+>16	belong	>0		(Hash, version %d, big-endian)
+12	lelong	0x00061561	Berkeley DB
+>16	lelong	>0		(Hash, version %d, little-endian)
+
+12	long	0x00053162	Berkeley DB
+>16	long	>0		(Btree, version %d, native byte-order)
+12	belong	0x00053162	Berkeley DB
+>16	belong	>0		(Btree, version %d, big-endian)
+12	lelong	0x00053162	Berkeley DB
+>16	lelong	>0		(Btree, version %d, little-endian)
+
+12	long	0x00042253	Berkeley DB
+>16	long	>0		(Queue, version %d, native byte-order)
+12	belong	0x00042253	Berkeley DB
+>16	belong	>0		(Queue, version %d, big-endian)
+12	lelong	0x00042253	Berkeley DB
+>16	lelong	>0		(Queue, version %d, little-endian)
+
+# From Max Bowsher.
+12	long	0x00040988	Berkeley DB
+>16	long	>0		(Log, version %d, native byte-order)
+12	belong	0x00040988	Berkeley DB
+>16	belong	>0		(Log, version %d, big-endian)
+12	lelong	0x00040988	Berkeley DB
+>16	lelong	>0		(Log, version %d, little-endian)
+
+#
+#
+# Round Robin Database Tool by Tobias Oetiker <oetiker@ee.ethz.ch>
+0	string/b	RRD\0		RRDTool DB
+>4	string/b	x		version %s
+
+>>10	short		!0		16bit aligned
+>>>10	bedouble	8.642135e+130	big-endian
+>>>>18	short		x		32bit long (m68k)
+
+>>10	short		0
+>>>12	long		!0		32bit aligned
+>>>>12	bedouble	8.642135e+130	big-endian
+>>>>>20 long		0		64bit long
+>>>>>20 long		!0		32bit long
+>>>>12	ledouble	8.642135e+130	little-endian
+>>>>>24 long		0		64bit long
+>>>>>24 long		!0		32bit long (i386)
+>>>>12	string		\x43\x2b\x1f\x5b\x2f\x25\xc0\xc7	middle-endian
+>>>>>24 short		!0		32bit long (arm)
+
+>>8	quad		0		64bit aligned
+>>>16	bedouble	8.642135e+130	big-endian
+>>>>24	long		0		64bit long (s390x)
+>>>>24	long		!0		32bit long (hppa/mips/ppc/s390/SPARC)
+>>>16	ledouble	8.642135e+130	little-endian
+>>>>28	long		0		64bit long (alpha/amd64/ia64)
+>>>>28	long		!0		32bit long (armel/mipsel)
+
+#----------------------------------------------------------------------
+# ROOT: file(1) magic for ROOT databases
+#
+0       string  root\0  ROOT file
+>4      belong  x       Version %d
+>33     belong  x       (Compression: %d)
+
+# XXX: Weak magic.
+# Alex Ott <ott@jet.msk.su>
+## Paradox file formats
+#2	  leshort	0x0800	Paradox
+#>0x39	  byte		3	v. 3.0
+#>0x39	  byte		4	v. 3.5
+#>0x39	  byte		9	v. 4.x
+#>0x39	  byte		10	v. 5.x
+#>0x39	  byte		11	v. 5.x
+#>0x39	  byte		12	v. 7.x
+#>>0x04	  byte		0	indexed .DB data file
+#>>0x04	  byte		1	primary index .PX file
+#>>0x04	  byte		2	non-indexed .DB data file
+#>>0x04	  byte		3	non-incrementing secondary index .Xnn file
+#>>0x04	  byte		4	secondary index .Ynn file
+#>>0x04	  byte		5	incrementing secondary index .Xnn file
+#>>0x04	  byte		6	non-incrementing secondary index .XGn file
+#>>0x04	  byte		7	secondary index .YGn file
+#>>>0x04	  byte		8	incrementing secondary index .XGn file
+
+## XBase database files
+# updated by Joerg Jenderek at Feb 2013
+# https://www.dbase.com/Knowledgebase/INT/db7_file_fmt.htm
+# https://www.clicketyclick.dk/databases/xbase/format/dbf.html
+# inspect VVYYMMDD , where 1<= MM <= 12 and 1<= DD <= 31
+0	ubelong&0x0000FFFF		<0x00000C20
+!:strength +10
+# skip Infocom game Z-machine
+>2		ubyte			>0
+# skip Androids *.xml
+>>3		ubyte			>0
+>>>3		ubyte			<32
+# 1 < version VV
+>>>>0		ubyte			>1
+# skip HELP.CA3 by test for reserved byte ( NULL )
+>>>>>27		ubyte			0
+# reserved bytes not always 0 ; also found 0x3901 (T4.DBF) ,0x7101 (T5.DBF,T6.DBF)
+#>>>>>30		ubeshort     		x		30NULL?%x
+# possible production flag,tag numbers(<=0x30),tag length(<=0x20), reserved (NULL)
+>>>>>>24	ubelong&0xffFFFFff	>0x01302000
+# .DBF or .MDX
+>>>>>>24	ubelong&0xffFFFFff	<0x01302001
+# for Xbase Database file (*.DBF) reserved (NULL) for multi-user
+>>>>>>>24	ubelong&0xffFFFFff	=0
+# test for 2 reserved NULL bytes,transaction and encryption byte flag
+>>>>>>>>12	ubelong&0xFFFFfEfE	0
+# test for MDX flag
+>>>>>>>>>28	ubyte			x
+>>>>>>>>>28	ubyte&0xf8		0
+# header size >= 32
+>>>>>>>>>>8	uleshort		>31
+# skip PIC15736.PCX by test for language driver name or field name
+>>>>>>>>>>>32	ubyte			>0
+#!:mime	application/x-dbf; charset=unknown-8bit ??
+#!:mime	application/x-dbase
+>>>>>>>>>>>>0	use			xbase-type
+# database file
+>>>>>>>>>>>>28	ubyte&0x04		=0		\b DBF
+!:ext	dbf
+>>>>>>>>>>>>28	ubyte&0x04		=4		\b DataBaseContainer
+!:ext	dbc
+>>>>>>>>>>>>4	lelong			0		\b, no records
+>>>>>>>>>>>>4	lelong			>0		\b, %d record
+# plural s appended
+>>>>>>>>>>>>>4	lelong			>1		\bs
+# https://www.clicketyclick.dk/databases/xbase/format/dbf_check.html#CHECK_DBF
+# 1 <= record size <= 4000 (dBase 3,4) or 32 * KB (=0x8000)
+>>>>>>>>>>>>10	uleshort		x		* %d
+# file size = records * record size + header size
+>>>>>>>>>>>>1	ubyte			x		\b, update-date
+>>>>>>>>>>>>1	use			xbase-date
+# https://msdn.microsoft.com/de-de/library/cc483186(v=vs.71).aspx
+#>>>>>>>>>>>>29	ubyte			=0		\b, codepage ID=%#x
+# 2~cp850 , 3~cp1252 , 0x1b~?? ; what code page is 0x1b ?
+>>>>>>>>>>>>29	ubyte			>0		\b, codepage ID=%#x
+#>>>>>>>>>>>>28	ubyte&0x01		0		\b, no index file
+# MDX or CDX index
+>>>>>>>>>>>>28	ubyte&0x01		1		\b, with index file .MDX
+>>>>>>>>>>>>28	ubyte&0x02		2		\b, with memo .FPT
+#>>>>>>>>>>>>28	ubyte&0x04		4		\b, DataBaseContainer
+# 1st record offset + 1 = header size
+>>>>>>>>>>>>8	uleshort		>0
+>>>>>>>>>>>>(8.s+1)	ubyte		>0
+>>>>>>>>>>>>>8		uleshort	>0		\b, at offset %d
+>>>>>>>>>>>>>(8.s+1)	ubyte		>0
+>>>>>>>>>>>>>>&-1	string		>\0		1st record "%s"
+# for multiple index files (*.MDX) Production flag,tag numbers(<=0x30),tag length(<=0x20), reserved (NULL)
+>>>>>>>24	ubelong&0x0133f7ff	>0
+# test for reserved NULL byte
+>>>>>>>>47	ubyte			0
+# test for valid TAG key format (0x10 or 0)
+>>>>>>>>>559	ubyte&0xeF		0
+# test MM <= 12
+>>>>>>>>>>45	ubeshort		<0x0C20
+>>>>>>>>>>>45	ubyte			>0
+>>>>>>>>>>>>46	ubyte			<32
+>>>>>>>>>>>>>46	ubyte			>0
+#!:mime	application/x-mdx
+>>>>>>>>>>>>>>0		use		xbase-type
+>>>>>>>>>>>>>>0		ubyte		x		\b MDX
+>>>>>>>>>>>>>>1		ubyte		x		\b, creation-date
+>>>>>>>>>>>>>>1		use		xbase-date
+>>>>>>>>>>>>>>44	ubyte		x		\b, update-date
+>>>>>>>>>>>>>>44	use		xbase-date
+# No.of tags in use (1,2,5,12)
+>>>>>>>>>>>>>>28	uleshort	x		\b, %d
+# No. of entries in tag (0x30)
+>>>>>>>>>>>>>>25	ubyte		x		\b/%d tags
+#  Length of tag
+>>>>>>>>>>>>>>26	ubyte		x		* %d
+# 1st tag name_
+>>>>>>>>>>>>>548	string		x		\b, 1st tag "%.11s"
+# 2nd tag name
+#>>>>>>>>>>>>(26.b+548)	string		x		\b, 2nd tag "%.11s"
+#
+#		Print the xBase names of different version variants
+0	name				xbase-type
+>0	ubyte		<2
+# 1 < version
+>0	ubyte		>1
+>>0	ubyte		0x02		FoxBase
+!:mime	application/x-dbf
+# like: ACCESS.DBF USER.DBF dbase3date.dbf mitarbei.dbf produkte.dbf umlaut-test-v2.dbf
+# FoxBase+/dBaseIII+, no memo
+>>0	ubyte		0x03		FoxBase+/dBase III
+!:mime	application/x-dbf
+# like: 92DATA.DBF MSCATLOG.DBF SYLLABI2.DBF SYLLABUS.DBF T4.DBF Teleadr.dbf us_city.dbf
+# dBASE IV no memo file
+>>0	ubyte		0x04		dBase IV
+!:mime	application/x-dbf
+# like: Quattro-test11.dbf umlaut-test-v4.dbf
+# dBASE V no memo file
+>>0	ubyte		0x05		dBase V
+!:mime	application/x-dbf
+# like: dbase4double.dbf Quattro-test2.dbf umlaut-test7.dbf
+!:ext	dbf
+# probably Apollo Database Server 9.7? xBase (0x6)
+>>0	ubyte		0x06		Apollo
+!:mime	application/x-dbf
+# like: ALIAS.DBF CRYPT.DBF PROCS.DBF USERS.DBF
+# https://docs.microsoft.com/en-us/previous-versions/visualstudio/foxpro/st4a0s68(v=vs.80)
+>>0	ubyte		0x2F		FoxBase+/Dbase III plus, no memo
+!:mime	application/x-dbf
+# no example
+>>0	ubyte		0x30		Visual FoxPro
+!:mime	application/x-dbf
+# like: 26FRX.DBF 30DBC.DBF 30DBCPRO.DBF BEHINDSC.DBF USER_LEV.DBF
+# Microsoft Visual FoxPro Database Container File like: FOXPRO-DB-TEST.DBC TESTDATA.DBC TASTRADE.DBC
+>>0	ubyte		0x31		Visual FoxPro, autoincrement
+!:mime	application/x-dbf
+# like: AI_Table.DBF dbase_31.dbf w_cityFoxpro.dbf 
+# Visual FoxPro, with field type Varchar or Varbinary
+>>0	ubyte		0x32		Visual FoxPro, with field type Varchar
+!:mime	application/x-dbf
+# like: dbase_32.dbf
+# dBASE IV SQL, no memo;dbv memo var size (Flagship)
+>>0	ubyte		0x43		dBase IV, with SQL table
+!:mime	application/x-dbf
+# like: ASSEMBLY.DBF INVENTRY.DBF STAFF.DBF
+# https://docs.microsoft.com/en-us/previous-versions/visualstudio/foxpro/st4a0s68(v=vs.80)
+>>0	ubyte		0x62		dBase IV, with SQL table
+#!:mime	application/x-dbf
+# no example
+# dBASE IV, with memo!!
+>>0	ubyte		0x7b		dBase IV, with memo
+!:mime	application/x-dbf
+# like: test3memo.DBF dbase5.DBF
+# https://docs.microsoft.com/en-us/previous-versions/visualstudio/foxpro/st4a0s68(v=vs.80)
+>>0	ubyte		0x82		dBase IV, with SQL system
+#!:mime	application/x-dbf
+# no example
+# FoxBase+/dBaseIII+ with memo .DBT!
+>>0	ubyte		0x83		FoxBase+/dBase III, with memo .DBT
+!:mime	application/x-dbf
+# like: T2.DBF t3.DBF biblio.dbf dbase_83.dbf dbase3dbt0_4.dbf fsadress.dbf stop.dbf
+# VISUAL OBJECTS (first 1.0 versions) for the Dbase III files (NTX clipper driver); memo file
+>>0	ubyte		0x87		VISUAL OBJECTS, with memo file
+!:mime	application/x-dbf
+# like: ACCESS.DBF dbase3date.dbf dbase3float.dbf holdings.dbf mitarbei.dbf
+# https://docs.microsoft.com/en-us/previous-versions/visualstudio/foxpro/st4a0s68(v=vs.80)
+>>0	ubyte		0x8A		FoxBase+/dBase III, with memo .DBT
+#!:mime	application/x-dbf
+# no example
+# dBASE IV with memo!
+>>0	ubyte		0x8B		dBase IV, with memo .DBT
+!:mime	application/x-dbf
+# like: animals.dbf archive.dbf callin.dbf dbase_8b.dbf phnebook.dbf t6.dbf
+# dBase IV with SQL Table,no memo?
+>>0	ubyte		0x8E		dBase IV, with SQL table
+!:mime	application/x-dbf
+# like: dbase5.DBF test3memo.DBF test-memo.DBF
+# .dbv and .dbt memo (Flagship)?
+>>0	ubyte		0xB3		Flagship
+!:mime	application/x-dbf
+# no example
+# https://docs.microsoft.com/en-us/previous-versions/visualstudio/foxpro/st4a0s68(v=vs.80)
+>>0	ubyte		0xCA		dBase IV with memo .DBT
+#!:mime	application/x-dbf
+# no example
+# dBASE IV with SQL table, with memo .DBT
+>>0	ubyte		0xCB		dBase IV with SQL table, with memo .DBT
+!:mime	application/x-dbf
+# like: dbase5.DBF test3memo.DBF test-memo.DBF
+# HiPer-Six format;Clipper SIX, with SMT memo file
+>>0	ubyte		0xE5		Clipper SIX with memo
+!:mime	application/x-dbf
+# like: dbase5.DBF test3memo.DBF test-memo.DBF testClipper.dbf DATA.DBF
+# https://docs.microsoft.com/en-us/previous-versions/visualstudio/foxpro/st4a0s68(v=vs.80)
+>>0	ubyte		0xF4		dBase IV, with SQL table, with memo
+#!:mime	application/x-dbf
+# no example
+>>0	ubyte		0xF5		FoxPro with memo
+!:mime	application/x-dbf
+# like: CUSTOMER.DBF FOXUSER1.DBF Invoice.DBF NG.DBF OBJSAMP.DBF dbase_f5.dbf kunde.dbf
+# probably Apollo Database Server 9.7 with SQL and memo mask? xBase (0xF6)
+>>0	ubyte		0xF6		Apollo, with SQL table with memo
+!:mime	application/x-dbf
+# like: SCRIPTS.DBF
+# https://docs.microsoft.com/en-us/previous-versions/visualstudio/foxpro/st4a0s68(v=vs.80)
+#>>0	ubyte		0xFA		FoxPro 2.x, with memo
+#!:mime	application/x-dbf
+# no example
+# unknown version (should not happen)
+>>0	default		x		xBase
+!:mime	application/x-dbf
+>>>0	ubyte		x		(%#x)
+# flags in version byte
+# DBT flag (with dBASE III memo .DBT)!!
+# >>0	ubyte&0x80	>0		DBT_FLAG=%x
+# memo flag ??
+# >>0	ubyte&0x08	>0		MEMO_FLAG=%x
+# SQL flag ??
+# >>0	ubyte&0x70	>0		SQL_FLAG=%x
+#		test and print the date of xBase .DBF .MDX
+0	name				xbase-date
+# inspect YYMMDD , where 1<= MM <= 12 and 1<= DD <= 31
+>0	ubelong		x
+>1	ubyte		<13
+>>1	ubyte		>0
+>>>2	ubyte		>0
+>>>>2	ubyte		<32
+>>>>>0	ubyte		x
+# YY is interpreted as 20YY or 19YY
+>>>>>>0	ubyte		<100		\b %.2d
+# YY is interpreted 1900+YY; TODO: display yy or 20yy instead 1YY
+>>>>>>0	ubyte		>99		\b %d
+>>>>>1	ubyte		x		\b-%d
+>>>>>2	ubyte		x		\b-%d
+
+#	dBase memo files .DBT or .FPT
+# https://msdn.microsoft.com/en-us/library/8599s21w(v=vs.80).aspx
+16		ubyte		<4
+>16		ubyte		!2
+>>16		ubyte		!1
+# next free block index is positive
+>>>0		ulelong		>0
+# skip many JPG. ZIP, BZ2 by test for reserved bytes NULL , 0|2 , 0|1 , low byte of block size
+>>>>17		ubelong&0xFFfdFEff	0x00000000
+# skip many RAR by test for low byte 0 ,high byte 0|2|even of block size, 0|a|e|d7 , 0|64h
+>>>>>20		ubelong&0xFF01209B	0x00000000
+# dBASE III
+>>>>>>16	ubyte		3
+# skip with invalid "low" 1st item "\0\0\0\0" StateRepository-Deployment.srd-shm "\001\010\0\0" gcry_cast5.mod
+>>>>>>>512	ubyte		>040
+# skip with valid 1st item "rintf" keylayouts.mod
+# by looking for valid terminating character Ctrl-Z like in test.dbt
+>>>>>>>>513 search/3308	\032
+# skip GRUB plan9.mod with invalid second terminating character 007
+# by checking second terminating character Ctrl-Z like in test.dbt
+>>>>>>>>>&0 ubyte		032
+# dBASE III DBT with two Ctr-Z terminating characters
+>>>>>>>>>>0	use		dbase3-memo-print
+# second terminating character \0 like in dbase-memo.dbt or GRUB nativedisk.mod
+>>>>>>>>>&0 ubyte		0
+# skip GRUB nativedisk.mod with grub_mod_init\0grub_mod_fini\0grub_fs_autoload_hook\0
+>>>>>>>>>>0x1ad string		!grub_mod_init
+# like dbase-memo.dbt
+>>>>>>>>>>>0	use		dbase3-memo-print
+# dBASE III DBT without version, dBASE IV DBT , FoxPro FPT , or many ZIP , DBF garbage
+>>>>>>16	ubyte		0
+# unusual dBASE III DBT like angest.dbt, dBASE IV DBT with block size 0 , FoxPro FPT ,  or garbage PCX DBF
+>>>>>>>20	uleshort	0
+# FoxPro FPT , unusual dBASE III DBT like biblio.dbt or garbage
+>>>>>>>>8	ulong		=0
+>>>>>>>>>6	ubeshort	>0
+# skip emacs.PIF
+>>>>>>>>>>4	ushort		0
+# check for valid FoxPro field type
+>>>>>>>>>>>512	ubelong		<3
+# skip LXMDCLN4.OUT LXMDCLN6.OUT LXMDALG6.OUT with invalid blocksize 170=AAh
+>>>>>>>>>>>>6	ubeshort&0x002f	0
+>>>>>>>>>>>>>0	use		foxpro-memo-print
+# dBASE III DBT , garbage
+# skip WORD1XW.DOC with improbably high free block index
+>>>>>>>>>0	ulelong		<0x400000
+# skip WinStore.App.exe by looking for printable 2nd character of 1st memo item
+>>>>>>>>>>513	ubyte		>037
+# skip DOS executables CPQ0TD.DRV E30ODI.COM IBM0MONO.DRV by looking for printable 1st character of 1st memo item
+>>>>>>>>>>>512	ubyte		>037
+# skip few (14/758) Microsoft Event Trace Logs (boot_BASE+CSWITCH_1.etl DlTel-Merge.etl UpdateUx.006.etl) with invalid "high" 1st item \377\377
+>>>>>>>>>>>>512	ubyte		<0377
+# skip some Commodore 64 Art Studio (Deep_Strike.aas dragon's_lair_ii.aas), some Atari DEGAS Elite bitmap (ELEPHANT.PC3 ST.PC2)
+# some probably old GRUB modules (part_sun.mod) and virtual-boy-wario-land.vb. 
+# by looking for valid terminating character Ctrl-Z
+>>>>>>>>>>>>>513 search/523	\032
+# Atari DEGAS bitmap ST.PC2 with 0370 as second terminating character
+#>>>>>>>>>>>>>>&0 ubyte		x		2ND_CHAR_IS=%o
+# dBASE III DBT with two Ctr-Z terminating characters like dbase3dbt0_1.dbt dbase_83.dbt
+>>>>>>>>>>>>>>&0 ubyte		032
+>>>>>>>>>>>>>>>0 use		dbase3-memo-print
+# second terminating character \0 like in pcidump.mod or fsadress.dbt umlaut-dbf-cmd.dbt
+>>>>>>>>>>>>>>&0 ubyte		0
+# look for old GRUB module pcidump.mod with specific content "pcidump\0Show raw dump of the PCI configuration space"
+>>>>>>>>>>>>>>>514 search/0x11E	pcidump\0Show
+# dBASE III DBT with Ctr-Z + \0 terminating characters like fsadress.dbt
+>>>>>>>>>>>>>>>514 default	x
+# unusual dBASE III DBT like fsadress.dbt umlaut-dbf-cmd.dbt
+>>>>>>>>>>>>>>>>0 use		dbase3-memo-print
+# dBASE III DBT like angest.dbt, or garbage PCX DBF
+>>>>>>>>8	ubelong		!0
+# skip PCX and some DBF by test for for reserved NULL bytes
+>>>>>>>>>510	ubeshort	0
+# skip bad symples with improbably high free block index above 2 GiB file limit
+>>>>>>>>>>0	ulelong		<0x400000
+# skip AI070GEP.EPS by printable 1st character of 1st memo item
+>>>>>>>>>>>512	ubyte		>037
+# skip some Microsoft Visual C, OMF library like: BZ2.LIB WATTCPWL.LIB ZLIB.LIB
+>>>>>>>>>>>>512	ubyte		<0200
+# skip gluon-ffhat-1.0-tp-link-tl-wr1043n-nd-v2-sysupgrade.bin by printable 2nd character
+>>>>>>>>>>>>>513 ubyte		>037
+# skip few (8/758) Microsoft Event Trace Logs (WBEngine.3.etl Wifi.etl) with valid 1st item like
+# "9600.20369.amd64fre.winblue_ltsb_escrow.220427-1727"
+# "9600.19846.amd64fre.winblue_ltsb_escrow.200923-1735"
+# "10586.494.amd64fre.th2_release_sec.160630-1736"
+# by looking for valid terminating character Ctrl-Z
+>>>>>>>>>>>>>>513 search/0x11E	\032
+# followed by second character Ctrl-Z implies typical DBT
+>>>>>>>>>>>>>>>&0	ubyte	032
+# examples like: angest.dbt
+>>>>>>>>>>>>>>>>0	use	dbase3-memo-print
+>>>>>>>>>>>>>>>&0	ubyte	0
+# no example found here with terminating sequence CTRL-Z + \0
+>>>>>>>>>>>>>>>>0	use	dbase3-memo-print
+# dBASE IV DBT with positive block size
+>>>>>>>20	uleshort	>0
+# dBASE IV DBT with valid block length like 512, 1024
+# multiple of 2 in between 16 and 16 K ,implies upper and lower bits are zero
+# skip also 3600h 3E00h size
+>>>>>>>>20	uleshort&0xE00f	0
+>>>>>>>>>0	use		dbase4-memo-print
+
+#		Print the information of dBase III DBT memo file
+0	name				dbase3-memo-print
+>0	ubyte			x		dBase III DBT
+!:mime	application/x-dbt
+!:ext	dbt
+# instead 3 as version number 0 for unusual examples like biblio.dbt
+>16	ubyte			!3		\b, version number %u
+# Number of next available block for appending data
+#>0	lelong			=0		\b, next free block index %u
+>0	lelong			!0		\b, next free block index %u
+# no positive block length
+#>20	uleshort		=0		\b, block length %u
+>20	uleshort		!0		\b, block length %u
+# dBase III memo field terminated often by \032\032
+# like: "WHAT IS XBASE" test.dbt "Borges, Malte" biblio.dbt "First memo\032\032" T2.DBT
+>512	string			>\0		\b, 1st item "%s"
+# For DEBUGGING
+#>512	ubelong			x		\b, 1ST item %#8.8x
+#>513	search/0x225		\032		FOUND_TERMINATOR
+#>>&0	ubyte			032		2xCTRL_Z
+# fsadress.dbt has 1 Ctrl-Z terminator followed by nil byte
+#>>&0	ubyte			0		1xCTRL_Z
+
+# https://www.clicketyclick.dk/databases/xbase/format/dbt.html
+#		Print the information of dBase IV DBT memo file
+0	name				dbase4-memo-print
+>0		lelong		x		dBase IV DBT
+!:mime	application/x-dbt
+!:ext dbt
+# 8 character shorted main name of corresponding dBASE IV DBF file
+>8		ubelong		>0x20000000
+# skip unusual like for angest.dbt
+>>20		uleshort	>0
+>>>8		string		>\0		\b of %-.8s.DBF
+# value 0 implies 512 as size
+#>4		ulelong		=0		\b, blocks size %u
+# size of blocks not reliable like 0x2020204C in angest.dbt
+>4		ulelong		!0
+>>4		ulelong&0x0000003f	0	\b, blocks size %u
+# dBase IV DBT with positive block length (found 512 , 1024)
+>20		uleshort	>0		\b, block length %u
+# next available block
+#>0		lelong		=0		\b, next free block index %u
+>0		lelong		!0		\b, next free block index %u
+>20		uleshort	>0
+>>(20.s)	ubelong		x
+>>>&-4		use		dbase4-memofield-print
+# unusual dBase IV DBT without block length (implies 512 as length)
+>20		uleshort	=0
+>>512		ubelong		x
+>>>&-4		use				dbase4-memofield-print
+#		Print the information of dBase IV memo field
+0	name			dbase4-memofield-print
+# free dBase IV memo field
+>0		ubelong		!0xFFFF0800
+>>0		lelong		x		\b, next free block %u
+>>4		lelong		x		\b, next used block %u
+# used dBase IV memo field
+>0		ubelong		=0xFFFF0800
+# length of memo field
+>>4		lelong		x		\b, field length %d
+>>>8		string		>\0		\b, 1st used item "%s"
+# http://www.dbfree.org/webdocs/1-documentation/0018-developers_stuff_(advanced)/os_related_stuff/xbase_file_format.htm
+#		Print the information of FoxPro FPT memo file
+0	name				foxpro-memo-print
+>0		belong		x		FoxPro FPT
+!:mime	application/x-fpt
+!:ext	fpt
+# Size of blocks for FoxPro ( 64,256 ); probably a multiple of two
+>6		ubeshort	x		\b, blocks size %u
+# next available block
+#>0		belong		=0		\b, next free block index %u
+>0		belong		!0		\b, next free block index %u
+# field type ( 0~picture, 1~memo, 2~object )
+>512		ubelong		<3		\b, field type %u
+# length of memo field
+>512		ubelong		1
+>>516		belong		>0		\b, field length %d
+>>>520		string		>\0		\b, 1st item "%s"
+
+# Summary:	DBASE Compound Index file *.CDX and FoxPro index *.IDX
+# From:		Joerg Jenderek
+# URL:		https://www.clicketyclick.dk/databases/xbase/format/cdx.html
+#		https://www.clicketyclick.dk/databases/xbase/format/idx.html
+#		https://www.clicketyclick.dk/databases/xbase/format/idx_comp.html
+# Reference:	https://mark0.net/download/triddefs_xml.7z/defs/s/sybase-ianywhere-cdx.trid.xml
+#		https://mark0.net/download/triddefs_xml.7z/defs/c/cdx-vfp7.trid.xml
+# like: kunde.cdx
+0	ulelong		0x1C00
+>0	use			xbase-index
+# like: SYLLABI2.CDX SYLLABUS.CDX
+0	ulelong		0x0800
+>0	use			xbase-index
+# often in xBase index pointer to root node 400h
+0	ulelong		0x0400
+# skip most Maple help database *.hdb with version tag handled by ./maple
+>1028	string		!version
+# skip Maple help database hsum.hdb checking for valid reserved area
+>>492	quad		=0
+# skip remaining Maple help database *.hdb by checking key length
+#>>>12	uleshort	!0x000F			KEY_LENGTHVALID
+>>>0	use			xbase-index
+#	display information about dBase/FoxPro index
+0	name			xbase-index
+>0	ulelong		x			xBase
+!:mime	application/x-dbase-index
+>14	ubyte		&0x40			compound index
+# DCX for FoxPro database index like: TESTDATA.DCX
+!:ext	cdx/dcx
+>14	ubyte		^0x40			index
+# only 1 example like: TEST.IDX
+!:ext	idx
+# pointer to root node like: 1C00h 800h often 400h 
+>0	ulelong		!0x400			\b, root pointer %#x
+# Pointer to free node list: often 0 but -1 if not present
+>4	ulelong		!0			\b, free node pointer %#x
+# MAYBE number of pages in file (Foxbase, FoxPro 1.x) or
+# http://www.foxpert.com/foxpro/knowlbits/files/knowlbits_200708_1.HTM
+# Whenever Visual FoxPro updates the index file it increments this reserved field
+# Reserved for internal use like: 02000000h 03000000h 460c0000h 780f0000h 89000000h 9fdc0100h often 0
+>8	ulelong		!0			\b, reserved counter %#x
+# length of key like: mostly 000Ah 0028h (TEST.IDX)
+>12	uleshort	!0x000A			\b, key length %#x
+# index options like: 24h E0h E8h
+# 1~a unique index 8~index has FOR clause 32~compact index format 64~compound index header
+# 16~Bit vector (SoftC) 128~Structure index (FoxPro)
+>14	ubyte		x			\b, index options (%#x
+>14	ubyte		&0x01			\b, unique
+>14	ubyte		&0x08			\b, has FOR clause
+>14	ubyte		&0x10			\b, bit vector (SoftC)
+>14	ubyte		&0x20			\b, compact format
+#>14	ubyte		&0x40			\b, compound header
+>14	ubyte		&0x80			\b, structure
+>14	ubyte		x			\b)
+# WHAT EXACTLY IS THAT? index signature like: 0 (sybase-ianywhere-cdx.trid.xml) 1 (cdx-vfp7.trid.xml)
+>15	ubyte		!0			\b, index signature %u
+# reserved area (0-bytes) til about 500, but not for uncompressed Index files *.idx
+>16	quad		!0			\b, at 16 reserved %#llx
+>492	quad		!0			\b, at 492 reserved %#llx
+# for IDX variant
+#>14	ubyte		^0x40			IDX
+# for CDX variant
+>14	ubyte		&0x40
+# Ascending or descending: 0~ascending 1~descending
+>>502	uleshort	x			\b, sort order %u
+# Total expression length (FoxPro 2) like: 0 1
+>>504	uleshort	!0			\b, expression length %u
+# FOR expression pool length like: 1
+>>506	uleshort	!1			\b, FOR expression pool length %#x
+# reserved for internal use like: 0
+>>508	uleshort	!0			\b, at 0x508 reserved %#x
+# Key expression pool length like: 1
+>>510	uleshort	!1			\b, key expression pool length %#x
+# 512 - 1023 Key & FOR expression pool (uncompiled)
+>>512	quad		!0			\b, key expression pool %#llx
+#>>520	quad		!0			\b, key expression pool %#llx
+
+# Summary:	dBASE IV Printer Form *.PRF
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/.dbf#Other_file_types_found_in_dBASE	
+# Reference:	https://mark0.net/download/triddefs_xml.7z/defs/p/prf-dbase.trid.xml
+0	ubeshort	0x0400
+# skip some Xbase Index files *.ndx and Infocom (Z-machine 4) *.z4 handled by ./adventure
+# by looking for valid printer driver name extension
+>0x58	search/8	.PR2
+>>0	use			xbase-prf
+#	display information of dbase print form like printer driver *.PR2
+0	name			xbase-prf	dBase Printer Form
+!:mime	application/x-dbase-prf
+!:ext	prf
+# MAYBE version? like: 4~DBASE IV
+#>0	ubyte		x			\b, version %u
+# MAYBE flag like: 1~with output file name 0~not
+#>2	ubyte		!0			\b, flag %u
+# optional printer text output file name like E:\DBASE\IV\T6.txt
+>3	string		>\0			\b, output file %s
+# probably padding with nils til 0x53
+#>0x48	 uquad		!0			\b, at 0x48 padding %#llx
+# dBASE IV printer driver name like: Generic.PR2 ASCII.PR2
+>0x56	string		>\0			\b, using printer driver %s
+# 2 is probably last character of previous dBASE printer driver name
+#>0x60	ubyte		!0x32			\b, at 0x60 %#x
+# probably padding with nils til 0xa8
+#>0x61	uquad		!0			\b, at 0x61 padding %#llx
+# unknown 0x03020300 0x03020100 at 0xa8
+>0xa8	ubelong 	x			\b, at 0xa8 unknown %#8.8x
+# probably padding with nils til 0x2aa
+#>0x2a0	uquad		!0			\b, at 0x2a0 padding %#llx
+# unknown 0x100ff7f01000001 at 0x2AB
+>0x2ab	ubequad		!0x100ff7f01000001	\b, at 0x2ab unknown %#llx
+# unknown 0x0042 at 0x2b3
+>0x2b3	ubeshort 	!0x0042			\b, at 0x2b3 unknown %#4.4x
+# unknown last 4 bytes at 0x2b6 like: 0 0x23
+>0x2b6	ubelong		!0			\b, at 0x2b6 unknown %#8.8x
+
+# TODO:
+# DBASE index file *.NDX
+# dBASE compiled Format *.FMO
+# FoxPro Database memo file *.DCT
+# FoxPro Forms Memo *.SCT
+# FoxPro Generated Menu Program *.MPR
+# FoxPro Report *.FRX
+# FoxPro Report Memo *.FRT
+# Foxpro Generated Screen Program *.SPR
+# Foxpro memo *.PJT
+## End of XBase database stuff
+
+# MS Access database
+4	string	Standard\ Jet\ DB	Microsoft Access Database
+!:mime	application/x-msaccess
+4	string	Standard\ ACE\ DB	Microsoft Access Database
+!:mime	application/x-msaccess
+
+# From: Joerg Jenderek
+# URL: http://fileformats.archiveteam.org/wiki/Extensible_Storage_Engine
+# Reference: https://github.com/libyal/libesedb/archive/master.zip
+#	libesedb-master/documentation/
+#	Extensible Storage Engine (ESE) Database File (EDB) format.asciidoc
+# Note: also known as "JET Blue". Used by numerous Windows components such as
+# Windows Search, Mail, Exchange and Active Directory.
+4	ubelong		0xefcdab89
+# unknown1
+>132	ubelong		0		Extensible storage engine
+!:mime	application/x-ms-ese
+# file_type 0~database 1~stream
+>>12	ulelong		0		DataBase
+# Security DataBase (sdb)
+!:ext	edb/sdb
+>>12	ulelong		1		STreaMing
+!:ext	stm
+# format_version 620h
+>>8	uleshort	x		\b, version %#x
+>>10	uleshort	>0		revision %#4.4x
+>>0	ubelong		x	 	\b, checksum %#8.8x
+# Page size 4096 8192 32768
+>>236	ulequad		x		\b, page size %lld
+# database_state
+>>52	ulelong		1		\b, JustCreated
+>>52	ulelong		2		\b, DirtyShutdown
+#>>52	ulelong		3		\b, CleanShutdown
+>>52	ulelong		4		\b, BeingConverted
+>>52	ulelong		5		\b, ForceDetach
+# Windows NT major version when the databases indexes were updated.
+>>216	ulelong		x		\b, Windows version %d
+# Windows NT minor version
+>>220	ulelong		x		\b.%d
+
+# From: Joerg Jenderek
+# URL: https://forensicswiki.org/wiki/Windows_Application_Compatibility
+# Note: files contain application compatibility fixes, application compatibility modes and application help messages.
+8	string		sdbf
+>7	ubyte		0
+# TAG_TYPE_LIST+TAG_INDEXES
+>>12	uleshort	0x7802		Windows application compatibility Shim DataBase
+# version? 2 3
+#>>>0	ulelong		x		\b, version %d
+!:mime	application/x-ms-sdb
+!:ext	sdb
+
+# TDB database from Samba et al - Martin Pool <mbp@samba.org>
+0	string	TDB\ file		TDB database
+>32	lelong	0x2601196D		version 6, little-endian
+>>36	lelong	x			hash size %d bytes
+
+# SE Linux policy database
+0       lelong  0xf97cff8c      SE Linux policy
+>16     lelong  x               v%d
+>20     lelong  1      MLS
+>24     lelong  x       %d symbols
+>28     lelong  x       %d ocons
+
+# ICE authority file data (Wolfram Kleff)
+2	string		ICE		ICE authority data
+
+# X11 Xauthority file (Wolfram Kleff)
+10	string		MIT-MAGIC-COOKIE-1	X11 Xauthority data
+11	string		MIT-MAGIC-COOKIE-1	X11 Xauthority data
+12	string		MIT-MAGIC-COOKIE-1	X11 Xauthority data
+13	string		MIT-MAGIC-COOKIE-1	X11 Xauthority data
+14	string		MIT-MAGIC-COOKIE-1	X11 Xauthority data
+15	string		MIT-MAGIC-COOKIE-1	X11 Xauthority data
+16	string		MIT-MAGIC-COOKIE-1	X11 Xauthority data
+17	string		MIT-MAGIC-COOKIE-1	X11 Xauthority data
+18	string		MIT-MAGIC-COOKIE-1	X11 Xauthority data
+
+# From: Maxime Henrion <mux@FreeBSD.org>
+# PostgreSQL's custom dump format, Maxime Henrion <mux@FreeBSD.org>
+0	string		PGDMP		PostgreSQL custom database dump
+>5	byte		x		- v%d
+>6	byte		x		\b.%d
+>5	beshort		<0x101		\b-0
+>5	beshort		>0x100
+>>7	byte		x		\b-%d
+
+# Type: Advanced Data Format (ADF) database
+# URL:  https://www.grc.nasa.gov/WWW/cgns/adf/
+# From: Nicolas Chauvat <nicolas.chauvat@logilab.fr>
+0	string	@(#)ADF\ Database	CGNS Advanced Data Format
+
+# Tokyo Cabinet magic data
+# http://tokyocabinet.sourceforge.net/index.html
+0	string		ToKyO\ CaBiNeT\n	Tokyo Cabinet
+>14	string		x			\b (%s)
+>32	byte		0			\b, Hash
+!:mime	application/x-tokyocabinet-hash
+>32	byte		1			\b, B+ tree
+!:mime	application/x-tokyocabinet-btree
+>32	byte		2			\b, Fixed-length
+!:mime	application/x-tokyocabinet-fixed
+>32	byte		3			\b, Table
+!:mime	application/x-tokyocabinet-table
+>33	byte		&1			\b, [open]
+>33	byte		&2			\b, [fatal]
+>34	byte		x			\b, apow=%d
+>35	byte		x			\b, fpow=%d
+>36	byte		&0x01			\b, [large]
+>36	byte		&0x02			\b, [deflate]
+>36	byte		&0x04			\b, [bzip]
+>36	byte		&0x08			\b, [tcbs]
+>36	byte		&0x10			\b, [excodec]
+>40	lequad		x			\b, bnum=%lld
+>48	lequad		x			\b, rnum=%lld
+>56	lequad		x			\b, fsiz=%lld
+
+# Type:	QDBM Quick Database Manager
+# From:	Benoit Sibaud <bsibaud@april.org>
+0	string		\\[depot\\]\n\f		Quick Database Manager, little endian
+0	string		\\[DEPOT\\]\n\f		Quick Database Manager, big endian
+
+# Type:	TokyoCabinet database
+# URL:	http://tokyocabinet.sourceforge.net/
+# From:	Benoit Sibaud <bsibaud@april.org>
+0	string		ToKyO\ CaBiNeT\n	TokyoCabinet database
+>14	string		x			(version %s)
+
+# From:  Stephane Blondon https://www.yaal.fr
+# Database file for Zope (done by FileStorage)
+0	string	FS21	Zope Object Database File Storage v3 (data)
+0	string	FS30	Zope Object Database File Storage v4 (data)
+
+# Cache file for the database of Zope (done by ClientStorage)
+0	string		ZEC3	Zope Object Database Client Cache File (data)
+
+# IDA (Interactive Disassembler) database
+0	string		IDA1	IDA (Interactive Disassembler) database
+
+# Hopper (reverse engineering tool) https://www.hopperapp.com/
+0	string		hopperdb	Hopper database
+
+# URL: https://en.wikipedia.org/wiki/Panorama_(database_engine)
+# Reference: http://www.provue.com/Panorama/
+# From: Joerg Jenderek
+# NOTE: test only versions 4 and 6.0 with Windows
+# length of Panorama database name
+5	ubyte				>0
+# look after database name for "some" null bits
+>(5.B+7)	ubelong&0xF3ffF000	0
+# look for first keyword
+>>&1		search/2		DESIGN		Panorama database
+#!:mime	application/x-panorama-database
+!:apple	KASXZEPD
+!:ext	pan
+# database name
+>>>5	pstring				x		\b, "%s"
+
+#
+#
+# askSam Database by Stefan A. Haubenthal <polluks@web.de>
+0	string	askw40\0	askSam DB
+
+#
+#
+# MUIbase Database Tool by Stefan A. Haubenthal <polluks@web.de>
+0	string	MBSTV\040	MUIbase DB
+>6	string	x		version %s
+
+#
+# CDB database
+0	string	NBCDB\012	NetBSD Constant Database
+>7	byte	x		\b, version %d
+>8	string	x		\b, for '%s'
+>24	lelong	x		\b, datasize %d
+>28	lelong	x		\b, entries %d
+>32	lelong	x		\b, index %d
+>36	lelong	x		\b, seed %#x
+
+#
+# Redis RDB - https://redis.io/topics/persistence
+0	string	REDIS			Redis RDB file,
+>5	regex	[0-9][0-9][0-9][0-9]	version %s
+
+# Mork database.
+# Used by older versions of Mozilla Suite and Firefox,
+# and current versions of Thunderbird.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+0	string	//\ <!--\ <mdb:mork:z\ v="	Mozilla Mork database
+>23	string	x		\b, version %.3s
+
+# URL:		https://en.wikipedia.org/wiki/Management_Information_Format
+# Reference:	https://www.dmtf.org/sites/default/files/standards/documents/DSP0005.pdf
+# From:		Joerg Jenderek
+# Note:		only tested with monitor asset reports of Dell Display Manager
+#		skip start like Language=fr|CA|iso8859-1
+0	search/27/C	Start\040Component	DMI Management Information Format
+#!:mime	text/plain
+!:mime	text/x-dmtf-mif
+!:ext	mif
+
diff --git a/magic/Magdir/dataone b/magic/Magdir/dataone
new file mode 100644
index 0000000..566633e
--- /dev/null
+++ b/magic/Magdir/dataone
@@ -0,0 +1,47 @@
+
+#------------------------------------------------------------------------------
+# $File: dataone,v 1.3 2022/04/18 21:38:10 christos Exp $
+#
+# DataONE- files from Dave Vieglais <dave.vieglais@gmail.com> &
+#                     Pratik Shrivastava <pratikshrivastava23@gmail.com>
+#
+# file formats:   https://cn.dataone.org/cn/v2/formats
+#------------------------------------------------------------------------------
+
+# EML (Ecological Metadata Language Format)
+0	string	\<?xml\ version=
+>&0	regex/1024	eml-[0-9]\\.[0-9]\\.[0-9]+	eml://ecoinformatics.org/%s
+
+# onedcx (DataONE Dublin Core Extended v1.0)
+>&0	regex/1024	onedcx/v[0-9]\\.[0-9]+		https://ns.dataone.org/metadata/schema/onedcx/v1.0
+
+# FGDC-STD-001-1998 (Content Standard for Digital Geospatial Metadata,
+# version 001-1998)
+>&0	search/1024	fgdc				FGDC-STD-001-1998
+
+# Mercury (Oak Ridge National Lab Mercury Metadata version 1.0)
+>&0	regex/1024	mercury/terms/v[0-9]\\.[0-9]	https://purl.org/ornl/schema/mercury/terms/v1.0
+
+# ISOTC211 (Geographic MetaData (GMD) Extensible Markup Language)
+>&0	search/1024	isotc211
+>>&0	search/1024	eng;USA				https://www.isotc211.org/2005/gmd
+
+# ISOTC211 (NOAA Variant Geographic MetaData (GMD) Extensible Markup Language)
+>>&0	regex/1024	gov\\.noaa\\.nodc:[0-9]+		https://www.isotc211.org/2005/gmd-noaa
+
+# ISOTC211 PANGAEA Variant Geographic MetaData (GMD) Extensible Markup Language
+>>&0	regex/1024	pangaea\\.dataset[0-9][0-9][0-9][0-9][0-9][0-9]+	https://www.isotc211.org/2005/gmd-pangaea
+!:mime	text/xml
+
+
+# Object Reuse and Exchange Vocabulary
+0	string	\<?xml\ version=
+>&0	search/1024	rdf
+>>&0	search/1024	openarchives	https://www.openarchives.org/ore/terms
+!:mime application/rdf+xml
+
+
+# Dryad Metadata Application Profile Version 3.1
+0	string	<DryadData
+>&0	regex/1024	dryad-bibo/v[0-9]\\.[0-9]	https://datadryad.org/profile/v3.1
+!:mime	text/xml
diff --git a/magic/Magdir/dbpf b/magic/Magdir/dbpf
new file mode 100644
index 0000000..df07ff8
--- /dev/null
+++ b/magic/Magdir/dbpf
@@ -0,0 +1,15 @@
+
+#------------------------------------------------------------------------------
+# $File: dbpf,v 1.3 2019/04/19 00:42:27 christos Exp $
+# dppf:	Maxis Database Packed Files, the stored data file format used by all
+#	Maxis games after the Sims: http://wiki.niotso.org/DBPF
+# 	https://www.wiki.sc4devotion.com/index.php?title=DBPF
+#	13 Oct 2017, Kip Warner <kip at thevertigo dot com>
+0	string	DBPF	Maxis Database Packed File
+>4	ulelong	x	\b, version: %u.
+>>8	ulelong	x	\b%u
+>>>36	ulelong	x       \b, files: %u
+>>24	ledate	!0	\b, created: %s
+>>28	ledate	!0	\b, modified: %s
+!:ext	dbpf/package/dat/sc4
+!:mime	application/x-maxis-dbpf
diff --git a/magic/Magdir/der b/magic/Magdir/der
new file mode 100644
index 0000000..3bc2e38
--- /dev/null
+++ b/magic/Magdir/der
@@ -0,0 +1,146 @@
+#------------------------------------------------------------------------------
+# $File: der,v 1.6 2023/01/11 23:59:49 christos Exp $
+# der: file(1) magic for DER encoded files
+#
+
+# Certificate information piece
+0	name	certinfo
+>0	der	seq
+>>&0	der	set
+>>>&0	der	seq
+>>>>&0	der	obj_id3=550406
+>>>>&0	der	prt_str=x	\b, countryName=%s
+>>&0	der	set
+>>>&0	der	seq
+>>>>&0	der	obj_id3=550408
+>>>>&0	der	utf8_str=x	\b, stateOrProvinceName=%s
+>>&0	der	set
+>>>&0	der	seq
+>>>>&0	der	obj_id3=55040a
+>>>>&0	der	utf8_str=x	\b, organizationName=%s
+>>&0	der	set
+>>>&0	der	seq
+>>>>&0	der	obj_id3=550403
+>>>>&0	der	utf8_str=x	\b, commonName=%s
+>>&0	der	seq
+
+# Certificate requests
+0	der	seq
+>&0	der	seq
+>>&0	der	int1=00		DER Encoded Certificate request
+>>&0	use	certinfo
+
+# Key Pairs
+0	der	seq
+>&0	der	int1=00
+>&0	der	int65=x
+>&0	der	int3=010001	DER Encoded Key Pair, 512 bits
+
+0	der	seq
+>&0	der	int1=00
+>&0	der	int129=x
+>&0	der	int3=010001	DER Encoded Key Pair, 1024 bits
+
+0	der	seq
+>&0	der	int1=00
+>&0	der	int257=x
+>&0	der	int3=010001	DER Encoded Key Pair, 2048 bits
+
+0	der	seq
+>&0	der	int1=00
+>&0	der	int513=x
+>&0	der	int3=010001	DER Encoded Key Pair, 4096 bits
+
+0	der	seq
+>&0	der	int1=00
+>&0	der	int1025=x
+>&0	der	int3=010001	DER Encoded Key Pair, 8192 bits
+
+0	der	seq
+>&0	der	int1=00
+>&0	der	int2049=x
+>&0	der	int3=010001	DER Encoded Key Pair, 16k bits
+
+0	der	seq
+>&0	der	int1=00
+>&0	der	int4097=x
+>&0	der	int3=010001	DER Encoded Key Pair, 32k bits
+
+# Certificates
+0	der	seq
+>&0	der	seq
+>>&0	der	int2=0dfa	DER Encoded Certificate, 512 bits
+>>&0	der	int2=0dfb	DER Encoded Certificate, 1024 bits
+>>&0	der	int2=0dfc	DER Encoded Certificate, 2048 bits
+>>&0	der	int2=0dfd	DER Encoded Certificate, 4096 bits
+>>&0	der	int2=0dfe	DER Encoded Certificate, 8192 bits
+>>&0	der	int2=0dff	DER Encoded Certificate, 16k bits
+>>&0	der	int2=0e04	DER Encoded Certificate, 32k bits
+>>&0	der	int2=x		DER Encoded Certificate, ? bits (%s)
+>>&0	der	seq
+>>>&0	der	obj_id9=2a864886f70d010105	\b, sha1WithRSAEncryption
+>>>&0	der	obj_id9=x			\b, ? Encryption (%s)
+>>>&0	der	null
+>>&0	der	seq
+>>>&0	der	set
+>>>>&0	der	seq
+>>>>>&0	der	obj_id3=550406
+>>>>>&0	der	prt_str=x	\b, countryName=%s
+>>>&0	der	set
+>>>>&0	der	seq
+>>>>>&0	der	obj_id3=550408
+>>>>>&0	der	prt_str=x	\b, stateOrProvinceName=%s
+>>>&0	der	set
+>>>>&0	der	seq
+>>>>>&0	der	obj_id3=550407
+>>>>>&0	der	prt_str=x	\b, localityName=%s
+>>>&0	der	set
+>>>>&0	der	seq
+>>>>>&0	der	obj_id3=55040a
+>>>>>&0	der	prt_str=x	\b, organizationName=%s
+>>>&0	der	set
+>>>>&0	der	seq
+>>>>>&0	der	obj_id3=55040b
+>>>>>&0	der	prt_str=x	\b, organizationUnitName=%s
+>>>&0	der	set
+>>>>&0	der	seq
+>>>>>&0	der	obj_id3=550403
+>>>>>&0	der	prt_str=x	\b, commonName=%s
+>>>&0	der	set
+>>>>&0	der	seq
+>>>>>&0	der	obj_id9=2a864886f70d010901
+>>>>>&0	der	ia5_str=x	\b, emailAddress=%s
+#>>&0	der	seq
+#>>>&0	der	utc_time=x	\b, utcTime=%s
+#>>>&0	der	utc_time=x	\b, utcTime=%s
+>>&0	use	certinfo
+
+0	der	seq
+>&0	der	seq
+>>&0	der	eoc
+>>>&0	der	int1=02		Certificate, Version=3
+>>>&0	der	int1=x		Certificate, Version=%s
+>>&0	der	int9=x		\b, Serial=%s
+>>&0	der	seq		
+>>>&0	der     obj_id9=2a864886f70d01010b
+>>>&0	der	null
+>>&0	der	seq
+>>>&0	der	set
+>>>>&0	der	seq	
+>>>>>&0	der     obj_id3=550403
+>>>>>&0	der     utf8_str=x      \b, Issuer=%s
+#>>&0	der	seq
+#>>>&0	der	utc_time=x	\b, not-valid-before=%s
+#>>>&0	der	utc_time=x	\b, not-valid-after=%s
+>>&0	der	seq
+>>>&0	der	set
+>>>>&0	der	seq
+>>>>>&0	der     obj_id3=550403
+>>>>>&0	der     utf8_str=x      \b, Subject=%s
+
+# PKCS#7 Signed Data (e.g. JAR Signature Block File)
+# OID 1.2.840.113549.1.7.2 (2a864886f70d010702)
+# Reference: https://www.rfc-editor.org/rfc/rfc2315
+0	der	seq
+>&0	der	obj_id9=2a864886f70d010702	DER Encoded PKCS#7 Signed Data
+!:ext	RSA/DSA/EC
diff --git a/magic/Magdir/diamond b/magic/Magdir/diamond
new file mode 100644
index 0000000..39d1ed6
--- /dev/null
+++ b/magic/Magdir/diamond
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: diamond,v 1.7 2009/09/19 16:28:08 christos Exp $
+# diamond:  file(1) magic for Diamond system
+#
+# ... diamond is a multi-media mail and electronic conferencing system....
+#
+# XXX - I think it was either renamed Slate, or replaced by Slate....
+#
+#	The full deal is too long...
+#0	string	<list>\n<protocol\ bbn-multimedia-format>	Diamond Multimedia Document
+0	string	=<list>\n<protocol\ bbn-m	Diamond Multimedia Document
diff --git a/magic/Magdir/dif b/magic/Magdir/dif
new file mode 100644
index 0000000..9d7e5fd
--- /dev/null
+++ b/magic/Magdir/dif
@@ -0,0 +1,33 @@
+
+#------------------------------------------------------------------------------
+# $File: dif,v 1.1 2020/04/09 19:14:01 christos Exp $
+# dif:  file(1) magic for DIF text files
+
+#------------------------------------------------------------------------------
+# From:	Joerg Jenderek
+# URL:	http://en.wikipedia.org/wiki/Data_Interchange_Format
+#	http://fileformats.archiveteam.org/wiki/Data_Interchange_Format
+# Note:	called by TrID "Data Interchange Format",
+#	by DROID x-fmt/368 "VisiCalc Database"
+0	string		TABLE
+# skip text starting with TABLE by looking for numeric version on 2nd line
+>6	search/2	0,
+# skip DROID x-fmt-41-signature-id-380.dif by looking for key word TUPLES at the beginning
+>>27	search/128	TUPLES		Data Interchange Format
+# https://www.pcmatic.com/company/libraries/fileextension/detail.asp?ext=dif.html
+#!:mime	application/x-dif-spreadsheet	Gnumeric
+# https://github.com/LibreOffice/online/blob/master/discovery.xml
+#!:mime	application/x-dif-document	LibreOffice
+# https://www.wikidata.org/wiki/Wikidata:WikiProject_Informatics/File_formats/Lists/File_formats
+!:mime	application/x-dif
+# https://extension.nirsoft.net/dif
+#!:mime	application/vnd.ms-excel
+#!:mime	text/plain
+!:ext	dif
+# look for double quote 0x22 on 3rd line
+>>>10	search/3	"
+# skip if next character also double quote 
+>>>>&0	ubyte		!0x22		\b, generator or table name
+# comment like EXCEL, pwm enclosed in double quotes
+>>>>>&-2	string	x		%s
+
diff --git a/magic/Magdir/diff b/magic/Magdir/diff
new file mode 100644
index 0000000..a6124e3
--- /dev/null
+++ b/magic/Magdir/diff
@@ -0,0 +1,41 @@
+
+#------------------------------------------------------------------------------
+# $File: diff,v 1.17 2020/08/22 18:16:58 christos Exp $
+# diff:  file(1) magic for diff(1) output
+#
+0	search/1	diff\040	diff output text
+!:mime	text/x-diff
+0	search/1	***\040
+>&0	search/1024	\n---\040	context diff output text
+!:mime	text/x-diff
+0	search/1	Only\040in\040 	diff output text
+!:mime	text/x-diff
+0	search/1	Common\040subdirectories:\040 	diff output text
+!:mime	text/x-diff
+
+0	search/1	Index:		RCS/CVS diff output text
+!:mime	text/x-diff
+
+# bsdiff:  file(1) magic for bsdiff(1) output
+0	string/b	BSDIFF40	bsdiff(1) patch file
+
+
+# unified diff
+0	search/4096	---\040
+>&0	search/1024 	\n
+>>&0	search/1 	+++\040
+>>>&0	search/1024 	\n
+>>>>&0	search/1	@@		unified diff output text
+!:mime	text/x-diff
+!:strength + 90
+
+# librsync -- the library for network deltas
+#
+# Copyright (C) 2001 by Martin Pool.  You may do whatever you want with
+# this file.
+#
+0	belong		0x72730236	rdiff network-delta data
+
+0	belong		0x72730136	rdiff network-delta signature data
+>4	belong		x		(block length=%d,
+>8	belong		x		signature strength=%d)
diff --git a/magic/Magdir/digital b/magic/Magdir/digital
new file mode 100644
index 0000000..b2753b9
--- /dev/null
+++ b/magic/Magdir/digital
@@ -0,0 +1,59 @@
+
+#------------------------------------------------------------------------------
+# $File: digital,v 1.12 2021/07/03 14:01:46 christos Exp $
+#  Digital UNIX - Info
+#
+0	string	=!<arch>\n________64E	Alpha archive
+>22	string	X			-- out of date
+#
+
+0	leshort		0603
+>24	leshort		0410		COFF format alpha pure
+>24	leshort		0413		COFF format alpha demand paged
+>>22	leshort&030000	!020000		executable
+>>22	leshort&020000	!0		dynamically linked
+>>16	lelong		!0		not stripped
+>>16	lelong		0		stripped
+>>27	byte		x		- version %d
+>>26	byte		x		\b.%d
+>>28	byte		x		\b-%d
+>24	leshort		0407		COFF format alpha object
+>>22	leshort&030000	020000		shared library
+>>27	byte		x		- version %d
+>>26	byte		x		\b.%d
+>>28	byte		x		\b-%d
+
+# Basic recognition of Digital UNIX core dumps - Mike Bremford <mike@opac.bl.uk>
+#
+# The actual magic number is just "Core", followed by a 2-byte version
+# number; however, treating any file that begins with "Core" as a Digital
+# UNIX core dump file may produce too many false hits, so we include one
+# byte of the version number as well; DU 5.0 appears only to be up to
+# version 2.
+#
+0	string		Core\001	Alpha COFF format core dump (Digital UNIX)
+>24	string		>\0		\b, from '%s'
+0	string		Core\002	Alpha COFF format core dump (Digital UNIX)
+>24	string		>\0		\b, from '%s'
+#
+# The next is incomplete, we could tell more about this format,
+# but its not worth it.
+0	leshort		0x188	Alpha compressed COFF
+0	leshort		0x18f	Alpha u-code object
+#
+#
+# Some other interesting Digital formats,
+0	string	\377\377\177		ddis/ddif
+0	string	\377\377\174		ddis/dots archive
+0	string	\377\377\176		ddis/dtif table data
+0	string	\033c\033		LN03 output
+0	long	04553207		X image
+#
+0	string	=!<PDF>!\n		profiling data file
+#
+# Locale data tables (MIPS and Alpha).
+#
+# GRR: line below is too general as it matches also TTComp archive, ASCII, 2K  handled by ./archive
+0	short		0x0501		locale data table
+>6	short		0x24		for MIPS
+>6	short		0x40		for Alpha
diff --git a/magic/Magdir/dolby b/magic/Magdir/dolby
new file mode 100644
index 0000000..d73e7d3
--- /dev/null
+++ b/magic/Magdir/dolby
@@ -0,0 +1,69 @@
+
+#------------------------------------------------------------------------------
+# $File: dolby,v 1.9 2019/04/19 00:42:27 christos Exp $
+# ATSC A/53 aka AC-3 aka Dolby Digital <ashitaka@gmx.at>
+# from https://www.atsc.org/standards/a_52a.pdf
+# corrections, additions, etc. are always welcome!
+#
+# syncword
+0	beshort		0x0b77	ATSC A/52 aka AC-3 aka Dolby Digital stream,
+# Proposed audio/ac3 RFC/4184
+!:mime	audio/vnd.dolby.dd-raw
+# fscod
+>4	byte&0xc0 = 0x00	48 kHz,
+>4	byte&0xc0 = 0x40	44.1 kHz,
+>4	byte&0xc0 = 0x80	32 kHz,
+# is this one used for 96 kHz?
+>4	byte&0xc0 = 0xc0	reserved frequency,
+#
+>5	byte&0x07 = 0x00	\b, complete main (CM)
+>5	byte&0x07 = 0x01	\b, music and effects (ME)
+>5	byte&0x07 = 0x02	\b, visually impaired (VI)
+>5	byte&0x07 = 0x03	\b, hearing impaired (HI)
+>5	byte&0x07 = 0x04	\b, dialogue (D)
+>5	byte&0x07 = 0x05	\b, commentary (C)
+>5	byte&0x07 = 0x06	\b, emergency (E)
+>5	beshort&0x07e0  0x0720	\b, voiceover (VO)
+>5	beshort&0x07e0 >0x0720	\b, karaoke
+# acmod
+>6	byte&0xe0 = 0x00	1+1 front,
+>>6	byte&0x10 = 0x10	LFE on,
+>6	byte&0xe0 = 0x20	1 front/0 rear,
+>>6	byte&0x10 = 0x10	LFE on,
+>6	byte&0xe0 = 0x40	2 front/0 rear,
+# dsurmod (for stereo only)
+>>6	byte&0x18 = 0x00	Dolby Surround not indicated
+>>6	byte&0x18 = 0x08	not Dolby Surround encoded
+>>6	byte&0x18 = 0x10	Dolby Surround encoded
+>>6	byte&0x18 = 0x18	reserved Dolby Surround mode
+>>6	byte&0x04 = 0x04	LFE on,
+>6	byte&0xe0 = 0x60	3 front/0 rear,
+>>6	byte&0x04 = 0x04	LFE on,
+>6	byte&0xe0 = 0x80	2 front/1 rear,
+>>6	byte&0x04 = 0x04	LFE on,
+>6	byte&0xe0 = 0xa0	3 front/1 rear,
+>>6	byte&0x01 = 0x01	LFE on,
+>6	byte&0xe0 = 0xc0	2 front/2 rear,
+>>6	byte&0x04 = 0x04	LFE on,
+>6	byte&0xe0 = 0xe0	3 front/2 rear,
+>>6	byte&0x01 = 0x01	LFE on,
+#
+>4	byte&0x3e = 0x00	\b, 32 kbit/s
+>4	byte&0x3e = 0x02	\b, 40 kbit/s
+>4	byte&0x3e = 0x04	\b, 48 kbit/s
+>4	byte&0x3e = 0x06	\b, 56 kbit/s
+>4	byte&0x3e = 0x08	\b, 64 kbit/s
+>4	byte&0x3e = 0x0a	\b, 80 kbit/s
+>4	byte&0x3e = 0x0c	\b, 96 kbit/s
+>4	byte&0x3e = 0x0e	\b, 112 kbit/s
+>4	byte&0x3e = 0x10	\b, 128 kbit/s
+>4	byte&0x3e = 0x12	\b, 160 kbit/s
+>4	byte&0x3e = 0x14	\b, 192 kbit/s
+>4	byte&0x3e = 0x16	\b, 224 kbit/s
+>4	byte&0x3e = 0x18	\b, 256 kbit/s
+>4	byte&0x3e = 0x1a	\b, 320 kbit/s
+>4	byte&0x3e = 0x1c	\b, 384 kbit/s
+>4	byte&0x3e = 0x1e	\b, 448 kbit/s
+>4	byte&0x3e = 0x20	\b, 512 kbit/s
+>4	byte&0x3e = 0x22	\b, 576 kbit/s
+>4	byte&0x3e = 0x24	\b, 640 kbit/s
diff --git a/magic/Magdir/dump b/magic/Magdir/dump
new file mode 100644
index 0000000..cc5644d
--- /dev/null
+++ b/magic/Magdir/dump
@@ -0,0 +1,96 @@
+
+#------------------------------------------------------------------------------
+# $File: dump,v 1.17 2018/06/26 01:07:17 christos Exp $
+# dump:  file(1) magic for dump file format--for new and old dump filesystems
+#
+# We specify both byte orders in order to recognize byte-swapped dumps.
+#
+0	name	new-dump-be
+>4	bedate	x		This dump %s,
+>8	bedate	x		Previous dump %s,
+>12	belong	>0		Volume %d,
+>692	belong	0		Level zero, type:
+>692	belong	>0		Level %d, type:
+>0	belong	1		tape header,
+>0	belong	2		beginning of file record,
+>0	belong	3		map of inodes on tape,
+>0	belong	4		continuation of file record,
+>0	belong	5		end of volume,
+>0	belong	6		map of inodes deleted,
+>0	belong	7		end of medium (for floppy),
+>676	string	>\0		Label %s,
+>696	string	>\0		Filesystem %s,
+>760	string	>\0		Device %s,
+>824	string	>\0		Host %s,
+>888	belong	>0		Flags %x
+
+0	name	old-dump-be
+#>4	bedate	x		This dump %s,
+#>8	bedate	x		Previous dump %s,
+>12	belong	>0		Volume %d,
+>692	belong	0		Level zero, type:
+>692	belong	>0		Level %d, type:
+>0	belong	1		tape header,
+>0	belong	2		beginning of file record,
+>0	belong	3		map of inodes on tape,
+>0	belong	4		continuation of file record,
+>0	belong	5		end of volume,
+>0	belong	6		map of inodes deleted,
+>0	belong	7		end of medium (for floppy),
+>676	string	>\0		Label %s,
+>696	string	>\0		Filesystem %s,
+>760	string	>\0		Device %s,
+>824	string	>\0		Host %s,
+>888	belong	>0		Flags %x
+
+0	name	ufs2-dump-be
+>896	beqdate	x		This dump %s,
+>904	beqdate	x		Previous dump %s,
+>12	belong	>0		Volume %d,
+>692	belong	0		Level zero, type:
+>692	belong	>0		Level %d, type:
+>0	belong	1		tape header,
+>0	belong	2		beginning of file record,
+>0	belong	3		map of inodes on tape,
+>0	belong	4		continuation of file record,
+>0	belong	5		end of volume,
+>0	belong	6		map of inodes deleted,
+>0	belong	7		end of medium (for floppy),
+>676	string	>\0		Label %s,
+>696	string	>\0		Filesystem %s,
+>760	string	>\0		Device %s,
+>824	string	>\0		Host %s,
+>888	belong	>0		Flags %x
+
+24	belong	60012		new-fs dump file (big endian),
+>0	use	new-dump-be
+
+24	belong	60011		old-fs dump file (big endian),
+>0	use	old-dump-be
+
+24	lelong	60012		new-fs dump file (little endian),
+# to correctly recognize '*.mo' GNU message catalog (little endian)
+!:strength - 15
+>0	use	\^new-dump-be
+
+24	lelong	60011		old-fs dump file (little endian),
+>0	use	\^old-dump-be
+
+
+24	belong	0x19540119	new-fs dump file (ufs2, big endian),
+>0	use	ufs2-dump-be
+
+24	lelong	0x19540119	new-fs dump file (ufs2, little endian),
+>0	use	\^ufs2-dump-be
+
+18	leshort	60011		old-fs dump file (16-bit, assuming PDP-11 endianness),
+>2	medate	x		Previous dump %s,
+>6	medate	x		This dump %s,
+>10	leshort	>0		Volume %d,
+>0	leshort	1		tape header.
+>0	leshort	2		beginning of file record.
+>0	leshort	3		map of inodes on tape.
+>0	leshort	4		continuation of file record.
+>0	leshort	5		end of volume.
+>0	leshort	6		map of inodes deleted.
+>0	leshort	7		end of medium (for floppy).
diff --git a/magic/Magdir/dwarfs b/magic/Magdir/dwarfs
new file mode 100644
index 0000000..3700a33
--- /dev/null
+++ b/magic/Magdir/dwarfs
@@ -0,0 +1,45 @@
+
+#------------------------------------------------------------------------------
+# $File: dwarfs,v 1.2 2023/05/23 13:37:32 christos Exp $
+# dwarfs: file(1) magic for DwarFS File System Image files
+# URL: https://github.com/mhx/dwarfs for details about DwarFS
+# From: Marcus Holland-Moritz <github@mhxnet.de>
+
+#### DwarFS Version Macro
+0			name		dwarfsversion
+>&0			byte		x		\b, version %d
+>&1			byte		x		\b.%d
+
+#### DwarFS Compression Macro
+0			name		dwarfscompression
+>&0			leshort		=0		\b, uncompressed
+>&0			leshort		=1		\b, LZMA compression
+>&0			leshort		=2		\b, ZSTD compression
+>&0			leshort		=3		\b, LZ4 compression
+>&0			leshort		=4		\b, LZ4HC compression
+>&0			leshort		=5		\b, BROTLI compression
+
+#### DwarFS files without header
+## We first check against a DWARFS magic at the start of the file, then
+## validate by checking the block count / section type to be all zeros
+## for the first block. Finally, we check that the *next* block also
+## has the correct DWARFS magic.
+0			string		DWARFS
+>&0x2A			string/b	\0\0\0\0\0\0
+>>&(&0x02.q+0x0A)	string		DWARFS		DwarFS File System Image
+>>>&0			use		dwarfsversion
+>>&0			use		dwarfscompression
+
+#### DwarFS files with header
+## We search for a DWARFS magic in the first 64k of the file (images with
+## headers longer than 64k won't be recognized), then  validate by checking
+## the block count / section type to be all zeros for the first block.
+## Finally, we check that the *next* block also has the correct DWARFS magic.
+## If we find a DWARFS magic that doesn't pass validation, we continue with
+## an indirect match recursively.
+1			search/65536/b	DWARFS
+>&0x2A			string/b	\0\0\0\0\0\0
+>>&(&0x02.q+0x0A)	string		DWARFS		DwarFS File System Image (with header)
+>>>&0			use		dwarfsversion
+>>&0			use		dwarfscompression
+>&-1			indirect	x
diff --git a/magic/Magdir/dyadic b/magic/Magdir/dyadic
new file mode 100644
index 0000000..c57f81b
--- /dev/null
+++ b/magic/Magdir/dyadic
@@ -0,0 +1,61 @@
+
+#------------------------------------------------------------------------------
+# $File: dyadic,v 1.9 2019/04/19 00:42:27 christos Exp $
+# Dyadic: file(1) magic for Dyalog APL.
+#
+# updated by Joerg Jenderek at Oct 2013
+# https://en.wikipedia.org/wiki/Dyalog_APL
+# https://www.dyalog.com/
+# .DXV Dyalog APL External Variable
+# .DIN Dyalog APL Input Table
+# .DOT Dyalog APL Output Table
+# .DFT Dyalog APL Format File
+0	ubeshort&0xFF60	0xaa00
+# skip biblio.dbt
+>1	byte		!4
+# real Dyalog APL have non zero version numbers like 7.3 or 13.4
+>>2	ubeshort	>0x0000		Dyalog APL
+>>>1	byte		0x00		aplcore
+#>>>1	byte		0x00		incomplete workspace
+# *.DCF Dyalog APL Component File
+>>>1	byte		0x01		component file 32-bit non-journaled non-checksummed
+#>>>1	byte		0x01		component file
+>>>1	byte		0x02		external variable exclusive
+#>>>1	byte		0x02		external variable
+# *.DWS Dyalog APL Workspace
+>>>1	byte		0x03		workspace
+>>>>7	byte&0x28	0x00		32-bit
+>>>>7	byte&0x28	0x20		64-bit
+>>>>7	byte&0x0c	0x00		classic
+>>>>7	byte&0x0c	0x04		unicode
+>>>>7	byte&0x88	0x00		big-endian
+>>>>7	byte&0x88	0x80		little-endian
+>>>1	byte		0x06		external variable shared
+# *.DSE Dyalog APL Session , *.DLF Dyalog APL Session Log File
+>>>1	byte		0x07		session
+>>>1	byte		0x08		mapped file 32-bit
+>>>1	byte		0x09		component file 64-bit non-journaled non-checksummed
+>>>1	byte		0x0a		mapped file 64-bit
+>>>1	byte		0x0b		component file 32-bit level 1 journaled non-checksummed
+>>>1	byte		0x0c		component file 64-bit level 1 journaled non-checksummed
+>>>1	byte		0x0d		component file 32-bit level 1 journaled checksummed
+>>>1	byte		0x0e		component file 64-bit level 1 journaled checksummed
+>>>1	byte		0x0f		component file 32-bit level 2 journaled checksummed
+>>>1	byte		0x10		component file 64-bit level 2 journaled checksummed
+>>>1	byte		0x11		component file 32-bit level 3 journaled checksummed
+>>>1	byte		0x12		component file 64-bit level 3 journaled checksummed
+>>>1	byte		0x13		component file 32-bit non-journaled checksummed
+>>>1	byte		0x14		component file 64-bit non-journaled checksummed
+>>>1	byte		0x15		component file under construction
+>>>1	byte		0x16		DFS component file 64-bit level 1 journaled checksummed
+>>>1	byte		0x17		DFS component file 64-bit level 2 journaled checksummed
+>>>1	byte		0x18		DFS component file 64-bit level 3 journaled checksummed
+>>>1	byte		0x19		external workspace
+>>>1	byte		0x80		DDB
+>>>2	byte		x		version %d
+>>>3	byte		x		\b.%d
+#>>>2	byte		x		type %d
+#>>>3	byte		x		subtype %d
+
+# *.DXF Dyalog APL Transfer File
+0	short		0x6060		Dyalog APL transfer
diff --git a/magic/Magdir/ebml b/magic/Magdir/ebml
new file mode 100644
index 0000000..d37b5c0
--- /dev/null
+++ b/magic/Magdir/ebml
@@ -0,0 +1,8 @@
+
+#------------------------------------------------------------------------------
+# $File: ebml,v 1.2 2019/04/19 00:42:27 christos Exp $
+# ebml:  file(1) magic for various Extensible Binary Meta Language
+# https://www.matroska.org/technical/specs/index.html#track
+0	belong	0x1a45dfa3	EBML file
+>4	search/b/100	\102\202
+>>&1	string	x		\b, creator %.8s
diff --git a/magic/Magdir/edid b/magic/Magdir/edid
new file mode 100644
index 0000000..a17b6c4
--- /dev/null
+++ b/magic/Magdir/edid
@@ -0,0 +1,11 @@
+
+#------------------------------------------------------------------------------
+# $File: edid,v 1.1 2019/03/28 12:36:01 christos Exp $
+# edid:  file(1) magic for EDID dump files
+
+0	quad	0x00ffffffffffff00	Extended display identification data dump
+!:mime application/x-edid-dump
+>18	byte	0x01			Version 1
+>>19	byte	<0x04			\b.%d
+>18	byte	0x02			Version 2
+>>19	byte	0x00			\b.0
diff --git a/magic/Magdir/editors b/magic/Magdir/editors
new file mode 100644
index 0000000..48eaa11
--- /dev/null
+++ b/magic/Magdir/editors
@@ -0,0 +1,43 @@
+
+#------------------------------------------------------------------------------
+# $File: editors,v 1.12 2020/10/11 20:28:07 christos Exp $
+# T602 editor documents
+# by David Necas <yeti@physics.muni.cz>
+0	string	@CT\ 	T602 document data,
+>4	string	0	Kamenicky
+>4	string	1	CP 852
+>4	string	2	KOI8-CS
+>4	string	>2	unknown encoding
+
+# Vi IMproved Encrypted file
+# by David Necas <yeti@physics.muni.cz>
+# updated by Osman Surkatty
+0	string	VimCrypt~	Vim encrypted file data
+>9	string	01!		with zip cryptmethod
+>9	string	02!		with blowfish cryptmethod
+>9	string	03!		with blowfish2 cryptmethod
+
+0	name	vimnanoswap
+>67	byte	0
+>>107	byte	0
+#>>>2	string	x	%s swap file
+>>>24	ulelong	x	\b, pid %d
+>>>28	string	>\0	\b, user %s
+>>>68	string	>\0	\b, host %s
+>>>108	string	>\0	\b, file %s
+>>>1007	byte	0x55	\b, modified
+
+# Vi IMproved Swap file
+# by Sven Wegener <swegener@gentoo.org>
+0	string  b0VIM\ 		Vim swap file
+>&0	string  >\0		\b, version %s
+>0	use	vimnanoswap
+
+
+# Lock/swap file for several editors, at least
+# Vi IMproved and nano
+0	string	b0nano		Nano swap file
+>0	use	vimnanoswap
+
+# kate (K Advanced Text Editor)
+0	string	\x00\x00\x00\x12Kate\ Swap\ File\ 2.0\x00	Kate swap file
diff --git a/magic/Magdir/efi b/magic/Magdir/efi
new file mode 100644
index 0000000..7760100
--- /dev/null
+++ b/magic/Magdir/efi
@@ -0,0 +1,15 @@
+
+#------------------------------------------------------------------------------
+# $File: efi,v 1.5 2014/04/30 21:41:02 christos Exp $
+# efi:  file(1) magic for Universal EFI binaries
+
+0	lelong	0x0ef1fab9
+>4	lelong	1		Universal EFI binary with 1 architecture
+>>&0	lelong	7		\b, i386
+>>&0	lelong	0x01000007	\b, x86_64
+>4	lelong	2		Universal EFI binary with 2 architectures
+>>&0	lelong	7		\b, i386
+>>&0	lelong	0x01000007	\b, x86_64
+>>&20	lelong	7		\b, i386
+>>&20	lelong	0x01000007	\b, x86_64
+>4	lelong	>2		Universal EFI binary with %d architectures
diff --git a/magic/Magdir/elf b/magic/Magdir/elf
new file mode 100644
index 0000000..d3ec026
--- /dev/null
+++ b/magic/Magdir/elf
@@ -0,0 +1,379 @@
+
+#------------------------------------------------------------------------------
+# $File: elf,v 1.88 2023/01/08 17:09:18 christos Exp $
+# elf:  file(1) magic for ELF executables
+#
+# We have to check the byte order flag to see what byte order all the
+# other stuff in the header is in.
+#
+# What're the correct byte orders for the nCUBE and the Fujitsu VPP500?
+#
+# https://www.sco.com/developers/gabi/latest/ch4.eheader.html
+#
+# Created by: unknown
+# Modified by (1): Daniel Quinlan <quinlan@yggdrasil.com>
+# Modified by (2): Peter Tobias <tobias@server.et-inf.fho-emden.de> (core support)
+# Modified by (3): Christian 'Dr. Disk' Hechelmann <drdisk@ds9.au.s.shuttle.de> (fix of core support)
+# Modified by (4): <gerardo.cacciari@gmail.com> (VMS Itanium)
+# Modified by (5): Matthias Urlichs <smurf@debian.org> (Listing of many architectures)
+
+0	name		elf-mips
+>0	lelong&0xf0000000	0x00000000	MIPS-I
+>0	lelong&0xf0000000	0x10000000	MIPS-II
+>0	lelong&0xf0000000	0x20000000	MIPS-III
+>0	lelong&0xf0000000	0x30000000	MIPS-IV
+>0	lelong&0xf0000000	0x40000000	MIPS-V
+>0	lelong&0xf0000000	0x50000000	MIPS32
+>0	lelong&0xf0000000	0x60000000	MIPS64
+>0	lelong&0xf0000000	0x70000000	MIPS32 rel2
+>0	lelong&0xf0000000	0x80000000	MIPS64 rel2
+>0	lelong&0xf0000000	0x90000000	MIPS32 rel6
+>0	lelong&0xf0000000	0xa0000000	MIPS64 rel6
+
+0	name		elf-sparc
+>0	lelong&0x00ffff00	0x00000100	V8+ Required,
+>0	lelong&0x00ffff00	0x00000200	Sun UltraSPARC1 Extensions Required,
+>0	lelong&0x00ffff00	0x00000400	HaL R1 Extensions Required,
+>0	lelong&0x00ffff00	0x00000800	Sun UltraSPARC3 Extensions Required,
+>0	lelong&0x3		0		total store ordering,
+>0	lelong&0x3		1		partial store ordering,
+>0	lelong&0x3		2		relaxed memory ordering,
+
+0	name		elf-pa-risc
+>2	leshort		0x020b		1.0
+>2	leshort		0x0210		1.1
+>2	leshort		0x0214		2.0
+>0	leshort		&0x0008		(LP64)
+
+0	name		elf-riscv
+>0	lelong&0x00000001	0x00000001	RVC,
+>0	lelong&0x00000008	0x00000008	RVE,
+>0	lelong&0x00000006	0x00000000	soft-float ABI,
+>0	lelong&0x00000006	0x00000002	single-float ABI,
+>0	lelong&0x00000006	0x00000004	double-float ABI,
+>0	lelong&0x00000006	0x00000006	quad-float ABI,
+
+0	name		elf-le
+>16	leshort		0		no file type,
+!:mime	application/octet-stream
+>16	leshort		1		relocatable,
+!:mime	application/x-object
+>16	leshort		2		executable,
+!:mime	application/x-executable
+>16	leshort		3		${x?pie executable:shared object},
+
+!:mime	application/x-${x?pie-executable:sharedlib}
+>16	leshort		4		core file,
+!:mime	application/x-coredump
+# OS-specific
+>7	byte		202
+>>16	leshort		0xFE01		executable,
+!:mime	application/x-executable
+# Core file detection is not reliable.
+#>>>(0x38+0xcc) string	>\0		of '%s'
+#>>>(0x38+0x10) lelong	>0		(signal %d),
+>16	leshort		&0xff00
+>>18	leshort		!8		processor-specific,
+>>18	leshort		8
+>>>16	leshort		0xFF80		PlayStation 2 IOP module,
+!:mime	application/x-sharedlib
+>>>16	leshort		!0xFF80		processor-specific,
+>18	clear		x
+>18	leshort		0		no machine,
+>18	leshort		1		AT&T WE32100,
+>18	leshort		2		SPARC,
+>18	leshort		3		Intel 80386,
+>18	leshort		4		Motorola m68k,
+>>4	byte		1
+>>>36	lelong		&0x01000000	68000,
+>>>36	lelong		&0x00810000	CPU32,
+>>>36	lelong		0		68020,
+>18	leshort		5		Motorola m88k,
+>18	leshort		6		Intel 80486,
+>18	leshort		7		Intel 80860,
+# The official e_machine number for MIPS is now #8, regardless of endianness.
+# The second number (#10) will be deprecated later. For now, we still
+# say something if #10 is encountered, but only gory details for #8.
+>18	leshort		8		MIPS,
+>>4	byte		1
+>>>36	lelong		&0x20		N32
+>18	leshort		10		MIPS,
+>>4	byte		1
+>>>36	lelong		&0x20		N32
+>18	leshort		8
+# only for 32-bit
+>>4	byte		1
+>>>36	use		elf-mips
+# only for 64-bit
+>>4	byte		2
+>>>48	use		elf-mips
+>18	leshort		9		Amdahl,
+>18	leshort		10		MIPS (deprecated),
+>18	leshort		11		RS6000,
+>18	leshort		15		PA-RISC,
+# only for 32-bit
+>>4	byte		1
+>>>36	use		elf-pa-risc
+# only for 64-bit
+>>4	byte		2
+>>>48	use		elf-pa-risc
+>18	leshort		16		nCUBE,
+>18	leshort		17		Fujitsu VPP500,
+>18	leshort		18		SPARC32PLUS,
+# only for 32-bit
+>>4	byte		1
+>>>36	use		elf-sparc
+>18	leshort		19		Intel 80960,
+>18	leshort		20		PowerPC or cisco 4500,
+>18	leshort		21		64-bit PowerPC or cisco 7500,
+>>48	lelong		0		Unspecified or Power ELF V1 ABI,
+>>48	lelong		1		Power ELF V1 ABI,
+>>48	lelong		2		OpenPOWER ELF V2 ABI,
+>18	leshort		22		IBM S/390,
+>18	leshort		23		Cell SPU,
+>18	leshort		24		cisco SVIP,
+>18	leshort		25		cisco 7200,
+>18	leshort		36		NEC V800 or cisco 12000,
+>18	leshort		37		Fujitsu FR20,
+>18	leshort		38		TRW RH-32,
+>18	leshort		39		Motorola RCE,
+>18	leshort		40		ARM,
+>>4	byte		1
+>>>36	lelong&0xff000000	0x04000000	EABI4
+>>>36	lelong&0xff000000	0x05000000	EABI5
+>>>36	lelong		&0x00800000	BE8
+>>>36	lelong		&0x00400000	LE8
+>18	leshort		41		Alpha,
+>18	leshort		42		Renesas SH,
+>18	leshort		43		SPARC V9,
+>>4	byte		2
+>>>48	use		elf-sparc
+>18	leshort		44		Siemens Tricore Embedded Processor,
+>18	leshort		45		Argonaut RISC Core, Argonaut Technologies Inc.,
+>18	leshort		46		Renesas H8/300,
+>18	leshort		47		Renesas H8/300H,
+>18	leshort		48		Renesas H8S,
+>18	leshort		49		Renesas H8/500,
+>18	leshort		50		IA-64,
+>18	leshort		51		Stanford MIPS-X,
+>18	leshort		52		Motorola Coldfire,
+>18	leshort		53		Motorola M68HC12,
+>18	leshort		54		Fujitsu MMA,
+>18	leshort		55		Siemens PCP,
+>18	leshort		56		Sony nCPU,
+>18	leshort		57		Denso NDR1,
+>18	leshort		58		Start*Core,
+>18	leshort		59		Toyota ME16,
+>18	leshort		60		ST100,
+>18	leshort		61		Tinyj emb.,
+>18	leshort		62		x86-64,
+>18	leshort		63		Sony DSP,
+>18	leshort		64		DEC PDP-10,
+>18	leshort		65		DEC PDP-11,
+>18	leshort		66		FX66,
+>18	leshort		67		ST9+ 8/16 bit,
+>18	leshort		68		ST7 8 bit,
+>18	leshort		69		MC68HC16,
+>18	leshort		70		MC68HC11,
+>18	leshort		71		MC68HC08,
+>18	leshort		72		MC68HC05,
+>18	leshort		73		SGI SVx or Cray NV1,
+>18	leshort		74		ST19 8 bit,
+>18	leshort		75		Digital VAX,
+>18	leshort		76		Axis cris,
+>18	leshort		77		Infineon 32-bit embedded,
+>18	leshort		78		Element 14 64-bit DSP,
+>18	leshort		79		LSI Logic 16-bit DSP,
+>18	leshort		80		MMIX,
+>18	leshort		81		Harvard machine-independent,
+>18	leshort		82		SiTera Prism,
+>18	leshort		83		Atmel AVR 8-bit,
+>18	leshort		84		Fujitsu FR30,
+>18	leshort		85		Mitsubishi D10V,
+>18	leshort		86		Mitsubishi D30V,
+>18	leshort		87		NEC v850,
+>18	leshort		88		Renesas M32R,
+>18	leshort		89		Matsushita MN10300,
+>18	leshort		90		Matsushita MN10200,
+>18	leshort		91		picoJava,
+>18	leshort		92		OpenRISC,
+>18	leshort		93		Synopsys ARCompact ARC700 cores,
+>18	leshort		94		Tensilica Xtensa,
+>18	leshort		95		Alphamosaic VideoCore,
+>18	leshort		96		Thompson Multimedia,
+>18	leshort		97		NatSemi 32k,
+>18	leshort		98		Tenor Network TPC,
+>18	leshort		99		Trebia SNP 1000,
+>18	leshort		100		STMicroelectronics ST200,
+>18	leshort		101		Ubicom IP2022,
+>18	leshort		102		MAX Processor,
+>18	leshort		103		NatSemi CompactRISC,
+>18	leshort		104		Fujitsu F2MC16,
+>18	leshort		105		TI msp430,
+>18	leshort		106		Analog Devices Blackfin,
+>18	leshort		107		S1C33 Family of Seiko Epson,
+>18	leshort		108		Sharp embedded,
+>18	leshort		109		Arca RISC,
+>18	leshort		110		PKU-Unity Ltd.,
+>18	leshort		111		eXcess: 16/32/64-bit,
+>18	leshort		112		Icera Deep Execution Processor,
+>18	leshort		113		Altera Nios II,
+>18	leshort		114		NatSemi CRX,
+>18	leshort		115		Motorola XGATE,
+>18	leshort		116		Infineon C16x/XC16x,
+>18	leshort		117		Renesas M16C series,
+>18	leshort		118		Microchip dsPIC30F,
+>18	leshort		119		Freescale RISC core,
+>18	leshort		120		Renesas M32C series,
+>18	leshort		131		Altium TSK3000 core,
+>18	leshort		132		Freescale RS08,
+>18	leshort		134		Cyan Technology eCOG2,
+>18	leshort		135		Sunplus S+core7 RISC,
+>18	leshort		136		New Japan Radio (NJR) 24-bit DSP,
+>18	leshort		137		Broadcom VideoCore III,
+>18	leshort		138		LatticeMico32,
+>18	leshort		139		Seiko Epson C17 family,
+>18	leshort		140		TI TMS320C6000 DSP family,
+>18	leshort		141		TI TMS320C2000 DSP family,
+>18	leshort		142		TI TMS320C55x DSP family,
+>18	leshort		144		TI Programmable Realtime Unit
+>18	leshort		160		STMicroelectronics 64bit VLIW DSP,
+>18	leshort		161		Cypress M8C,
+>18	leshort		162		Renesas R32C series,
+>18	leshort		163		NXP TriMedia family,
+>18	leshort		164		QUALCOMM DSP6,
+>18	leshort		165		Intel 8051 and variants,
+>18	leshort		166		STMicroelectronics STxP7x family,
+>18	leshort		167		Andes embedded RISC,
+>18	leshort		168		Cyan eCOG1X family,
+>18	leshort		169		Dallas MAXQ30,
+>18	leshort		170		New Japan Radio (NJR) 16-bit DSP,
+>18	leshort		171		M2000 Reconfigurable RISC,
+>18	leshort		172		Cray NV2 vector architecture,
+>18	leshort		173		Renesas RX family,
+>18	leshort		174		META,
+>18	leshort		175		MCST Elbrus,
+>18	leshort		176		Cyan Technology eCOG16 family,
+>18	leshort		177		NatSemi CompactRISC,
+>18	leshort		178		Freescale Extended Time Processing Unit,
+>18	leshort		179		Infineon SLE9X,
+>18	leshort		180		Intel L1OM,
+>18	leshort		181		Intel K1OM,
+>18	leshort		183		ARM aarch64,
+>18	leshort		185		Atmel 32-bit family,
+>18	leshort		186		STMicroeletronics STM8 8-bit,
+>18	leshort		187		Tilera TILE64,
+>18	leshort		188		Tilera TILEPro,
+>18	leshort		189		Xilinx MicroBlaze 32-bit RISC,
+>18	leshort		190		NVIDIA CUDA architecture,
+>18	leshort		191		Tilera TILE-Gx,
+>18	leshort		195		Synopsys ARCv2/HS3x/HS4x cores,
+>18	leshort		197		Renesas RL78 family,
+>18	leshort		199		Renesas 78K0R,
+>18	leshort		200		Freescale 56800EX,
+>18	leshort		201		Beyond BA1,
+>18	leshort		202		Beyond BA2,
+>18	leshort		203		XMOS xCORE,
+>18	leshort		204		Microchip 8-bit PIC(r),
+>18	leshort		210		KM211 KM32,
+>18	leshort		211		KM211 KMX32,
+>18	leshort		212		KM211 KMX16,
+>18	leshort		213		KM211 KMX8,
+>18	leshort		214		KM211 KVARC,
+>18	leshort		215		Paneve CDP,
+>18	leshort		216		Cognitive Smart Memory,
+>18	leshort		217		iCelero CoolEngine,
+>18	leshort		218		Nanoradio Optimized RISC,
+>18	leshort		219		CSR Kalimba architecture family
+>18	leshort		220		Zilog Z80
+>18	leshort		221		Controls and Data Services VISIUMcore processor
+>18	leshort		222		FTDI Chip FT32 high performance 32-bit RISC architecture
+>18	leshort		223		Moxie processor family
+>18	leshort		224		AMD GPU architecture
+>18	leshort		243		UCB RISC-V,
+# only for 32-bit
+>>4	byte		1
+>>>36	use		elf-riscv
+# only for 64-bit
+>>4	byte		2
+>>>48	use		elf-riscv
+>18	leshort		244		Lanai 32-bit processor,
+>18	leshort		245		CEVA Processor Architecture Family,
+>18	leshort		246		CEVA X2 Processor Family,
+>18	leshort		247		eBPF,
+>18	leshort		248		Graphcore Intelligent Processing Unit,
+>18	leshort		249		Imagination Technologies,
+>18	leshort		250		Netronome Flow Processor,
+>18	leshort		251             NEC Vector Engine,
+>18	leshort		252		C-SKY processor family,
+>18	leshort		253		Synopsys ARCv3 64-bit ISA/HS6x cores,
+>18	leshort		254		MOS Technology MCS 6502 processor,
+>18	leshort		255		Synopsys ARCv3 32-bit,
+>18	leshort		256		Kalray VLIW core of the MPPA family,
+>18	leshort		257		WDC 65816/65C816,
+>18	leshort		258		LoongArch,
+>18	leshort		259		ChipON KungFu32,
+>18	leshort		0x1057		AVR (unofficial),
+>18	leshort		0x1059		MSP430 (unofficial),
+>18	leshort		0x1223		Adapteva Epiphany (unofficial),
+>18	leshort		0x2530		Morpho MT (unofficial),
+>18	leshort		0x3330		FR30 (unofficial),
+>18	leshort		0x3426		OpenRISC (obsolete),
+>18	leshort		0x4688		Infineon C166 (unofficial),
+>18	leshort		0x5441		Cygnus FRV (unofficial),
+>18	leshort		0x5aa5		DLX (unofficial),
+>18	leshort		0x7650		Cygnus D10V (unofficial),
+>18	leshort		0x7676		Cygnus D30V (unofficial),
+>18	leshort		0x8217		Ubicom IP2xxx (unofficial),
+>18	leshort		0x8472		OpenRISC (obsolete),
+>18	leshort		0x9025		Cygnus PowerPC (unofficial),
+>18	leshort		0x9026		Alpha (unofficial),
+>18	leshort		0x9041		Cygnus M32R (unofficial),
+>18	leshort		0x9080		Cygnus V850 (unofficial),
+>18	leshort		0xa390		IBM S/390 (obsolete),
+>18	leshort		0xabc7		Old Xtensa (unofficial),
+>18	leshort		0xad45		xstormy16 (unofficial),
+>18	leshort		0xbaab		Old MicroBlaze (unofficial),,
+>18	leshort		0xbeef		Cygnus MN10300 (unofficial),
+>18	leshort		0xdead		Cygnus MN10200 (unofficial),
+>18	leshort		0xf00d		Toshiba MeP (unofficial),
+>18	leshort		0xfeb0		Renesas M32C (unofficial),
+>18	leshort		0xfeba		Vitesse IQ2000 (unofficial),
+>18	leshort		0xfebb		NIOS (unofficial),
+>18	leshort		0xfeed		Moxie (unofficial),
+>18	default		x
+>>18	leshort		x		*unknown arch %#x*
+>20	lelong		0		invalid version
+>20	lelong		1		version 1
+
+0	string		\177ELF		ELF
+!:strength *2
+>4	byte		0		invalid class
+>4	byte		1		32-bit
+>4	byte		2		64-bit
+>5	byte		0		invalid byte order
+>5	byte		1		LSB
+>>0	use		elf-le
+>5	byte		2		MSB
+>>0	use		\^elf-le
+>7	byte		0		(SYSV)
+>7	byte		1		(HP-UX)
+>7	byte		2		(NetBSD)
+>7	byte		3		(GNU/Linux)
+>7	byte		4		(GNU/Hurd)
+>7	byte		5		(86Open)
+>7	byte		6		(Solaris)
+>7	byte		7		(Monterey)
+>7	byte		8		(IRIX)
+>7	byte		9		(FreeBSD)
+>7	byte		10		(Tru64)
+>7	byte		11		(Novell Modesto)
+>7	byte		12		(OpenBSD)
+>7	byte		13		(OpenVMS)
+>7	byte		14		(HP NonStop Kernel)
+>7	byte		15		(AROS Research Operating System)
+>7	byte		16		(FenixOS)
+>7	byte		17		(Nuxi CloudABI)
+>7	byte		97		(ARM)
+>7	byte		202		(Cafe OS)
+>7	byte		255		(embedded)
diff --git a/magic/Magdir/encore b/magic/Magdir/encore
new file mode 100644
index 0000000..287b388
--- /dev/null
+++ b/magic/Magdir/encore
@@ -0,0 +1,22 @@
+
+#------------------------------------------------------------------------------
+# $File: encore,v 1.7 2014/04/30 21:41:02 christos Exp $
+# encore:  file(1) magic for Encore machines
+#
+# XXX - needs to have the byte order specified (NS32K was little-endian,
+# dunno whether they run the 88K in little-endian mode or not).
+#
+0	short		0x154		Encore
+>20	short		0x107		executable
+>20	short		0x108		pure executable
+>20	short		0x10b		demand-paged executable
+>20	short		0x10f		unsupported executable
+>12	long		>0		not stripped
+>22	short		>0		- version %d
+>22	short		0		-
+#>4	date		x		stamp %s
+0	short		0x155		Encore unsupported executable
+>12	long		>0		not stripped
+>22	short		>0		- version %d
+>22	short		0		-
+#>4	date		x		stamp %s
diff --git a/magic/Magdir/epoc b/magic/Magdir/epoc
new file mode 100644
index 0000000..6f4ab5f
--- /dev/null
+++ b/magic/Magdir/epoc
@@ -0,0 +1,62 @@
+
+#------------------------------------------------------------------------------
+# $File: epoc,v 1.9 2013/12/21 14:28:15 christos Exp $
+# EPOC : file(1) magic for EPOC documents [Psion Series 5/Osaris/Geofox 1]
+# Stefan Praszalowicz <hpicollo@worldnet.fr> and Peter Breitenlohner <peb@mppmu.mpg.de>
+# Useful information for improving this file can be found at:
+# http://software.frodo.looijaard.name/psiconv/formats/Index.html
+#------------------------------------------------------------------------------
+0	lelong		0x10000037	Psion Series 5
+>4	lelong		0x10000039	font file
+>4	lelong		0x1000003A	printer driver
+>4	lelong		0x1000003B	clipboard
+>4	lelong		0x10000042	multi-bitmap image
+!:mime image/x-epoc-mbm
+>4	lelong		0x1000006A	application information file
+>4	lelong		0x1000006D
+>>8	lelong		0x1000007D	Sketch image
+!:mime image/x-epoc-sketch
+>>8	lelong		0x1000007E	voice note
+>>8	lelong		0x1000007F	Word file
+!:mime application/x-epoc-word
+>>8	lelong		0x10000085	OPL program (TextEd)
+!:mime application/x-epoc-opl
+>>8	lelong		0x10000087	Comms settings
+>>8	lelong		0x10000088	Sheet file
+!:mime application/x-epoc-sheet
+>>8	lelong		0x100001C4	EasyFax initialisation file
+>4	lelong		0x10000073	OPO module
+!:mime application/x-epoc-opo
+>4	lelong		0x10000074	OPL application
+!:mime application/x-epoc-app
+>4	lelong		0x1000008A	exported multi-bitmap image
+>4	lelong		0x1000016D
+>>8	lelong		0x10000087	Comms names
+
+0	lelong		0x10000041	Psion Series 5 ROM multi-bitmap image
+
+0	lelong		0x10000050	Psion Series 5
+>4	lelong		0x1000006D	database
+>>8	lelong		0x10000084	Agenda file
+!:mime application/x-epoc-agenda
+>>8	lelong		0x10000086	Data file
+!:mime application/x-epoc-data
+>>8	lelong		0x10000CEA	Jotter file
+!:mime application/x-epoc-jotter
+>4	lelong		0x100000E4	ini file
+
+0	lelong		0x10000079	Psion Series 5 binary:
+>4	lelong		0x00000000	DLL
+>4	lelong		0x10000049	comms hardware library
+>4	lelong		0x1000004A	comms protocol library
+>4	lelong		0x1000005D	OPX
+>4	lelong		0x1000006C	application
+>4	lelong		0x1000008D	DLL
+>4	lelong		0x100000AC	logical device driver
+>4	lelong		0x100000AD	physical device driver
+>4	lelong		0x100000E5	file transfer protocol
+>4	lelong		0x100000E5	file transfer protocol
+>4	lelong		0x10000140	printer definition
+>4	lelong		0x10000141	printer definition
+
+0	lelong		0x1000007A	Psion Series 5 executable
diff --git a/magic/Magdir/erlang b/magic/Magdir/erlang
new file mode 100644
index 0000000..df7aa2a
--- /dev/null
+++ b/magic/Magdir/erlang
@@ -0,0 +1,21 @@
+
+#------------------------------------------------------------------------------
+# $File: erlang,v 1.7 2019/04/19 00:42:27 christos Exp $
+# erlang:  file(1) magic for Erlang JAM and BEAM files
+# URL:  https://www.erlang.org/faq/x779.html#AEN812
+
+# OTP R3-R4
+0	string	\0177BEAM!	Old Erlang BEAM file
+>6	short	>0		- version %d
+
+# OTP R5 and onwards
+0	string	FOR1
+>8	string	BEAM		Erlang BEAM file
+
+# 4.2 version may have a copyright notice!
+4	string	Tue\ Jan\ 22\ 14:32:44\ MET\ 1991	Erlang JAM file - version 4.2
+79	string	Tue\ Jan\ 22\ 14:32:44\ MET\ 1991	Erlang JAM file - version 4.2
+
+4	string	1.0\ Fri\ Feb\ 3\ 09:55:56\ MET\ 1995	Erlang JAM file - version 4.3
+
+0	bequad	0x0000000000ABCDEF	Erlang DETS file
diff --git a/magic/Magdir/espressif b/magic/Magdir/espressif
new file mode 100644
index 0000000..a97c093
--- /dev/null
+++ b/magic/Magdir/espressif
@@ -0,0 +1,57 @@
+
+# $File: espressif,v 1.3 2021/04/26 15:56:00 christos Exp $
+# configuration dump of Tasmota firmware for ESP8266 based devices by Espressif
+# URL: https://github.com/arendst/Sonoff-Tasmota/
+# Reference: https://codeload.github.com/arendst/Sonoff-Tasmota/zip/release-6.2/
+# Sonoff-Tasmota-release-6.2.zip/Sonoff-Tasmota-release-6.2/sonoff/settings.h 
+# From: Joerg Jenderek
+#
+# cfg_holder=4617=0x1209
+0		uleshort	4617
+# remaining settings normally 0x5A+offset XORed; free_1D5[20] empty since 5.12.0e
+>0x1D5		ubequad		0x2f30313233343536	configuration of Tasmota firmware (ESP8266)
+!:mime	application/x-tasmota-dmp
+!:ext	dmp
+# version like 6.2.1.0 ~ 0x06020100 XORed to 0x63666262
+>>11		ubyte^0x65	x			\b, version %u
+>>10		ubyte^0x64	x			\b.%u
+>>9		ubyte^0x63	x			\b.%u
+>>8		ubyte^0x62	x			\b.%u
+#>8		ubelong		x			(%#x)
+# hostname[33] XORed
+>>0x165		ubyte^0x1BF	x			\b, hostname %c
+>>0x166		ubyte^0x1C0	>037			\b%c
+>>0x167		ubyte^0x1C1	>037			\b%c
+>>0x168		ubyte^0x1C2	>037			\b%c
+>>0x169		ubyte^0x1C3	>037			\b%c
+>>0x16A		ubyte^0x1C4	>037			\b%c
+>>0x16B		ubyte^0x1C5	>037			\b%c
+>>0x16C		ubyte^0x1C6	>037			\b%c
+>>0x16D		ubyte^0x1C7	>037			\b%c
+>>0x16E		ubyte^0x1C8	>037			\b%c
+>>0x16F		ubyte^0x1C9	>037			\b%c
+>>0x170		ubyte^0x1CA	>037			\b%c
+>>0x171		ubyte^0x1CB	>037			\b%c
+>>0x172		ubyte^0x1CC 	>037			\b%c
+>>0x173		ubyte^0x1CD	>037			\b%c
+>>0x174		ubyte^0x1CE	>037			\b%c
+>>0x175		ubyte^0x1CF	>037			\b%c
+>>0x176		ubyte^0x1D0	>037			\b%c
+>>0x177		ubyte^0x1D1	>037			\b%c
+>>0x178		ubyte^0x1D2	>037			\b%c
+>>0x179		ubyte^0x1D3	>037			\b%c
+>>0x17A		ubyte^0x1D4	>037			\b%c
+>>0x17B		ubyte^0x1D5	>037			\b%c
+>>0x17C		ubyte^0x1D6	>037			\b%c
+>>0x17D		ubyte^0x1D7	>037			\b%c
+>>0x17E		ubyte^0x1D8	>037			\b%c
+>>0x17F		ubyte^0x1D9	>037			\b%c
+>>0x180		ubyte^0x1DA	>037			\b%c
+>>0x181		ubyte^0x1DB	>037			\b%c
+>>0x182		ubyte^0x1DC	>037			\b%c
+>>0x183		ubyte^0x1DD	>037			\b%c
+>>0x184		ubyte^0x1DE	>037			\b%c
+>>0x185		ubyte^0x1DF	>037			\b%c
+#>>0x165		string		x			(%.33s)
+
+
diff --git a/magic/Magdir/esri b/magic/Magdir/esri
new file mode 100644
index 0000000..e49a7ce
--- /dev/null
+++ b/magic/Magdir/esri
@@ -0,0 +1,28 @@
+
+#------------------------------------------------------------------------------
+# $File: esri,v 1.5 2019/04/19 00:42:27 christos Exp $
+# ESRI Shapefile format (.shp .shx .dbf=DBaseIII)
+# Based on info from
+# <URL:https://www.esri.com/library/whitepapers/pdfs/shapefile.pdf>
+0	belong	9994	ESRI Shapefile
+>4	belong	=0
+>8	belong	=0
+>12	belong	=0
+>16	belong	=0
+>20	belong	=0
+>28	lelong	x	version %d
+>24	belong	x	length %d
+>32	lelong	=0	type Null Shape
+>32	lelong	=1	type Point
+>32	lelong	=3	type PolyLine
+>32	lelong	=5	type Polygon
+>32	lelong	=8	type MultiPoint
+>32	lelong	=11	type PointZ
+>32	lelong	=13	type PolyLineZ
+>32	lelong	=15	type PolygonZ
+>32	lelong	=18	type MultiPointZ
+>32	lelong	=21	type PointM
+>32	lelong	=23	type PolyLineM
+>32	lelong	=25	type PolygonM
+>32	lelong	=28	type MultiPointM
+>32	lelong	=31	type MultiPatch
diff --git a/magic/Magdir/fcs b/magic/Magdir/fcs
new file mode 100644
index 0000000..613437f
--- /dev/null
+++ b/magic/Magdir/fcs
@@ -0,0 +1,9 @@
+
+#------------------------------------------------------------------------------
+# $File: fcs,v 1.4 2009/09/19 16:28:09 christos Exp $
+# fcs: file(1) magic for FCS (Flow Cytometry Standard) data files
+# From Roger Leigh <roger@whinlatter.uklinux.net>
+0       string          FCS1.0          Flow Cytometry Standard (FCS) data, version 1.0
+0       string          FCS2.0          Flow Cytometry Standard (FCS) data, version 2.0
+0       string          FCS3.0          Flow Cytometry Standard (FCS) data, version 3.0
+
diff --git a/magic/Magdir/filesystems b/magic/Magdir/filesystems
new file mode 100644
index 0000000..cd72130
--- /dev/null
+++ b/magic/Magdir/filesystems
@@ -0,0 +1,2694 @@
+#------------------------------------------------------------------------------
+# $File: filesystems,v 1.158 2023/05/21 17:19:08 christos Exp $
+# filesystems:  file(1) magic for different filesystems
+#
+0	name	partid
+>0	ubyte	0x00	Unused
+>0	ubyte	0x01	12-bit FAT
+>0	ubyte	0x02	XENIX /
+>0	ubyte	0x03	XENIX /usr
+>0	ubyte	0x04	16-bit FAT, less than 32M
+>0	ubyte	0x05	extended partition
+>0	ubyte	0x06	16-bit FAT, more than 32M
+>0	ubyte	0x07	OS/2 HPFS, NTFS, QNX2, Adv. UNIX
+>0	ubyte	0x08	AIX or os, or etc.
+>0	ubyte	0x09	AIX boot partition or Coherent
+>0	ubyte	0x0a	O/2 boot manager or Coherent swap
+>0	ubyte	0x0b	32-bit FAT
+>0	ubyte	0x0c	32-bit FAT, LBA-mapped
+>0	ubyte	0x0d	7XXX, LBA-mapped
+>0	ubyte	0x0e	16-bit FAT, LBA-mapped
+>0	ubyte	0x0f	extended partition, LBA-mapped
+>0	ubyte	0x10	OPUS
+>0	ubyte	0x11 	OS/2 DOS 12-bit FAT
+>0	ubyte	0x12 	Compaq diagnostics
+>0	ubyte	0x14 	OS/2 DOS 16-bit FAT <32M
+>0	ubyte	0x16 	OS/2 DOS 16-bit FAT >=32M
+>0	ubyte	0x17 	OS/2 hidden IFS
+>0	ubyte	0x18 	AST Windows swapfile
+>0	ubyte	0x19 	Willowtech Photon coS
+>0	ubyte	0x1b 	hidden win95 fat 32
+>0	ubyte	0x1c 	hidden win95 fat 32 lba
+>0	ubyte	0x1d	hidden win95 fat 16 lba
+>0	ubyte	0x20 	Willowsoft OFS1
+>0	ubyte	0x21 	reserved
+>0	ubyte	0x23 	reserved
+>0	ubyte	0x24	NEC DOS
+>0	ubyte	0x26 	reserved
+>0	ubyte	0x31 	reserved
+>0	ubyte	0x32	Alien Internet Services NOS
+>0	ubyte	0x33 	reserved
+>0	ubyte	0x34 	reserved
+>0	ubyte	0x35 	JFS on OS2
+>0	ubyte	0x36 	reserved
+>0	ubyte	0x38 	Theos
+>0	ubyte	0x39 	Plan 9, or Theos spanned
+>0	ubyte	0x3a 	Theos ver 4 4gb partition
+>0	ubyte	0x3b 	Theos ve 4 extended partition
+>0	ubyte	0x3c 	PartitionMagic recovery
+>0	ubyte	0x3d 	Hidden Netware
+>0	ubyte	0x40 	VENIX 286 or LynxOS
+>0	ubyte	0x41	PReP
+>0	ubyte	0x42	linux swap sharing DRDOS disk
+>0	ubyte	0x43	linux sharing DRDOS disk
+>0	ubyte	0x44	GoBack change utility
+>0	ubyte	0x45	Boot US Boot manager
+>0	ubyte	0x46	EUMEL/Elan or Ergos 3
+>0	ubyte	0x47	EUMEL/Elan or Ergos 3
+>0	ubyte	0x48	EUMEL/Elan or Ergos 3
+>0	ubyte	0x4a	ALFX/THIN filesystem for DOS
+>0	ubyte	0x4c	Oberon partition
+>0	ubyte	0x4d 	QNX4.x
+>0	ubyte	0x4e 	QNX4.x 2nd part
+>0	ubyte	0x4f 	QNX4.x 3rd part
+>0	ubyte	0x50 	DM (disk manager)
+>0	ubyte	0x51 	DM6 Aux1 (or Novell)
+>0	ubyte	0x52 	CP/M or Microport SysV/AT
+>0	ubyte	0x53 	DM6 Aux3
+>0	ubyte	0x54	DM6 DDO
+>0	ubyte	0x55	EZ-Drive (disk manager)
+>0	ubyte	0x56	Golden Bow (disk manager)
+>0	ubyte	0x57	Drive PRO
+>0	ubyte	0x5c	Priam Edisk (disk manager)
+>0	ubyte	0x61	SpeedStor
+>0	ubyte	0x63	GNU HURD or Mach or Sys V/386
+>0	ubyte	0x64	Novell Netware 2.xx or Speedstore
+>0	ubyte	0x65	Novell Netware 3.xx
+>0	ubyte	0x66	Novell 386 Netware
+>0	ubyte	0x67	Novell
+>0	ubyte	0x68	Novell
+>0	ubyte	0x69	Novell
+>0	ubyte	0x70	DiskSecure Multi-Boot
+>0	ubyte	0x71	reserved
+>0	ubyte	0x73	reserved
+>0	ubyte	0x74	reserved
+>0	ubyte	0x75	PC/IX
+>0	ubyte	0x76	reserved
+>0	ubyte	0x77	M2FS/M2CS partition
+>0	ubyte	0x78	XOSL boot loader filesystem
+>0	ubyte	0x80	MINIX until 1.4a
+>0	ubyte	0x81	MINIX since 1.4b
+>0	ubyte	0x82	Linux swap or Solaris
+>0	ubyte	0x83	Linux native
+>0	ubyte	0x84	OS/2 hidden C: drive
+>0	ubyte	0x85	Linux extended partition
+>0	ubyte	0x86	NT FAT volume set
+>0	ubyte	0x87	NTFS volume set or HPFS mirrored
+>0	ubyte	0x8a	Linux Kernel AiR-BOOT partition
+>0	ubyte	0x8b	Legacy Fault tolerant FAT32
+>0	ubyte	0x8c	Legacy Fault tolerant FAT32 ext
+>0	ubyte	0x8d	Hidden free FDISK FAT12
+>0	ubyte	0x8e	Linux Logical Volume Manager
+>0	ubyte	0x90	Hidden free FDISK FAT16
+>0	ubyte	0x91	Hidden free FDISK DOS EXT
+>0	ubyte	0x92	Hidden free FDISK FAT16 Big
+>0	ubyte	0x93	Amoeba filesystem
+>0	ubyte	0x94	Amoeba bad block table
+>0	ubyte	0x95	MIT EXOPC native partitions
+>0	ubyte	0x97	Hidden free FDISK FAT32
+>0	ubyte	0x98	Datalight ROM-DOS Super-Boot
+>0	ubyte	0x99	Mylex EISA SCSI
+>0	ubyte	0x9a	Hidden free FDISK FAT16 LBA
+>0	ubyte	0x9b	Hidden free FDISK EXT LBA
+>0	ubyte	0x9f	BSDI?
+>0	ubyte	0xa0	IBM Thinkpad hibernation
+>0	ubyte	0xa1	HP Volume expansion (SpeedStor)
+>0	ubyte	0xa3	HP Volume expansion (SpeedStor)
+>0	ubyte	0xa4	HP Volume expansion (SpeedStor)
+>0	ubyte	0xa5	386BSD partition type
+>0	ubyte	0xa6	OpenBSD partition type
+>0	ubyte	0xa7	NeXTSTEP 486
+>0	ubyte	0xa8	Apple UFS
+>0	ubyte	0xa9	NetBSD partition type
+>0	ubyte	0xaa	Olivetty Fat12 1.44MB Service part
+>0	ubyte	0xab	Apple Boot
+>0	ubyte	0xae	SHAG OS filesystem
+>0	ubyte	0xaf	Apple HFS
+>0	ubyte	0xb0	BootStar Dummy
+>0	ubyte	0xb1	reserved
+>0	ubyte	0xb3	reserved
+>0	ubyte	0xb4	reserved
+>0	ubyte	0xb6	reserved
+>0	ubyte	0xb7	BSDI BSD/386 filesystem
+>0	ubyte	0xb8	BSDI BSD/386 swap
+>0	ubyte	0xbb	Boot Wizard Hidden
+>0	ubyte	0xbe	Solaris 8 partition type
+>0	ubyte	0xbf	Solaris partition type
+>0	ubyte	0xc0 	CTOS
+>0	ubyte	0xc1 	DRDOS/sec (FAT-12)
+>0	ubyte	0xc2 	Hidden Linux
+>0	ubyte	0xc3 	Hidden Linux swap
+>0	ubyte	0xc4 	DRDOS/sec (FAT-16, < 32M)
+>0	ubyte	0xc5 	DRDOS/sec (EXT)
+>0	ubyte	0xc6 	DRDOS/sec (FAT-16, >= 32M)
+>0	ubyte	0xc7 	Syrinx (Cyrnix?) or HPFS disabled
+>0	ubyte	0xc8 	Reserved for DR-DOS 8.0+
+>0	ubyte	0xc9 	Reserved for DR-DOS 8.0+
+>0	ubyte	0xca 	Reserved for DR-DOS 8.0+
+>0	ubyte	0xcb 	DR-DOS 7.04+ Secured FAT32 CHS
+>0	ubyte	0xcc 	DR-DOS 7.04+ Secured FAT32 LBA
+>0	ubyte	0xcd	CTOS Memdump
+>0	ubyte	0xce 	DR-DOS 7.04+ FAT16X LBA
+>0	ubyte	0xcf 	DR-DOS 7.04+ EXT LBA
+>0	ubyte	0xd0 	REAL/32 secure big partition
+>0	ubyte	0xd1 	Old Multiuser DOS FAT12
+>0	ubyte	0xd4 	Old Multiuser DOS FAT16 Small
+>0	ubyte	0xd5 	Old Multiuser DOS Extended
+>0	ubyte	0xd6 	Old Multiuser DOS FAT16 Big
+>0	ubyte	0xd8 	CP/M 86
+>0	ubyte	0xdb 	CP/M or Concurrent CP/M
+>0	ubyte	0xdd 	Hidden CTOS Memdump
+>0	ubyte	0xde 	Dell PowerEdge Server utilities
+>0	ubyte	0xdf 	DG/UX virtual disk manager
+>0	ubyte	0xe0 	STMicroelectronics ST AVFS
+>0	ubyte	0xe1 	DOS access or SpeedStor 12-bit
+>0	ubyte	0xe3 	DOS R/O or Storage Dimensions
+>0	ubyte	0xe4 	SpeedStor 16-bit FAT < 1024 cyl.
+>0	ubyte	0xe5	reserved
+>0	ubyte	0xe6	reserved
+>0	ubyte	0xeb 	BeOS
+>0	ubyte	0xee	GPT Protective MBR
+>0	ubyte	0xef	EFI system partition
+>0	ubyte	0xf0 	Linux PA-RISC boot loader
+>0	ubyte	0xf1 	SpeedStor or Storage Dimensions
+>0	ubyte	0xf2 	DOS 3.3+ Secondary
+>0	ubyte	0xf3	reserved
+>0	ubyte	0xf4	SpeedStor large partition
+>0	ubyte	0xf5	Prologue multi-volumen partition
+>0	ubyte	0xf6 	reserved
+>0	ubyte	0xf9 	pCache: ext2/ext3 persistent cache
+>0	ubyte	0xfa 	Bochs x86 emulator
+>0	ubyte	0xfb 	VMware File System
+>0	ubyte	0xfc 	VMware Swap
+>0	ubyte	0xfd 	Linux RAID partition persistent sb
+>0	ubyte	0xfe	LANstep or IBM PS/2 IML
+>0	ubyte	0xff 	Xenix Bad Block Table
+
+0	string	\366\366\366\366	PC formatted floppy with no filesystem
+# Sun disk labels
+# From /usr/include/sun/dklabel.h:
+0774	beshort		0xdabe
+# modified by Joerg Jenderek, because original test
+# succeeds for Cabinet archive dao360.dl_ with negative blocks
+>0770	long		>0		Sun disk label
+>>0	string		x		'%s
+>>>31	string		>\0		\b%s
+>>>>63	string		>\0		\b%s
+>>>>>95	string		>\0		\b%s
+>>0	string		x		\b'
+>>0734	short		>0		%d rpm,
+>>0736	short		>0		%d phys cys,
+>>0740	short		>0		%d alts/cyl,
+>>0746	short		>0		%d interleave,
+>>0750	short		>0		%d data cyls,
+>>0752	short		>0		%d alt cyls,
+>>0754	short		>0		%d heads/partition,
+>>0756	short		>0		%d sectors/track,
+>>0764	long		>0		start cyl %d,
+>>0770	long		x		%d blocks
+# Is there a boot block written 1 sector in?
+>512    belong&077777777	0600407	\b, boot block present
+
+# Joerg Jenderek: Smart Boot Manager backup file is 25 (MSDOS) or 41 (LINUX) byte header + first sectors of disk
+# (http://btmgr.sourceforge.net/docs/user-guide-3.html)
+0		string	SBMBAKUP_	Smart Boot Manager backup file
+>9		string	x		\b, version %-5.5s
+>>14		string	=_
+>>>15		string	x		%-.1s
+>>>>16		string	=_		\b.
+>>>>>17		string	x		\b%-.1s
+>>>>>>18	string	=_		\b.
+>>>>>>>19	string	x		\b%-.1s
+>>>22		ubyte	0
+>>>>21		ubyte	x		\b, from drive %#x
+>>>22		ubyte	>0
+>>>>21		string	x		\b, from drive %s
+>>>535		search/17	\x55\xAA
+>>>>&-512	indirect	x	\b; contains
+
+# updated by Joerg Jenderek at Nov 2012
+# DOS Emulator image is 128 byte, null right padded header + harddisc image
+0	string	DOSEMU\0
+>0x27E	leshort	0xAA55
+#offset is 128
+>>19	ubyte	128
+>>>(19.b-1)	ubyte	0x0	DOS Emulator image
+>>>>7	ulelong	>0		\b, %u heads
+>>>>11	ulelong	>0		\b, %d sectors/track
+>>>>15	ulelong	>0		\b, %d cylinders
+>>>>128	indirect	x	\b; contains
+
+# added by Joerg Jenderek at Nov 2012
+# http://www.thenakedpc.com/articles/v04/08/0408-05.html
+# Symantec (Peter Norton) Image.dat file consists of variable header, bootrecord, part of FAT and root directory data
+0	string	PNCIHISK\0		Norton Utilities disc image data
+# real x86 boot sector with jump instruction
+>509	search/1026	\x55\xAA\xeb
+>>&-1	indirect	x		\b; contains
+# http://file-extension.net/seeker/file_extension_dat
+0	string	PNCIUNDO		Norton Disk Doctor UnDo file
+#
+
+# DOS/MBR boot sector updated by Joerg Jenderek at Sep 2007,May 2011,2013
+# for any allowed sector sizes
+30		search/481	\x55\xAA
+# to display DOS/MBR boot sector (40) before old one (strength=50+21),Syslinux bootloader (71),SYSLINUX MBR (37+36),NetBSD mbr (110),AdvanceMAME mbr (111)
+# DOS BPB information (70) and after DOS floppy (120) like in previous file version
+!:strength +65
+# for sector sizes < 512 Bytes
+>11		uleshort	<512
+>>(11.s-2)	uleshort	0xAA55		DOS/MBR boot sector
+# for sector sizes with 512 or more Bytes
+>0x1FE		leshort		0xAA55		DOS/MBR boot sector
+
+# ExFAT
+3		string/w	=EXFAT
+>0x1FE		leshort		0xAA55
+>>0x6E		ubyte		1
+>>>0x6F		ubyte		0x80
+>>>0		ubyte		0xEB	DOS/MBR boot sector,
+>>>0x69		ubyte		x	ExFAT Filesystem version %d.
+>>>0x68		ubyte		x	\b%d
+>>>0x6d		ubyte		x	\b, (1<<%d) sectors per cluster
+>>>0x48		ulequad		x	\b, sectors %lld
+>>>0x64		ulelong		x	\b, serial number %#x
+
+# keep old DOS/MBR boot sector as dummy for mbr and bootloader displaying
+# only for sector sizes with 512 or more Bytes
+0x1FE          leshort         0xAA55         	DOS/MBR boot sector
+#
+# to display information (50) before DOS BPB (strength=70) and after DOS floppy (120) like in old file version
+!:strength +65
+>2		string		OSBS		OS/BS MBR
+# added by Joerg Jenderek at Feb 2013 according to https://thestarman.pcministry.com/asm/mbr/
+# and https://en.wikipedia.org/wiki/Master_Boot_Record
+# test for nearly all MS-DOS Master Boot Record initial program loader (IPL) is now done by
+# characteristic assembler instructions: xor ax,ax;mov ss,ax;mov sp,7c00
+>0	search/2	\x33\xc0\x8e\xd0\xbc\x00\x7c	MS-MBR
+# Microsoft Windows 95A and early ( https://thestarman.pcministry.com/asm/mbr/STDMBR.htm )
+# assembler instructions: mov si,sp;push ax;pop es;push ax;pop ds;sti;cld
+>>8	ubequad		0x8bf45007501ffbfc
+# https://thestarman.pcministry.com/asm/mbr/200MBR.htm
+>>>0x16	ubyte		0xF3				\b,DOS 2
+>>>>219	regex		Author\ -\ 			Author:
+# found "David Litton" , "A Pehrsson  "
+>>>>>&0	string		x				"%s"
+>>>0x16	ubyte		0xF2
+# NEC MS-DOS 3.30 Rev. 3 . See https://thestarman.pcministry.com/asm/mbr/DOS33MBR.htm
+# assembler instructions: mov di,077c;cmp word ptrl[di],a55a;jnz
+>>>>0x22	ubequad	0xbf7c07813d5aa575		\b,NEC 3.3
+# version MS-DOS 3.30 til MS-Windows 95A (WinVer=4.00.1111)
+>>>>0x22	default	x				\b,D0S version 3.3-7.0
+# error messages are printed by assembler instructions: mov si,06nn;...;int 10 (0xBEnn06;...)
+# where nn is string offset varying for different languages
+# "Invalid partition table"				nn=0x8b for english version
+>>>>>(0x49.b)	string		Invalid\ partition\ table		english
+>>>>>(0x49.b)	string		Ung\201ltige\ Partitionstabelle		german
+>>>>>(0x49.b)	string		Table\ de\ partition\ invalide		french
+>>>>>(0x49.b)	string		Tabela\ de\ parti\207ao\ inv\240lida	portuguese
+>>>>>(0x49.b)	string		Tabla\ de\ partici\242n\ no\ v\240lida	spanish
+>>>>>(0x49.b)	string		Tavola\ delle\ partizioni\ non\ valida	italian
+>>>>>0x49	ubyte		>0			at offset %#x
+>>>>>>(0x49.b)	string		>\0			"%s"
+# "Error loading operating system"			nn=0xa3 for english version
+# "Fehler beim Laden des Betriebssystems"		nn=0xa7 for german version
+# "Erreur en chargeant syst\212me d'exploitation"	nn=0xa7 for french version
+# "Erro na inicializa\207ao do sistema operacional"	nn=0xa7 for portuguese Brazilian version
+# "Error al cargar sistema operativo"			nn=0xa8 for spanish version
+# "Errore durante il caricamento del sistema operativo"	nn=0xae for italian version
+>>>>>0x74	ubyte		>0			at offset %#x
+>>>>>>(0x74.b)	string		>\0			"%s"
+# "Missing operating system"				nn=0xc2 for english version
+# "Betriebssystem fehlt"				nn=0xcd for german version
+# "Syst\212me d'exploitation absent"			nn=0xd2 for french version
+# "Sistema operacional nao encontrado"			nn=0xd4 for portuguese Brazilian version
+# "Falta sistema operativo"				nn=0xca for spanish version
+# "Sistema operativo mancante"				nn=0xe2 for italian version
+>>>>>0x79	ubyte		>0			at offset %#x
+>>>>>>(0x79.b)	string		>\0			"%s"
+# Microsoft Windows 95B to XP (https://thestarman.pcministry.com/asm/mbr/95BMEMBR.htm)
+# assembler instructions: push ax;pop es;push  ax;pop ds;cld;mov si,7c1b
+>>8	ubequad		0x5007501ffcbe1b7c
+# assembler instructions: rep;movsb;retf;mov si,07be;mov cl,04
+>>>24		ubequad	0xf3a4cbbebe07b104		9M
+# "Invalid partition table"				nn=0x10F for english version
+# "Ung\201ltige Partitionstabelle"				nn=0x10F for german version
+# "Table de partition erron\202e"				nn=0x10F for french version
+# "\216\257\245\340\240\346\250\256\255\255\240\357 \341\250\341\342\245\254\240 \255\245 \255\240\251\244\245\255\240"	nn=0x10F for russian version
+>>>>(0x3C.b+0x0FF)	string	Invalid\ partition\ table		english
+>>>>(0x3C.b+0x0FF)	string	Ung\201ltige\ Partitionstabelle		german
+>>>>(0x3C.b+0x0FF)	string	Table\ de\ partition\ erron\202e	french
+>>>>(0x3C.b+0x0FF)	string	\215\245\257\340\240\242\250\253\354\255\240\357\ \342\240\241\253\250\346\240	russian
+>>>>0x3C		ubyte	x			at offset %#x+0xFF
+>>>>(0x3C.b+0x0FF)	string	>\0			"%s"
+# "Error loading operating system"			nn=0x127 for english version
+# "Fehler beim Laden des Betriebssystems"		nn=0x12b for german version
+# "Erreur lors du chargement du syst\212me d'exploitation"	nn=0x12a for french version
+# "\216\350\250\241\252\240 \257\340\250 \247\240\243\340\343\247\252\245 \256\257\245\340\240\346\250\256\255\255\256\251 \341\250\341\342\245\254\353"	nn=0x12d for russian version
+>>>>0xBD		ubyte	x			at offset 0x1%x
+>>>>(0xBD.b+0x100)	string	>\0			"%s"
+# "Missing operating system"				nn=0x146 for english version
+# "Betriebssystem fehlt"				nn=0x151 for german version
+# "Syst\212me d'exploitation manquant"			nn=0x15e for french version
+# "\216\257\245\340\240\346\250\256\255\255\240\357 \341\250\341\342\245\254\240 \255\245 \255\240\251\244\245\255\240"	nn=0x156 for russian version
+>>>>0xA9		ubyte	x			at offset 0x1%x
+>>>>(0xA9.b+0x100)	string	>\0			"%s"
+# https://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm
+# assembler instructions: rep;movsb;retf;mov BP,07be;mov cl,04
+>>>24		ubequad	0xf3a4cbbdbe07b104		XP
+# where xxyyzz are lower bits from offsets of error messages varying for different languages
+>>>>0x1B4	ubelong&0x00FFFFFF	0x002c4463	english
+>>>>0x1B4	ubelong&0x00FFFFFF	0x002c486e	german
+# "Invalid partition table"				xx=0x12C for english version
+# "Ung\201ltige Partitionstabelle"				xx=0x12C for german version
+>>>>0x1b5	ubyte		>0			at offset 0x1%x
+>>>>(0x1b5.b+0x100)	string	>\0			"%s"
+# "Error loading operating system"			yy=0x144 for english version
+# "Fehler beim Laden des Betriebssystems"		yy=0x148 for german version
+>>>>0x1b6	ubyte		>0			at offset 0x1%x
+>>>>(0x1b6.b+0x100)	string	>\0			"%s"
+# "Missing operating system"				zz=0x163 for english version
+# "Betriebssystem nicht vorhanden"			zz=0x16e for german version
+>>>>0x1b7	ubyte		>0			at offset 0x1%x
+>>>>(0x1b7.b+0x100)	string	>\0			"%s"
+# Microsoft Windows Vista or 7
+# assembler instructions: ..;mov ds,ax;mov si,7c00;mov di,..00
+>>8	ubequad		0xc08ed8be007cbf00
+# Microsoft Windows Vista (https://thestarman.pcministry.com/asm/mbr/VistaMBR.htm)
+# assembler instructions: jnz 0729;cmp ebx,"TCPA"
+>>>0xEC		ubequad	0x753b6681fb544350		Vista
+# where xxyyzz are lower bits from offsets of error messages varying for different languages
+>>>>0x1B4	ubelong&0x00FFFFFF	0x00627a99	english
+#>>>>0x1B4	ubelong&0x00FFFFFF	?		german
+# "Invalid partition table"				xx=0x162 for english version
+# "Ung\201ltige Partitionstabelle"				xx=0x1?? for german version
+>>>>0x1b5	ubyte		>0			at offset 0x1%x
+>>>>(0x1b5.b+0x100)	string	>\0			"%s"
+# "Error loading operating system"			yy=0x17a for english version
+# "Fehler beim Laden des Betriebssystems"		yy= 0x1?? for german version
+>>>>0x1b6	ubyte		>0			at offset 0x1%x
+>>>>(0x1b6.b+0x100)	string	>\0			"%s"
+# "Missing operating system"				zz=0x199 for english version
+# "Betriebssystem nicht vorhanden"			zz=0x1?? for german version
+>>>>0x1b7	ubyte		>0			at offset 0x1%x
+>>>>(0x1b7.b+0x100)	string	>\0			"%s"
+# Microsoft Windows 7 (https://thestarman.pcministry.com/asm/mbr/W7MBR.htm)
+# assembler instructions: cmp ebx,"TCPA";cmp
+>>>0xEC		ubequad	0x6681fb5443504175		Windows 7
+# where xxyyzz are lower bits from offsets of error messages varying for different languages
+>>>>0x1B4	ubelong&0x00FFFFFF	0x00637b9a	english
+#>>>>0x1B4	ubelong&0x00FFFFFF	?		german
+# "Invalid partition table"				xx=0x163 for english version
+# "Ung\201ltige Partitionstabelle"				xx=0x1?? for german version
+>>>>0x1b5	ubyte		>0			at offset 0x1%x
+>>>>(0x1b5.b+0x100)	string	>\0			"%s"
+# "Error loading operating system"			yy=0x17b for english version
+# "Fehler beim Laden des Betriebssystems"		yy=0x1?? for german version
+>>>>0x1b6	ubyte		>0			at offset 0x1%x
+>>>>(0x1b6.b+0x100)	string	>\0			"%s"
+# "Missing operating system"				zz=0x19a for english version
+# "Betriebssystem nicht vorhanden"			zz=0x1?? for german version
+>>>>0x1b7	ubyte		>0			at offset 0x1%x
+>>>>(0x1b7.b+0x100)	string	>\0			"%s"
+# https://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DiskSigs
+# https://en.wikipedia.org/wiki/MBR_disk_signature#ID
+>>0x1b8	ulelong		>0				\b, disk signature %#-.4x
+# driveID/timestamp for Win 95B,98,98SE and ME. See https://thestarman.pcministry.com/asm/mbr/mystery.htm
+>>0xDA	uleshort		0
+>>>0xDC 	ulelong		>0			\b, created
+# physical drive number (0x80-0xFF) when the Windows wrote that byte to the drive
+>>>>0xDC	ubyte		x			with driveID %#x
+# hours, minutes and seconds
+>>>>0xDf	ubyte		x			at %x
+>>>>0xDe	ubyte		x			\b:%x
+>>>>0xDd	ubyte		x			\b:%x
+# special case for Microsoft MS-DOS 3.21 spanish
+# assembler instructions: cli;mov $0x30,%ax;mov %ax,%ss;mov
+>0	ubequad		0xfab830008ed0bc00
+# assembler instructions: $0x1f00,%sp;mov $0x80cb,%di;add %cl,(%bx,%si);in (%dx),%ax;mov
+>>8	ubequad		0x1fbfcb800008ed8		MS-MBR,D0S version 3.21 spanish
+# Microsoft MBR IPL end
+
+# dr-dos with some upper-, lowercase variants
+>0x9D	string	Invalid\ partition\ table$
+>>181	string	No\ Operating\ System$
+>>>201	string	Operating\ System\ load\ error$	\b, DR-DOS MBR, Version 7.01 to 7.03
+>0x9D	string	Invalid\ partition\ table$
+>>181	string	No\ operating\ system$
+>>>201	string	Operating\ system\ load\ error$	\b, DR-DOS MBR, Version 7.01 to 7.03
+>342	string	Invalid\ partition\ table$
+>>366	string	No\ operating\ system$
+>>>386	string	Operating\ system\ load\ error$	\b, DR-DOS MBR, version 7.01 to 7.03
+>295	string	NEWLDR\0
+>>302	string	Bad\ PT\ $
+>>>310	string	No\ OS\ $
+>>>>317	string	OS\ load\ err$
+>>>>>329	string	Moved\ or\ missing\ IBMBIO.LDR\n\r
+>>>>>>358	string	Press\ any\ key\ to\ continue.\n\r$
+>>>>>>>387	string	Copyright\ (c)\ 1984,1998
+>>>>>>>>411	string	Caldera\ Inc.\0		\b, DR-DOS MBR (IBMBIO.LDR)
+#
+# tests for different MS-DOS Master Boot Records (MBR) moved and merged
+#
+#>0x145	string	Default:\ F				\b, FREE-DOS MBR
+#>0x14B	string	Default:\ F				\b, FREE-DOS 1.0 MBR
+>0x145	search/7	Default:\ F			\b, FREE-DOS MBR
+#>>313		string	F0\ .\ .\ .
+#>>>322		string	disk\ 1
+#>>>>382	string	FAT3
+>64	string	no\ active\ partition\ found
+>>96	string	read\ error\ while\ reading\ drive	\b, FREE-DOS Beta 0.9 MBR
+# Ranish Partition Manager http://www.ranish.com/part/
+>387	search/4	\0\ Error!\r
+>>378	search/7	Virus!
+>>>397	search/4	Booting\040
+>>>>408	search/4	HD1/\0	 			\b, Ranish MBR (
+>>>>>416	string	Writing\ changes...		\b2.37
+>>>>>>438	ubyte		x			\b,%#x dots
+>>>>>>440	ubyte		>0			\b,virus check
+>>>>>>441	ubyte		>0			\b,partition %c
+#2.38,2.42,2.44
+>>>>>416	string	!Writing\ changes...		\b
+>>>>>>418	ubyte	1				\bvirus check,
+>>>>>>419	ubyte	x				\b%#x seconds
+>>>>>>420	ubyte&0x0F	>0			\b,partition
+>>>>>>>420	ubyte&0x0F	<5			\b %x
+>>>>>>>420	ubyte&0x0F	0Xf			\b ask
+>>>>>420	ubyte		x			\b)
+#
+# SYSLINUX MBR moved
+# https://www.acronis.de/
+>362	string	MBR\ Error\ \0\r
+>>376	string	ress\ any\ key\ to\040
+>>>392	string	boot\ from\ floppy...\0			\b, Acronis MBR
+# added by Joerg Jenderek
+# https://www.visopsys.org/
+# https://partitionlogic.org.uk/
+>309	string	No\ bootable\ partition\ found\r
+>>339	string	I/O\ Error\ reading\ boot\ sector\r	\b, Visopsys MBR
+>349	string	No\ bootable\ partition\ found\r
+>>379	string	I/O\ Error\ reading\ boot\ sector\r	\b, simple Visopsys MBR
+# bootloader, bootmanager
+>0x40	string	SBML
+# label with 11 characters of FAT 12 bit filesystem
+>>43	string	SMART\ BTMGR
+>>>430	string	SBMK\ Bad!\r			\b, Smart Boot Manager
+# OEM-ID not always "SBM"
+#>>>>3	strings	SBM
+>>>>6	string	>\0                             \b, version %s
+>382	string	XOSLLOADXCF			\b, eXtended Operating System Loader
+>6	string	LILO				\b, LInux i386 boot LOader
+>>120	string	LILO				\b, version 22.3.4 SuSe
+>>172	string	LILO				\b, version 22.5.8 Debian
+# updated by Joerg Jenderek at Oct 2008
+# variables according to grub-0.97/stage1/stage1.S or
+# https://www.gnu.org/software/grub/manual/grub.html#Embedded-data
+# usual values are marked with comments to get only information of strange GRUB loaders
+>342		search/60	\0Geom\0
+#>0		ulelong		x		%x=0x009048EB ,	0x2a9048EB  0
+>>0x41		ubyte		<2
+>>>0x3E		ubyte		>2		\b; GRand Unified Bootloader
+# 0x3 for 0.5.95,0.93,0.94,0.96 0x4 for 1.90
+>>>>0x3E	ubyte		x		\b, stage1 version %#x
+#If it is 0xFF, use a drive passed by BIOS
+>>>>0x40	ubyte		<0xFF		\b, boot drive %#x
+# in most case 0,1,0x2e for GRUB 0.5.95
+>>>>0x41	ubyte		>0		\b, LBA flag %#x
+>>>>0x42	uleshort	<0x8000		\b, stage2 address %#x
+#>>>>0x42	uleshort	=0x8000		\b, stage2 address %#x (usual)
+>>>>0x42	uleshort	>0x8000		\b, stage2 address %#x
+#>>>>0x44	ulelong		=1		\b, 1st sector stage2 %#x (default)
+>>>>0x44	ulelong		>1		\b, 1st sector stage2 %#x
+>>>>0x48	uleshort	<0x800		\b, stage2 segment %#x
+#>>>>0x48	uleshort	=0x800		\b, stage2 segment %#x (usual)
+>>>>0x48	uleshort	>0x800		\b, stage2 segment %#x
+>>>>402		string	Geom\0Hard\ Disk\0Read\0\ Error\0
+>>>>>394	string	stage1			\b, GRUB version 0.5.95
+>>>>382		string	Geom\0Hard\ Disk\0Read\0\ Error\0
+>>>>>376	string	GRUB\ \0		\b, GRUB version 0.93 or 1.94
+>>>>383		string	Geom\0Hard\ Disk\0Read\0\ Error\0
+>>>>>377	string	GRUB\ \0		\b, GRUB version 0.94
+>>>>385		string	Geom\0Hard\ Disk\0Read\0\ Error\0
+>>>>>379	string	GRUB\ \0		\b, GRUB version 0.95 or 0.96
+>>>>391		string	Geom\0Hard\ Disk\0Read\0\ Error\0
+>>>>>385	string	GRUB\ \0		\b, GRUB version 0.97
+# unknown version
+>>>343		string	Geom\0Read\0\ Error\0
+>>>>321		string	Loading\ stage1.5	\b, GRUB version x.y
+>>>380		string	Geom\0Hard\ Disk\0Read\0\ Error\0
+>>>>374		string	GRUB\ \0		\b, GRUB version n.m
+# SYSLINUX bootloader moved
+>395	string	chksum\0\ ERROR!\0		\b, Gujin bootloader
+# http://www.bcdwb.de/bcdw/index_e.htm
+>3	string	BCDL
+>>498	string	BCDL\ \ \ \ BIN			\b, Bootable CD Loader (1.50Z)
+# mbr partition table entries updated by Joerg Jenderek at Sep 2013
+# skip Norton Utilities disc image data
+>3		string		!IHISK
+# skip Linux style boot sector starting with assembler instructions mov 0x7c0,ax;
+>>0		belong		!0xb8c0078e
+# not Linux kernel
+>>>514		string		!HdrS
+# not BeOS
+>>>>422		string		!Be\ Boot\ Loader
+# jump over BPB instruction implies DOS bootsector or AdvanceMAME mbr
+>>>>>0		ubelong&0xFD000000	=0xE9000000
+# AdvanceMAME mbr
+>>>>>>(1.b+2)	ubequad		0xfa31c08ed88ec08e
+>>>>>>>446	use		partition-table
+# mbr, Norton Utilities disc image data, or 2nd,etc. sector of x86 bootloader
+>>>>>0		ubelong&0xFD000000	!0xE9000000
+# skip FSInfosector
+>>>>>>0		string		!RRaA
+# skip 3rd sector of MS x86 bootloader with assembler instructions cli;MOVZX EAX,BYTE PTR [BP+10];MOV ECX,
+# https://thestarman.pcministry.com/asm/mbr/MSWIN41.htm
+>>>>>>>0	ubequad		!0xfa660fb64610668b
+# skip 13rd sector of MS x86 bootloader
+>>>>>>>>0	ubequad		!0x660fb64610668b4e
+# skip sector starting with DOS new line
+>>>>>>>>>0	string		!\r\n
+# allowed active flag 0,80h-FFh
+>>>>>>>>>>446	ubyte		0
+>>>>>>>>>>>446	use		partition-table
+>>>>>>>>>>446	ubyte		>0x7F
+>>>>>>>>>>>446	use		partition-table
+# TODO: test for extended bootrecord (ebr) moved and merged with mbr partition table entries
+# mbr partition table entries end
+# https://www.acronis.de/
+#FAT label=ACRONIS\ SZ
+#OEM-ID=BOOTWIZ0
+>442	string	Non-system\ disk,\040
+>>459	string	press\ any\ key...\x7\0		\b, Acronis Startup Recovery Loader
+# updated by Joerg Jenderek at Nov 2012, Sep 2013
+# DOS names like F11.SYS or BOOTWIZ.SYS are 8 right space padded bytes+3 bytes
+# display 1 space
+>>>447	ubyte	x		\b
+>>>477	use	DOS-filename
+#
+>185	string	FDBOOT\ Version\040
+>>204	string	\rNo\ Systemdisk.\040
+>>>220	string	Booting\ from\ harddisk.\n\r
+>>>245	string	Cannot\ load\ from\ harddisk.\n\r
+>>>>273 string	Insert\ Systemdisk\040
+>>>>>291 string and\ press\ any\ key.\n\r		\b, FDBOOT harddisk Bootloader
+>>>>>>200 string	>\0                             \b, version %-3s
+>242	string	Bootsector\ from\ C.H.\ Hochst\204
+# http://freecode.com/projects/dosfstools	dosfstools-n.m/src/mkdosfs.c
+# updated by Joerg Jenderek at Nov 2012. Use search directive with offset instead of string
+# skip name "C.H. Hochstaetter" partly because it is sometimes written without umlaut
+>242	search/127	Bootsector\ from\ C.H.\ Hochst
+>>278	search/127	No\ Systemdisk.\ Booting\ from\ harddisk
+# followed by variants with point,CR-NL or NL-CR
+>>>208	search/261	Cannot\ load\ from\ harddisk.
+# followed by variants CR-NL or NL-CR
+>>>>236	search/235	Insert\ Systemdisk\ and\ press\ any\ key.
+# followed by variants with point,CR-NL or NL-CR
+>>>>>180	search/96	Disk\ formatted\ with\ WinImage\ 	\b, WinImage harddisk Bootloader
+# followed by string like "6.50 (c) 1993-2004 Gilles Vollant"
+>>>>>>&0	string		x 					\b, version %-4.4s
+>(1.b+2)	ubyte		0xe
+>>(1.b+3)	ubyte		0x1f
+>>>(1.b+4)	ubyte		0xbe
+# message offset found at (1.b+5) is 0x77 for FAT32 or 0x5b for others
+>>>>(1.b+5)	ubyte&0xd3	0x53
+>>>>>(1.b+6)	ubyte		0x7c
+# assembler instructions: lodsb;and al,al;jz 0xb;push si;mov ah,
+>>>>>>(1.b+7)	ubyte		0xac
+>>>>>>>(1.b+8)	ubyte		0x22
+>>>>>>>>(1.b+9)	ubyte		0xc0
+>>>>>>>>>(1.b+10)	ubyte	0x74
+>>>>>>>>>>(1.b+11)	ubyte	0x0b
+>>>>>>>>>>>(1.b+12)	ubyte	0x56
+>>>>>>>>>>>>(1.b+13)	ubyte	0xb4			\b, mkdosfs boot message display
+# FAT1X version
+>>>>>>>>>>>>>(1.b+5)	ubyte	0x5b
+>>>>>>>>>>>>>>0x5b	string	>\0			"%-s"
+# FAT32 version
+>>>>>>>>>>>>>(1.b+5)	ubyte	0x77
+>>>>>>>>>>>>>>0x77	string	>\0			"%-s"
+>214	string	Please\ try\ to\ install\ FreeDOS\ 	\b, DOS Emulator boot message display
+#>>244	string	from\ dosemu-freedos-*-bin.tgz\r
+#>>>170	string	Sorry,\ could\ not\ load\ an\040
+#>>>>195	string	operating\ system.\r\n
+#
+>103	string	This\ is\ not\ a\ bootable\ disk.\040
+>>132	string	Please\ insert\ a\ bootable\040
+>>>157	string	floppy\ and\r\n
+>>>>169	string	press\ any\ key\ to\ try\ again...\r	\b, FREE-DOS message display
+#
+>66	string	Solaris\ Boot\ Sector
+>>99	string	Incomplete\ MDBoot\ load.
+>>>89	string	Version 				\b, Sun Solaris Bootloader
+>>>>97	byte	x					version %c
+#
+>408	string	OS/2\ !!\ SYS01475\r\0
+>>429	string	OS/2\ !!\ SYS02025\r\0
+>>>450	string	OS/2\ !!\ SYS02027\r\0
+>>>469	string	OS2BOOT\ \ \ \ 				\b, IBM OS/2 Warp bootloader
+#
+>409	string	OS/2\ !!\ SYS01475\r\0
+>>430	string	OS/2\ !!\ SYS02025\r\0
+>>>451	string	OS/2\ !!\ SYS02027\r\0
+>>>470	string	OS2BOOT\ \ \ \ 				\b, IBM OS/2 Warp Bootloader
+>112		string	This\ disk\ is\ not\ bootable\r
+>>142		string	If\ you\ wish\ to\ make\ it\ bootable
+>>>176		string	run\ the\ DOS\ program\ SYS\040
+>>>200		string	after\ the\r
+>>>>216		string	system\ has\ been\ loaded\r\n
+>>>>>242	string	Please\ insert\ a\ DOS\ diskette\040
+>>>>>271	string	into\r\n\ the\ drive\ and\040
+>>>>>>292	string	strike\ any\ key...\0		\b, IBM OS/2 Warp message display
+# XP
+>430	string	NTLDR\ is\ missing\xFF\r\n
+>>449	string	Disk\ error\xFF\r\n
+>>>462	string	Press\ any\ key\ to\ restart\r		\b, Microsoft Windows XP Bootloader
+# DOS names like NTLDR,CMLDR,$LDR$ are 8 right space padded bytes+3 bytes
+>>>>417		ubyte&0xDF	>0
+>>>>>417	string		x			%-.5s
+>>>>>>422	ubyte&0xDF	>0
+>>>>>>>422	string		x 			\b%-.3s
+>>>>>425	ubyte&0xDF	>0
+>>>>>>425	string		>\ 			\b.%-.3s
+#
+>>>>371		ubyte		>0x20
+>>>>>368	ubyte&0xDF	>0
+>>>>>>368	string		x 			%-.5s
+>>>>>>>373	ubyte&0xDF	>0
+>>>>>>>>373	string		x 			\b%-.3s
+>>>>>>376	ubyte&0xDF	>0
+>>>>>>>376	string		x 			\b.%-.3s
+#
+>430	string	NTLDR\ nicht\ gefunden\xFF\r\n
+>>453	string	Datentr\204gerfehler\xFF\r\n
+>>>473	string	Neustart\ mit\ beliebiger\ Taste\r	\b, Microsoft Windows XP Bootloader (german)
+>>>>417		ubyte&0xDF	>0
+>>>>>417	string		x			%-.5s
+>>>>>>422	ubyte&0xDF	>0
+>>>>>>>422	string		x 			\b%-.3s
+>>>>>425	ubyte&0xDF	>0
+>>>>>>425	string		>\ 			\b.%-.3s
+# offset variant
+>>>>379	string	\0
+>>>>>368	ubyte&0xDF	>0
+>>>>>>368	string		x 			%-.5s
+>>>>>>>373	ubyte&0xDF	>0
+>>>>>>>>373	string		x 			\b%-.3s
+#
+>430	string	NTLDR\ fehlt\xFF\r\n
+>>444	string	Datentr\204gerfehler\xFF\r\n
+>>>464	string	Neustart\ mit\ beliebiger\ Taste\r	\b, Microsoft Windows XP Bootloader (2.german)
+>>>>417		ubyte&0xDF	>0
+>>>>>417	string		x			%-.5s
+>>>>>>422	ubyte&0xDF	>0
+>>>>>>>422	string		x 			\b%-.3s
+>>>>>425	ubyte&0xDF	>0
+>>>>>>425	string		>\ 			\b.%-.3s
+# variant
+>>>>371		ubyte		>0x20
+>>>>>368	ubyte&0xDF	>0
+>>>>>>368	string		x 			%-.5s
+>>>>>>>373	ubyte&0xDF	>0
+>>>>>>>>373	string		x 			\b%-.3s
+>>>>>>376	ubyte&0xDF	>0
+>>>>>>>376	string		x 			\b.%-.3s
+#
+>430	string	NTLDR\ fehlt\xFF\r\n
+>>444	string	Medienfehler\xFF\r\n
+>>>459	string	Neustart:\ Taste\ dr\201cken\r		\b, Microsoft Windows XP Bootloader (3.german)
+>>>>371		ubyte		>0x20
+>>>>>368	ubyte&0xDF	>0
+>>>>>>368	string		x 			%-.5s
+>>>>>>>373	ubyte&0xDF	>0
+>>>>>>>>373	string		x 			\b%-.3s
+>>>>>>376	ubyte&0xDF	>0
+>>>>>>>376	string		x 			\b.%-.3s
+# variant
+>>>>417		ubyte&0xDF	>0
+>>>>>417	string		x			%-.5s
+>>>>>>422	ubyte&0xDF	>0
+>>>>>>>422	string		x 			\b%-.3s
+>>>>>425	ubyte&0xDF	>0
+>>>>>>425	string		>\ 			\b.%-.3s
+#
+>430	string	Datentr\204ger\ entfernen\xFF\r\n
+>>454	string	Medienfehler\xFF\r\n
+>>>469	string	Neustart:\ Taste\ dr\201cken\r		\b, Microsoft Windows XP Bootloader (4.german)
+>>>>379		string		\0
+>>>>>368	ubyte&0xDF	>0
+>>>>>>368	string		x 			%-.5s
+>>>>>>>373	ubyte&0xDF	>0
+>>>>>>>>373	string		x 			\b%-.3s
+>>>>>>376	ubyte&0xDF	>0
+>>>>>>>376	string		x 			\b.%-.3s
+# variant
+>>>>417		ubyte&0xDF	>0
+>>>>>417	string		x			%-.5s
+>>>>>>422	ubyte&0xDF	>0
+>>>>>>>422	string		x 			\b%-.3s
+>>>>>425	ubyte&0xDF	>0
+>>>>>>425	string		>\ 			\b.%-.3s
+#
+
+#>3	string	NTFS\ \ \ \040
+>389	string	Fehler\ beim\ Lesen\040
+>>407	string	des\ Datentr\204gers
+>>>426	string	NTLDR\ fehlt
+>>>>440	string	NTLDR\ ist\ komprimiert
+>>>>>464 string	Neustart\ mit\ Strg+Alt+Entf\r		\b, Microsoft Windows XP Bootloader NTFS (german)
+#>3	string	NTFS\ \ \ \040
+>313	string	A\ disk\ read\ error\ occurred.\r
+>>345	string	A\ kernel\ file\ is\ missing\040
+>>>370	string	from\ the\ disk.\r
+>>>>484	string	NTLDR\ is\ compressed
+>>>>>429 string	Insert\ a\ system\ diskette\040
+>>>>>>454 string and\ restart\r\nthe\ system.\r		\b, Microsoft Windows XP Bootloader NTFS
+# DOS loader variants different languages,offsets
+>472	ubyte&0xDF	>0
+>>389	string	Invalid\ system\ disk\xFF\r\n
+>>>411	string	Disk\ I/O\ error
+>>>>428	string	Replace\ the\ disk,\ and\040
+>>>>>455 string	press\ any\ key				\b, Microsoft Windows 98 Bootloader
+#IO.SYS
+>>>>>>472	ubyte&0xDF	>0
+>>>>>>>472	string		x 			\b %-.2s
+>>>>>>>>474	ubyte&0xDF	>0
+>>>>>>>>>474	string		x 			\b%-.5s
+>>>>>>>>>>479	ubyte&0xDF	>0
+>>>>>>>>>>>479 string		x 			\b%-.1s
+>>>>>>>480	ubyte&0xDF	>0
+>>>>>>>>480	string		x 			\b.%-.3s
+#MSDOS.SYS
+>>>>>>>483	ubyte&0xDF	>0			\b+
+>>>>>>>>483	string		x 			\b%-.5s
+>>>>>>>>>488	ubyte&0xDF	>0
+>>>>>>>>>>488	string		x 			\b%-.3s
+>>>>>>>>491	ubyte&0xDF	>0
+>>>>>>>>>491	string		x 			\b.%-.3s
+#
+>>390	string	Invalid\ system\ disk\xFF\r\n
+>>>412	string	Disk\ I/O\ error\xFF\r\n
+>>>>429	string	Replace\ the\ disk,\ and\040
+>>>>>451 string	then\ press\ any\ key\r			\b, Microsoft Windows 98 Bootloader
+>>388	string	Ungueltiges\ System\ \xFF\r\n
+>>>410	string	E/A-Fehler\ \ \ \ \xFF\r\n
+>>>>427	string	Datentraeger\ wechseln\ und\040
+>>>>>453 string	Taste\ druecken\r			\b, Microsoft Windows 95/98/ME Bootloader (german)
+#WINBOOT.SYS only not spaces (0xDF)
+>>>>>>497	ubyte&0xDF	>0
+>>>>>>>497	string		x 			%-.5s
+>>>>>>>>502	ubyte&0xDF	>0
+>>>>>>>>>502	string		x 			\b%-.1s
+>>>>>>>>>>503	ubyte&0xDF	>0
+>>>>>>>>>>>503	string		x 			\b%-.1s
+>>>>>>>>>>>>504	ubyte&0xDF	>0
+>>>>>>>>>>>>>504 string		x 			\b%-.1s
+>>>>>>505	ubyte&0xDF	>0
+>>>>>>>505	string		x 			\b.%-.3s
+#IO.SYS
+>>>>>>472	ubyte&0xDF	>0			or
+>>>>>>>472	string		x 			\b %-.2s
+>>>>>>>>474	ubyte&0xDF	>0
+>>>>>>>>>474	string		x 			\b%-.5s
+>>>>>>>>>>479	ubyte&0xDF	>0
+>>>>>>>>>>>479 string		x 			\b%-.1s
+>>>>>>>480	ubyte&0xDF	>0
+>>>>>>>>480	string		x 			\b.%-.3s
+#MSDOS.SYS
+>>>>>>>483	ubyte&0xDF	>0			\b+
+>>>>>>>>483	string		x 			\b%-.5s
+>>>>>>>>>488	ubyte&0xDF	>0
+>>>>>>>>>>488	string		x 			\b%-.3s
+>>>>>>>>491	ubyte&0xDF	>0
+>>>>>>>>>491	string		x 			\b.%-.3s
+#
+>>390	string	Ungueltiges\ System\ \xFF\r\n
+>>>412	string	E/A-Fehler\ \ \ \ \xFF\r\n
+>>>>429	string	Datentraeger\ wechseln\ und\040
+>>>>>455 string	Taste\ druecken\r			\b, Microsoft Windows 95/98/ME Bootloader (German)
+#WINBOOT.SYS only not spaces (0xDF)
+>>>>>>497	ubyte&0xDF	>0
+>>>>>>>497	string		x 			%-.7s
+>>>>>>>>504	ubyte&0xDF	>0
+>>>>>>>>>504	string		x 			\b%-.1s
+>>>>>>505	ubyte&0xDF	>0
+>>>>>>>505	string		x 			\b.%-.3s
+#IO.SYS
+>>>>>>472	ubyte&0xDF	>0			or
+>>>>>>>472	string		x 			\b %-.2s
+>>>>>>>>474	ubyte&0xDF	>0
+>>>>>>>>>474	string		x 			\b%-.6s
+>>>>>>>480	ubyte&0xDF	>0
+>>>>>>>>480	string		x 			\b.%-.3s
+#MSDOS.SYS
+>>>>>>>483	ubyte&0xDF	>0			\b+
+>>>>>>>>483	string		x 			\b%-.5s
+>>>>>>>>>488	ubyte&0xDF	>0
+>>>>>>>>>>488	string		x 			\b%-.3s
+>>>>>>>>491	ubyte&0xDF	>0
+>>>>>>>>>491	string		x 			\b.%-.3s
+#
+>>389	string	Ungueltiges\ System\ \xFF\r\n
+>>>411	string	E/A-Fehler\ \ \ \ \xFF\r\n
+>>>>428	string	Datentraeger\ wechseln\ und\040
+>>>>>454 string	Taste\ druecken\r			\b, Microsoft Windows 95/98/ME Bootloader (GERMAN)
+# DOS names like IO.SYS,WINBOOT.SYS,MSDOS.SYS,WINBOOT.INI are 8 right space padded bytes+3 bytes
+>>>>>>472	string		x 			%-.2s
+>>>>>>>474	ubyte&0xDF	>0
+>>>>>>>>474	string		x 			\b%-.5s
+>>>>>>>>479	ubyte&0xDF	>0
+>>>>>>>>>479	string		x 			\b%-.1s
+>>>>>>480	ubyte&0xDF	>0
+>>>>>>>480	string		x 			\b.%-.3s
+>>>>>>483	ubyte&0xDF	>0			\b+
+>>>>>>>483	string		x 			\b%-.5s
+>>>>>>>488	ubyte&0xDF	>0
+>>>>>>>>488	string		x 			\b%-.2s
+>>>>>>>>490	ubyte&0xDF	>0
+>>>>>>>>>490	string		x 			\b%-.1s
+>>>>>>>491	ubyte&0xDF	>0
+>>>>>>>>491	string		x 			\b.%-.3s
+>479	ubyte&0xDF	>0
+>>416	string	Kein\ System\ oder\040
+>>>433	string	Laufwerksfehler
+>>>>450	string	Wechseln\ und\ Taste\ dr\201cken	\b, Microsoft DOS Bootloader (german)
+#IO.SYS
+>>>>>479	string		x 			\b %-.2s
+>>>>>>481	ubyte&0xDF	>0
+>>>>>>>481	string		x 			\b%-.6s
+>>>>>487	ubyte&0xDF	>0
+>>>>>>487	string		x 			\b.%-.3s
+#MSDOS.SYS
+>>>>>>490	ubyte&0xDF	>0			\b+
+>>>>>>>490	string		x 			\b%-.5s
+>>>>>>>>495	ubyte&0xDF	>0
+>>>>>>>>>495	string		x 			\b%-.3s
+>>>>>>>498	ubyte&0xDF	>0
+>>>>>>>>498	string		x 			\b.%-.3s
+#
+>376	search/41	Non-System\ disk\ or\040
+>>395	search/41	disk\ error\r
+>>>407	search/41	Replace\ and\040
+>>>>419	search/41	press\ 				\b,
+>>>>419	search/41	strike\ 			\b, old
+>>>>426	search/41	any\ key\ when\ ready\r		MS or PC-DOS bootloader
+#449			Disk\ Boot\ failure\r		MS 3.21
+#466			Boot\ Failure\r			MS 3.30
+>>>>>468 search/18	\0
+#IO.SYS,IBMBIO.COM
+>>>>>>&0	string		x 			\b %-.2s
+>>>>>>>&-20	ubyte&0xDF	>0
+>>>>>>>>&-1	string		x 			\b%-.4s
+>>>>>>>>>&-16	ubyte&0xDF	>0
+>>>>>>>>>>&-1	string		x 			\b%-.2s
+>>>>>>&8	ubyte&0xDF	>0			\b.
+>>>>>>>&-1	string		x 			\b%-.3s
+#MSDOS.SYS,IBMDOS.COM
+>>>>>>&11	ubyte&0xDF	>0			\b+
+>>>>>>>&-1	string		x 			\b%-.5s
+>>>>>>>>&-6	ubyte&0xDF	>0
+>>>>>>>>>&-1	string		x 			\b%-.1s
+>>>>>>>>>>&-5	ubyte&0xDF	>0
+>>>>>>>>>>>&-1	string		x 			\b%-.2s
+>>>>>>>&7	ubyte&0xDF	>0			\b.
+>>>>>>>>&-1	string		x 			\b%-.3s
+>441	string	Cannot\ load\ from\ harddisk.\n\r
+>>469	string	Insert\ Systemdisk\040
+>>>487	string	and\ press\ any\ key.\n\r		\b, MS (2.11) DOS bootloader
+#>43	string	\224R-LOADER\ \ SYS			=label
+>54	string	SYS
+>>324	string	VASKK
+>>>495	string	NEWLDR\0				\b, DR-DOS Bootloader (LOADER.SYS)
+#
+>98	string	Press\ a\ key\ to\ retry\0\r
+>>120	string	Cannot\ find\ file\ \0\r
+>>>139	string	Disk\ read\ error\0\r
+>>>>156	string	Loading\ ...\0				\b, DR-DOS (3.41) Bootloader
+#DRBIOS.SYS
+>>>>>44		ubyte&0xDF	>0
+>>>>>>44	string		x			\b %-.6s
+>>>>>>>50	ubyte&0xDF	>0
+>>>>>>>>50	string		x 			\b%-.2s
+>>>>>>52	ubyte&0xDF	>0
+>>>>>>>52	string		x 			\b.%-.3s
+#
+>70	string	IBMBIO\ \ COM
+>>472	string	Cannot\ load\ DOS!\040
+>>>489	string	Any\ key\ to\ retry			\b, DR-DOS Bootloader
+>>471	string	Cannot\ load\ DOS\040
+>>487	string	press\ key\ to\ retry			\b, Open-DOS Bootloader
+#??
+>444	string	KERNEL\ \ SYS
+>>314	string	BOOT\ error!				\b, FREE-DOS Bootloader
+>499	string	KERNEL\ \ SYS
+>>305	string	BOOT\ err!\0				\b, Free-DOS Bootloader
+>449	string	KERNEL\ \ SYS
+>>319	string	BOOT\ error!				\b, FREE-DOS 0.5 Bootloader
+#
+>449	string	Loading\ FreeDOS
+>>0x1AF		ulelong		>0			\b, FREE-DOS 0.95,1.0 Bootloader
+>>>497		ubyte&0xDF	>0
+>>>>497		string		x 			\b %-.6s
+>>>>>503	ubyte&0xDF	>0
+>>>>>>503	string		x 			\b%-.1s
+>>>>>>>504	ubyte&0xDF	>0
+>>>>>>>>504	string		x 			\b%-.1s
+>>>>505		ubyte&0xDF	>0
+>>>>>505	string		x 			\b.%-.3s
+#
+>331	string	Error!.0				\b, FREE-DOS 1.0 bootloader
+#
+>125	string	Loading\ FreeDOS...\r
+>>311	string	BOOT\ error!\r				\b, FREE-DOS bootloader
+>>>441		ubyte&0xDF	>0
+>>>>441		string		x 			\b %-.6s
+>>>>>447	ubyte&0xDF	>0
+>>>>>>447	string		x 			\b%-.1s
+>>>>>>>448	ubyte&0xDF	>0
+>>>>>>>>448	string		x 			\b%-.1s
+>>>>449		ubyte&0xDF	>0
+>>>>>449	string		x 			\b.%-.3s
+>124	string	FreeDOS\0
+>>331	string	\ err\0					\b, FREE-DOS BETa 0.9 Bootloader
+# DOS names like KERNEL.SYS,KERNEL16.SYS,KERNEL32.SYS,METAKERN.SYS are 8 right space padded bytes+3 bytes
+>>>497		ubyte&0xDF	>0
+>>>>497		string		x 			\b %-.6s
+>>>>>503	ubyte&0xDF	>0
+>>>>>>503	string		x 			\b%-.1s
+>>>>>>>504	ubyte&0xDF	>0
+>>>>>>>>504	string		x 			\b%-.1s
+>>>>505		ubyte&0xDF	>0
+>>>>>505	string		x 			\b.%-.3s
+>>333	string	\ err\0					\b, FREE-DOS BEta 0.9 Bootloader
+>>>497		ubyte&0xDF	>0
+>>>>497		string		x 			\b %-.6s
+>>>>>503	ubyte&0xDF	>0
+>>>>>>503	string		x 			\b%-.1s
+>>>>>>>504	ubyte&0xDF	>0
+>>>>>>>>504	string		x 			\b%-.1s
+>>>>505		ubyte&0xDF	>0
+>>>>>505	string		x 			\b.%-.3s
+>>334	string	\ err\0					\b, FREE-DOS Beta 0.9 Bootloader
+>>>497		ubyte&0xDF	>0
+>>>>497		string		x 			\b %-.6s
+>>>>>503	ubyte&0xDF	>0
+>>>>>>503	string		x 			\b%-.1s
+>>>>>>>504	ubyte&0xDF	>0
+>>>>>>>>504	string		x 			\b%-.1s
+>>>>505		ubyte&0xDF	>0
+>>>>>505	string		x 			\b.%-.3s
+>336	string	Error!\040
+>>343	string	Hit\ a\ key\ to\ reboot.		\b, FREE-DOS Beta 0.9sr1 Bootloader
+>>>497		ubyte&0xDF	>0
+>>>>497		string		x 			\b %-.6s
+>>>>>503	ubyte&0xDF	>0
+>>>>>>503	string		x 			\b%-.1s
+>>>>>>>504	ubyte&0xDF	>0
+>>>>>>>>504	string		x 			\b%-.1s
+>>>>505		ubyte&0xDF	>0
+>>>>>505	string		x 			\b.%-.3s
+# added by Joerg Jenderek
+# https://www.visopsys.org/
+# https://partitionlogic.org.uk/
+# OEM-ID=Visopsys
+>478		ulelong	0
+>>(1.b+326)	string	I/O\ Error\ reading\040
+>>>(1.b+344)	string	Visopsys\ loader\r
+>>>>(1.b+361)	string	Press\ any\ key\ to\ continue.\r	\b, Visopsys loader
+# http://alexfru.chat.ru/epm.html#bootprog
+>494	ubyte	>0x4D
+>>495	string	>E
+>>>495	string	<S
+#OEM-ID is not reliable
+>>>>3	string	BootProg
+# It just looks for a program file name at the root directory
+# and loads corresponding file with following execution.
+# DOS names like STARTUP.BIN,STARTUPC.COM,STARTUPE.EXE are 8 right space padded bytes+3 bytes
+>>>>499			ubyte&0xDF	>0		\b, COM/EXE Bootloader
+>>>>>499		use		DOS-filename
+#If the boot sector fails to read any other sector,
+#it prints a very short message ("RE") to the screen and hangs the computer.
+#If the boot sector fails to find needed program in the root directory,
+#it also hangs with another message ("NF").
+>>>>>492		string		RENF		\b, FAT (12 bit)
+>>>>>495		string		RENF		\b, FAT (16 bit)
+#If the boot sector fails to read any other sector,
+#it prints a very short message ("RE") to the screen and hangs the computer.
+# x86 bootloader end
+
+# added by Joerg Jenderek at Feb 2013 according to https://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
+# and https://en.wikipedia.org/wiki/File_Allocation_Table#FS_Information_Sector
+>0		string		RRaA
+>>0x1E4		string		rrAa		\b, FSInfosector
+#>>0x1FC	uleshort	=0		SHOULD BE ZERO
+>>>0x1E8	ulelong		<0xffffffff	\b, %u free clusters
+>>>0x1EC	ulelong		<0xffffffff	\b, last allocated cluster %u
+
+# updated by Joerg Jenderek at Sep 2007
+>3	ubyte	0
+#no active flag
+>>446	ubyte	0
+# partition 1 not empty
+>>>450	ubyte	>0
+# partitions 3,4 empty
+>>>>482		ubyte	0
+>>>>>498	ubyte	0
+# partition 2 ID=0,5,15
+>>>>>>466	ubyte	<0x10
+>>>>>>>466	ubyte	0x05			\b, extended partition table
+>>>>>>>466	ubyte	0x0F			\b, extended partition table (LBA)
+>>>>>>>466	ubyte	0x0			\b, extended partition table (last)
+
+# DOS x86 sector separated and moved from "DOS/MBR boot sector" by Joerg Jenderek at May 2011
+
+>0x200	lelong	0x82564557		\b, BSD disklabel
+
+# by Joerg Jenderek at Apr 2013
+#	Print the DOS filenames from directory entry form with 8 right space padded bytes + 3 bytes for extension
+#	like IO.SYS. MSDOS.SYS , KERNEL.SYS , DRBIO.SYS
+0	name			DOS-filename
+# space=0x20 (00100000b) means empty
+>0			ubyte&0xDF	>0
+>>0			ubyte		x 		\b%c
+>>>1			ubyte&0xDF	>0
+>>>>1			ubyte		x 		\b%c
+>>>>>2			ubyte&0xDF	>0
+>>>>>>2			ubyte		x 		\b%c
+>>>>>>>3		ubyte&0xDF	>0
+>>>>>>>>3		ubyte		x 		\b%c
+>>>>>>>>>4		ubyte&0xDF	>0
+>>>>>>>>>>4		ubyte		x 		\b%c
+>>>>>>>>>>>5		ubyte&0xDF	>0
+>>>>>>>>>>>>5		ubyte		x 		\b%c
+>>>>>>>>>>>>>6		ubyte&0xDF	>0
+>>>>>>>>>>>>>>6		ubyte		x 		\b%c
+>>>>>>>>>>>>>>>7	ubyte&0xDF	>0
+>>>>>>>>>>>>>>>>7	ubyte		x 		\b%c
+# DOS filename extension
+>>8			ubyte&0xDF	>0		\b.
+>>>8			ubyte		x 		\b%c
+>>>>9			ubyte&0xDF	>0
+>>>>>9			ubyte		x 		\b%c
+>>>>>>10		ubyte&0xDF	>0
+>>>>>>>10		ubyte		x 		\b%c
+#	Print 2 following DOS filenames from directory entry form
+#	like IO.SYS+MSDOS.SYS or ibmbio.com+ibmdos.com
+0	name			2xDOS-filename
+# display 1 space
+>0			ubyte		x		\b
+>0			use		DOS-filename
+>11			ubyte		x		\b+
+>11			use		DOS-filename
+
+# https://en.wikipedia.org/wiki/Master_boot_record#PTE
+# display standard partition table
+0	name				partition-table
+#>0		ubyte		x	PARTITION-TABLE
+# test and display 1st til 4th partition table entry
+>0		use			partition-entry-test
+>16		use			partition-entry-test
+>32		use			partition-entry-test
+>48		use			partition-entry-test
+#		test for entry of partition table
+0	name				partition-entry-test
+# partition type ID > 0
+>4		ubyte		>0
+# active flag 0
+>>0		ubyte		0
+>>>0		use		partition-entry
+# active flag 0x80, 0x81, ...
+>>0		ubyte		>0x7F
+>>>0		use		partition-entry
+#		Print entry of partition table
+0	name				partition-entry
+# partition type ID > 0
+>4		ubyte		>0	\b; partition
+>>64		leshort		0xAA55	1
+>>48		leshort		0xAA55	2
+>>32		leshort		0xAA55	3
+>>16		leshort		0xAA55	4
+>>4		ubyte		x	: ID=%#x
+>>0		ubyte&0x80	0x80	\b, active
+>>0		ubyte		>0x80	%#x
+>>1		ubyte		x	\b, start-CHS (
+>>1		use		partition-chs
+>>5		ubyte		x	\b), end-CHS (
+>>5		use		partition-chs
+>>8		ulelong		x	\b), startsector %u
+>>12		ulelong		x	\b, %u sectors
+#		Print cylinder,head,sector (CHS) of partition entry
+0	name				partition-chs
+# cylinder
+>1		ubyte		x	\b0x
+>1		ubyte&0xC0	0x40	\b1
+>1		ubyte&0xC0	0x80	\b2
+>1		ubyte&0xC0	0xC0	\b3
+>2		ubyte		x	\b%x
+# head
+>0		ubyte		x	\b,%u
+# sector
+>1		ubyte&0x3F	x	\b,%u
+
+# FATX
+0		string		FATX		FATX filesystem data
+
+# romfs filesystems - Juan Cespedes <cespedes@debian.org>
+0	string		-rom1fs-	romfs filesystem, version 1
+>8	belong	x			%d bytes,
+>16	string	x			named %s.
+
+# netboot image - Juan Cespedes <cespedes@debian.org>
+0	lelong		0x1b031336L	Netboot image,
+>4	lelong&0xFFFFFF00	0
+>>4	lelong&0x100	0x000		mode 2
+>>4	lelong&0x100	0x100		mode 3
+>4	lelong&0xFFFFFF00	!0	unknown mode
+
+0x18b	string	OS/2	OS/2 Boot Manager
+
+# updated by Joerg Jenderek at Oct 2008 and Sep 2012
+# https://syslinux.zytor.com/iso.php
+# tested with versions 1.47,1.48,1.49,1.50,1.62,1.76,2.00,2.10;3.00,3.11,3.31,;3.70,3.71,3.73,3.75,3.80,3.82,3.84,3.86,4.01,4.03 and 4.05
+# assembler instructions: cli;jmp 0:7Cyy (yy=0x40,0x5e,0x6c,0x6e,0x77);nop;nop
+0	ulequad&0x909000007cc0eafa	0x909000007c40eafa
+>631	search/689	ISOLINUX\ 	isolinux Loader
+>>&0	string		x		(version %-4.4s)
+# https://syslinux.zytor.com/pxe.php
+# assembler instructions: jmp 7C05
+0	ulelong	0x007c05ea		pxelinux loader (version 2.13 or older)
+# assembler instructions: pushfd;pushad
+0	ulelong	0x60669c66		pxelinux loader
+# assembler instructions: jmp 05
+0	ulelong	0xc00005ea		pxelinux loader (version 3.70 or newer)
+# https://syslinux.zytor.com/wiki/index.php/SYSLINUX
+0	string	LDLINUX\ SYS\ 		SYSLINUX loader
+>12	string	x			(older version %-4.4s)
+0	string	\r\nSYSLINUX\ 		SYSLINUX loader
+>11	string	x			(version %-4.4s)
+# syslinux updated and separated from "DOS/MBR boot sector" by Joerg Jenderek at Sep 2012
+# assembler instructions: jmp yy (yy=0x3c,0x58);nop;"SYSLINUX"
+0	ulelong&0x80909bEB	0x009018EB
+# OEM-ID not always "SYSLINUX"
+>434	search/47	Boot\ failed
+# followed by \r\n\0 or :\
+>>482	search/132	\0LDLINUX\ SYS		Syslinux bootloader (version 2.13 or older)
+>>1	ubyte		0x58			Syslinux bootloader (version 3.0-3.9)
+>459	search/30	Boot\ error\r\n\0
+>>1	ubyte		0x58			Syslinux bootloader (version 3.10 or newer)
+# SYSLINUX MBR updated and separated from "DOS/MBR boot sector" by Joerg Jenderek at Sep 2012
+# assembler instructions: mov di,0600h;mov cx,0100h
+16	search/4	\xbf\x00\x06\xb9\x00\x01
+# to display SYSLINUX MBR (36) before old DOS/MBR boot sector one with partition table (strength=50+21)
+!:strength +36
+>94	search/249	Missing\ operating\ system
+# followed by \r for versions older 3.35 , .\r for versions newer 3.52 and point for other
+# skip Ranish MBR
+>>408	search/4	HD1/\0
+>>408	default		x
+>>>250	search/118	\0Operating\ system\ load		SYSLINUX MBR
+# followed by "ing " or space
+>>>>292	search/98	error
+>>>>>&0	string		\r		    			(version 3.35 or older)
+>>>>>&0	string		.\r					(version 3.52 or newer)
+>>>>>&0	default		x					(version 3.36-3.51 )
+>368	search/106	\0Disk\ error\ on\ boot\r\n		SYSLINUX GPT-MBR
+>>156	search/10	\0Boot\ partition\ not\ found\r\n
+>>>270	search/10	\0OS\ not\ bootable\r\n			(version 3.86 or older)
+>>174	search/10	\0Missing\ OS\r\n
+>>>189	search/10	\0Multiple\ active\ partitions\r\n	(version 4.00 or newer)
+# SYSLINUX END
+
+# NetBSD mbr variants (master-boot-code version 1.22) added by Joerg Jenderek at Nov 2012
+# assembler instructions: xor ax,ax;mov	ax,ss;mov sp,0x7c00;mov	ax,
+0	ubequad		0x31c08ed0bc007c8e
+# mbr_bootsel magic before partition table not reliable with small ipl fragments
+#>444	uleshort	0xb5e1
+>0004	uleshort	x
+# ERRorTeXT
+>>181	search/166		Error\ \0\r\n				NetBSD mbr
+# NT Drive Serial Number https://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DS
+>>>0x1B8	ubelong		>0					\b,Serial %#-.8x
+# BOOTSEL definitions contains assembler instructions: int 0x13;pop dx;push dx;push dx
+>>>0xbb		search/71	\xcd\x13\x5a\x52\x52			\b,bootselector
+# BOOT_EXTENDED definitions contains assembler instructions:
+# xchg ecx,edx;addl ecx,edx;movw lba_info,si;movb 0x42,ah;pop dx;push dx;int 0x13
+>>>0x96	search/1	\x66\x87\xca\x66\x01\xca\x66\x89\x16\x3a\x07\xbe\x32\x07\xb4\x42\x5a\x52\xcd\x13	\b,boot extended
+# COM_PORT_VAL definitions contains assembler instructions: outb al,dx;add 5,dl;inb %dx;test 0x40,al
+>>>0x130	search/55	\xee\x80\xc2\x05\xec\xa8\x40		\b,serial IO
+# not TERSE_ERROR
+>>>196		search/106	No\ active\ partition\0
+>>>>&0		string		Disk\ read\ error\0
+>>>>>&0		string		No\ operating\ system\0			\b,verbose
+# not NO_CHS definitions contains assembler instructions: pop dx;push dx;movb $8,ah;int0x13
+>>>0x7d		search/7	\x5a\x52\xb4\x08\xcd\x13		\b,CHS
+# not NO_LBA_CHECK definitions contains assembler instructions: movw 0x55aa,bx;movb 0x41,ah;pop	dx;push	dx;int 0x13
+>>>0xa4		search/84	\xbb\xaa\x55\xb4\x41\x5a\x52\xcd\x13	\b,LBA-check
+# assembler instructions: movw nametab,bx
+>>>0x26	    search/21	\xBB\x94\x07
+# not NO_BANNER definitions contains assembler instructions: mov banner,si;call message_crlf
+>>>>&-9	ubequad&0xBE00f0E800febb94	0xBE0000E80000bb94
+>>>>>181	search/166		Error\ \0
+# "a: disk" , "Fn: diskn" or "NetBSD MBR boot"
+>>>>>>&3	string			x				\b,"%s"
+>>>446	use		partition-table
+# Andrea Mazzoleni AdvanceCD mbr loader of http://advancemame.sourceforge.net/boot-readme.html
+# added by Joerg Jenderek at Nov 2012 for versions 1.3 - 1.4
+# assembler instructions: jmp short 0x58;nop;ASCII
+0	ubequad&0xeb58908000000000	0xeb58900000000000
+# assembler instructions: cli;xor ax,ax;mov ds,ax;mov es,ax;mov ss,
+>(1.b+2)	ubequad			0xfa31c08ed88ec08e
+# Error messages at end of code
+>>376		string	No\ operating\ system\r\n\0
+>>>398		string	Disk\ error\r\n\0FDD\0HDD\0
+>>>>419		string	\ EBIOS\r\n\0				AdvanceMAME mbr
+
+# Neil Turton mbr loader variant of https://www.chiark.greenend.org.uk/~neilt/mbr/
+# added by Joerg Jenderek at Mar 2011 for versions 1.0.0 - 1.1.11
+# for 1st version assembler instructions:	cld;xor ax,ax;mov DS,ax;MOV ES,AX;mov SI,
+# or  	  	  	    			cld;xor ax,ax;mov SS,ax;XOR SP,SP;mov DS,
+0	ulequad&0xcE1b40D48EC031FC	0x8E0000D08EC031FC
+# pointer to the data starting with Neil Turton signature string
+>(0x1BC.s)		string		NDTmbr
+>>&-14			string		1234F\0			Turton mbr (
+# parameters also viewed by install-mbr --list
+>>>(0x1BC.s+7)		ubyte		x			\b%u<=
+>>>(0x1BC.s+9)		ubyte		x			\bVersion<=%u
+#>>>(0x1BC.s+8)		ubyte		x			asm_flag_%x
+>>>(0x1BC.s+8)		ubyte&1		1			\b,Y2K-Fix
+# variant used by testdisk of https://www.cgsecurity.org/wiki/Menu_MBRCode
+>>>(0x1BC.s+8)		ubyte&2		2			\b,TestDisk
+#0x1~1,..,0x8~4,0x10~F,0x80~A enabled
+#>>>(0x1BC.s+10)		ubyte		x			\b,flags %#x
+#0x0~1,0x1~2,...,0x3~4,0x4~F,0x7~D default boot
+#>>>(0x1BC.s+11)		ubyte		x			\b,cfg_def %#x
+# for older versions
+>>>(0x1BC.s+9)		ubyte		<2
+#>>>>(0x1BC.s+12)	ubyte		18			\b,%hhu/18 seconds
+>>>>(0x1BC.s+12)	ubyte		!18			\b,%u/18 seconds
+# floppy A: or B:
+>>>>(0x1BC.s+13)	ubyte		<2			\b,floppy %#x
+>>>>(0x1BC.s+13)	ubyte		>1
+# 1st hard disc
+#>>>>>(0x1BC.s+13)	ubyte		0x80			\b,drive %#x
+# not 1st hard disc
+>>>>>(0x1BC.s+13)	ubyte		!0x80			\b,drive %#x
+# for version >= 2 maximal timeout can be 65534
+>>>(0x1BC.s+9)		ubyte		>1
+#>>>>(0x1BC.s+12)	uleshort	18			\b,%u/18 seconds
+>>>>(0x1BC.s+12)	uleshort	!18			\b,%u/18 seconds
+# floppy A: or B:
+>>>>(0x1BC.s+14)	ubyte		<2			\b,floppy %#x
+>>>>(0x1BC.s+14)	ubyte		>1
+# 1st hard disc
+#>>>>>(0x1BC.s+14)	ubyte		0x80			\b,drive %#x
+# not 1st hard disc
+>>>>>(0x1BC.s+14)	ubyte		!0x80			\b,drive %#x
+>>>0	ubyte		x					\b)
+
+# added by Joerg Jenderek
+# In the second sector (+0x200) are variables according to grub-0.97/stage2/asm.S or
+# grub-1.94/kern/i386/pc/startup.S
+# https://www.gnu.org/software/grub/manual/grub.html#Embedded-data
+# usual values are marked with comments to get only information of strange GRUB loaders
+0x200	uleshort		0x70EA
+# found only version 3.{1,2}
+>0x206		ubeshort	>0x0300
+# GRUB version (0.5.)95,0.93,0.94,0.96,0.97 > "00"
+>>0x212 	ubyte		>0x29
+>>>0x213 	ubyte		>0x29
+# not iso9660_stage1_5
+#>>>0	ulelong&0x00BE5652	0x00BE5652
+>>>>0x213 	ubyte		>0x29		GRand Unified Bootloader
+# config_file for stage1_5 is 0xffffffff + default "/boot/grub/stage2"
+>>>>0x217 	ubyte		0xFF		stage1_5
+>>>>0x217 	ubyte		<0xFF		stage2
+>>>>0x206	ubyte		x		\b version %u
+>>>>0x207	ubyte		x		\b.%u
+# module_size for 1.94
+>>>>0x208	ulelong		<0xffffff	\b, installed partition %u
+#>>>>0x208	ulelong		=0xffffff	\b, %lu (default)
+>>>>0x208	ulelong		>0xffffff	\b, installed partition %u
+# GRUB 0.5.95 unofficial
+>>>>0x20C	ulelong&0x2E300000 0x2E300000
+# 0=stage2	1=ffs	2=e2fs	3=fat	4=minix	5=reiserfs
+>>>>>0x20C	ubyte		x		\b, identifier %#x
+#>>>>>0x20D	ubyte		=0		\b, LBA flag %#x (default)
+>>>>>0x20D	ubyte		>0		\b, LBA flag %#x
+# GRUB version as string
+>>>>>0x20E 	string		>\0		\b, GRUB version %-s
+# for stage1_5 is 0xffffffff + config_file "/boot/grub/stage2" default
+>>>>>>0x215 	ulong		0xffffffff
+>>>>>>>0x219 	string		>\0		\b, configuration file %-s
+>>>>>>0x215 	ulong		!0xffffffff
+>>>>>>>0x215 	string		>\0		\b, configuration file %-s
+# newer GRUB versions
+>>>>0x20C	ulelong&0x2E300000 !0x2E300000
+##>>>>>0x20C	ulelong		=0		\b, saved entry %d (usual)
+>>>>>0x20C	ulelong		>0		\b, saved entry %d
+# for 1.94 contains kernel image size
+# for 0.93,0.94,0.96,0.97
+# 0=stage2	1=ffs	2=e2fs	3=fat	4=minix	5=reiserfs	6=vstafs	7=jfs	8=xfs	9=iso9660	a=ufs2
+>>>>>0x210	ubyte		x		\b, identifier %#x
+# The flag for LBA forcing is in most cases 0
+#>>>>>0x211	ubyte		=0		\b, LBA flag %#x (default)
+>>>>>0x211	ubyte		>0		\b, LBA flag %#x
+# GRUB version as string
+>>>>>0x212 	string		>\0		\b, GRUB version %-s
+# for stage1_5 is 0xffffffff + config_file "/boot/grub/stage2" default
+>>>>>0x217 	ulong		0xffffffff
+>>>>>>0x21b 	string		>\0		\b, configuration file %-s
+>>>>>0x217 	ulong		!0xffffffff
+>>>>>>0x217 	string		>\0		\b, configuration file %-s
+
+# DOS x86 sector updated and separated from "DOS/MBR boot sector" by Joerg Jenderek at May 2011
+# JuMP short     bootcodeoffset NOP assembler instructions will usually be EB xx 90
+# over BIOS parameter block (BPB)
+# https://thestarman.pcministry.com/asm/2bytejumps.htm#FWD
+# older drives may use Near JuMP instruction E9 xx xx
+# minimal short forward jump found 0x29 for bootloaders or 0x0
+# maximal short forward jump is 0x7f
+# OEM-ID is empty or contain readable bytes
+0		ulelong&0x804000E9	0x000000E9
+!:strength	+60
+# mtools-3.9.8/msdos.h
+# usual values are marked with comments to get only information of strange FAT systems
+# valid sectorsize must be a power of 2 from 32 to 32768
+>11		uleshort&0x001f	0
+>>11		uleshort	<32769
+>>>11		uleshort	>31
+>>>>21		ubyte&0xf0	0xF0
+>>>>>0		ubyte		0xEB		DOS/MBR boot sector
+>>>>>>1		ubyte		x		\b, code offset %#x+2
+>>>>>0		ubyte		0xE9
+>>>>>>1		uleshort	x		\b, code offset %#x+3
+>>>>>3		string		>\0		\b, OEM-ID "%-.8s"
+#http://mirror.href.com/thestarman/asm/debug/debug2.htm#IHC
+>>>>>>8		string		IHC		\b cached by Windows 9M
+>>>>>11		uleshort	>512		\b, Bytes/sector %u
+#>>>>>11	uleshort	=512		\b, Bytes/sector %u=512 (usual)
+>>>>>11		uleshort	<512		\b, Bytes/sector %u
+>>>>>13		ubyte		>1		\b, sectors/cluster %u
+#>>>>>13	ubyte		=1		\b, sectors/cluster %u (usual on Floppies)
+# for lazy FAT32 implementation like Transcend digital photo frame PF830
+>>>>>82		string/c	fat32
+>>>>>>14	uleshort	!32		\b, reserved sectors %u
+#>>>>>>14	uleshort	=32		\b, reserved sectors %u (usual Fat32)
+>>>>>82		string/c	!fat32
+>>>>>>14	uleshort	>1		\b, reserved sectors %u
+#>>>>>>14	uleshort	=1		\b, reserved sectors %u (usual FAT12,FAT16)
+#>>>>>>14	uleshort	0		\b, reserved sectors %u (usual NTFS)
+>>>>>16		ubyte		>2		\b, FATs %u
+#>>>>>16	ubyte		=2		\b, FATs %u (usual)
+>>>>>16		ubyte		=1		\b, FAT  %u
+>>>>>16		ubyte		>0
+>>>>>17		uleshort	>0		\b, root entries %u
+#>>>>>17	uleshort	=0		\b, root entries %hu=0 (usual Fat32)
+>>>>>19		uleshort	>0		\b, sectors %u (volumes <=32 MB)
+#>>>>>19	uleshort	=0		\b, sectors %hu=0 (usual Fat32)
+>>>>>21		ubyte		>0xF0		\b, Media descriptor %#x
+#>>>>>21	ubyte		=0xF0		\b, Media descriptor %#x (usual floppy)
+>>>>>21		ubyte		<0xF0		\b, Media descriptor %#x
+>>>>>22		uleshort	>0		\b, sectors/FAT %u
+#>>>>>22	uleshort	=0		\b, sectors/FAT %hu=0 (usual Fat32)
+>>>>>24		uleshort	x		\b, sectors/track %u
+>>>>>26		ubyte		>2		\b, heads %u
+#>>>>>26	ubyte		=2		\b, heads %u (usual floppy)
+>>>>>26		ubyte		=1		\b, heads %u
+# valid only for sector sizes with more then 32 Bytes
+>>>>>11		uleshort	>32
+# https://en.wikipedia.org/wiki/Design_of_the_FAT_file_system#Extended_BIOS_Parameter_Block
+# skip for values 2,2Ah,70h,73h,DFh
+# and continue for extended boot signature values 0,28h,29h,80h
+>>>>>>38	ubyte&0x56	=0
+>>>>>>>28	ulelong		>0		\b, hidden sectors %u
+#>>>>>>>28	ulelong		=0		\b, hidden sectors %u (usual floppy)
+>>>>>>>32	ulelong		>0		\b, sectors %u (volumes > 32 MB)
+#>>>>>>>32	ulelong		=0		\b, sectors %u (volumes > 32 MB)
+# FAT<32 bit specific
+>>>>>>>82	string/c	!fat32
+#>>>>>>>>36	ubyte		0x80		\b, physical drive %#x=0x80 (usual harddisk)
+#>>>>>>>>36	ubyte		0		\b, physical drive %#x=0 (usual floppy)
+>>>>>>>>36	ubyte		!0x80
+>>>>>>>>>36	ubyte		!0		\b, physical drive %#x
+# VGA-copy CRC or
+# in Windows NT bit 0 is a dirty flag to request chkdsk at boot time. bit 1 requests surface scan too
+>>>>>>>>37	ubyte		>0		\b, reserved %#x
+#>>>>>>>>37	ubyte		=0		\b, reserved %#x
+# extended boot signature value is 0x80 for NTFS, 0x28 or 0x29 for others
+>>>>>>>>38	ubyte		!0x29		\b, dos < 4.0 BootSector (%#x)
+>>>>>>>>38	ubyte&0xFE	=0x28
+>>>>>>>>>39	ulelong		x		\b, serial number %#x
+>>>>>>>>38	ubyte		=0x29
+>>>>>>>>>43	string		<NO\ NAME	\b, label: "%11.11s"
+>>>>>>>>>43	string		>NO\ NAME	\b, label: "%11.11s"
+>>>>>>>>>43	string		=NO\ NAME	\b, unlabeled
+# there exist some old floppies without word FAT at offset 54
+# a word like "FATnm   " is only a hint for a FAT size on nm-bits
+# Normally the number of clusters is calculated by the values of BPP.
+# if it is small enough FAT is 12 bit, if it is too big enough FAT is 32 bit,
+# otherwise FAT is 16 bit.
+# http://homepage.ntlworld.com/jonathan.deboynepollard/FGA/determining-fat-widths.html
+>>>>>82		string/c	!fat32
+>>>>>>54	string		FAT12		\b, FAT (12 bit)
+>>>>>>54	string		FAT16		\b, FAT (16 bit)
+>>>>>>54	default		x
+# determinate FAT bit size by media descriptor
+# small floppies implies FAT12
+>>>>>>>21	ubyte		<0xF0		\b, FAT (12 bit by descriptor)
+# with media descriptor F0h floppy or maybe superfloppy with FAT16
+>>>>>>>21	ubyte		=0xF0
+# superfloppy (many sectors) implies FAT16
+>>>>>>>>32	ulelong		>0xFFFF		\b, FAT (16 bit by descriptor+sectors)
+# no superfloppy with media descriptor F0h implies FAT12
+>>>>>>>>32	default		x		\b, FAT (12 bit by descriptor+sectors)
+# with media descriptor F8h floppy or hard disc with FAT12 or FAT16
+>>>>>>>21	ubyte		=0xF8
+# 360 KiB with media descriptor F8h, 9 sectors per track ,single sided floppy implies FAT12
+>>>>>>>>19	ubequad	0xd002f80300090001	\b, FAT (12 bit by descriptor+geometry)
+# hard disc with FAT12 or FAT16
+>>>>>>>>19	default		x		\b, FAT (1Y bit by descriptor)
+# with media descriptor FAh floppy, RAM disc with FAT12 or FAT16 or Tandy hard disc
+>>>>>>>21	ubyte		=0xFA
+# 320 KiB with media descriptor FAh, 8 sectors per track ,single sided floppy implies FAT12
+>>>>>>>>19	ubequad	0x8002fa0200080001	\b, FAT (12 bit by descriptor+geometry)
+# RAM disc with FAT12 or FAT16 or Tandy hard disc
+>>>>>>>>19	default		x		\b, FAT (1Y bit by descriptor)
+# others are floppy
+>>>>>>>21	default		x		\b, FAT (12 bit by descriptor)
+# FAT32 bit specific
+>>>>>82		string/c	fat32		\b, FAT (32 bit)
+>>>>>>36	ulelong		x		\b, sectors/FAT %u
+# https://technet.microsoft.com/en-us/library/cc977221.aspx
+>>>>>>40	uleshort	>0		\b, extension flags %#x
+#>>>>>>40	uleshort	=0		\b, extension flags %hu
+>>>>>>42	uleshort	>0		\b, fsVersion %u
+#>>>>>>42	uleshort	=0		\b, fsVersion %u (usual)
+>>>>>>44	ulelong		>2		\b, rootdir cluster %u
+#>>>>>>44	ulelong		=2		\b, rootdir cluster %u
+#>>>>>>44	ulelong		=1		\b, rootdir cluster %u
+>>>>>>48	uleshort	>1		\b, infoSector %u
+#>>>>>>48	uleshort	=1		\b, infoSector %u (usual)
+>>>>>>48	uleshort	<1		\b, infoSector %u
+# 0 or 0xFFFF instead of usual 6 means no backup sector
+>>>>>>50	uleshort	=0xFFFF		\b, no Backup boot sector
+>>>>>>50	uleshort	=0		\b, no Backup boot sector
+#>>>>>>50	uleshort	=6		\b, Backup boot sector %u (usual)
+>>>>>>50	default		x
+>>>>>>>50	uleshort	x		\b, Backup boot sector %u
+# corrected by Joerg Jenderek at Feb 2011 according to https://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
+>>>>>>52	ulelong		>0		\b, reserved1 %#x
+>>>>>>56	ulelong		>0		\b, reserved2 %#x
+>>>>>>60	ulelong		>0		\b, reserved3 %#x
+# same structure as FAT1X
+#>>>>>>64	ubyte		=0x80		\b, physical drive %#x=80 (usual harddisk)
+#>>>>>>64	ubyte		=0		\b, physical drive %#x=0 (usual floppy)
+>>>>>>64	ubyte		!0x80
+>>>>>>>64	ubyte		>0		\b, physical drive %#x
+# in Windows NT bit 0 is a dirty flag to request chkdsk at boot time. bit 1 requests surface scan too
+>>>>>>65	ubyte		>0		\b, reserved %#x
+>>>>>>66	ubyte		!0x29		\b, dos < 4.0 BootSector (%#x)
+>>>>>>66	ubyte		=0x29
+>>>>>>>67	ulelong		x		\b, serial number %#x
+>>>>>>>71	string		<NO\ NAME	\b, label: "%11.11s"
+>>>>>>>71	string		>NO\ NAME	\b, label: "%11.11s"
+>>>>>>>71	string		=NO\ NAME	\b, unlabeled
+# additional tests for floppy image added by Joerg Jenderek
+# no fixed disk
+>>>>>21		ubyte		!0xF8
+# floppy media with 12 bit FAT
+>>>>>>54	string		!FAT16
+# test for FAT after bootsector
+>>>>>>>(11.s)	ulelong&0x00ffffF0	0x00ffffF0	\b, followed by FAT
+# floppy image
+!:mime application/x-ima
+# NTFS specific added by Joerg Jenderek at Mar 2011 according to https://thestarman.pcministry.com/asm/mbr/NTFSBR.htm
+# and http://homepage.ntlworld.com/jonathan.deboynepollard/FGA/bios-parameter-block.html
+# 0 FATs
+>>>>>16	ubyte		=0
+# 0 root entries
+>>>>>>17	uleshort	=0
+# 0 DOS sectors
+>>>>>>>19	uleshort	=0
+# 0 sectors/FAT
+# dos < 4.0 BootSector value found is 0x80
+#38	ubyte		=0x80			\b, dos < 4.0 BootSector (%#x)
+>>>>>>>>22	uleshort	=0		\b; NTFS
+>>>>>>>>>24	uleshort	>0		\b, sectors/track %u
+>>>>>>>>>36	ulelong		!0x800080	\b, physical drive %#x
+>>>>>>>>>40	ulequad		>0		\b, sectors %lld
+>>>>>>>>>48	ulequad		>0		\b, $MFT start cluster %lld
+>>>>>>>>>56	ulequad		>0		\b, $MFTMirror start cluster %lld
+# Values 0 to 127 represent MFT record sizes of 0 to 127 clusters.
+# Values 128 to 255 represent MFT record sizes of 2^(256-N) bytes.
+>>>>>>>>>64	lelong		<256
+>>>>>>>>>>64	lelong		<128		\b, clusters/RecordSegment %d
+>>>>>>>>>>64	ubyte		>127		\b, bytes/RecordSegment 2^(-1*%i)
+# Values 0 to 127 represent index block sizes of 0 to 127 clusters.
+# Values 128 to 255 represent index block sizes of 2^(256-N) byte
+>>>>>>>>>68	ulelong		<256
+>>>>>>>>>>68	ulelong		<128		\b, clusters/index block %d
+#>>>>>>>>>>68	ulelong		>127		\b, bytes/index block 2^(256-%d)
+>>>>>>>>>>68	ubyte		>127		\b, bytes/index block 2^(-1*%i)
+>>>>>>>>>72	ulequad		x		\b, serial number 0%llx
+>>>>>>>>>80	ulelong		>0		\b, checksum %#x
+#>>>>>>>>>80	ulelong		=0		\b, checksum %#x=0 (usual)
+# unicode loadername size jump
+>>>>>>>>>(0x200.s*2)	ubyte				x
+# in next sector loadername terminated by unicode CTRL-D and $
+>>>>>>>>>>&0x1FF	ulequad&0x0000FFffFFffFF00	0x0000002400040000 \b; contains
+# if 2nd NTFS sectors is found then assume whole filesystem
+#!:mime		application/x-raw-disk-image
+!:ext		img/bin/ntfs
+>>>>>>>>>>>0x200	use				ntfs-sector2
+
+# For 2nd NTFS sector added by Joerg Jenderek at Jan 2013, Mar 2019
+# https://thestarman.pcministry.com/asm/mbr/NTFSbrHexEd.htm
+# unused assembler instructions short JMP y2;NOP;NOP
+0x056		ulelong&0xFFFF0FFF	0x909002EB	NTFS
+#!:mime		application/octet-stream
+!:ext		bin
+>0		use		ntfs-sector2
+# https://memory.dataram.com/products-and-services/software/ramdisk
+# assembler instructions JMP C000;NOP
+0x056		ulelong			0x9000c0e9	NTFS
+#!:mime		application/octet-stream
+!:ext		bin
+>0		use		ntfs-sector2
+# check for characteristics of second NTFS sector and then display loader name
+0		name		ntfs-sector2
+# number of utf16 characters of loadername
+>0		uleshort	<8
+# unused assembler instructions JMP y2;NOP;NOP or JMP C000;NOP
+>>0x056		ulelong&0xFF0000FD	0x900000E9
+# loadernames are NTLDR,CMLDR,PELDR,$LDR$ or BOOTMGR
+>>>0x002		lestring16	x	bootstrap %-5.5s
+# check for 7 character length of loader name like BOOTMGR
+>>>0		uleshort	7
+>>>>0x0c	lestring16	x	\b%-2.2s
+### DOS,NTFS boot sectors end
+
+# ntfsclone-image is a special save format for NTFS volumes,
+# created and restored by the ntfsclone program
+0	string	\0ntfsclone-image	ntfsclone image,
+>0x10	byte	x			version %d.
+>0x11	byte	x			\b%d,
+>0x12	lelong	x			cluster size %d,
+>0x16	lequad	x			device size %lld,
+>0x1e	lequad	x			%lld total clusters,
+>0x26	lequad	x			%lld clusters in use
+
+
+0	name		ffsv1
+>8404	string		x		last mounted on %s,
+#>9504	ledate		x		last checked at %s,
+>8224	ledate		x		last written at %s,
+>8401	byte		x		clean flag %d,
+>8228	lelong		x		number of blocks %d,
+>8232	lelong		x		number of data blocks %d,
+>8236	lelong		x		number of cylinder groups %d,
+>8240	lelong		x		block size %d,
+>8244	lelong		x		fragment size %d,
+>8252	lelong		x		minimum percentage of free blocks %d,
+>8256	lelong		x		rotational delay %dms,
+>8260	lelong		x		disk rotational speed %drps,
+>8320	lelong		0		TIME optimization
+>8320	lelong		1		SPACE optimization
+
+9564	lelong		0x00011954	Unix Fast File system [v1] (little-endian),
+>0	use		ffsv1
+
+9564	belong		0x00011954	Unix Fast File system [v1] (big-endian),
+>7168   belong		0x4c41424c	Apple UFS Volume
+>>7186  string		x		named %s,
+>>7176  belong		x		volume label version %d,
+>>7180  bedate		x		created on %s,
+>0	use		\^ffsv1
+
+0	name		ffsv2
+>212	string		x		last mounted on %s,
+>680	string		>\0		volume name %s,
+>1072	leqldate	x		last written at %s,
+>209	byte		x		clean flag %d,
+>210	byte		x		readonly flag %d,
+>1080	lequad		x		number of blocks %lld,
+>1088	lequad		x		number of data blocks %lld,
+>44	lelong		x		number of cylinder groups %d,
+>48	lelong		x		block size %d,
+>52	lelong		x		fragment size %d,
+>1196	lelong		x		average file size %d,
+>1200	lelong		x		average number of files in dir %d,
+>1104	lequad		x		pending blocks to free %lld,
+>1112	lelong		x		pending inodes to free %d,
+>712	lequad		x		system-wide uuid %0llx,
+>60	lelong		x		minimum percentage of free blocks %d,
+>128	lelong		0		TIME optimization
+>128	lelong		1		SPACE optimization
+
+42332	lelong		0x19012038	Unix Fast File system [v2ea] (little-endian)
+>40960	use		ffsv2
+
+42332	lelong		0x19540119	Unix Fast File system [v2] (little-endian)
+>40960	use		ffsv2
+
+42332	belong		0x19012038	Unix Fast File system [v2ea] (little-endian)
+>40960	use		\^ffsv2
+
+42332	belong		0x19540119	Unix Fast File system [v2] (big-endian)
+>40960	use		\^ffsv2
+
+66908	lelong		0x19012038	Unix Fast File system [v2ea] (little-endian)
+>65536	use		ffsv2
+
+66908	lelong		0x19540119	Unix Fast File system [v2] (little-endian)
+>65536	use		ffsv2
+
+66908	belong		0x19012038	Unix Fast File system [v2ea] (little-endian)
+>65536	use		\^ffsv2
+
+66908	belong		0x19540119	Unix Fast File system [v2] (big-endian)
+>65536	use		\^ffsv2
+
+0	ulequad		0xc8414d4dc5523031	HAMMER filesystem (little-endian),
+>0x90	lelong+1	x			volume %d
+>0x94	lelong		x			(of %d),
+>0x50	string		x			name %s,
+>0x98	ulelong		x			version %u,
+>0xa0	ulelong		x			flags %#x
+
+0	ulequad		0x48414d3205172011	HAMMER2 filesystem (little-endian),
+>0x3b	byte		x			volume %d,
+>0x28	ulequad/1073741824 x			size %lluGB,
+>0x30	ulelong		x			version %u,
+>0x34	ulelong		x			flags %#x
+
+# ext2/ext3 filesystems - Andreas Dilger <adilger@dilger.ca>
+# ext4 filesystem - Eric Sandeen <sandeen@sandeen.net>
+# volume label and UUID Russell Coker
+# https://etbe.coker.com.au/2008/07/08/label-vs-uuid-vs-device/
+0x438   leshort         0xEF53          Linux
+>0x44c  lelong          x               rev %d
+>0x43e  leshort         x               \b.%d
+# No journal?  ext2
+>0x45c  lelong          ^0x0000004      ext2 filesystem data
+>>0x43a leshort         ^0x0000001      (mounted or unclean)
+# Has a journal?  ext3 or ext4
+>0x45c  lelong          &0x0000004
+#  and small INCOMPAT?
+>>0x460 lelong          <0x0000040
+#   and small RO_COMPAT?
+>>>0x464 lelong         <0x0000008      ext3 filesystem data
+#   else large RO_COMPAT?
+>>>0x464 lelong         >0x0000007      ext4 filesystem data
+#  else large INCOMPAT?
+>>0x460	lelong          >0x000003f      ext4 filesystem data
+>0x468	ubelong		x		\b, UUID=%08x
+>0x46c	ubeshort	x		\b-%04x
+>0x46e	ubeshort	x		\b-%04x
+>0x470	ubeshort	x		\b-%04x
+>0x472	ubelong		x		\b-%08x
+>0x476	ubeshort	x		\b%04x
+>0x478	string		>0		\b, volume name "%s"
+# General flags for any ext* fs
+>0x460	lelong          &0x0000004      (needs journal recovery)
+>0x43a	leshort         &0x0000002      (errors)
+# INCOMPAT flags
+>0x460	lelong          &0x0000001      (compressed)
+#>0x460	lelong          &0x0000002      (filetype)
+#>0x460	lelong          &0x0000010      (meta bg)
+>0x460	lelong          &0x0000040      (extents)
+>0x460	lelong          &0x0000080      (64bit)
+#>0x460	lelong          &0x0000100      (mmp)
+#>0x460	lelong          &0x0000200      (flex bg)
+# RO_INCOMPAT flags
+#>0x464	lelong          &0x0000001      (sparse super)
+>0x464	lelong          &0x0000002      (large files)
+>0x464	lelong          &0x0000008      (huge files)
+#>0x464	lelong          &0x0000010      (gdt checksum)
+#>0x464	lelong          &0x0000020      (many subdirs)
+#>0x463	lelong          &0x0000040      (extra isize)
+
+# f2fs filesystem - Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
+0x400	lelong		0xF2F52010	F2FS filesystem
+>0x46c	ubelong		x		\b, UUID=%08x
+>0x470	ubeshort	x		\b-%04x
+>0x472	ubeshort	x		\b-%04x
+>0x474	ubeshort	x		\b-%04x
+>0x476	ubelong		x		\b-%08x
+>0x47a	ubeshort	x		\b%04x
+>0x147c	lestring16	x		\b, volume name "%s"
+
+# Minix filesystems - Juan Cespedes <cespedes@debian.org>
+0x410	leshort		0x137f
+!:strength / 2
+>0x402	beshort		< 100
+>0x402	beshort		> -1		Minix filesystem, V1, 14 char names, %d zones
+>0x1e	string		minix		\b, bootable
+0x410	beshort		0x137f
+!:strength / 2
+>0x402	beshort		< 100
+>0x402	beshort		> -1		Minix filesystem, V1 (big endian), %d zones
+>0x1e	string		minix		\b, bootable
+0x410	leshort		0x138f
+!:strength / 2
+>0x402	beshort		< 100
+>0x402	beshort		> -1		Minix filesystem, V1, 30 char names, %d zones
+>0x1e	string		minix		\b, bootable
+0x410	beshort		0x138f
+!:strength / 2
+>0x402	beshort		< 100
+>0x402	beshort		> -1		Minix filesystem, V1, 30 char names (big endian), %d zones
+>0x1e	string		minix		\b, bootable
+# Weak Magic: this is $x
+#0x410	leshort		0x2468
+#>0x402	beshort		< 100
+#>>0x402	beshort		> -1		Minix filesystem, V2, 14 char names
+#>0x1e	string		minix		\b, bootable
+#0x410	beshort		0x2468
+#>0x402	beshort		< 100
+#>0x402	beshort		> -1		Minix filesystem, V2 (big endian)
+#>0x1e	string		minix		\b, bootable
+#0x410	leshort		0x2478
+#>0x402	beshort		< 100
+#>0x402	beshort		> -1		Minix filesystem, V2, 30 char names
+#>0x1e	string		minix		\b, bootable
+#0x410	leshort		0x2478
+#>0x402	beshort		< 100
+#>0x402	beshort		> -1		Minix filesystem, V2, 30 char names
+#>0x1e	string		minix		\b, bootable
+#0x410	beshort		0x2478
+#>0x402	beshort		!0		Minix filesystem, V2, 30 char names (big endian)
+#>0x1e	string		minix		\b, bootable
+# Weak Magic! this is MD
+#0x418	leshort		0x4d5a
+#>0x402	beshort		<100
+#>>0x402	beshort		> -1		Minix filesystem, V3, 60 char names
+
+# SGI disk labels - Nathan Scott <nathans@debian.org>
+0	belong		0x0BE5A941	SGI disk label (volume header)
+
+# SGI XFS filesystem - Nathan Scott <nathans@debian.org>
+0	belong		0x58465342	SGI XFS filesystem data
+>0x4	belong		x		(blksz %d,
+>0x68	beshort		x		inosz %d,
+>0x64	beshort		^0x2004		v1 dirs)
+>0x64	beshort		&0x2004		v2 dirs)
+
+############################################################################
+# Minix-ST kernel floppy
+0x800	belong		0x46fc2700	Atari-ST Minix kernel image
+# https://en.wikipedia.org/wiki/BIOS_parameter_block
+# floppies with valid BPB and any instruction at beginning
+>19	string		\240\005\371\005\0\011\0\2\0	\b, 720k floppy
+>19	string		\320\002\370\005\0\011\0\1\0	\b, 360k floppy
+
+############################################################################
+# Hmmm, is this a better way of detecting _standard_ floppy images ?
+19	string		\320\002\360\003\0\011\0\1\0	DOS floppy 360k
+>0x1FE	leshort		0xAA55		\b, DOS/MBR hard disk boot sector
+19	string		\240\005\371\003\0\011\0\2\0	DOS floppy 720k
+>0x1FE	leshort		0xAA55		\b, DOS/MBR hard disk boot sector
+19	string		\100\013\360\011\0\022\0\2\0	DOS floppy 1440k
+>0x1FE	leshort		0xAA55		\b, DOS/MBR hard disk boot sector
+
+19	string		\240\005\371\005\0\011\0\2\0	DOS floppy 720k, IBM
+>0x1FE	leshort		0xAA55		\b, DOS/MBR hard disk boot sector
+19	string		\100\013\371\005\0\011\0\2\0	DOS floppy 1440k, mkdosfs
+>0x1FE	leshort		0xAA55		\b, DOS/MBR hard disk boot sector
+
+19	string		\320\002\370\005\0\011\0\1\0	Atari-ST floppy 360k
+19	string		\240\005\371\005\0\011\0\2\0	Atari-ST floppy 720k
+#			|       |   |     |     |
+#			|       |   |     |     heads
+#			|       |   |     sectors/track
+#			|       |   sectors/FAT
+#			|       media descriptor
+#		BPB:	sectors
+
+#  Valid media descriptor bytes for MS-DOS:
+#
+#     Byte   Capacity   Media Size and Type
+#     -------------------------------------------------
+#
+#     F0     2.88 MB    3.5-inch, 2-sided, 36-sector
+#     F0     1.44 MB    3.5-inch, 2-sided, 18-sector
+#     F9     720K       3.5-inch, 2-sided, 9-sector
+#     F9     1.2 MB     5.25-inch, 2-sided, 15-sector
+#     FD     360K       5.25-inch, 2-sided, 9-sector
+#     FF     320K       5.25-inch, 2-sided, 8-sector
+#     FC     180K       5.25-inch, 1-sided, 9-sector
+#     FE     160K       5.25-inch, 1-sided, 8-sector
+#     FE     250K       8-inch, 1-sided, single-density
+#     FD     500K       8-inch, 2-sided, single-density
+#     FE     1.2 MB     8-inch, 2-sided, double-density
+#     F8     -----      Fixed disk
+#
+#     FC     xxxK       Apricot 70x1x9 boot disk.
+#
+# Originally a bitmap:
+#  xxxxxxx0	Not two sided
+#  xxxxxxx1	Double sided
+#  xxxxxx0x	Not 8 SPT
+#  xxxxxx1x	8 SPT
+#  xxxxx0xx	Not Removable drive
+#  xxxxx1xx	Removable drive
+#  11111xxx	Must be one.
+#
+# But now it's rather random:
+#  111111xx	Low density disk
+#        00	SS, Not 8 SPT
+#        01	DS, Not 8 SPT
+#        10	SS, 8 SPT
+#        11	DS, 8 SPT
+#
+#  11111001	Double density 3 1/2 floppy disk, high density 5 1/4
+#  11110000	High density 3 1/2 floppy disk
+#  11111000	Hard disk any format
+#
+
+# all FAT12 (strength=70) floppies with sectorsize 512 added by Joerg Jenderek at Jun 2013
+# https://en.wikipedia.org/wiki/File_Allocation_Table#Exceptions
+# Too Weak.
+#512		ubelong&0xE0ffff00	0xE0ffff00
+# without valid Media descriptor in place of BPB, cases with are done at other places
+#>21		ubyte			<0xE5			floppy with old FAT filesystem
+# but valid Media descriptor at begin of FAT
+#>>512		ubyte			=0xed			720k
+#>>512		ubyte			=0xf0			1440k
+#>>512		ubyte			=0xf8			720k
+#>>512		ubyte			=0xf9			1220k
+#>>512		ubyte			=0xfa			320k
+#>>512		ubyte			=0xfb			640k
+#>>512		ubyte			=0xfc			180k
+# look like an old DOS directory entry
+#>>>0xA0E	ubequad			0
+#>>>>0xA00	ubequad			!0
+#!:mime application/x-ima
+#>>512		ubyte			=0xfd
+# look for 2nd FAT at different location to distinguish between 360k and 500k
+#>>>0x600	ubelong&0xE0ffff00	0xE0ffff00		360k
+#>>>0x500	ubelong&0xE0ffff00	0xE0ffff00		500k
+#>>>0xA0E	ubequad			0
+#!:mime application/x-ima
+#>>512		ubyte			=0xfe
+#>>>0x400	ubelong&0xE0ffff00	0xE0ffff00		160k
+#>>>>0x60E	ubequad			0
+#>>>>>0x600	ubequad			!0
+#!:mime application/x-ima
+#>>>0xC00	ubelong&0xE0ffff00	0xE0ffff00		1200k
+#>>512		ubyte			=0xff			320k
+#>>>0x60E	ubequad			0
+#>>>>0x600	ubequad			!0
+#!:mime application/x-ima
+#>>512		ubyte			x			\b, Media descriptor %#x
+# without x86 jump instruction
+#>>0		ulelong&0x804000E9	!0x000000E9
+# assembler instructions: CLI;MOV SP,1E7;MOV AX;07c0;MOV
+#>>>0	ubequad				0xfabce701b8c0078e	\b, MS-DOS 1.12 bootloader
+# IOSYS.COM+MSDOS.COM
+#>>>>0xc4	use			2xDOS-filename
+#>>0		ulelong&0x804000E9	=0x000000E9
+# only x86 short jump instruction found
+#>>>0		ubyte			=0xEB
+#>>>>1		ubyte			x			\b, code offset %#x+2
+# https://thestarman.pcministry.com/DOS/ibm100/Boot.htm
+# assembler instructions: CLI;MOV AX,CS;MOV DS,AX;MOV DX,0
+#>>>>(1.b+2)	ubequad			0xfa8cc88ed8ba0000	\b, PC-DOS 1.0 bootloader
+# ibmbio.com+ibmdos.com
+#>>>>>0x176	use			DOS-filename
+#>>>>>0x181	ubyte			x			\b+
+#>>>>>0x182	use			DOS-filename
+# https://thestarman.pcministry.com/DOS/ibm110/Boot.htm
+# assembler instructions: CLI;MOV AX,CS;MOV DS,AX;XOR DX,DX;MOV
+#>>>>(1.b+2)	ubequad			0xfa8cc88ed833d28e	\b, PC-DOS 1.1 bootloader
+# ibmbio.com+ibmdos.com
+#>>>>>0x18b	use			DOS-filename
+#>>>>>0x196	ubyte			x			\b+
+#>>>>>0x197	use			DOS-filename
+# https://en.wikipedia.org/wiki/Zenith_Data_Systems
+# assembler instructions: MOV BX,07c0;MOV SS,BX;MOV SP,01c6
+#>>>>(1.b+2)	ubequad			0xbbc0078ed3bcc601	\b, Zenith Data Systems MS-DOS 1.25 bootloader
+# IO.SYS+MSDOS.SYS
+#>>>>>0x20	use			2xDOS-filename
+# https://en.wikipedia.org/wiki/Corona_Data_Systems
+# assembler instructions: MOV AX,CS;MOV DS,AX;CLI;MOV SS,AX;
+#>>>>(1.b+2)	ubequad			0x8cc88ed8fa8ed0bc	\b, MS-DOS 1.25 bootloader
+# IO.SYS+MSDOS.SYS
+#>>>>>0x69	use			2xDOS-filename
+# assembler instructions: CLI;PUSH CS;POP SS;MOV SP,7c00;
+#>>>>(1.b+2)	ubequad			0xfa0e17bc007cb860	\b, MS-DOS 2.11 bootloader
+# defect IO.SYS+MSDOS.SYS ?
+#>>>>>0x162	use			2xDOS-filename
+
+0	name				cdrom
+>38913	string   !NSR0      ISO 9660 CD-ROM filesystem data
+!:mime	application/x-iso9660-image
+!:ext	iso/iso9660
+>38913	string    NSR0      UDF filesystem data
+!:mime	application/x-iso9660-image
+!:ext	iso/udf
+>>38917	string    1         (version 1.0)
+>>38917	string    2         (version 1.5)
+>>38917	string    3         (version 2.0)
+>>38917	byte     >0x33      (unknown version, ID %#X)
+>>38917	byte     <0x31      (unknown version, ID %#X)
+# The next line is not necessary because the MBR staff is done looking for boot signature
+>0x1FE	leshort  0xAA55     (DOS/MBR boot sector)
+# "application id" which appears to be used as a volume label
+>32808	string/T  >\0       '%.32s'
+>34816	string    \000CD001\001EL\ TORITO\ SPECIFICATION    (bootable)
+37633	string    CD001     ISO 9660 CD-ROM filesystem data (raw 2352 byte sectors)
+!:mime	application/x-iso9660-image
+32777	string    CDROM     High Sierra CD-ROM filesystem data
+# "application id" which appears to be used as a volume label
+>32816	string/T  >\0       '%.32s'
+
+
+# CDROM Filesystems
+# https://en.wikipedia.org/wiki/ISO_9660
+# Modified for UDF by gerardo.cacciari@gmail.com
+32769	string    CD001
+# mime line at that position does not work
+# to display CD-ROM (70=81-11) after MBR (113=40+72+1), partition-table (71=50+21) and before Apple Driver Map (51)
+#!:strength -11
+# to display CD-ROM (114=81+33) before MBR (113=40+72+1), partition-table (71=50+21) and Apple Driver Map (51)
+!:strength +35
+>0	use	cdrom
+
+# URL: https://en.wikipedia.org/wiki/NRG_(file_format)
+# Reference: https://dl.opendesktop.org/api/files/download/id/1460731811/
+#	11577-mount-iso-0.9.5.tar.bz2/mount-iso-0.9.5/install.sh
+# From: Joerg Jenderek
+# Note:	Only for nero disc with once (DAO) type after 300 KB header
+339969	string    CD001	Nero CD image at 0x4B000
+!:mime	application/x-nrg
+!:ext	nrg
+>307200	use cdrom
+
+# .cso files
+# Reference: https://pismotec.com/ciso/ciso.h
+# NOTE: There are two other formats with the same magic but
+# completely incompatible specifications:
+# - GameCube/Wii CISO: https://github.com/dolphin-emu/dolphin/blob/master/Source/Core/DiscIO/CISOBlob.h
+# - PSP CISO: https://github.com/jamie/ciso/blob/master/ciso.h
+0    string    CISO
+# Other fields are used to determine what type of CISO this is:
+# - 0x04 == 0x00200000: GameCube/Wii CISO (block_size)
+# - 0x10 == 0x00000800: PSP CISO (ISO-9660 sector size)
+# - 0x10 == 0x00004000: For >2GB files using maxcso...
+# 			https://github.com/unknownbrackets/maxcso/issues/26
+# - None of the above: Compact ISO.
+>4	lelong	!0
+>>4	lelong	!0x200000
+>>>16	lelong	!0x800
+>>>>16	lelong	!0x4000		Compressed ISO CD image
+
+# cramfs filesystem - russell@coker.com.au
+0       lelong    0x28cd3d45      Linux Compressed ROM File System data, little endian
+>4      lelong  x size %u
+>8      lelong  &1 version #2
+>8      lelong  &2 sorted_dirs
+>8      lelong  &4 hole_support
+>32     lelong  x CRC %#x,
+>36     lelong  x edition %u,
+>40     lelong  x %u blocks,
+>44     lelong  x %u files
+
+0       belong    0x28cd3d45      Linux Compressed ROM File System data, big endian
+>4      belong  x size %u
+>8      belong  &1 version #2
+>8      belong  &2 sorted_dirs
+>8      belong  &4 hole_support
+>32     belong  x CRC %#x,
+>36     belong  x edition %u,
+>40     belong  x %u blocks,
+>44     belong  x %u files
+
+# reiserfs - russell@coker.com.au
+0x10034		string	ReIsErFs	ReiserFS V3.5
+0x10034		string	ReIsEr2Fs	ReiserFS V3.6
+0x10034		string	ReIsEr3Fs	ReiserFS V3.6.19
+>0x1002c 	leshort	x		block size %d
+>0x10032	leshort	&2		(mounted or unclean)
+>0x10000	lelong	x		num blocks %d
+>0x10040	lelong	1		tea hash
+>0x10040	lelong	2		yura hash
+>0x10040	lelong	3		r5 hash
+
+# EST flat binary format (which isn't, but anyway)
+# From: Mark Brown <broonie@sirena.org.uk>
+0	string	ESTFBINR	EST flat binary
+
+# Aculab VoIP firmware
+# From: Mark Brown <broonie@sirena.org.uk>
+0	string	VoIP\ Startup\ and	Aculab VoIP firmware
+>35	string	x	format %s
+
+# From: Mark Brown <broonie@sirena.org.uk> [old]
+# From: Behan Webster <behanw@websterwood.com>
+0	belong	0x27051956	u-boot legacy uImage,
+>32	string	x		%s,
+>28	byte	0		Invalid os/
+>28	byte	1		OpenBSD/
+>28	byte	2		NetBSD/
+>28	byte	3		FreeBSD/
+>28	byte	4		4.4BSD/
+>28	byte	5		Linux/
+>28	byte	6		SVR4/
+>28	byte	7		Esix/
+>28	byte	8		Solaris/
+>28	byte	9		Irix/
+>28	byte	10		SCO/
+>28	byte	11		Dell/
+>28	byte	12		NCR/
+>28	byte	13		LynxOS/
+>28	byte	14		VxWorks/
+>28	byte	15		pSOS/
+>28	byte	16		QNX/
+>28	byte	17		Firmware/
+>28	byte	18		RTEMS/
+>28	byte	19		ARTOS/
+>28	byte	20		Unity OS/
+>28	byte	21		INTEGRITY/
+>29	byte	0		\bInvalid CPU,
+>29	byte	1		\bAlpha,
+>29	byte	2		\bARM,
+>29	byte	3		\bIntel x86,
+>29	byte	4		\bIA64,
+>29	byte	5		\bMIPS,
+>29	byte	6		\bMIPS 64-bit,
+>29	byte	7		\bPowerPC,
+>29	byte	8		\bIBM S390,
+>29	byte	9		\bSuperH,
+>29	byte	10		\bSparc,
+>29	byte	11		\bSparc 64-bit,
+>29	byte	12		\bM68K,
+>29	byte	13		\bNios-32,
+>29	byte	14		\bMicroBlaze,
+>29	byte	15		\bNios-II,
+>29	byte	16		\bBlackfin,
+>29	byte	17		\bAVR32,
+>29	byte	18		\bSTMicroelectronics ST200,
+>29	byte	19		\bSandbox architecture,
+>29	byte	20		\bANDES Technology NDS32,
+>29	byte	21		\bOpenRISC 1000,
+>29	byte	22		\bARM 64-bit,
+>29	byte	23		\bDesignWare ARC,
+>29	byte	24		\bx86_64,
+>29	byte	25		\bXtensa,
+>29	byte	26		\bRISC-V,
+>30	byte	0		Invalid Image
+>30	byte	1		Standalone Program
+>30	byte	2		OS Kernel Image
+>30	byte	3		RAMDisk Image
+>30	byte	4		Multi-File Image
+>30	byte	5		Firmware Image
+>30	byte	6		Script File
+>30	byte	7		Filesystem Image (any type)
+>30	byte	8		Binary Flat Device Tree BLOB
+>31	byte	0		(Not compressed),
+>31	byte	1		(gzip),
+>31	byte	2		(bzip2),
+>31	byte	3		(lzma),
+>12	belong	x		%d bytes,
+>8	bedate	x		%s,
+>16	belong	x		Load Address: %#08X,
+>20	belong	x		Entry Point: %#08X,
+>4	belong	x		Header CRC: %#08X,
+>24	belong	x		Data CRC: %#08X
+
+# JFFS2 file system
+0	leshort	0x1984		Linux old jffs2 filesystem data little endian
+0	beshort	0x1984		Linux old jffs2 filesystem data big endian
+0	leshort	0x1985		Linux jffs2 filesystem data little endian
+0	beshort	0x1985		Linux jffs2 filesystem data big endian
+
+# Squashfs
+0	name	squashfs
+>28	beshort	x	version %d.
+>30	beshort	x	\b%d,
+>20	beshort 0	uncompressed,
+>20	beshort 1	zlib
+>20	beshort 2	lzma
+>20	beshort 3	lzo
+>20	beshort 4	xz
+>20	beshort 5	lz4
+>20	beshort 6	zstd
+>20	beshort >0	compressed,
+>28	beshort <3
+>>8	belong	x	%d bytes,
+>28	beshort >2
+>>28	beshort <4
+>>>63	bequad x	%lld bytes,
+>>28	beshort >3
+>>>40	bequad x	%lld bytes,
+#>>67	belong	x	%d bytes,
+>4	belong	x	%d inodes,
+>28	beshort <2
+>>32	beshort	x	blocksize: %d bytes,
+>28	beshort >1
+>>28	beshort <4
+>>>51	belong	x	blocksize: %d bytes,
+>>28	beshort >3
+>>>12	belong	x	blocksize: %d bytes,
+>28	beshort <4
+>>39	bedate	x	created: %s
+>28	beshort >3
+>>8	bedate	x	created: %s
+
+0	string	sqsh	Squashfs filesystem, big endian,
+>0	use	squashfs
+
+0	string	hsqs	Squashfs filesystem, little endian,
+>0	use	\^squashfs
+
+# AFS Dump Magic
+# From: Ty Sarna <tsarna@sarna.org>
+0       string                  \x01\xb3\xa1\x13\x22    AFS Dump
+>&0     belong                  x                       (v%d)
+>>&0    byte                    0x76
+>>>&0   belong                  x                       Vol %d,
+>>>>&0  byte                    0x6e
+>>>>>&0 string                  x                       %s
+>>>>>>&1        byte            0x74
+>>>>>>>&0       beshort         2
+>>>>>>>>&4      bedate          x                       on: %s
+>>>>>>>>&0      bedate          =0                      full dump
+>>>>>>>>&0      bedate          !0                      incremental since: %s
+
+#----------------------------------------------------------
+#delta ISO    Daniel Novotny (dnovotny@redhat.com)
+0	string  DISO	Delta ISO data
+!:strength +50
+>4	belong  x	version %d
+
+# VMS backup savesets - gerardo.cacciari@gmail.com
+#
+4            string  \x01\x00\x01\x00\x01\x00
+>(0.s+16)    string  \x01\x01
+>>&(&0.b+8)  byte    0x42       OpenVMS backup saveset data
+>>>40        lelong  x          (block size %d,
+>>>49        string  >\0        original name '%s',
+>>>2         short   1024       VAX generated)
+>>>2         short   2048       AXP generated)
+>>>2         short   4096       I64 generated)
+
+# Summary: Oracle Clustered Filesystem
+# Created by: Aaron Botsis <redhat@digitalmafia.org>
+8	string		OracleCFS	Oracle Clustered Filesystem,
+>4	long		x		rev %d
+>0	long		x		\b.%d,
+>560	string		x		label: %.64s,
+>136	string		x		mountpoint: %.128s
+
+# Summary: Oracle ASM tagged volume
+# Created by: Aaron Botsis <redhat@digitalmafia.org>
+32	string		ORCLDISK	Oracle ASM Volume,
+>40	string		x		Disk Name: %0.12s
+32	string		ORCLCLRD	Oracle ASM Volume (cleared),
+>40	string		x		Disk Name: %0.12s
+
+# Oracle Clustered Filesystem - Aaron Botsis <redhat@digitalmafia.org>
+8	string		OracleCFS	Oracle Clustered Filesystem,
+>4	long		x		rev %d
+>0	long		x		\b.%d,
+>560	string		x		label: %.64s,
+>136	string		x		mountpoint: %.128s
+
+# Oracle ASM tagged volume - Aaron Botsis <redhat@digitalmafia.org>
+32	string		ORCLDISK	Oracle ASM Volume,
+>40	string		x		Disk Name: %0.12s
+32	string		ORCLCLRD	Oracle ASM Volume (cleared),
+>40	string		x		Disk Name: %0.12s
+
+# Compaq/HP RILOE floppy image
+# From: Dirk Jagdmann <doj@cubic.org>
+0	string	CPQRFBLO	Compaq/HP RILOE floppy image
+
+#------------------------------------------------------------------------------
+# Files-11 On-Disk Structure (File system for various RSX-11 and VMS flavours).
+# These bits come from LBN 1 (home block) of ODS-1, ODS-2 and ODS-5 volumes,
+# which is mapped to VBN 2 of [000000]INDEXF.SYS;1 - gerardo.cacciari@gmail.com
+#
+1008    string          DECFILE11       Files-11 On-Disk Structure
+>525    byte            x               (ODS-%d);
+>1017   string          A               RSX-11, VAX/VMS or OpenVMS VAX file system;
+>1017   string          B
+>>525   byte            2               VAX/VMS or OpenVMS file system;
+>>525   byte            5               OpenVMS Alpha or Itanium file system;
+>984    string          x               volume label is '%-12.12s'
+
+# From: Thomas Klausner <wiz@NetBSD.org>
+# https://filext.com/file-extension/DAA
+# describes the daa file format. The magic would be:
+0	string		DAA\x0\x0\x0\x0\x0	PowerISO Direct-Access-Archive
+
+# From Albert Cahalan <acahalan@gmail.com>
+# really le32 operation,destination,payloadsize (but quite predictable)
+# 01 00 00 00 00 00 00 c0 00 02 00 00
+0	string		\1\0\0\0\0\0\0\300\0\2\0\0	Marvell Libertas firmware
+
+# From Eric Sandeen
+# GFS2
+0x10000         belong          0x01161970
+>0x10018        belong          0x0000051d      GFS1 Filesystem
+>>0x10024        belong          x               (blocksize %d,
+>>0x10060        string          >\0             lockproto %s)
+>0x10018        belong          0x00000709      GFS2 Filesystem
+>>0x10024        belong          x               (blocksize %d,
+>>0x10060        string          >\0             lockproto %s)
+
+# Russell Coker <russell@coker.com.au>
+0x10040		string		_BHRfS_M	BTRFS Filesystem
+>0x1012b	string		>\0		label "%s",
+>0x10090	lelong		x		sectorsize %d,
+>0x10094	lelong		x		nodesize %d,
+>0x10098	lelong		x		leafsize %d,
+>0x10020	ubelong		x		UUID=%08x-
+>0x10024	ubeshort	x		\b%04x-
+>0x10026	ubeshort	x		\b%04x-
+>0x10028	ubeshort	x		\b%04x-
+>0x1002a	ubeshort	x		\b%04x
+>0x1002c	ubelong		x		\b%08x,
+>0x10078	lequad		x		%lld/
+>0x10070	lequad		x		\b%lld bytes used,
+>0x10088	lequad		x		%lld devices
+
+0		string		btrfs-stream	BTRFS stream file
+
+# dvdisaster's .ecc
+# From: "Nelson A. de Oliveira" <naoliv@gmail.com>
+0	string	*dvdisaster*	dvdisaster error correction file
+
+# xfs metadump image
+# mb_magic XFSM at 0; superblock magic XFSB at 1 << mb_blocklog
+# but can we do the << ?  For now it's always 512 (0x200) anyway.
+0	string XFSM
+>0x200	string XFSB	XFS filesystem metadump image
+
+# Type:	CROM filesystem
+# From:	Werner Fink <werner@suse.de>
+0	string	CROMFS	CROMFS
+>6	string	>\0	\b version %2.2s,
+>8	ulequad	>0	\b block data at %lld,
+>16	ulequad	>0	\b fblock table at %lld,
+>24	ulequad	>0	\b inode table at %lld,
+>32	ulequad	>0	\b root at %lld,
+>40	ulelong	>0	\b fblock size = %d,
+>44	ulelong	>0	\b block size = %d,
+>48	ulequad	>0	\b bytes = %lld
+
+# Type:	xfs metadump image
+# From:	Daniel Novotny <dnovotny@redhat.com>
+# mb_magic XFSM at 0; superblock magic XFSB at 1 << mb_blocklog
+# but can we do the << ? For now it's always 512 (0x200) anyway.
+0	string	XFSM
+>0x200	string	XFSB	XFS filesystem metadump image
+
+# Type:	delta ISO
+# From:	Daniel Novotny <dnovotny@redhat.com>
+0	string	DISO	Delta ISO data,
+>4	belong	x	version %d
+
+# JFS2 (Journaling File System) image. (Old JFS1 has superblock at 0x1000.)
+# See linux/fs/jfs/jfs_superblock.h for layout; see jfs_filsys.h for flags.
+# From: Adam Buchbinder <adam.buchbinder@gmail.com>
+0x8000	string	JFS1
+# Because it's text-only magic, check a binary value (version) to be sure.
+# Should always be 2, but mkfs.jfs writes it as 1. Needs to be 2 or 1 to be
+# mountable.
+>&0	lelong	<3	JFS2 filesystem image
+# Label is followed by a UUID; we have to limit string length to avoid
+# appending the UUID in the case of a 16-byte label.
+>>&144	regex	[\x20-\x7E]{1,16}	(label "%s")
+>>&0	lequad	x	\b, %lld blocks
+>>&8	lelong	x	\b, blocksize %d
+>>&32	lelong&0x00000006	>0	(dirty)
+>>&36	lelong	>0	(compressed)
+
+# LFS
+0	lelong	0x070162	LFS filesystem image
+>4	lelong	1		version 1,
+>>8	lelong	x		\b blocks %u,
+>>12	lelong	x		\b blocks per segment %u,
+>4	lelong	2		version 2,
+>>8	lelong	x		\b fragments %u,
+>>12	lelong	x		\b bytes per segment %u,
+>16	lelong	x		\b disk blocks %u,
+>20	lelong	x		\b block size %u,
+>24	lelong	x		\b fragment size %u,
+>28	lelong	x		\b fragments per block %u,
+>32	lelong	x		\b start for free list %u,
+>36	lelong	x		\b number of free blocks %d,
+>40	lelong	x		\b number of files %u,
+>44	lelong	x		\b blocks available for writing %d,
+>48	lelong	x		\b inodes in cache %d,
+>52	lelong	x		\b inode file disk address %#x,
+>56	lelong	x		\b inode file inode number %u,
+>60	lelong	x		\b address of last segment written %#x,
+>64	lelong	x		\b address of next segment to write %#x,
+>68	lelong	x		\b address of current segment written %#x
+
+0	string	td\000		floppy image data (TeleDisk, compressed)
+0	string	TD\000		floppy image data (TeleDisk)
+
+0	string	CQ\024		floppy image data (CopyQM,
+>16	leshort	x		%d sectors,
+>18	leshort	x		%d heads.)
+
+0	string	ACT\020Apricot\020disk\020image\032\004	floppy image data (ApriDisk)
+
+# URL:		http://fileformats.archiveteam.org/wiki/LoadDskF/SaveDskF
+# Update:	Joerg Jenderek
+# Note:		called "IBM SKF disk image" by TrID
+#		verfied by 7-Zip `7z l -tFAT -slt *.dsk` and
+#		`deark -l -m loaddskf  06200D19.DSK`
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/d/dsk-skf-old.trid.xml 
+0	beshort	0xAA58
+>0	use		SaveDskF
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/d/dsk-skf.trid.xml
+0	beshort	0xAA59
+>0	use		SaveDskF
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/d/dsk-skf-comp.trid.xml
+0	beshort	0xAA5A
+# skip foo by additional check for unused upper byte of media type in SaveDskF header
+#>3	ubyte		=0
+# skip bar by additional check for valid "low" number of heads in SaveDskF header
+#>>26	uleshort	<3
+# skip foo by additional check for unused double word field in SaveDskF header
+#>>>30	long		=0
+#>>>>0	use		SaveDskF
+>0	use		SaveDskF
+# display information about IBM SaveDskF floppy disk images
+0	name			SaveDskF
+# SaveDskF magic
+>0	beshort	x		floppy image data (IBM SaveDskF
+#!:mime	application/octet-stream
+!:mime	application/x-ibm-dsk
+!:ext	dsk
+# also suffix with digit (1dk .2dk ...); NO example FOUND!
+#!:ext	dsk/1dk/2dk
+>1	ubyte		=0x58	\b, old)
+>1	ubyte		=0x59	\b)
+>1	ubyte		=0x5A	\b, compressed)
+# media type; the first byte of the FAT like: 0xF0 (usual floppy) 0xF9 0xFE
+# https://en.wikipedia.org/wiki/Design_of_the_FAT_file_system
+>2	ubyte		!0xF0	\b, Media descriptor %#x
+# upper byte of media type is not used; so this seems to be nil
+>3	ubyte		!0	\b, upper byte of media type %#x
+# sector size in bytes as in the BIOS parameter block like: 512 ; SAVEDSKF.EXE with other sizes produce garbage images
+>4	uleshort	!512	\b, Bytes/sector %u
+# cluster mask; number of sectors per cluster, minus 1
+>6	uleshort+1	>1	\b, sectors/cluster %u
+#>6	uleshort+1	x	\b, sectors/cluster %u
+# cluster shift; log2(cluster size / sector size) like: 0~1=ClusterSize/SectorSize
+>7	ubyte		>0	\b, cluster shift %u
+#>7	ubyte		x	\b, cluster shift %u
+# reserved sectors; as in the BIOS parameter block like: 1 256 (2M256R-K.DSK)
+>8	uleshort	>1	\b, reserved sectors %u
+#>8	uleshort	x	\b, reserved sectors %u
+# FAT copies; as in the BIOS parameter block like: 2 (usual) 1 (2-NK.DSK)
+>10	ubyte		!2	\b, FAT
+# plural s
+>>10	ubyte		>1	\bs
+>>10	ubyte		x	%u
+# root directory entries; as in the BIOS parameter block like: 224 (usual) 64 (H1-NK.DSK) 4096 (2-NK.DSK)
+>11	uleshort	!224	\b, root entries %u
+# sector number of first cluster (count sectors used by boot sector, FATs and root directory) like: 7 10 29 33 288
+>13	uleshort	!33	\b, 1st cluster at sector %u
+# number of clusters in image; empty clusters at the end are not saved and counted like: 2372 2848
+>15	uleshort	x	\b, %u clusters
+# sectors/FAT; as in the BIOS parameter block like: 1 (H1-NK.DSK) 7 9
+>17	ubyte		!9	\b, sectors/FAT %u
+# sector number of root directory (ie, count of sectors used by boot sector and FATs) like: 3 (H1-NK.DSK) 9 10 15 19 274 (2M256R-K.DSK)
+>18	uleshort	!19	\b, root directory at sector %u
+# checksum; sum of all bytes in the file
+>20	ulelong		x	\b, checksum %#8.8x
+# cylinders; number of cylinders like: 40 80
+>24 	uleshort	!80	\b, %u cylinders
+#>24 	uleshort	x	\b, %u cylinders
+# heads; number of heads as in the BIOS parameter block like: 1 (H1-NK.DSK) 2
+>26	uleshort	!2	\b, heads %u
+#>26	uleshort	x	\b, heads %u
+# sectors/track; number of sectors per track as in the BIOS parameter block like: 8 15 18 36
+>28	uleshort	!18	\b, sectors/track %u
+#>28	uleshort	x	\b, sectors/track %u
+# unused double word field seems to be always like: 0
+>30	ulelong		!0	\b, at 0x1E %#x
+# number of sectors in images like: 1017 2786 2880
+>34 	uleshort	x	\b, sectors %u
+# if string is "printable" it can be a real comment
+>(36.s)	ubyte		!0x00
+# if 1st sector is far enough away (> 0x29) then there is space for comment part
+>>38	uleshort	>41
+# offset to comment string like: 28h=40
+>>>36	uleshort	x	\b, at %#x
+# comment string terminated with \r\n\0
+>>>(36.s)	string	x	"%s"
+# offset to the first sector like: 0 (If this is 0, assume it is 0x200) 29h=41 (DISPLAY3.DSK) 31h 43h 45h 46h 48h 50h 200h=512
+>38	uleshort	!0	\b, 1st sector at %#x
+# FOR DEBUGGING!
+#>(38.s)	ubelong		x	SECTOR CONTENT %x
+# not compressed floppy image implies readable DOS boot sector inside image
+>>1		ubyte	!0x5A
+# when not compressed it is readable as DOS boot sector via ./filesystems
+#>>>(38.s)	indirect x	\b; contains
+>38	uleshort	=0	\b, 1st sector at 0x200 (0)
+# maybe standard DOS boot sector; NO example FOUND HERE!
+#>>0x200	indirect	x	\b; contains
+
+0	string	\074CPM_Disk\076	disk image data (YAZE)
+
+# From: 	Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Central_Point_Software#cite_note-6
+# Reference:	https://www.robcraig.com/download/transcopy-5-x-file-format
+#		https://www.robcraig.com/download/transcopy-file-format-by-gene-thompson
+#		http://mark0.net/download/triddefs_xml.7z/defs/t/tc-transcopy.trid.xml
+# TransCopy signature
+0		beshort		0x5AA5
+# skip Intel serial flash ROM with invalid 0 disk sides handled by ./intel
+>0x103		ubyte		!0
+# skip Intel serial flash ROM with unlikely "high" start cylinder 100 handled by ./intel
+#>>0x101		ubyte		<100		VALID_START_CYLINDER
+# skip Intel serial flash ROM with unlikely description handled by ./intel
+#>>>2		beshort		!0xF00f		VALID_DESCRIPTION
+# skip Intel serial flash ROM with invalid disk types 89h 88h handled by ./intel
+#>>>>0x100	byte		!0x89		VALID_DISK_TYPE
+>>0	use	tc-floppy
+#	display information of Central Point Software (CPS) Option Board TransCopy floppy image
+0	name		tc-floppy
+>0		beshort		x		TransCopy disk image
+#!:mime	application/octet-stream
+!:mime	application/x-floppy-image-tc
+# like: disk04.tc VOCALC2.TC WIZ5_A.tc WIZ2_720.IMG
+!:ext	tc/img
+# 1st description (optional 0-terminated maximal 32) like:
+# "Project Workbench 2.20" "Visi On Calc" "Wizardry V Disk 1 of 3"
+>2		string		>\0		%.32s
+# 2nd desc. (optional 0-terminated maximal 32) like:
+# "(1988)." "Advanced - Utility" 'Program Disk 2"
+>0x22		string		>\0		"%.32s"
+# Looks like ascii (like MESSAGES) formatted with attribute bytes (190)? 
+# not needed for disk copy
+#>>0x42		string		x		'%.190s'
+#>>0x88		lestring16	x		"%.8s"
+# disktype: 2~MFM High Density 3~MFM Double Density 4~Apple II GCR 5~FM Single Density
+# 6~Commodore GCR 7~MFM Double Density 8~Commodore Amiga Ch~Atari FM FFh~Unknown
+>0x100		ubyte		!0xFF		\b, disk type %u
+# StartingCylinder like: 0
+>0x101		ubyte		x		\b, cylinder
+>0x101		ubyte		!0		start=%u
+# EndingCylinder like: 40 (often) 41 79
+>0x102		ubyte		x		end=%u
+# NumberOfSides like: 2
+>0x103		ubyte		!2		\b, %u sides
+# TrackIncrement like: 1
+>0x104		ubyte		!1		\b, track increment %u
+# TrackPosTbl Track skew
+#>0x105		ubequad		x		\b, Track skew %#16.16llx
+# TrackOffsTbl
+#>0x305		ubequad		x		\b, TrackOffsTbl %#16.16llx
+# TrackLngthTbl
+#>0x505		ubequad		x		\b, TrackLngthTbl %#16.16llx
+# TrackTypeTable
+#>0x705		ubequad		x		\b, TrackTypeTable %#16.16llx
+# Address mark timing
+#>0x905		ubequad		x		\b, Address mark timing %#16.16llx
+# Track fragment
+#>0x2905 ubequad			!0		\b, Track fragment %#16.16llx
+# Track data
+#>0x4000		ubequad		!0		\b, Track data %#16.16llx
+
+# ReFS
+# Richard W.M. Jones <rjones@redhat.com>
+0	string	\0\0\0ReFS\0	ReFS filesystem image
+
+# EFW encase image file format:
+# Gregoire Passault
+# http://www.forensicswiki.org/wiki/Encase_image_file_format
+0	string	EVF\x09\x0d\x0a\xff\x00	EWF/Expert Witness/EnCase image file format
+
+# UBIfs
+# Linux kernel sources: fs/ubifs/ubifs-media.h
+0	lelong	0x06101831
+>0x16	leshort	0		UBIfs image
+>0x08	lequad	x		\b, sequence number %llu
+>0x10	leshort x		\b, length %u
+>0x04	lelong	x		\b, CRC %#08x
+
+0	lelong	0x23494255
+>0x04	leshort	<2
+>0x05	string	\0\0\0
+>0x1c	string	\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+>0x04	leshort	x		UBI image, version %u
+
+# NEC PC-88 2D disk image
+# From Fabio R. Schmidlin <sd-snatcher@users.sourceforge.net>
+0x20		ulelong&0xFFFFFEFF	0x2A0
+>0x10		string			\0\0\0\0\0\0\0\0\0\0
+>>0x280		string			\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+>>>0x1A		ubyte&0xEF		0
+>>>>0x1B	ubyte&0x8F		0
+>>>>>0x1B	ubyte&70		<0x40
+>>>>>>0x1C	ulelong			>0x21
+>>>>>>>0	regex	[[:print:]]*	NEC PC-88 disk image, name=%s
+>>>>>>>>0x1B	ubyte	0		\b, media=2D
+>>>>>>>>0x1B	ubyte	0x10		\b, media=2DD
+>>>>>>>>0x1B	ubyte	0x20		\b, media=2HD
+>>>>>>>>0x1B	ubyte	0x30		\b, media=1D
+>>>>>>>>0x1B	ubyte	0x40		\b, media=1DD
+>>>>>>>>0x1A	ubyte	0x10		\b, write-protected
+
+# HDD Raw Copy Tool disk image, file extension: .imgc
+# From Benjamin Vanheuverzwijn <bvanheu@gmail.com>
+0	pstring	HDD\ Raw\ Copy\ Tool	%s
+>0x100	pstring	x			%s
+>0x200	pstring	x			- HD model: %s
+#>0x300	pstring	x			unknown %s
+>0x400	pstring	x			serial: %s
+#>0x500	pstring	x			unknown: %s
+!:ext	imgc
+
+# http://martin.hinner.info/fs/bfs/bfs-structure.html
+0	lelong	0x1BADFACE		SCO UnixWare BFS filesystem
+
+# https://arstechnica.com/information-technology/2018/07/the-beos-filesystem/
+32	lelong	0x42465331		BE/OS BFS1 filesystem
+>36	lelong	x			\b, byte order %d
+>40	lelong	x			\b, block size %d
+>44	lelong	x			\b, block shift %d
+>48	lequad	x			\b, total blocks %lld
+>56	lequad	x			\b, used blocks %lld
+
+
+0	name next
+>0	lelong	x			\b, size %d
+>4	string	x			\b, label %s
+
+# https://opensource.apple.com/source/IOStorageFamily/IOStorageFamily-44.3\
+# /IONeXTPartitionScheme.h
+0	string	NeXT			NeXT version 1 disklabel
+>12	use next
+0	string	dlV1			NeXT version 2 disklabel
+>12	use next
+0	string	dlV2			NeXT version 3 disklabel
+>12	use next
+
+# bcachefs
+# From: Thomas Wei�schuh <thomas@t-8ch.de>
+
+0	name	bcachefs-uuid
+>0	ubelong		x	\b%08x
+>4	ubeshort	x	\b-%04x
+>6	ubeshort	x	\b-%04x
+>8	ubeshort	x	\b-%04x
+>10	ubelong		x	\b-%08x
+>14	ubeshort	x	\b%04x
+
+0	name	bcachefs	bcachefs
+>0x68	lequad		8	\b, UUID=
+>>0x38	use		bcachefs-uuid
+>>0x48	string		>0	\b, label "%.32s"
+>>0x10	uleshort	x	\b, version %u
+>>0x12	uleshort	x	\b, min version %u
+>>0x7a	byte		x	\b, device %d
+# assumes the first field is the members field
+>>0x2f4	ulelong		0x01	\b/UUID=
+>>>0x2f0	default		x
+>>>&(0x07a.b*56)	use	bcachefs-uuid
+>>0x07b	byte		x	\b, %d devices
+>>0x090	byte		^0x02	\b (unclean)
+
+0x1018		string		\xc6\x85\x73\xf6\x4e\x1a\x45\xca\x82\x65\xf5\x7f\x48\xba\x6d\x81
+>0x1000		use		bcachefs
+
+0x1018          string          \xc6\x85\x73\xf6\x66\xce\x90\xa9\xd9\x6a\x60\xcf\x80\x3d\xf7\xef
+>0x1000		use		bcachefs
+
+# EROFS
+# https://kernel.googlesource.com/pub/scm/linux/kernel/git/xiang/erofs-utils/\
+# +/refs/heads/experimental/include/erofs_fs.h#12
+1024		lelong		0xE0F5E1E2	EROFS filesystem
+#>1028		lelong		x		\b, checksum=%#x
+>1032		lelong		>0		\b, compat:
+>>1032		lelong		&1		SB_CHKSUM
+>>1032		lelong		&2		MTIME
+>1036		byte		x		\b, blocksize=%u
+>1037		byte		x		\b, exslots=%u
+#>1038		leshort		x		\b, root_nid=%d
+#>1040		lequad		x		\b, inodes=%ld
+#>1048		leldate		x		\b, build_time=%s
+#>1056		lelong		x		\b.%d
+#>1060		lelong		x		\b, blocks=%d
+#>1064		lelong		x		\b, metadata@%#x
+#>1068		lelong		x		\b, xattr@%#x
+>1072		guid		x		\b, uuid=%s
+>1088		string		>0		\b, name=%s
+>1104		lelong		>0		\b, incompat:
+>>1104		lelong		&1		LZ4_0PADDING
+>>1104		lelong		&2		BIG_PCLUSTER
+>>1104		lelong		&4		CHUNKED_FILE
+>>1104		lelong		&8		DEVICE_TABLE
+>>1104		lelong		&16		ZTAILPACKING
+
+# YAFFS
+# The layout itself is undocumented, determined by the memory layout of the 
+# reference implementation. This signature is derived from the
+# reference implementation code and generated test cases
+# We recognize the start of an object header defined by yaffs_obj_hdr:
+# (Note the values being encoded depending on platform endianess)
+
+# u32 type  /* enum yaffs_obj_type, valid 1-5  */
+# u32 parent_obj_id; /* 1 for root objects we recognize */
+# u16 sum_no_longer_used; /* checksum of name. Not used by YAFFS and memset to 0xFF */
+# YCHAR name[YAFFS_MAX_NAME_LENGTH + 1];
+
+# mkyaffsimage always writes a root directory with empty name, then processing the target directory contents
+# mkyaffs2image directly proceeds to writing entries with the appropriate u32 YAFFS_OBJECT_TYPE (1-5 valid), each with parent id 1
+
+0	name	yaffs
+>0	ulelong	1	\b, type file
+>0	ulelong	2	\b, type symlink
+>0	ulelong	3	\b, type root or directory
+>0	ulelong	4	\b, type hardlink
+>0	ulelong	5	\b, type special
+>0xA	byte	0	\b, v1 root directory
+>0xA	byte	!0	\b, object entry
+>>0xA	string	x	(name: "%s")
+
+# Little Endian: XX 00 00 00 01 00 00 00 FF FF YY
+# XX: 01 - 05 (object type)
+# YY: 00 for version 1 root directory, > 00 for version 2 (name data)
+0x1	string	\x00\x00\x00\x01\x00\x00\x00\xFF\xFF
+>0	ulelong	0
+>0	ulelong	>5
+>0	default	x	YAFFS filesystem root entry (little endian)
+>>0	use	yaffs
+
+# Big Endian: 00 00 00 XX 00 00 00 01 FF FF YY
+# XX: 01 - 05 (object type)
+# YY: 00 for version 1 root directory, > 00 for version 2 (name data)
+0x4	string	\x00\x00\x00\x01\xFF\xFF
+>0	string	\x00\x00\x00
+>>0	ubelong	0
+>>0	ubelong	>5
+>>0	default	x	YAFFS filesystem root entry (big endian)
+>>>0	use	\^yaffs
diff --git a/magic/Magdir/finger b/magic/Magdir/finger
new file mode 100644
index 0000000..ab43ac6
--- /dev/null
+++ b/magic/Magdir/finger
@@ -0,0 +1,16 @@
+
+#------------------------------------------------------------------------------
+# $File: finger,v 1.3 2019/04/19 00:42:27 christos Exp $
+# fingerprint:  file(1) magic for fingerprint data
+# XPM bitmaps)
+#
+
+# https://cgit.freedesktop.org/libfprint/libfprint/tree/libfprint/data.c
+
+0	string	FP1		libfprint fingerprint data V1
+>3	beshort	x		\b, driver_id %x
+>5	belong	x		\b, devtype %x
+
+0	string	FP2		libfprint fingerprint data V2
+>3	beshort	x		\b, driver_id %x
+>5	belong	x		\b, devtype %x
diff --git a/magic/Magdir/firmware b/magic/Magdir/firmware
new file mode 100644
index 0000000..4835b12
--- /dev/null
+++ b/magic/Magdir/firmware
@@ -0,0 +1,133 @@
+#------------------------------------------------------------------------------
+# $File: firmware,v 1.7 2023/03/11 18:52:03 christos Exp $
+# firmware:  file(1) magic for firmware files
+#
+
+# https://github.com/MatrixEditor/frontier-smart-api/blob/main/docs/firmware-2.0.md#11-header-structure
+# examples: https://github.com/cweiske/frontier-silicon-firmwares
+0	lelong		0x00001176	
+>4	lelong		0x7c		Frontier Silicon firmware download
+>>8	lelong		x		\b, MeOS version %x
+>>12	string/32/T	x		\b, version %s
+>>40	string/64/T	x		\b, customization %s
+
+# HPE iLO firmware update image
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://www.sstic.org/2018/presentation/backdooring_your_server_through_its_bmc_the_hpe_ilo4_case/
+# iLO1 (ilo1*.bin) or iLO2 (ilo2_*.bin) images
+0               string                  \x20\x36\xc1\xce\x60\x37\x62\xf0\x3f\x06\xde\x00\x00\x03\x7f\x00
+>16             ubeshort                =0xCFDD         HPE iLO2 firmware update image
+>16             ubeshort                =0x6444         HPE iLO1 firmware update image
+# iLO3 images (ilo3_*.bin) start directly with image name
+0               string                  iLO3\x20v\x20   HPE iLO3 firmware update image,
+>7              string                  x               version %s
+# iLO4 images (ilo4_*.bin) start with a signature and a certificate
+0               string                  --=</Begin\x20HP\x20Signed
+>75             string                  label_HPBBatch
+>>5828          string                  iLO\x204
+>>>5732         string                  HPIMAGE\x00     HPE iLO4 firmware update image,
+>>>6947         string                  x               version %s
+# iLO5 images (ilo5_*.bin) start with a signature
+>75             string                  label_HPE-HPB-BMC-ILO5-4096
+>>880           string                  HPIMAGE\x00     HPE iLO5 firmware update image,
+>>944           string                  x               version %s
+
+# IBM POWER Secure Boot Container
+# from https://github.com/open-power/skiboot/blob/master/libstb/container.h
+0	belong	0x17082011	POWER Secure Boot Container,
+>4	beshort	x		version %u
+>6	bequad	x		container size %llu
+# These are always zero
+# >14	bequad	x		target HRMOR %llx
+# >22	bequad  x		stack pointer %llx
+>4096	ustring \xFD7zXZ\x00    XZ compressed
+0	belong	0x1bad1bad	POWER boot firmware
+>256	belong	0x48002030	(PHYP entry point)
+
+# ARM Cortex-M vector table
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://developer.arm.com/documentation/100701/0200/Exception-properties
+# Match stack MSB
+3		byte			0x20
+# Function pointers must be in Thumb-mode and before 0x20000000 (4*5 bits match)
+>4		ulelong&0xE0000001	1
+>>8		ulelong&0xE0000001	1
+>>>12		ulelong&0xE0000001	1
+>>>>44		ulelong&0xE0000001	1
+>>>>>56		ulelong&0xE0000001	1
+# Match Cortex-M reserved sections (0x00000000 or 0xFFFFFFFF)
+>>>>>>28	ulelong+1		<2
+>>>>>>>32	ulelong+1		<2
+>>>>>>>>36	ulelong+1		<2
+>>>>>>>>>40	ulelong+1		<2
+>>>>>>>>>>52	ulelong+1		<2	ARM Cortex-M firmware
+>>>>>>>>>>>0	ulelong			>0	\b, initial SP at 0x%08x
+>>>>>>>>>>>4	ulelong^1		x	\b, reset at 0x%08x
+>>>>>>>>>>>8	ulelong^1		x	\b, NMI at 0x%08x
+>>>>>>>>>>>12	ulelong^1		x	\b, HardFault at 0x%08x
+>>>>>>>>>>>44	ulelong^1		x	\b, SVCall at 0x%08x
+>>>>>>>>>>>56	ulelong^1		x	\b, PendSV at 0x%08x
+
+# ESP-IDF partition table entry
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://github.com/espressif/esp-idf/blob/v5.0/components/esp_partition/include/esp_partition.h
+0	string		\xAA\x50
+>2	ubyte		<2		ESP-IDF partition table entry
+>>12	string/16	x		\b, label: "%s"
+>>2	ubyte		0
+>>>3	ubyte		0x00		\b, factory app
+>>>3	ubyte		0x10		\b, OTA_0 app
+>>>3	ubyte		0x11		\b, OTA_1 app
+>>>3	ubyte		0x12		\b, OTA_2 app
+>>>3	ubyte		0x13		\b, OTA_3 app
+>>>3	ubyte		0x14		\b, OTA_4 app
+>>>3	ubyte		0x15		\b, OTA_5 app
+>>>3	ubyte		0x16		\b, OTA_6 app
+>>>3	ubyte		0x17		\b, OTA_7 app
+>>>3	ubyte		0x18		\b, OTA_8 app
+>>>3	ubyte		0x19		\b, OTA_9 app
+>>>3	ubyte		0x1A		\b, OTA_10 app
+>>>3	ubyte		0x1B		\b, OTA_11 app
+>>>3	ubyte		0x1C		\b, OTA_12 app
+>>>3	ubyte		0x1D		\b, OTA_13 app
+>>>3	ubyte		0x1E		\b, OTA_14 app
+>>>3	ubyte		0x1F		\b, OTA_15 app
+>>>3	ubyte		0x20		\b, test app
+>>2	ubyte		1
+>>>3	ubyte		0x00		\b, OTA selection data
+>>>3	ubyte		0x01		\b, PHY init data
+>>>3	ubyte		0x02		\b, NVS data
+>>>3	ubyte		0x03		\b, coredump data
+>>>3	ubyte		0x04		\b, NVS keys
+>>>3	ubyte		0x05		\b, emulated eFuse data
+>>>3	ubyte		0x06		\b, undefined data
+>>>3	ubyte		0x80		\b, ESPHTTPD partition
+>>>3	ubyte		0x81		\b, FAT partition
+>>>3	ubyte		0x82		\b, SPIFFS partition
+>>>3	ubyte		0xFF		\b, any data
+>>4	ulelong		x		\b, offset: 0x%X
+>>8	ulelong		x		\b, size: 0x%X
+>>28	ulelong&0x1	1		\b, encrypted
+
+# ESP-IDF application image
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://github.com/espressif/esp-idf/blob/v5.0/components/bootloader_support/include/esp_app_format.h
+# Note: Concatenation of esp_image_header_t, esp_image_segment_header_t and esp_app_desc_t
+# 	First segment contains esp_app_desc_t
+0	ubyte		0xE9
+>32	ulelong		0xABCD5432	ESP-IDF application image
+>>12	uleshort	0x0000		for ESP32
+>>12	uleshort	0x0002		for ESP32-S2
+>>12	uleshort	0x0005		for ESP32-C3
+>>12	uleshort	0x0009		for ESP32-S3
+>>12	uleshort	0x000A		for ESP32-H2 Beta1
+>>12	uleshort	0x000C		for ESP32-C2
+>>12	uleshort	0x000D		for ESP32-C6
+>>12	uleshort	0x000E		for ESP32-H2 Beta2
+>>12	uleshort	0x0010		for ESP32-H2
+>>80	string/32	x		\b, project name: "%s"
+>>48	string/32	x		\b, version %s
+>>128	string/16	x		\b, compiled on %s
+>>>112	string/16	x		%s
+>>144	string/32	x		\b, IDF version: %s
+>>4	ulelong		x		\b, entry address: 0x%08X
diff --git a/magic/Magdir/flash b/magic/Magdir/flash
new file mode 100644
index 0000000..33b7344
--- /dev/null
+++ b/magic/Magdir/flash
@@ -0,0 +1,62 @@
+
+#------------------------------------------------------------------------------
+# $File: flash,v 1.15 2019/04/19 00:42:27 christos Exp $
+# flash:	file(1) magic for Macromedia Flash file format
+#
+# See
+#
+#	https://www.macromedia.com/software/flash/open/
+#	https://wwwimages.adobe.com/www.adobe.com/content/dam/Adobe/\
+#	en/devnet/swf/pdf/swf-file-format-spec.pdf page 27
+#
+
+0   name	swf-details
+
+>0	string		F
+>>8	byte&0xfd	0x08		Macromedia Flash data
+!:mime	application/x-shockwave-flash
+>>>3	byte		x		\b, version %d
+>>8	byte&0xfe	0x10		Macromedia Flash data
+!:mime	application/x-shockwave-flash
+>>>3	byte		x		\b, version %d
+>>8	byte		0x18		Macromedia Flash data
+!:mime	application/x-shockwave-flash
+>>>3	byte		x		\b, version %d
+>>8	beshort&0xff87	0x2000		Macromedia Flash data
+!:mime	application/x-shockwave-flash
+>>>3	byte		x		\b, version %d
+>>8	beshort&0xffe0	0x3000		Macromedia Flash data
+!:mime	application/x-shockwave-flash
+>>>3	byte		x		\b, version %d
+>>8	byte&0x7	0
+>>>8	ubyte		>0x2f
+>>>>9	ubyte		<0x20		Macromedia Flash data
+!:mime	application/x-shockwave-flash
+>>>>>3	byte		x		\b, version %d
+
+>0	string		C
+>>8	byte		0x78		Macromedia Flash data (compressed)
+!:mime	application/x-shockwave-flash
+>>>3	byte		x		\b, version %d
+
+>0	string		Z
+>>8	byte		0x5d		Macromedia Flash data (lzma compressed)
+!:mime	application/x-shockwave-flash
+>>>3	byte		x		\b, version %d
+
+
+1	string		WS
+>4	ulelong		>14
+>>3	ubyte		!0
+>>>0	use		swf-details
+
+# From: Cal Peake <cp@absolutedigital.net>
+0	string		FLV\x01		Macromedia Flash Video
+!:mime	video/x-flv
+
+#
+# Yosu Gomez
+0	string	AGD2\xbe\xb8\xbb\xcd\x00	Macromedia Freehand 7 Document
+0	string	AGD3\xbe\xb8\xbb\xcc\x00	Macromedia Freehand 8 Document
+# From Dave Wilson
+0	string	AGD4\xbe\xb8\xbb\xcb\x00	Macromedia Freehand 9 Document
diff --git a/magic/Magdir/flif b/magic/Magdir/flif
new file mode 100644
index 0000000..9406208
--- /dev/null
+++ b/magic/Magdir/flif
@@ -0,0 +1,36 @@
+
+#------------------------------------------------------------------------------
+#	$File: flif,v 1.1 2015/11/23 22:04:36 christos Exp $
+#	flif:	Magic	data	for	file(1)	command.
+#	FLIF	(Free	Lossless	Image	Format)
+
+0	string	FLIF	FLIF
+>4	string	<H	image data
+>>6	beshort	x	\b, %u
+>>8	beshort	x	\bx%u
+>>5	string	1	\b, 8-bit/color,
+>>5	string	2	\b, 16-bit/color,
+>>4	string	1	\b, grayscale, non-interlaced
+>>4	string	3	\b, RGB, non-interlaced
+>>4	string	4	\b, RGBA, non-interlaced
+>>4	string	A	\b, grayscale
+>>4	string	C	\b, RGB, interlaced
+>>4	string	D	\b, RGBA, interlaced
+>4	string	>H	\b, animation data
+>>5	ubyte	<255	\b, %i frames
+>>>7	beshort	x	\b, %u
+>>>9	beshort	x	\bx%u
+>>>6	string	=1	\b, 8-bit/color
+>>>6	string	=2	\b, 16-bit/color
+>>5	ubyte	0xFF
+>>>6	beshort	x	\b, %i frames,
+>>>9	beshort	x	\b, %u
+>>>11	beshort	x	\bx%u
+>>>8	string	=1	\b, 8-bit/color
+>>>8	string	=2	\b, 16-bit/color
+>>4	string	=Q	\b, grayscale, non-interlaced
+>>4	string	=S	\b, RGB, non-interlaced
+>>4	string	=T	\b, RGBA, non-interlaced
+>>4	string	=a	\b, grayscale
+>>4	string	=c	\b, RGB, interlaced
+>>4	string	=d	\b, RGBA, interlaced
diff --git a/magic/Magdir/fonts b/magic/Magdir/fonts
new file mode 100644
index 0000000..17373b5
--- /dev/null
+++ b/magic/Magdir/fonts
@@ -0,0 +1,449 @@
+
+#------------------------------------------------------------------------------
+# $File: fonts,v 1.51 2022/08/16 11:16:39 christos Exp $
+# fonts:  file(1) magic for font data
+#
+0	search/1	FONT		ASCII vfont text
+0	short		0436		Berkeley vfont data
+0	short		017001		byte-swapped Berkeley vfont data
+
+# PostScript fonts (must precede "printer" entries), quinlan@yggdrasil.com
+# Modified by:	Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/PostScript_fonts
+#		http://fileformats.archiveteam.org/wiki/Adobe_Type_1
+# Reference:	http://mark0.net/download/triddefs_xml.7z
+#		defs/p/pfb.trid.xml
+# Note:		PFB stands for Printer Font Binary
+0	string		%!PS-AdobeFont-1.	PostScript Type 1 font text
+#!:mime	font/x-postscript-pfb
+#!:ext	pfb
+>20	string		>\0			(%s)
+# http://www.nationalarchives.gov.uk/pronom/fmt/525
+6	string		%!PS-AdobeFont-1.
+# skip DROID fmt-525-signature-id-816.pfb by checking for content after header
+>24	ubyte		x			PostScript Type 1 font program data
+#!:mime	application/octet-stream
+!:mime	font/x-postscript-pfb
+!:ext	pfb
+# often followed by colon (3Ah) and space (20h) and font name like: DarkGardenMK LetterGothic
+>>24	ubyte		=0x3A
+>>>26	string		>\0			(%s)
+# some times instead of colon %%CreationDate: and "font name" later
+>>24	ubyte		!0x3A
+# font name directive followed by def like: c0633bt_.pfb
+>>>25	search/1247	/FontName\040/
+# show font name in parentheses like: Frankfurt Lithos CharterBT-BoldItalic Courier10PitchBT-Bold
+>>>>&0	regex		[A-Za-z0-9-]+		(%s)
+# http://cd.textfiles.com/maxfonts/ATM/M/MIRROR__.PFB
+6	string		%PS-AdobeFont-1.	PostScript Type 1 font program data
+!:mime	font/x-postscript-pfb
+!:ext	pfb
+# font name like:  Times-Mirror
+>25	string		>\0			(%s)
+0	string		%!FontType1	PostScript Type 1 font program data
+#!:mime	font/x-postscript-pfb
+#!:ext	pfb
+6	string		%!FontType1	PostScript Type 1 font program data
+#!:mime	application/octet-stream
+!:mime	font/x-postscript-pfb
+!:ext	pfb
+# font name like: CaslonOpenFace FetteFraktur Kaufmann Linotext MesozoicGothic Old-Town
+>23	string		>\0			(%s)
+# http://cd.textfiles.com/maxfonts/ATM/P/PLAYBI.PFB
+230	string		%!FontType1	PostScript Type 1 font program data
+!:mime	font/x-postscript-pfb
+!:ext	pfb
+# font name like: Playbill
+>247	string		>\0			(%s)
+0	string		%!PS-Adobe-3.0\ Resource-Font	PostScript Type 1 font text
+#!:mime	font/x-postscript-pfb
+#!:ext	pfb
+
+# Summary:	PostScript Type 1 Printer Font Metrics
+# URL:		https://en.wikipedia.org/wiki/PostScript_fonts
+# Reference:	https://partners.adobe.com/public/developer/en/font/5178.PFM.pdf
+# Modified by:	Joerg Jenderek
+# Note:		moved from ./msdos magic
+# dfVersion 256=0100h
+0		uleshort	0x0100
+# GRR: line above is too general as it catches also TrueType font,
+# raw G3 data FAX, WhatsApp encrypted and Panorama database
+# dfType 129=0081h
+>66		uleshort	0x0081
+# dfVertRes 300=012Ch not needed as additional test
+#>>70		uleshort	0x012c
+# dfHorizRes 300=012Ch
+#>>>72		uleshort	0x012c
+# dfDriverInfo points to postscript information section
+>>(101.l)	string/c	Postscript	Printer Font Metrics
+# above labeled "PFM data" by ./msdos (version 5.28) or "Adobe Printer Font Metrics" by TrID
+!:mime	application/x-font-pfm
+# AppleShare Print Server
+#!:apple	ASPS????
+!:ext	pfm
+# dfCopyright 60 byte null padded Copyright string. uncomment it to get old looking
+#>>>6		string		>\060		- %-.60s
+# dfDriverInfo
+>>>139		ulelong		>0
+# often abbreviated and same as filename
+>>>>(139.l)	string		x		%s
+# dfSize
+>>>2		ulelong		x		\b, %d bytes
+# dfFace 210=D2h 9Eh
+>>>105		ulelong		>0
+# Windows font name
+>>>>(105.l)	string		x		\b, %s
+# dfItalic
+>>>80		ubyte		1		italic
+# dfUnderline
+>>>81		ubyte		1		underline
+# dfStrikeOut
+>>>82		ubyte		1		strikeout
+# dfWeight 400=0x0190 300=0x012c 500=0x01f4 600=0x0258 700=0x02bc
+>>>83		uleshort	>699		bold
+# dfPitchAndFamily 16 17 48 49 64 65
+>>>90		ubyte		16		serif
+>>>90		ubyte		17		serif proportional
+#>>>90		ubyte		48		other
+>>>90		ubyte		49		proportional
+>>>90		ubyte		64		script
+>>>90		ubyte		65		script proportional
+
+# X11 font files in SNF (Server Natural Format) format
+# updated by Joerg Jenderek at Feb 2013 and Nov 2021
+# http://computer-programming-forum.com/51-perl/8f22fb96d2e34bab.htm
+# URL:		http://fileformats.archiveteam.org/wiki/SNF
+# Reference:	https://cgit.freedesktop.org/xorg/lib/libXfont/tree/src/bitmap/snfstr.h
+0	belong		00000004
+# version2 same as version1 in struct _snfFontInfo
+>104	belong		00000004		X11 SNF font data, MSB first
+# GRR: line above is too general as it catches also DEGAS low-res bitmap like:
+# http://cd.textfiles.com/geminiatari/FILES/GRAPHICS/ANIMAT/SPID_PAT/BIGSPID.PI1
+!:mime	application/x-font-sfn
+!:ext	snf
+# GRR: line below is too general as it catches also Xbase index file t3-CHAR.NDX
+0	lelong		00000004
+>104	lelong		00000004		X11 SNF font data, LSB first
+!:mime	application/x-font-sfn
+# Reference:    http://mark0.net/download/triddefs_xml.7z/defs/s/snf-x11-lsb.trid.xml
+!:ext	snf
+
+# X11 Bitmap Distribution Format, from Daniel Quinlan (quinlan@yggdrasil.com)
+0	search/1	STARTFONT\ 		X11 BDF font text
+
+# From: Joerg Jenderek
+# URL: https://grub.gibibit.com/New_font_format
+# Reference: util/grub-mkfont.c
+#		include/grub/fontformat.h
+# FONT_FORMAT_SECTION_NAMES_FILE
+0			string		FILE
+# FONT_FORMAT_PFF2_MAGIC
+>8			string		PFF2
+# leng 4 only at the moment
+>>4			ubelong		4
+# FONT_FORMAT_SECTION_NAMES_FONT_NAME
+>>>12			string		NAME		GRUB2 font
+!:mime			application/x-font-pf2
+!:ext			pf2
+# length of font_name
+>>>>16			ubelong		>0
+# font_name
+>>>>>20			string		>\0		"%-s"
+
+# X11 fonts, from Daniel Quinlan (quinlan@yggdrasil.com)
+# PCF must come before SGI additions ("MIPSEL MIPS-II COFF" collides)
+0	string		\001fcp			X11 Portable Compiled Font data,
+>12	lelong		^0x08			bit: LSB,
+>12	lelong		&0x08			bit: MSB,
+>12	lelong		^0x04			byte: LSB first
+>12	lelong		&0x04			byte: MSB first
+0	string		D1.0\015		X11 Speedo font data
+
+#------------------------------------------------------------------------------
+# FIGlet fonts and controlfiles
+# From figmagic supplied with Figlet version 2.2
+# "David E. O'Brien" <obrien@FreeBSD.ORG>
+0	string		flf		FIGlet font
+>3	string		>2a		version %-2.2s
+0	string		flc		FIGlet controlfile
+>3	string		>2a		version %-2.2s
+
+# libGrx graphics lib fonts, from Albert Cahalan (acahalan@cs.uml.edu)
+# Used with djgpp (DOS Gnu C++), sometimes Linux or Turbo C++
+0	belong		0x14025919	libGrx font data,
+>8	leshort		x		%dx
+>10	leshort		x		\b%d
+>40	string		x		%s
+# Misc. DOS VGA fonts, from Albert Cahalan (acahalan@cs.uml.edu)
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/CPI
+# Reference:	http://www.delorie.com/djgpp/doc/rbinter/it/58/17.html
+0	belong		0xff464f4e	DOS code page font data collection
+!:mime	font/x-dos-cpi
+!:ext	cpi
+0	string		\x7fDRFONT	DR-DOS code page font data collection
+!:mime	font/x-drdos-cpi
+!:ext	cpi
+7	belong		0x00454741	DOS code page font data
+7	belong		0x00564944	DOS code page font data (from Linux?)
+4098	string		DOSFONT		DOSFONT2 encrypted font data
+
+# From: Joerg Jenderek
+# URL: http://fileformats.archiveteam.org/wiki/GEM_bitmap_font
+# Reference: http://cd.textfiles.com/ataricompendium/BOOK/HTML/APPENDC.HTM#cnt
+#
+# usual case with lightening mask and skewing mask 5555h~UU
+#62	ulelong		0x55555555
+# skip cl8m8ocofedso.testfile by looking for face size lower/equal 72
+#>2	uleshort	<73
+#>>0	use		gdos-font
+# BOX18.GFT COWBOY30.GFT ROYALK30.GFT
+#62	ulelong		0
+# skip ISO 9660 CD-ROM ./filesystem by looking for low positive face size
+#>2	uleshort	>2
+# skip DOS 2.0 backup id file ./msdos by looking for face size lower/equal 72
+#>>2	uleshort	<73
+# skip MS oem.hlp, some Windows ICO ./msdos by looking for valid long name like WYE
+#>>>4	ulelong		>0x001F1f1F
+# skip Microsoft WinWord 2.0 ./msdos by looking for positive offset to font data
+#>>>>76	ulelong		>83
+#>>>>>0	use		gdos-font
+0	name		gdos-font
+>0	uleshort	x		GEM GDOS font
+!:mime	application/x-font-gdos
+# also .eps found like AA070GEP.EPS AI360GEP.EPS
+!:ext	fnt/gtf
+# font name like Big&Tall, Celtic #s, Courier, University Bold, WYE
+>4	string		x		%.32s
+# face size in points 3-72 SLSS03CG.FNT H1CELT72.FNT
+>2	uleshort	x		%u
+# face ID (must be unique)
+>0	uleshort	x		\b, ID %#4.4x
+# lowest character index in face (4 but usually 32 for disk-loaded fonts)
+#>36	uleshort	!32		\b, unusual character index %u
+# width of the widest character like 0 8 10 12 16 24 32
+#>50	uleshort	x		\b, %u char width
+# width of the widest character cell like 8 11 12 14 15 16 33 67
+#>52	uleshort	x		\b, %u cell width
+# thickening size in pixel like 0 1 2 3 4 5 6 7 8
+#>58	uleshort	x		\b, %u thick
+# lightening mask to eliminate pixels, usually 5555h
+>62	uleshort	!0x5555		\b, lightening mask %#x
+# skewing mask to determine when to perform additional rotation when skewing, usually 5555h
+>64	uleshort	!0x5555		\b, skewing mask %#x
+# offset to optional horizontal offset table 0 58h~88 5eh 252h
+#>68	ulelong		x		\b, %#x horizontal table offset
+# offset of character offset table 54h for many *.GFT 55h 58h 5Eh 120h 1D4h 202h 220h
+#>72	ulelong		x		\b, %#x coffset
+# offset to font data like 116h 118h 158 20Ah 20Eh
+>76	ulelong		x		\b, %#x foffset
+# form width in bytes like 58 67 156 190 227 317 345
+#>80	uleshort	x		\b, %u fwidth
+# form height in bytes like 4 8 11 17 26 56 70 90 120 146 150
+#>82	uleshort	x		\b, %u fheight
+# pointer to the next font like 0 10000h 20000h 30000h 40000h 60000h 80000h E0000h D0000h 
+#>84	ulelong		x		\b, %#x noffset
+
+# downloadable fonts for browser (prints type) anthon@mnt.org
+# https://tools.ietf.org/html/rfc3073
+0	string		PFR1		Portable Font Resource font data (new)
+>102	string		>0		\b: %s
+0	string		PFR0		Portable Font Resource font data (old)
+>4	beshort		>0		version %d
+
+# True Type fonts
+# Modified by: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/TrueType
+# Reference: https://developer.apple.com/fonts/TrueType-Reference-Manual/
+#
+# sfnt version "typ1" used by some Apple, but no example found
+0	string	typ1
+>0	use		sfnt-font
+>0	use		sfnt-names
+# sfnt version "true" used by some Apple
+0	string	true
+>0	use		sfnt-font
+>0	use		sfnt-names
+# GRR: below test is too general
+# sfnt version often 0x00010000
+0	string	\000\001\000\000
+>0	use		sfnt-font
+>0	use		sfnt-names
+#	validate and display sfnt font data like number of tables
+0	name		sfnt-font
+# file 5.30 version assumes 00FFh as maximal number of tables
+#>4	ubeshort	<0x0100		
+# maximal 27 tables found like in Skia.ttf
+# 46 different table names mentioned on Apple specification
+# skip 1st sequence of DOS 2 backup with path separator (\~92 or /~47) misinterpreted as table number
+>4	ubeshort	<47		
+# skip bad examples with garbage table names like in a5.show HYPERC MAC
+# tag names consist of up to four characters padded with spaces at end like
+# BASE DSIG OS/2 Zapf acnt glyf cvt vmtx xref ...
+>>12	regex/4l	\^[A-Za-z][A-Za-z][A-Za-z/][A-Za-z2\ ]	
+#>>>0	ubelong	x	\b, sfnt version %#x
+>>>0	ubelong	!0x4f54544f	TrueType
+!:mime	font/sfnt
+!:apple	????tfil
+# .ttf for TrueType font
+# EUDC.tte created by privat character editor %WINDIR%\system32\eudcedit.exe
+!:ext	ttf/tte
+# sfnt version 4F54544Fh~OTTO
+>>>0	ubelong	=0x4f54544f	OpenType
+!:mime	font/otf
+!:apple	????OTTO
+!:ext	otf
+>>>0	ubelong	x		Font data
+# DSIG=44454947h table name implies a digitally signed font
+# search range = number of tables * 16 =< maximal number of tables * 16 = 27 * 16 = 432
+>>>12	search/432	DSIG		\b, digitally signed
+>>>4	ubeshort	x		\b, %d tables
+# minimal 9 tables found like in NISC18030.ttf
+#>>>4	ubeshort	<10		TMIN
+#>>>4	ubeshort	>24		TBIG
+# table directory entries
+>>>12	string		x		\b, 1st "%4.4s"
+
+#	search and display 1st name in sfnt font which is often copyright text
+#	does not work inside font collections
+0	name		sfnt-names
+# search for naming table
+>12	search/432/s	name		
+# biggest offset 0x0100bd28 like Windows10 Fonts\simsunb.ttf
+#>>>>&8	ubelong		>0x0100bd27	BIGGEST OFFSET
+>>&8	ubelong		>0x00100000	
+# offset of name table
+>>>&-4	ubelong		x		\b, name offset %#x
+# GRR: pointer to name table only works if offset ~< FILE_BYTES_MAX = 100000h defined in src\file.h
+>>&8	ubelong		<0x00100000	
+>>>&-16	ubelong		x		
+# name table
+>>>>(&8.L)	ubequad	x		
+# invalid format selector 
+#>>>>>&-8	ubeshort	!0	\b, invalid selector %x
+# minimal 3 name records found like in c:\Program Files (x86)\Tesseract-OCR\tessdata\pdf.ttf
+# maximal 1227 name records found like in Apple Chancery.ttf
+#>>>>>&-6	ubeshort	<0x4	mincount
+#>>>>>&-6	ubeshort	>130	maxcount
+>>>>>&-6	ubeshort	x	\b, %d names
+# offset to start of string storage from start of table
+#>>>>>&-4	ubeshort	x	\b, record offset %d
+# 1st name record
+# string offset from start of storage area 
+#>>>>>&8		ubeshort	x	\b, string offset %d
+# string length
+#>>>>>&6		ubeshort	x	\b, string length %d
+# minimal name string 7 like in c:\Program Files (x86)\Kodi\addons\webinterface.default\lib\video-js\font\VideoJS.ttf
+# also found 0 like in SWZCONLN.TTF
+#>>>>>&6		ubeshort	<8	MIN STRING
+# maximal name string 806 like in c:\Windows\Fonts\palabi.ttf
+#>>>>>&6		ubeshort	>805	MAX STRING
+# platform identifier: 0~Apple Unicode, 1~Macintosh, 3~Microsoft
+#>>>>>&-2	ubeshort	>3	BAD PLATFORM
+>>>>>&-2	ubeshort	0	\b, Unicode
+>>>>>&-2	ubeshort	1	\b, Macintosh
+>>>>>&-2	ubeshort	3	\b, Microsoft
+# languageID (0~english Macintosh, 0409h~english Microsoft, ...)
+>>>>>&2		ubeshort	>0	\b, language %#x
+# name identifiers
+# often 0~copyright, 1~font, 2~font subfamily, 5~version, 13~license, 19~sample, ...
+>>>>>&4		ubeshort	>0	\b, type %d string
+# platform specific encoding:
+# 0~undefined character set, 1~UGL set with Unicode, 3~Unicode 2.0 BMP only, 4~Unicode 2.0
+#>>>>>&0		ubeshort	x	\b, %d encoding
+>>>>>&0		ubeshort	0	
+# handle only name string offset 0 because do not know how to add 2 relative offsets
+>>>>>>&6		ubeshort	0	
+>>>>>>>&(&-14.S-18)	ubyte		!0	
+# GRR: instead 806 only first MAXstring = 96 characters are displayed as defined in src\file.h
+# often copyright string that starts like \251 2006 The Monotype Corporation
+>>>>>>>>&-1		string		x	\b, %-11.96s
+# test for unicode string
+>>>>>>>&(&-14.S-18)	ubyte		0	
+>>>>>>>>&0		lestring16	x	\b, %-11.96s
+# unicode encoding
+>>>>>&0		ubeshort	>0	
+>>>>>>&6		ubeshort	0	
+>>>>>>>&(&-14.S-17)	lestring16	x	\b, %-11.96s
+
+0	string		\007\001\001\000Copyright\ (c)\ 199	Adobe Multiple Master font
+0	string		\012\001\001\000Copyright\ (c)\ 199	Adobe Multiple Master font
+
+# TrueType/OpenType font collections (.ttc)
+# URL: https://en.wikipedia.org/wiki/OpenType
+# https://www.microsoft.com/typography/otspec/otff.htm
+# Modified by: Joerg Jenderek
+# Note:	container for TrueType, OpenType font
+0	string		ttcf
+# skip ASCII text
+>4	ubyte		0		
+# sfnt version often 0x00010000 of 1st table is TrueType
+>>(12.L)	ubelong	!0x4f54544f	TrueType
+!:mime	font/ttf
+!:apple	????tfil
+!:ext	ttc
+# sfnt version 4F54544Fh~OTTO of 1st table is OpenType font 
+>>(12.L)	ubelong	=0x4f54544f	OpenType
+!:mime	font/otf
+!:apple	????OTTO
+# no example found for otc
+!:ext	ttc/otc
+>>4	ubyte		x		font collection data
+#!:mime	font/collection
+# TCC version
+>>4	belong		0x00010000	\b, 1.0
+>>4	belong		0x00020000	\b, 2.0
+>>8	ubelong		>0		\b, %d fonts
+# array offset size = fonts * offsetsize = fonts * 4
+>>(8.L*4) ubequad	x		
+# 0x44454947 = 'DSIG'
+>>>&4	belong		0x44534947	\b, digitally signed
+# offset to 1st font
+>>12	ubelong		x		\b, at %#x
+# point to 1st font that starts with sfnt version
+>>(12.L) use		sfnt-font
+
+# Opentype font data from Avi Bercovich
+0	string		OTTO		OpenType font data
+!:mime application/vnd.ms-opentype
+
+# From: Alex Myczko <alex@aiei.ch>
+0	string		SplineFontDB:	Spline Font Database
+!:mime application/vnd.font-fontforge-sfd
+>14	string		x		version %s
+
+# EOT
+0x40	string		\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+>0x22	string		LP		Embedded OpenType (EOT)
+# workaround until there's lepstring16
+# >>0x52	lepstring16/h	>\0		\b, %s family
+>>0x52	short	!0
+>>>0x54	lestring16	x		\b, %s family
+!:mime application/vnd.ms-fontobject
+
+# Web Open Font Format (.woff)
+0	name		woff
+>4	belong		0x00010000	\b, TrueType
+>4	belong		0x4F54544F	\b, CFF
+>4	belong		0x74727565	\b, TrueType
+>4	default		x
+>>4	belong		x		\b, flavor %d
+>8	belong		x		\b, length %d
+#>12	beshort		x		\b, numTables %d
+#>14	beshort		x		\b, reserved %d
+#>16	belong		x		\b, totalSfntSize %d
+
+# https://www.w3.org/TR/WOFF/
+0	string		wOFF	Web Open Font Format
+!:mime font/woff
+>0	use		woff
+>20	beshort		x	\b, version %d
+>22	beshort		x	\b.%d
+# https://www.w3.org/TR/WOFF2/
+0	string		wOF2	Web Open Font Format (Version 2)
+!:mime font/woff2
+!:ext	woff2
+>0	use		woff
+#>20	belong		x	\b, totalCompressedSize %d
+>24	beshort		x	\b, version %d
+>26	beshort		x	\b.%d
diff --git a/magic/Magdir/forth b/magic/Magdir/forth
new file mode 100644
index 0000000..34c9181
--- /dev/null
+++ b/magic/Magdir/forth
@@ -0,0 +1,82 @@
+
+#------------------------------------------------------------------------------
+# $File: forth,v 1.4 2021/04/26 15:56:00 christos Exp $
+# forth:  file(1) magic for various Forth environments
+# From: Lubomir Rintel <lkundrak@v3.sk>
+#
+
+# Has a FORTH stack diagram and something that looks very much like a FORTH
+# multi-line word definition. Probably a FORTH source.
+0       regex   \[[:space:]]\\(([[:space:]].*)?\ --\ (.*[[:space:]])?\\)
+>0      regex   \^:\[[:space:]]
+>>0     regex   \^;$				FORTH program
+!:mime  text/x-forth
+
+# Inline word definition complete with a stack diagram
+0       regex   \^:[[:space:]].*[[:space:]]\\(([[:space:]].*)?\ --\ (.*[[:space:]])?\\)[[:space:]].*[[:space:]];$	FORTH program
+!:mime  text/x-forth
+
+# Various dictionary images used by OpenFirware FORTH environment
+
+0	lelong	0xe1a00000
+>8	lelong	0xe1a00000
+# skip raspberry pi kernel image kernel7.img by checking for positive text length
+>>24	lelong	>0		ARM OpenFirmware FORTH Dictionary,
+>>>24	lelong	x		Text length: %d bytes,
+>>>28	lelong	x		Data length: %d bytes,
+>>>32	lelong	x		Text Relocation Table length: %d bytes,
+>>>36	lelong	x		Data Relocation Table length: %d bytes,
+>>>40	lelong	x		Entry Point: %#08X,
+>>>44	lelong	x		BSS length: %d bytes
+
+0	string	MP
+>28	lelong	1		x86 OpenFirmware FORTH Dictionary,
+>>4	leshort	x		%d blocks
+>>2	leshort	x		+ %d bytes,
+>>6	leshort	x		%d relocations,
+>>8	leshort	x		Header length: %d paragraphs,
+>>10	leshort	x		Data Size: %d
+>>12	leshort	x		- %d 4K pages,
+>>14	lelong	x		Initial Stack Pointer: %#08X,
+>>20	lelong	x		Entry Point: %#08X,
+>>24	lelong	x		First Relocation Item: %d,
+>>26	lelong	x		Overlay Number: %d,
+>>18	leshort	x		Checksum: %#08X
+
+0	belong	0x48000020	PowerPC OpenFirmware FORTH Dictionary,
+>4	belong	x		Text length: %d bytes,
+>8	belong	x		Data length: %d bytes,
+>12	belong	x		BSS length: %d bytes,
+>16	belong	x		Symbol Table length: %d bytes,
+>20	belong	x		Entry Point: %#08X,
+>24	belong	x		Text Relocation Table length: %d bytes,
+>28	belong	x		Data Relocation Table length: %d bytes
+
+0	lelong	0x10000007	MIPS OpenFirmware FORTH Dictionary,
+>4	lelong	x		Text length: %d bytes,
+>8	lelong	x		Data length: %d bytes,
+>12	lelong	x		BSS length: %d bytes,
+>16	lelong	x		Symbol Table length: %d bytes,
+>20	lelong	x		Entry Point: %#08X,
+>24	lelong	x		Text Relocation Table length: %d bytes,
+>28	lelong	x		Data Relocation Table length: %d bytes
+
+# Dictionary images used by minimal C FORTH environments, any platform,
+# using native byte order.
+
+# Weak.
+#0	short	0x5820		cForth 16-bit Dictionary,
+#>2	short	x		Serial: %#08X,
+#>4	short	x		Dictionary Start: %#08X,
+#>6	short	x		Dictionary Size: %d bytes,
+#>8	short	x		User Area Start: %#08X,
+#>10	short	x		User Area Size: %d bytes,
+#>12	short	x		Entry Point: %#08X
+
+0	long	0x581120	cForth 32-bit Dictionary,
+>4	long	x		Serial: %#08X,
+>8	long	x		Dictionary Start: %#08X,
+>12	long	x		Dictionary Size: %d bytes,
+>16	long	x		User Area Start: %#08X,
+>20	long	x		User Area Size: %d bytes,
+>24	long	x		Entry Point: %#08X
diff --git a/magic/Magdir/fortran b/magic/Magdir/fortran
new file mode 100644
index 0000000..6abc2f7
--- /dev/null
+++ b/magic/Magdir/fortran
@@ -0,0 +1,9 @@
+
+#------------------------------------------------------------------------------
+# $File: fortran,v 1.10 2015/11/05 18:47:16 christos Exp $
+# FORTRAN source
+# Check that the first 100 lines start with C or whitespace first.
+0       regex/100l      !\^[^Cc\ \t].*$
+>0	regex/100l	\^[Cc][\ \t]	FORTRAN program text
+!:mime	text/x-fortran
+!:strength - 5
diff --git a/magic/Magdir/frame b/magic/Magdir/frame
new file mode 100644
index 0000000..c0fd840
--- /dev/null
+++ b/magic/Magdir/frame
@@ -0,0 +1,62 @@
+
+#------------------------------------------------------------------------------
+# $File: frame,v 1.14 2019/11/25 00:31:30 christos Exp $
+# frame:  file(1) magic for FrameMaker files
+#
+# This stuff came on a FrameMaker demo tape, most of which is
+# copyright, but this file is "published" as witness the following:
+#
+# Note that this is the Framemaker Maker Interchange Format, not the
+# Normal format which would be application/vnd.framemaker.
+#
+0	string		\<MakerFile	FrameMaker document
+!:mime	application/x-mif
+>11	string		5.5		 (5.5
+>11	string		5.0		 (5.0
+>11	string		4.0		 (4.0
+>11	string		3.0		 (3.0
+>11	string		2.0		 (2.0
+>11	string		1.0		 (1.0
+>14	byte		x		  %c)
+# URL:		http://fileformats.archiveteam.org/wiki/Maker_Interchange_Format
+# Reference:	https://help.adobe.com/en_US/framemaker/mifreference/mifref.pdf
+# Update:	Joerg Jenderek 2019 Nov
+0	string		\<MIFFile	FrameMaker MIF (ASCII) file
+# https://www.iana.org/assignments/media-types/application/vnd.mif
+!:mime	application/vnd.mif
+# mif most but also find bookTOC.framemif
+!:ext	mif/framemif
+# followed by space~20h
+#>8	ubyte		0x20		\b, space before version
+# 3 characters of version number of the MIF language like 1.0, 2.0 ... 2015 ...
+>9	string		x		(%.3s
+# if not greater sign then display 4th character of version
+>12	ubyte		=0x3e		\b)
+>12	ubyte		!0x3e		\b%c)
+# comment starting with # shows the name+version number of generating program
+>13	search/3	#
+>>&0	string		x		"%s"
+0	search/1	\<MakerDictionary	FrameMaker Dictionary text
+!:mime	application/x-mif
+>17	string		3.0		 (3.0)
+>17	string		2.0		 (2.0)
+>17	string		1.0		 (1.x)
+0	string		\<MakerScreenFont	FrameMaker Font file
+!:mime	application/x-mif
+>17	string		1.01		 (%s)
+0	string		\<MML		FrameMaker MML file
+!:mime	application/x-mif
+0	string		\<BookFile	FrameMaker Book file
+!:mime	application/x-mif
+>10	string		3.0		 (3.0
+>10	string		2.0		 (2.0
+>10	string		1.0		 (1.0
+>13	byte		x		  %c)
+# XXX - this book entry should be verified, if you find one, uncomment this
+#0	string		\<Book\040 	FrameMaker Book (ASCII) file
+#!:mime	application/x-mif
+#>6	string		3.0		 (3.0)
+#>6	string		2.0		 (2.0)
+#>6	string		1.0		 (1.0)
+0	string		\<Maker\040Intermediate\040Print\040File	FrameMaker IPL file
+!:mime	application/x-mif
diff --git a/magic/Magdir/freebsd b/magic/Magdir/freebsd
new file mode 100644
index 0000000..66aff6c
--- /dev/null
+++ b/magic/Magdir/freebsd
@@ -0,0 +1,164 @@
+
+#------------------------------------------------------------------------------
+# $File: freebsd,v 1.9 2022/01/19 12:44:13 christos Exp $
+# freebsd:  file(1) magic for FreeBSD objects
+#
+# All new-style FreeBSD magic numbers are in host byte order (i.e.,
+# little-endian on x86).
+#
+# XXX - this comes from the file "freebsd" in a recent FreeBSD version of
+# "file"; it, and the NetBSD stuff in "netbsd", appear to use different
+# schemes for distinguishing between executable images, shared libraries,
+# and object files.
+#
+# FreeBSD says:
+#
+#    Regardless of whether it's pure, demand-paged, or none of the
+#    above:
+#
+#	if the entry point is < 4096, then it's a shared library if
+#	the "has run-time loader information" bit is set, and is
+#	position-independent if the "is position-independent" bit
+#	is set;
+#
+#	if the entry point is >= 4096 (or >4095, same thing), then it's
+#	an executable, and is dynamically-linked if the "has run-time
+#	loader information" bit is set.
+#
+# On x86, NetBSD says:
+#
+#    If it's neither pure nor demand-paged:
+#
+#	if it has the "has run-time loader information" bit set, it's
+#	a dynamically-linked executable;
+#
+#	if it doesn't have that bit set, then:
+#
+#	    if it has the "is position-independent" bit set, it's
+#	    position-independent;
+#
+#	    if the entry point is non-zero, it's an executable, otherwise
+#	    it's an object file.
+#
+#    If it's pure:
+#
+#	if it has the "has run-time loader information" bit set, it's
+#	a dynamically-linked executable, otherwise it's just an
+#	executable.
+#
+#    If it's demand-paged:
+#
+#	if it has the "has run-time loader information" bit set,
+#	then:
+#
+#	    if the entry point is < 4096, it's a shared library;
+#
+#	    if the entry point is = 4096 or > 4096 (i.e., >= 4096),
+#	    it's a dynamically-linked executable);
+#
+#	if it doesn't have the "has run-time loader information" bit
+#	set, then it's just an executable.
+#
+# (On non-x86, NetBSD does much the same thing, except that it uses
+# 8192 on 68K - except for "68k4k", which is presumably "68K with 4K
+# pages - SPARC, and MIPS, presumably because Sun-3's and Sun-4's
+# had 8K pages; dunno about MIPS.)
+#
+# I suspect the two will differ only in perverse and uninteresting cases
+# ("shared" libraries that aren't demand-paged and whose pages probably
+# won't actually be shared, executables with entry points <4096).
+#
+# I leave it to those more familiar with FreeBSD and NetBSD to figure out
+# what the right answer is (although using ">4095", FreeBSD-style, is
+# probably better than separately checking for "=4096" and ">4096",
+# NetBSD-style).  (The old "netbsd" file analyzed FreeBSD demand paged
+# executables using the NetBSD technique.)
+#
+0	lelong&0377777777	041400407	FreeBSD/i386
+>20	lelong			<4096
+>>3	byte&0xC0		&0x80		shared library
+>>3	byte&0xC0		0x40		PIC object
+>>3	byte&0xC0		0x00		object
+>20	lelong			>4095
+>>3	byte&0x80		0x80		dynamically linked executable
+>>3	byte&0x80		0x00		executable
+>16	lelong			>0		not stripped
+
+0	lelong&0377777777	041400410	FreeBSD/i386 pure
+>20	lelong			<4096
+>>3	byte&0xC0		&0x80		shared library
+>>3	byte&0xC0		0x40		PIC object
+>>3	byte&0xC0		0x00		object
+>20	lelong			>4095
+>>3	byte&0x80		0x80		dynamically linked executable
+>>3	byte&0x80		0x00		executable
+>16	lelong			>0		not stripped
+
+0	lelong&0377777777	041400413	FreeBSD/i386 demand paged
+>20	lelong			<4096
+>>3	byte&0xC0		&0x80		shared library
+>>3	byte&0xC0		0x40		PIC object
+>>3	byte&0xC0		0x00		object
+>20	lelong			>4095
+>>3	byte&0x80		0x80		dynamically linked executable
+>>3	byte&0x80		0x00		executable
+>16	lelong			>0		not stripped
+
+0	lelong&0377777777	041400314	FreeBSD/i386 compact demand paged
+>20	lelong			<4096
+>>3	byte&0xC0		&0x80		shared library
+>>3	byte&0xC0		0x40		PIC object
+>>3	byte&0xC0		0x00		object
+>20	lelong			>4095
+>>3	byte&0x80		0x80		dynamically linked executable
+>>3	byte&0x80		0x00		executable
+>16	lelong			>0		not stripped
+
+# XXX gross hack to identify core files
+# cores start with a struct tss; we take advantage of the following:
+# byte 7:     highest byte of the kernel stack pointer, always 0xfe
+#      8/9:   kernel (ring 0) ss value, always 0x0010
+#      10 - 27: ring 1 and 2 ss/esp, unused, thus always 0
+#      28:    low order byte of the current PTD entry, always 0 since the
+#             PTD is page-aligned
+#
+7	string	\357\020\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0	FreeBSD/i386 a.out core file
+>1039	string	>\0	from '%s'
+
+# /var/run/ld.so.hints
+# What are you laughing about?
+0	lelong			011421044151	ld.so hints file (Little Endian
+>4	lelong			>0		\b, version %d)
+>4	belong			<1		\b)
+0	belong			011421044151	ld.so hints file (Big Endian
+>4	belong			>0		\b, version %d)
+>4	belong			<1		\b)
+
+#
+# Files generated by FreeBSD scrshot(1)/vidcontrol(1) utilities
+#
+0	string	SCRSHOT_	scrshot(1) screenshot,
+>8	byte	x		version %d,
+>9	byte	2		%d bytes in header,
+>>10	byte	x		%d chars wide by
+>>11	byte	x		%d chars high
+
+#
+# FreeBSD kernel minidumps
+#
+0	string	minidump\040FreeBSD/	FreeBSD kernel minidump
+# powerpc uses 32-byte magic, followed by 32-byte mmu kind, then version
+>17	string	powerpc
+>>17	string	>\0			for %s,
+>>>32	string	>\0			%s,
+>>>>64	byte	0			big endian,
+>>>>>64	belong	x			version %d
+>>>>64	default	x			little endian,
+>>>>>64	lelong	x			version %d
+# all other architectures use 24-byte magic, followed by version
+>17	default	x
+>>17	string	>\0			for %s,
+>>>24	byte	0			big endian,
+>>>>24	belong	x			version %d
+>>>24	default	x			little endian,
+>>>>24	lelong	x			version %d
diff --git a/magic/Magdir/fsav b/magic/Magdir/fsav
new file mode 100644
index 0000000..5c1d6e2
--- /dev/null
+++ b/magic/Magdir/fsav
@@ -0,0 +1,128 @@
+
+#------------------------------------------------------------------------------
+# $File: fsav,v 1.22 2021/04/26 15:56:00 christos Exp $
+# fsav:  file(1) magic for datafellows fsav virus definition files
+# Anthon van der Neut (anthon@mnt.org)
+
+# ftp://ftp.f-prot.com/pub/{macrdef2.zip,nomacro.def}
+0	beshort		0x1575		fsav macro virus signatures
+>8	leshort		>0		(%d-
+>11	byte		>0		\b%02d-
+>10	byte		>0		\b%02d)
+# ftp://ftp.f-prot.com/pub/sign.zip
+#10	ubyte		<12
+#>9	ubyte		<32
+#>>8	ubyte		0x0a
+#>>>12	ubyte		0x07
+#>>>>11	uleshort	>0		fsav DOS/Windows virus signatures (%d-
+#>>>>10	byte		0		\b01-
+#>>>>10	byte		1		\b02-
+#>>>>10	byte		2		\b03-
+#>>>>10	byte		3		\b04-
+#>>>>10	byte		4		\b05-
+#>>>>10	byte		5		\b06-
+#>>>>10	byte		6		\b07-
+#>>>>10	byte		7		\b08-
+#>>>>10	byte		8		\b09-
+#>>>>10	byte		9		\b10-
+#>>>>10	byte		10		\b11-
+#>>>>10	byte		11		\b12-
+#>>>>9	ubyte		>0		\b%02d)
+# ftp://ftp.f-prot.com/pub/sign2.zip
+#0	ubyte		0x62
+#>1	ubyte		0xF5
+#>>2	ubyte		0x1
+#>>>3	ubyte		0x1
+#>>>>4	ubyte		0x0e
+#>>>>>13		ubyte	>0		fsav virus signatures
+#>>>>>>11	ubyte	x		size %#02x
+#>>>>>>12	ubyte	x		\b%02x
+#>>>>>>13	ubyte	x		\b%02x bytes
+
+# Joerg Jenderek: joerg dot jenderek at web dot de
+# clamav-0.100.2\docs\html\node60.html 
+# https://github.com/vrtadmin/clamav-faq/raw/master/manual/clamdoc.pdf
+# ClamAV virus database files start with a 512 bytes colon separated header
+# ClamAV-VDB:buildDate:version:signaturesNumbers:functionalityLevelRequired:MD5:Signature:builder:buildTime
+# + gzipped (optional) tarball files
+# output can often be verified by `sigtool --info=FILE`
+0	string		ClamAV-VDB:	Clam AntiVirus
+# padding spaces implies database
+>511	ubyte		=0x20		database
+!:mime	application/x-clamav-database
+# empty build time
+>>10	string		=::		(unsigned)
+# sigtool(1) man page
+!:ext	cud
+# display some text to avoid error like:
+# Magdir/fsav, 78: Warning: Current entry does not yet have a description for adding a EXTENSION type
+# file: could not find any valid magic files! (No error)
+>>10	default		x		(with buildtime)
+#>>10	default		x
+# clamtmp is used for temporarily database like update process
+# for pure tar database only cld extension found
+!:ext	cld/cvd/clamtmp/cud
+>511	default		x		file
+!:mime	application/x-clamav
+!:ext	info
+>11	string		>\0
+# buildDate empty or like "22 Mar 2017 12-57 -0400"; verified by `sigtool -i FILE`
+>>11	regex		\^[^:]{0,23}	\b, %s
+# version like 25170
+>>>&1	regex		\^[^:]{1,6}	\b, version %s
+# signaturesNumbers like 4566249
+>>>>&1	regex		\^[^:]{1,10}	\b, %s signatures
+# functionalityLevelRequired like 60
+>>>>>&1	regex		\^[^:]{1,4}	\b, level %s
+# X for nothing or MD5
+#>>>>>>&1	regex	\^[^:]{1,32}	\b, MD5 "%s"
+>>>>>>&1	regex	\^[^:]{1,32}
+# X for nothing or digital signature starting like AIzk/LYbX
+#>>>>>>>&1	regex	\^[^:]{1,255}	\b, signature "%s"
+>>>>>>>&1	regex	\^[^:]{1,255}
+# builder like neo
+>>>>>>>>&1	regex	\^[^:]{1,32}	\b, builder %s
+# buildTime like 1506611558
+#>>>>>>>>>&1	regex	\^[^:]{1,10}	\b, %s
+>>>>>>>>>&1	regex	\^[^:]{1,10}	
+# padding with spaces
+#>>>>>>>>>>&1	ubequad	x		\b, padding %#16.16llx
+>510	ubyte		=0x20
+# inspect real database content
+#>>512	ubeshort	x		\b, database MAGIC %#x
+# ./archive handle pure tar archives
+>>1012	quad		=0		\b, with
+>>>512	use		tar-file
+# not pure tar
+>>1012	quad		!0
+# one space at the end of text and then handles gzipped archives by ./compress
+>>>512	string		\037\213	\b, with 
+>>>>512	indirect	x
+
+# Type: Grisoft AVG AntiVirus
+# From: David Newgas <david@newgas.net>
+0	string	AVG7_ANTIVIRUS_VAULT_FILE	AVG 7 Antivirus vault file data
+
+0	string	X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR
+>33	string	-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*	EICAR virus test files
+
+# From: Joerg Jenderek
+# URL: https://www.avira.com/
+# Note: found in directory %ProgramData%\Avira\Antivirus\INFECTED (Windows)
+# tested with version 15.0.43.23 at November 2019
+0	string		AntiVir\ Qua	Avira AntiVir quarantined
+!:mime	application/x-avira-qua
+#!:mime	application/octet-stream
+!:ext	qua
+>156	string		SUSPICIOUS_FILE
+# file path of suspicious file
+>>220	lestring16	x		%s
+>156	string		!SUSPICIOUS_FILE
+# file path of virus file
+>>228	lestring16	x		%s
+# quarantined date
+>60	ldate		x		at %s
+# virus/danger name
+>156	string		!SUSPICIOUS_FILE
+>>156	string		x		\b, category "%s"
+
diff --git a/magic/Magdir/fusecompress b/magic/Magdir/fusecompress
new file mode 100644
index 0000000..165cf3c
--- /dev/null
+++ b/magic/Magdir/fusecompress
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: fusecompress,v 1.2 2011/08/08 09:05:55 christos Exp $
+# fusecompress:   file(1) magic for fusecompress
+0	string	\037\135\211	FuseCompress(ed) data
+>3	byte	0x00	(none format)
+>3	byte	0x01	(bz2 format)
+>3	byte	0x02	(gz format)
+>3	byte	0x03	(lzo format)
+>3	byte	0x04	(xor format)
+>3	byte	>0x04	(unknown format)
+>4	long	x	uncompressed size: %d
diff --git a/magic/Magdir/games b/magic/Magdir/games
new file mode 100644
index 0000000..0ccb4ac
--- /dev/null
+++ b/magic/Magdir/games
@@ -0,0 +1,696 @@
+
+#------------------------------------------------------------------------------
+# $File: games,v 1.31 2023/03/29 22:57:27 christos Exp $
+# games:  file(1) for games
+
+# Fabio Bonelli <fabiobonelli@libero.it>
+# Quake II - III data files
+0       string  IDP2        	Quake II 3D Model file,
+>20     long    x               %u skin(s),
+>8      long    x               (%u x
+>12     long    x 		%u),
+>40     long    x               %u frame(s),
+>16     long    x               Frame size %u bytes,
+>24     long  	x               %u vertices/frame,
+>28     long    x            	%u texture coordinates,
+>32     long    x               %u triangles/frame
+
+0       string  IBSP            Quake
+>4      long    0x26            II Map file (BSP)
+>4      long    0x2E      	III Map file (BSP)
+
+0       string  IDS2            Quake II SP2 sprite file
+
+#---------------------------------------------------------------------------
+# Doom and Quake
+# submitted by Nicolas Patrois
+
+0       string  \xcb\x1dBoom\xe6\xff\x03\x01    Boom or linuxdoom demo
+# some doom lmp files don't match, I've got one beginning with \x6d\x02\x01\x01
+
+24      string  LxD\ 203        Linuxdoom save
+>0      string  x       , name=%s
+>44     string  x       , world=%s
+
+# Quake
+
+# Update: Joerg Jenderek
+# URL: http://fileformats.archiveteam.org/wiki/PAK
+# reference: https://quakewiki.org/wiki/.pak
+# GRR: line below is too general as it matches also Acorn PackDir compressed Archive
+# and Git pack ./revision
+0       string  PACK    
+# real Quake examples like pak0.pak have only some hundreds like 150 files
+# So test for few files
+>8	ulelong <0x01000000	
+# in file version 5.32 test for null terminator is only true for
+# offset ~< FILE_BYTES_MAX = 1 MB defined in ../../src/file.h 
+# look for null terminator of 1st entry name
+>>(4.l+55)	ubyte	0	Quake I or II world or extension
+!:mime	application/x-dzip
+!:ext	pak
+#>>>8	ulelong	x	\b, table size %u
+# dividing this by entry size (64) gives number of files
+>>>8	ulelong/64 x	\b, %u files
+# offset to the beginning of the file table
+>>>4	ulelong	x	\b, offset %#x
+# 1st file entry
+>>>(4.l)	use	pak-entry
+# 2nd file entry
+#>>>4	ulelong+64	x	\b, offset %#x
+#>>>(4.l+64)	use	pak-entry
+#
+#	display file table entry of Quake PAK archive
+0	name		pak-entry
+# normally entry start after header which implies offset 12 or higher
+>56	ulelong	>11	
+# the offset from the beginning of pak to beginning of this entry file contents
+>>56	ulelong	x	at %#x
+# the size of file for this entry 
+>>60	ulelong	x	%u bytes
+# 56 byte null-terminated entry name string includes path like maps/e1m1.bsp
+>>0	string	x	'%-.56s'
+# inspect entry content by jumping to entry offset
+>>(56)	indirect x	\b: 
+
+#0       string  -1\x0a  Quake I demo
+#>30     string  x        version %.4s
+#>61     string  x        level %s
+
+#0       string  5\x0a   Quake I save
+
+# The levels
+
+# Quake 1
+
+0	string	5\x0aIntroduction             Quake I save: start Introduction
+0	string	5\x0athe_Slipgate_Complex     Quake I save: e1m1 The slipgate complex
+0	string	5\x0aCastle_of_the_Damned     Quake I save: e1m2 Castle of the damned
+0	string	5\x0athe_Necropolis           Quake I save: e1m3 The necropolis
+0	string	5\x0athe_Grisly_Grotto        Quake I save: e1m4 The grisly grotto
+0	string	5\x0aZiggurat_Vertigo         Quake I save: e1m8 Ziggurat vertigo (secret)
+0	string	5\x0aGloom_Keep               Quake I save: e1m5 Gloom keep
+0	string	5\x0aThe_Door_To_Chthon       Quake I save: e1m6 The door to Chthon
+0	string	5\x0aThe_House_of_Chthon      Quake I save: e1m7 The house of Chthon
+0	string	5\x0athe_Installation         Quake I save: e2m1 The installation
+0	string	5\x0athe_Ogre_Citadel         Quake I save: e2m2 The ogre citadel
+0	string	5\x0athe_Crypt_of_Decay       Quake I save: e2m3 The crypt of decay (dopefish lives!)
+0	string	5\x0aUnderearth               Quake I save: e2m7 Underearth (secret)
+0	string	5\x0athe_Ebon_Fortress        Quake I save: e2m4 The ebon fortress
+0	string	5\x0athe_Wizard's_Manse       Quake I save: e2m5 The wizard's manse
+0	string	5\x0athe_Dismal_Oubliette     Quake I save: e2m6 The dismal oubliette
+0	string	5\x0aTermination_Central      Quake I save: e3m1 Termination central
+0	string	5\x0aVaults_of_Zin            Quake I save: e3m2 Vaults of Zin
+0	string	5\x0athe_Tomb_of_Terror       Quake I save: e3m3 The tomb of terror
+0	string	5\x0aSatan's_Dark_Delight     Quake I save: e3m4 Satan's dark delight
+0	string	5\x0athe_Haunted_Halls        Quake I save: e3m7 The haunted halls (secret)
+0	string	5\x0aWind_Tunnels             Quake I save: e3m5 Wind tunnels
+0	string	5\x0aChambers_of_Torment      Quake I save: e3m6 Chambers of torment
+0	string	5\x0athe_Sewage_System        Quake I save: e4m1 The sewage system
+0	string	5\x0aThe_Tower_of_Despair     Quake I save: e4m2 The tower of despair
+0	string	5\x0aThe_Elder_God_Shrine     Quake I save: e4m3 The elder god shrine
+0	string	5\x0athe_Palace_of_Hate       Quake I save: e4m4 The palace of hate
+0	string	5\x0aHell's_Atrium            Quake I save: e4m5 Hell's atrium
+0	string	5\x0athe_Nameless_City        Quake I save: e4m8 The nameless city (secret)
+0	string	5\x0aThe_Pain_Maze            Quake I save: e4m6 The pain maze
+0	string	5\x0aAzure_Agony              Quake I save: e4m7 Azure agony
+0	string	5\x0aShub-Niggurath's_Pit     Quake I save: end Shub-Niggurath's pit
+
+# Quake DeathMatch levels
+
+0	string	5\x0aPlace_of_Two_Deaths	 Quake I save: dm1 Place of two deaths
+0	string	5\x0aClaustrophobopolis		 Quake I save: dm2 Claustrophobopolis
+0	string	5\x0aThe_Abandoned_Base		 Quake I save: dm3 The abandoned base
+0	string	5\x0aThe_Bad_Place		 Quake I save: dm4 The bad place
+0	string	5\x0aThe_Cistern		 Quake I save: dm5 The cistern
+0	string	5\x0aThe_Dark_Zone		 Quake I save: dm6 The dark zone
+
+# Scourge of Armagon
+
+0	string	5\x0aCommand_HQ               Quake I save: start Command HQ
+0	string	5\x0aThe_Pumping_Station      Quake I save: hip1m1 The pumping station
+0	string	5\x0aStorage_Facility         Quake I save: hip1m2 Storage facility
+0	string	5\x0aMilitary_Complex         Quake I save: hip1m5 Military complex (secret)
+0	string	5\x0athe_Lost_Mine            Quake I save: hip1m3 The lost mine
+0	string	5\x0aResearch_Facility        Quake I save: hip1m4 Research facility
+0	string	5\x0aAncient_Realms           Quake I save: hip2m1 Ancient realms
+0	string	5\x0aThe_Gremlin's_Domain     Quake I save: hip2m6 The gremlin's domain (secret)
+0	string	5\x0aThe_Black_Cathedral      Quake I save: hip2m2 The black cathedral
+0	string	5\x0aThe_Catacombs            Quake I save: hip2m3 The catacombs
+0	string	5\x0athe_Crypt__              Quake I save: hip2m4 The crypt
+0	string	5\x0aMortum's_Keep            Quake I save: hip2m5 Mortum's keep
+0	string	5\x0aTur_Torment              Quake I save: hip3m1 Tur torment
+0	string	5\x0aPandemonium              Quake I save: hip3m2 Pandemonium
+0	string	5\x0aLimbo                    Quake I save: hip3m3 Limbo
+0	string	5\x0athe_Edge_of_Oblivion     Quake I save: hipdm1 The edge of oblivion (secret)
+0	string	5\x0aThe_Gauntlet             Quake I save: hip3m4 The gauntlet
+0	string	5\x0aArmagon's_Lair           Quake I save: hipend Armagon's lair
+
+# Malice
+
+0	string	5\x0aThe_Academy      Quake I save: start The academy
+0	string	5\x0aThe_Lab          Quake I save: d1 The lab
+0	string	5\x0aArea_33          Quake I save: d1b Area 33
+0	string	5\x0aSECRET_MISSIONS  Quake I save: d3b Secret missions
+0	string	5\x0aThe_Hospital     Quake I save: d10 The hospital (secret)
+0	string	5\x0aThe_Genetics_Lab Quake I save: d11 The genetics lab (secret)
+0	string	5\x0aBACK_2_MALICE    Quake I save: d4b Back to Malice
+0	string	5\x0aArea44           Quake I save: d1c Area 44
+0	string	5\x0aTakahiro_Towers  Quake I save: d2 Takahiro towers
+0	string	5\x0aA_Rat's_Life     Quake I save: d3 A rat's life
+0	string	5\x0aInto_The_Flood   Quake I save: d4 Into the flood
+0	string	5\x0aThe_Flood        Quake I save: d5 The flood
+0	string	5\x0aNuclear_Plant    Quake I save: d6 Nuclear plant
+0	string	5\x0aThe_Incinerator_Plant    Quake I save: d7 The incinerator plant
+0	string	5\x0aThe_Foundry              Quake I save: d7b The foundry
+0	string	5\x0aThe_Underwater_Base      Quake I save: d8 The underwater base
+0	string	5\x0aTakahiro_Base            Quake I save: d9 Takahiro base
+0	string	5\x0aTakahiro_Laboratories    Quake I save: d12 Takahiro laboratories
+0	string	5\x0aStayin'_Alive    Quake I save: d13 Stayin' alive
+0	string	5\x0aB.O.S.S._HQ      Quake I save: d14 B.O.S.S. HQ
+0	string	5\x0aSHOWDOWN!        Quake I save: d15 Showdown!
+
+# Malice DeathMatch levels
+
+0	string	5\x0aThe_Seventh_Precinct	 Quake I save: ddm1 The seventh precinct
+0	string	5\x0aSub_Station		 Quake I save: ddm2 Sub station
+0	string	5\x0aCrazy_Eights!		 Quake I save: ddm3 Crazy eights!
+0	string	5\x0aEast_Side_Invertationa	 Quake I save: ddm4 East side invertationa
+0	string	5\x0aSlaughterhouse		 Quake I save: ddm5 Slaughterhouse
+0	string	5\x0aDOMINO			 Quake I save: ddm6 Domino
+0	string	5\x0aSANDRA'S_LADDER		 Quake I save: ddm7 Sandra's ladder
+
+
+0	string	MComprHD	MAME CHD compressed hard disk image,
+>12	belong	x		version %u
+
+# MAME input recordings
+
+0	string	MAMEINP\0		MAME input recording
+>8	leqdate	x			at %s,
+>16	leshort	x			format version %d.
+>18	leshort	x			\b%d,
+>20	string	x			%s driver,
+>32	string	x			%s
+
+# doom - submitted by Jon Dowland
+
+0	string	=IWAD		doom main IWAD data
+>4	lelong	x		containing %d lumps
+0	string	=PWAD		doom patch PWAD data
+>4	lelong	x		containing %d lumps
+
+# Build engine group files (Duke Nukem, Shadow Warrior, ...)
+# Extension: .grp
+# Created by: "Ganael Laplanche" <ganael.laplanche@martymac.org>
+0	string	KenSilverman	Build engine group file
+>12	lelong	x		containing %d files
+
+# Summary: Warcraft 3 save
+# Extension: .w3g
+# Created by: "Nelson A. de Oliveira" <naoliv@gmail.com>
+0	string		Warcraft\ III\ recorded\ game	%s
+
+
+# Summary: Warcraft 3 map
+# Extension: .w3m
+# Created by: "Nelson A. de Oliveira" <naoliv@gmail.com>
+0	string		HM3W		Warcraft III map file
+
+
+# Summary: SGF Smart Game Format
+# Extension: .sgf
+# Reference: https://www.red-bean.com/sgf/
+# Created by: Eduardo Sabbatella <eduardo_sabbatella@yahoo.com.ar>
+# Modified by (1): Abel Cheung (regex, more game format)
+# FIXME: Some games don't have GM (game type)
+0	regex		\\(;.*GM\\[[0-9]{1,2}\\]	Smart Game Format
+>2	search/0x200/b	GM[
+>>&0	string		1]	(Go)
+>>&0	string		2]	(Othello)
+>>&0	string		3]	(chess)
+>>&0	string		4]	(Gomoku+Renju)
+>>&0	string		5]	(Nine Men's Morris)
+>>&0	string		6]	(Backgammon)
+>>&0	string		7]	(Chinese chess)
+>>&0	string		8]	(Shogi)
+>>&0	string		9]	(Lines of Action)
+>>&0	string		10]	(Ataxx)
+>>&0	string		11]	(Hex)
+>>&0	string		12]	(Jungle)
+>>&0	string		13]	(Neutron)
+>>&0	string		14]	(Philosopher's Football)
+>>&0	string		15]	(Quadrature)
+>>&0	string		16]	(Trax)
+>>&0	string		17]	(Tantrix)
+>>&0	string		18]	(Amazons)
+>>&0	string		19]	(Octi)
+>>&0	string		20]	(Gess)
+>>&0	string		21]	(Twixt)
+>>&0	string		22]	(Zertz)
+>>&0	string		23]	(Plateau)
+>>&0	string		24]	(Yinsh)
+>>&0	string		25]	(Punct)
+>>&0	string		26]	(Gobblet)
+>>&0	string		27]	(hive)
+>>&0	string		28]	(Exxit)
+>>&0	string		29]	(Hnefatal)
+>>&0	string		30]	(Kuba)
+>>&0	string		31]	(Tripples)
+>>&0	string		32]	(Chase)
+>>&0	string		33]	(Tumbling Down)
+>>&0	string		34]	(Sahara)
+>>&0	string		35]	(Byte)
+>>&0	string		36]	(Focus)
+>>&0	string		37]	(Dvonn)
+>>&0	string		38]	(Tamsk)
+>>&0	string		39]	(Gipf)
+>>&0	string		40]	(Kropki)
+
+##############################################
+# NetImmerse/Gamebryo game engine entries
+
+# Summary: Gamebryo game engine file
+# Extension: .nif, .kf
+# Created by: Abel Cheung <abelcheung@gmail.com>
+0		string		Gamebryo\ File\ Format,\ Version\ 	Gamebryo game engine file
+>&0		regex		[0-9a-z.]+				\b, version %s
+
+# Summary: Gamebryo game engine file
+# Extension: .kfm
+# Created by: Abel Cheung <abelcheung@gmail.com>
+0		string		;Gamebryo\ KFM\ File\ Version\ 		Gamebryo game engine animation File
+>&0		regex		[0-9a-z.]+				\b, version %s
+
+# Summary: NetImmerse game engine file
+# Extension .nif
+# Created by: Abel Cheung <abelcheung@gmail.com>
+0		string		NetImmerse\ File\ Format,\ Version
+>&0		string		n\ 					NetImmerse game engine file
+>>&0		regex		[0-9a-z.]+				\b, version %s
+
+# Type:	SGF Smart Game Format
+# URL:	https://www.red-bean.com/sgf/
+# From:	Eduardo Sabbatella <eduardo_sabbatella@yahoo.com.ar>
+2	regex/c	\\(;.*GM\\[[0-9]{1,2}\\]	Smart Game Format
+>2	regex/c	GM\\[1\\]			- Go Game
+>2	regex/c	GM\\[6\\]			- BackGammon Game
+>2	regex/c	GM\\[11\\]			- Hex Game
+>2	regex/c	GM\\[18\\]			- Amazons Game
+>2	regex/c	GM\\[19\\]			- Octi Game
+>2	regex/c	GM\\[20\\]			- Gess Game
+>2	regex/c	GM\\[21\\]			- twix Game
+
+# Epic Games/Unreal Engine Package
+# URL: https://docs.unrealengine.com/udk/Three/ContentCooking.html
+#      https://eliotvu.com/page/unreal-package-file-format
+# Little-endian version (such as x86 PC)
+0		lelong		0x9E2A83C1	Unreal Engine package (little-endian)
+!:ext		xxx/tfc/upk/me1/u
+>4		uleshort	!0		\b, version %u
+>>6		uleshort	!0		\b/%03u
+>>0		use		upk_header
+# Big-endian version (such as PS3)
+0		belong		0x9E2A83C1	Unreal Engine package (big-endian)
+!:ext		xxx/tfc
+>6		ubeshort	!0		\b, version %u
+>>4		ubeshort	!0		\b/%03u
+>>0		use		\^upk_header
+
+0		name		upk_header
+# Identify game from version and licensee
+>4		ulelong		0x000002b2	(Alice Madness Returns)
+>4		ulelong		0x002f0313	(Aliens: Colonial Marines)
+>4		ulelong		0x005b021b	(Alpha Protocol)
+>4		ulelong		0x0000032c	(AntiChamber)
+>4		ulelong		0x00200223	(APB: All Points Bulletin)
+>4		ulelong		0x004b02d7	(Bioshock Infinite)
+>4		ulelong		0x00380340	(Borderlands 2)
+>4		ulelong		0x001d02e6	(Bulletstorm)
+>4		ulelong		0x00050240	(CrimeCraft)
+>4		ulelong		0x00000356	(Deadlight)
+>4		ulelong		0x001e0321	(Dishonored)
+>4		ulelong		0x000202a6	(Dungeon Defenders)
+>4		ulelong		0x000901ea	(Gears of War)
+>4		ulelong		0x0000023f	(Gears of War 2)
+>4		ulelong		0x0000033c	(Gears of War 3)
+>4		ulelong		0x0000034e	(Gears of War: Judgement)
+>4		ulelong		0x0004035c	(Hawken)
+>4		ulelong		0x0001034a	(Infinity Blade 2)
+>4		ulelong		0x00000350	(InMomentum)
+>4		ulelong		0x0015037D	(Life Is Strange)
+>4		ulelong		0x000b01a5	(Medal of Honor: Airborne)
+>4		ulelong		0x002b0218	(Mirrors Edge)
+>4		ulelong		0x0000027e	(Monday Night Combat)
+>4		ulelong		0x0000024b	(MoonBase Alpha)
+>4		ulelong		0x002e01d8	(Mortal Kombat Komplete Edition 2605)
+>4		ulelong		0x0000035c	(Painkiller HD)
+>4		ulelong		0x0000034d	(Q.U.B.E)
+>4		ulelong		0x80660340	(Quantum Conundrum)
+>4		ulelong		0x0000035b	(Ravaged)
+>4		ulelong		0x00150340	(Remember Me)
+>4		ulelong		0x00060171	(Roboblitz)
+>4		ulelong		0x00000325	(Rock of Ages)
+>4		ulelong		0x0000032a	(Sanctum)
+>4		ulelong		0x00030248	(Saw)
+>4		ulelong		0x007e0248	(Singularity)
+>4		ulelong		0x00090388	(Soldier Front 2)
+>4		ulelong		0x000701e6	(Stargate Worlds)
+>4		ulelong		0x00000334	(Super Monday Night Combat)
+>4		ulelong		0x000002c2	(The Ball)
+>4		ulelong		0x000e0262	(The Exiled Realm of Arborea or TERA)
+>4		ulelong		0x0000035b	(The Five Cores)
+>4		ulelong		0x00000349	(The Haunted: Hells Reach)
+>4		ulelong		0x00000354	(Unmechanical)
+>4		ulelong		0x035c0298	(Unreal Development Kit)
+>4		ulelong		0x00000200	(Unreal Tournament 3)
+>4		ulelong		0x0000032d	(Waves)
+>4		ulelong		0x003b034d	(XCOM: Enemy Unknown)
+# Newer versions insert more headers
+>4		ulelong&0xFFFF	<249
+>>12		lelong		!0		\b, names: %d
+>>28		lelong		!0		\b, imports: %d
+>>20		lelong		!0		\b, exports: %d
+>4		ulelong&0xFFFF	>248
+>>12		belong&0xFF	!0
+>>>12		string		x		\b, folder "%s"
+>>>>&5		lelong		!0		\b, names: %d
+>>>>&21		lelong		!0		\b, imports: %d
+>>>>&13		lelong		!0		\b, exports: %d
+>>12		belong&0xFF	0
+>>>16		belong&0xFF	!0
+>>>>16		string		x		\b, folder "%s"
+>>>>>&5		lelong		!0		\b, names: %d
+>>>>>&21	lelong		!0		\b, imports: %d
+>>>>>&13	lelong		!0		\b, exports: %d
+>>>16		belong&0xFF	0
+>>>>20		string		x		\b, folder "%s"
+>>>>>&5		lelong		!0		\b, names: %d
+>>>>>&21	lelong		!0		\b, imports: %d
+>>>>>&13	lelong		!0		\b, exports: %d
+
+0	string		ESVG
+>4	lelong		0x00160000
+>10	string		TOC\020		Empire Deluxe for DOS saved game
+
+# Sid Meier's Civilization V/VI
+# From: Benjamin Lowry <ben@ben.gmbh>
+0	string	CIV5
+>4	byte	0x08		Sid Meier's Civilization V saved game,
+>>12	regex	[0-9a-z.]+	saved by game version %s
+>4	byte	0x01		Sid Meier's Civilization V replay data,
+>>12	regex	[0-9a-z.]+	saved by game version %s
+
+0	string	CIV6		Sid Meier's Civilization VI saved game
+
+# https://syzygy-tables.info/
+# From Michel Van den Bergh
+0	string	\327f\f\245	Syzygy DTZ tablebase
+!:mime	application/syzygy
+0	string	q\350#]		Syzygy WDL tablebase
+!:mime	application/syzygy
+
+##############################################################################
+# Grand Theft Auto (GTA) file formats.
+#
+# Summary:
+# Includes GTA-specific formats used in all games from 1997 to present. Games
+# and formats were created by Rockstar North, formerly DMA Design. Magic tests
+# were written based on a combination of official and community documentation.
+#
+# Created by: Oliver Galvin <odg@riseup.net>
+#
+# References:
+# * Classic GTA documentation and research:
+#    <https://gitlab.com/classic-gta/gta-data>
+# * Official RenderWare documentation available from EA:
+#    <https://github.com/electronicarts/RenderWare3Docs>
+# * Lots of community research in the GTAMods wiki:
+#    <https://gtamods.com/wiki>
+
+# GTA 2D-Era data - 'Classic' top down games (1/L/2)
+
+## GTA text
+
+0	string	\xbf\xf8\xbd\x49\x62\xbe	GTA1 in-game text (FXT),
+0	string	GBL	GTA2 in-game text (GXT),
+>3	string  	E	English,
+>>4	uleshort	x	version %d
+>3	string  	F	French,
+>>4	uleshort	x	version %d
+>3	string  	G	German,
+>>4	uleshort	x	version %d
+>3	string  	I	Italian,
+>>4	uleshort	x	version %d
+>3	string  	S	Spanish,
+>>4	uleshort	x	version %d
+>3	string  	J	Japanese,
+>>4	uleshort	x	version %d
+
+## GTA maps
+
+0	ulelong 	331	GTA1 map layout (CMP),
+>4	byte    	1	Level 1
+>4	byte    	2	Level 2
+>4	byte    	3	Level 3
+0	string  	GBMP	GTA2/GBH map layout (GMP),
+>4	uleshort	x	version %d
+0	string/t	[MapFiles]	GTA2 multiplayer map metadata (MMP)
+0	string/t	MainOrBonus\ =\ MAIN	GTA2 single player map listing (test1.seq)
+
+## GTA 2D sprites and textures
+
+0	ulelong 	290	GTA1 style data (GRX), 8 bit editor graphics
+0	ulelong 	325	GTA1 style data (GRY), 8 bit in-game graphics
+0	ulelong 	336	GTA1 style data (G24), 24 bit in-game graphics
+0	string  	GBST	GTA2/GBH style data (STY), in-game graphics,
+>4	uleshort	x	version %d
+
+## GTA audio index
+
+0	ulelong	0
+>4	ulelong	<0x40000
+>>8	ulelong	>4500
+>>>8	ulelong	<45000	GTA audio index data (SDT)
+
+## GTA scripts
+
+0	ulelong 	0x00080000
+>4	uleshort	0x0024    	GTA2 binary main script (SCR)
+
+0	uleshort	0x063c    	GTA2 binary mission script (SCR), Residential area (ste)
+0	uleshort	0x055b    	GTA2 binary mission script (SCR), Downtown area (wil)
+0	uleshort	0x0469    	GTA2 binary mission script (SCR), Industrial area (bil)
+
+0	string   	v9.6\0\0 	GTA2 replay file (REP),
+>8	regex/30c	[a-z0-9:\ ]+\0\0	created on %s
+
+# GTA 3D-Era (III/VC/SA/LCS/VCS) - used by the RenderWare engine by Criterion Games
+
+## GTA 3D models and textures - RenderWare binary streams
+
+8	ulelong	0x00000310	RenderWare data, v3.1.0.0, used in GTA III on PS2,
+>0	ulelong	0x00000016	texture archive (TXD)
+>0	ulelong 0x00000010	3D models (DFF)
+8	ulelong	0x0401ffff	RenderWare data, v3.1.0.1, used in GTA III on PC/PS2,
+>0	ulelong	0x00000016	texture archive (TXD)
+>0	ulelong 0x00000010	3D models (DFF)
+8	ulelong	0x0800ffff	RenderWare data, v3.2.0.0, used in GTA III on PC,
+>0	ulelong	0x00000016	texture archive (TXD)
+>0	ulelong 0x00000010	3D models (DFF)
+8	ulelong	0x0c00ffff	RenderWare data, v3.3.0.0,
+>0	ulelong	0x00000016	texture archive (TXD)
+>0	ulelong 0x00000010	3D models (DFF)
+8	ulelong	0x0c02ffff	RenderWare data, v3.3.0.2, used in GTA III PC and GTA VC PS2,
+>0	ulelong	0x00000016	texture archive (TXD)
+>0	ulelong 0x00000010	3D models (DFF)
+8	ulelong	0x1000ffff	RenderWare data, v3.4.0.0,
+>0	ulelong	0x00000016	texture archive (TXD)
+>0	ulelong 0x00000010	3D models (DFF)
+8	ulelong	0x1003ffff	RenderWare data, v3.4.0.3, used in GTA VC PC,
+>0	ulelong	0x00000016	texture archive (TXD)
+>0	ulelong 0x00000010	3D models (DFF)
+8	ulelong	0x1005ffff	RenderWare data, v3.4.0.5, used in GTA III/VC on Android,
+>0	ulelong	0x00000016	texture archive (TXD)
+>0	ulelong 0x00000010	3D models (DFF)
+8	ulelong	0x1400ffff	RenderWare data, v3.5.0.0, used in GTA III/VC on Xbox,
+>0	ulelong	0x00000016	texture archive (TXD)
+>0	ulelong 0x00000010	3D models (DFF)
+8	ulelong	0x1803ffff	RenderWare data, v3.6.0.3, used in GTA SA,
+>0	ulelong	0x00000016	texture archive (TXD)
+>0	ulelong 0x00000010	3D models (DFF)
+
+0	string	COL	RenderWare collision data (COL),
+>3	string	L	version 1, used in GTA III/VC/SA
+>3	string	2	version 2, used in GTA SA
+>3	string	3	version 3, used in GTA SA
+>3	string	4	version 4, used in GTA SA
+
+## GTA items and animations
+
+0	string/c	#\ ipl\ generated\ from\ max\ file	GTA Item Placement data (IPL), used in GTA III/VC
+0	string/b	bnry	GTA Item Placement data (IPL), used in GTA SA/IV,
+>4	ulelong 	x	%d items
+
+0	string	ANP	GTA animation data (IFP),
+>3	string	K	version 1, used in GTA III/VC
+>3	string	3	version 2, used in GTA SA
+
+0	string	GtaSA29	GTA Replay data (REP), used in GTA SA
+
+## GTA text
+
+0	string	TKEY	GTA in-game text (GXT), version 2, used in GTA III
+0	string	TABL	GTA in-game text (GXT), version 3, used in GTA VC/LS/VCS
+
+## GTA scripts
+
+0	string	\x02\x00\x01	GTA script (SCM), used in GTA III/VC/SA
+
+## GTA archives
+
+0	string	VER2	GTA archive (IMG), version 2, used in GTA SA,
+>4	ulelong	x	%d items
+
+# GTA HD-Era (IV/V) - used by the Rockstar Advanced Game Engine (RAGE)
+
+## GTA models and textures - RAGE resources
+# Note: GTA IV formats not yet documented - WAD, WBD, WBN, WHM, WPL
+
+0	ulelong	0x00695254	GTA Drawable data (WDR), model and weapon data, used in GTA IV
+0	ulelong	0x00695238	GTA Windows Frag Type (WFT), vehicle models, used in GTA IV
+0	ulelong	0x006953A4	GTA Ped and LOD models (WDD), used in GTA IV
+0	ulelong	0x00695384	GTA Windows Texture Dictionary (WTD), used in GTA IV
+
+## GTA text
+
+4	string  	TABL	GTA in-game text (GXT),
+>0	uleshort	x	version %d, used in GTA SA/IV
+0	string  	2GXT	GTA in-game text (GXT2), used in GTA V
+
+## GTA scripts
+
+0	ulelong	0x0d524353	GTA script (SCO), unencrypted, used in GTA IV,
+>4	ulelong	x         	%d code bytes,
+>>8	ulelong	x         	%d static variables,
+>>>12	ulelong	x         	%d global variables
+0	ulelong	0x0e726373	GTA script (SCO), encrypted, used in GTA IV
+>4	ulelong	x         	%d code bytes,
+>>8	ulelong	x         	%d static variables,
+>>>12	ulelong	x         	%d global variables
+
+## GTA archives
+
+0	ulelong	0xa94e2a52	GTA archive (IMG),
+>4	ulelong	x        	version %d, used in GTA IV,
+>>8	ulelong	x        	%d items
+
+# RPF[0-8]
+0	ulelong&0xfffffff0 =0x52504630
+>0	ulelong&0xf	<9	RAGE Package Format (RPF), version %d, used in
+>>0	ulelong&0xf	=0	Rockstar Table Tennis,
+>>0	ulelong&0xf	=1	*unknown*
+>>0	ulelong&0xf	=2	GTA IV,
+>>0	ulelong&0xf	=3	GTA IV Audio & Midnight Club: LA,
+>>0	ulelong&0xf	=4	Max Payne 3,
+>>0	ulelong&0xf	=5	*unknown*
+>>0	ulelong&0xf	=6	RDR,
+>>0	ulelong&0xf	=7	GTA V,
+>>0	ulelong&0xf	=8	RDR 2,
+>>4	ulelong 	x	%d bytes,
+>>>8	ulelong 	x	%d entries
+
+# Blitz3D Model File Format
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://github.com/minetest/B3DExport/blob/master/B3DExport.py
+0	string		BB3D
+>4	lelong		>0
+>>8	lelong		>0	Blitz3D Model
+!:ext	b3d
+>>>8	lelong		x	\b, version %d
+
+# Minetest Schematic File Format
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://github.com/minetest/minetest/blob/5.6.1/src/mapgen/mg_schematic.h
+0	string		MTSM	Minetest Schematic
+!:ext	mts
+>4	ubeshort	x	\b, version %d
+>6	ubeshort	x	\b, size [%d
+>8	ubeshort	x	\b, %d
+>10	ubeshort	x	\b, %d]
+
+# MagicaVoxel File Format
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://github.com/ephtracy/voxel-model/blob/ee2216c28a78ebb68691dc6cfa9c4ba429117ea2/MagicaVoxel-file-format-vox.txt
+# Note: This format is used in Veloren voxel RPG.
+0	string		VOX\x20
+>4	lelong		>0	MagicaVoxel model
+!:ext	vox
+>>4	lelong		x	\b, version %d
+
+# Wwise SoundBank
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://wiki.xentax.com/index.php/Wwise_SoundBank_(*.bnk)
+0	string	BKHD
+# Little-endian version (such as x86 PC)
+>4	ulelong	<0x100		Wwise SoundBank (little-endian)
+!:ext	bnk
+>>0	use	wwise_bkhd
+# Big-endian version (such as PS3)
+>4	ubelong	<0x100		Wwise SoundBank (big-endian)
+!:ext	bnk
+>>0	use	\^wwise_bkhd
+
+0	name	wwise_bkhd
+>8	ulelong	x		\b, version %d
+>12	ulelong	x		\b, id %08X
+>16	ulelong	=0x00		\b, SFX
+>16	ulelong	=0x01		\b, arabic
+>16	ulelong	=0x02		\b, bulgarian
+>16	ulelong	=0x03		\b, chinese (HK)
+>16	ulelong	=0x04		\b, chinese (PRC)
+>16	ulelong	=0x05		\b, chinese (Taiwan)
+>16	ulelong	=0x06		\b, czech
+>16	ulelong	=0x07		\b, danish
+>16	ulelong	=0x08		\b, dutch
+>16	ulelong	=0x09		\b, english (Australia)
+>16	ulelong	=0x0A		\b, english (India)
+>16	ulelong	=0x0B		\b, english (UK)
+>16	ulelong	=0x0C		\b, english (US)
+>16	ulelong	=0x0D		\b, finnish
+>16	ulelong	=0x0E		\b, french (Canada)
+>16	ulelong	=0x0F		\b, french (France)
+>16	ulelong	=0x10		\b, german
+>16	ulelong	=0x11		\b, greek
+>16	ulelong	=0x12		\b, hebrew
+>16	ulelong	=0x13		\b, hungarian
+>16	ulelong	=0x14		\b, indonesian
+>16	ulelong	=0x15		\b, italian
+>16	ulelong	=0x16		\b, japanese
+>16	ulelong	=0x17		\b, korean
+>16	ulelong	=0x18		\b, latin
+>16	ulelong	=0x19		\b, norwegian
+>16	ulelong	=0x1A		\b, polish
+>16	ulelong	=0x1B		\b, portuguese (Brazil)
+>16	ulelong	=0x1C		\b, portuguese (Portugal)
+>16	ulelong	=0x1D		\b, romanian
+>16	ulelong	=0x1E		\b, russian
+>16	ulelong	=0x1F		\b, slovenian
+>16	ulelong	=0x20		\b, spanish (Mexico)
+>16	ulelong	=0x21		\b, spanish (Spain)
+>16	ulelong	=0x22		\b, spanish (US)
+>16	ulelong	=0x23		\b, swedish
+>16	ulelong	=0x24		\b, turkish
+>16	ulelong	=0x25		\b, ukrainian
+>16	ulelong	=0x26		\b, vietnamese
+
+# Wwise Audio Package
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://wiki.xentax.com/index.php/Wwise_Audio_PCK
+0	string	AKPK
+# Little-endian version (such as x86 PC)
+>8	ulelong	<0x100	Wwise Audio Package (little-endian)
+!:ext	pck
+# Big-endian version (such as PS3)
+>8	ubelong	<0x100	Wwise Audio Package (big-endian)
+!:ext	pck
diff --git a/magic/Magdir/gcc b/magic/Magdir/gcc
new file mode 100644
index 0000000..ae98dc7
--- /dev/null
+++ b/magic/Magdir/gcc
@@ -0,0 +1,17 @@
+
+#------------------------------------------------------------------------------
+# $File: gcc,v 1.5 2016/07/01 23:31:13 christos Exp $
+# gcc:  file(1) magic for GCC special files
+#
+0	string		gpch		GCC precompiled header
+
+# The version field is annoying.  It's 3 characters, not zero-terminated.
+>5	byte		x			(version %c
+>6	byte		x			\b%c
+>7	byte		x			\b%c)
+
+# 67 = 'C', 111 = 'o', 43 = '+', 79 = 'O'
+>4	byte		67			for C
+>4	byte		111			for Objective-C
+>4	byte		43			for C++
+>4	byte		79			for Objective-C++
diff --git a/magic/Magdir/gconv b/magic/Magdir/gconv
new file mode 100644
index 0000000..eec5ddc
--- /dev/null
+++ b/magic/Magdir/gconv
@@ -0,0 +1,10 @@
+
+#------------------------------------------------------------------------------
+# $File: gconv
+# gconv: file(1) magic for iconv/gconv module configuration cache
+#
+# Magic number defined in glibc/iconv/iconvconfig.h as GCONVCACHE_MAGIC
+#
+# From: Marek Cermak <macermak@redhat.com>
+#
+0		lelong		0x20010324 	gconv module configuration cache data
diff --git a/magic/Magdir/gentoo b/magic/Magdir/gentoo
new file mode 100644
index 0000000..f988047
--- /dev/null
+++ b/magic/Magdir/gentoo
@@ -0,0 +1,85 @@
+#------------------------------------------------------------------------------
+# $File: gentoo,v 1.5 2022/12/26 17:16:55 christos Exp $
+# gentoo:  file(1) magic for gentoo specific formats
+#
+# Summary: Gentoo ebuild Manifest files (GLEP 74)
+# Reference: https://www.gentoo.org/glep/glep-0074.html
+# Submitted by: Michal Gorny <mgorny@gentoo.org>
+# Start by doing a fast check for the most common tags.
+0	string	AUX
+>0	use	gentoo-manifest
+0	string	DATA
+>0	use	gentoo-manifest
+0	string	DIST
+>0	use	gentoo-manifest
+0	string	EBUILD
+>0	use	gentoo-manifest
+0	string	MANIFEST
+>0	use	gentoo-manifest
+
+# Manifest can be PGP-signed.
+0	string	-----BEGIN\040PGP\040SIGNED\040MESSAGE-----
+>34	search/32	\n\n
+>>&0	string	AUX
+>>>&0	use	gentoo-manifest
+>>&0	string	DATA
+>>>&0	use	gentoo-manifest
+>>&0	string	DIST
+>>>&0	use	gentoo-manifest
+>>&0	string	EBUILD
+>>>&0	use	gentoo-manifest
+>>&0	string	MANIFEST
+>>>&0	use	gentoo-manifest
+
+# Use a more detailed regex to verify that we were correct.
+# <tag> <filename> <size> <hash-name> <hash-value>...
+# (<tag>'s already been matched prior to calling)
+0	name	gentoo-manifest
+>&0	regex	[[:space:]]+[[:print:]]+[[:space:]]+[[:digit:]]+[[:space:]]+[[:alnum:]]+[[:space:]]+[[:xdigit:]]{32}	Gentoo Manifest (GLEP 74)
+!:mime	application/vnd.gentoo.manifest
+
+# Summary: Gentoo ebuild and eclass files
+# Reference: https://projects.gentoo.org/pms/8/pms.html
+# Submitted by: Michal Gorny <mgorny@gentoo.org>
+0	search/512	EAPI=
+>0	regex		.*\n[\040\t]*EAPI=["']?	Gentoo ebuild
+>>&0	regex		[[:alnum:]+_.-]+	\b, EAPI %s
+!:mime	application/vnd.gentoo.ebuild
+
+0	search/512	@ECLASS:\040		Gentoo eclass
+>&0	string		x			%s
+!:mime	application/vnd.gentoo.eclass
+
+# Summary: Gentoo supplementary package and category metadata files
+# Reference: https://www.gentoo.org/glep/glep-0068.html
+# Submitted by: Michal Gorny <mgorny@gentoo.org>
+0	string		\<?xml
+>0	search/512	\<catmetadata		Gentoo category metadata file
+!:mime	application/vnd.gentoo.catmetadata+xml
+>0	search/512	\<pkgmetadata		Gentoo package metadata file
+!:mime	application/vnd.gentoo.pkgmetadata+xml
+
+# Summary: Gentoo GLEP 78 binary package
+# Reference: https://www.gentoo.org/glep/glep-0078.html
+# Note: assumes the strict format
+# Submitted by: Michal Gorny <mgorny@gentoo.org>
+
+# GPKG uses ustar (or ustar-compatible GNU format) that starts with
+# a <directory>/gpkg-1 file
+257	string		ustar
+>0	search/100	/gpkg-1\0
+>>0	regex		[^/]+		Gentoo GLEP 78 (GPKG) binary package for "%s"
+!:mime	application/vnd.gentoo.gpkg
+!:ext	tar
+# the logic below requires the gpkg-1 file to be empty
+>>>124	string	00000000000\0
+# determine the compression used by looking at the second member name
+>>>>512	search/100	.tar.
+>>>>>&0	string		gz\0		using gzip compression
+>>>>>&0	string		bz2\0		using bzip2 compression
+>>>>>&0	string		lz\0		using lzip compression
+>>>>>&0	string		lz4\0		using lz4 compression
+>>>>>&0	string		lzo\0		using lzo compression
+>>>>>&0	string		xz\0		using xz compression
+>>>>>&0	string		zst\0		using zstd compression
+>>>>(636.o+1024)	search/611	.sig\0	\b, signed
diff --git a/magic/Magdir/geo b/magic/Magdir/geo
new file mode 100644
index 0000000..1fde25e
--- /dev/null
+++ b/magic/Magdir/geo
@@ -0,0 +1,166 @@
+
+#------------------------------------------------------------------------------
+# $File: geo,v 1.10 2022/10/31 13:22:26 christos Exp $
+# Geo- files from Kurt Schwehr <schwehr@ccom.unh.edu>
+
+######################################################################
+#
+# Acoustic Doppler Current Profilers (ADCP)
+#
+######################################################################
+
+0	beshort	0x7f7f	RDI Acoustic Doppler Current Profiler (ADCP)
+
+######################################################################
+#
+# Metadata
+#
+######################################################################
+
+0	string	Identification_Information	FGDC ASCII metadata
+
+######################################################################
+#
+# Seimsic / Subbottom
+#
+######################################################################
+
+# Knudsen subbottom chirp profiler - Binary File Format: B9
+# KEB D409-03167 V1.75 Huffman
+0	string	KEB\ 	Knudsen seismic KEL binary (KEB) -
+>4	regex	[-A-Z0-9]+	Software: %s
+>>&1	regex	V[0-9]+\\.[0-9]+	version %s
+
+######################################################################
+#
+# LIDAR - Laser altimetry or bathy
+#
+######################################################################
+
+
+# Caris LIDAR format for LADS comes as two parts... ascii location file and binary waveform data
+0	string	HCA	LADS Caris Ascii Format (CAF) bathymetric lidar
+>4	regex [0-9]+\\.[0-9]+	version %s
+
+0	string	HCB	LADS Caris Binary Format (CBF) bathymetric lidar waveform data
+>3      byte    x	version %d .
+>4	byte	x	%d
+
+
+######################################################################
+#
+# MULTIBEAM SONARS https://www.ldeo.columbia.edu/res/pi/MB-System/formatdoc/
+#
+######################################################################
+
+# GeoAcoustics - GeoSwath Plus
+# Update:	Joerg Jenderek
+# URL:		https://www.mbari.org/products/research-software/mb-system/
+# Reference:	http://ccom.unh.edu/sites/default/files/news-and-events/conferences/auv-bootcamp/
+#		GS%2B-6063-BB-GS%2B-Broadcast-Raw-Data-File-Format-Command-Specification.pdf
+# Note:		All data is written using Intel 80x86 byte ordering (LSB to MSB)
+# raw_header_siz; file header size is 544 bytes
+4	beshort	0x2002
+# GRR: line above is too general as it matches also some Microsoft Event Trace Logs *.ETL
+# skip many (63/753) Microsoft Event Trace Logs (AMSITrace.etl lxcore_kernel.etl NotificationUxBroker.052.etl WindowsBackup.4.etl) with invalid "low" ping header size 0
+>6	leshort	>0	GeoSwath RDF
+# skip foo samples with invalid "high" spare bytes
+#>>536	ulequad	=0	OK_THIS_IS_GeoSwath_RDF
+#!:mime	application/octet-stream
+!:mime	application/x-geoswath-rdf
+# http://ccom.unh.edu/sites/default/files/news-and-events/conferences/auv-bootcamp/060116342.rdf
+!:ext	rdf
+# filename; original file name like: "C:\GS+\Projects\Default\Raw Data Files\060116342.rdf"
+>>8	string	x	"%-.512s"
+# version[8]; recording software version number like: 3.16c
+>>527	string	x	\b, version %-.8s
+# creation; unsigned int file creation time; WHAT time format is this? 
+>>0	ulelong	x	\b, creation time %#8.8x
+# raw_ping_header_size; size of ping header in bytes like: 64
+>>6	leshort	!64	\b, ping header size %d
+# frequency; system frequency in hertz like: 500000
+>>520	lelong	x	\b, frequency %d
+# echo_type; Echosounder type index like: 1
+>>524	leshort	x	\b, echo type %#x
+# file_mode; file mode mask (0x00 bathy & sidescan, 0x80 bathy, 0x40 sidescan, 0x20 seismic)
+>>526	ubyte	!0	\b, file mode %#2.2x
+# pps_mode; PPS synch mode like: 2
+>>535	byte	x	\b, pps mode %#x
+# char spare[8]; apparently zeroed
+>>536	ubequad	!0	\b, spare %#16.16llx
+# Ping_number; 1st ping number like: 4944
+>>544	lelong	x	\b, 1st ping number %d
+
+0	string	Start:-	GeoSwatch auf text file
+
+# Seabeam 2100
+# mbsystem code mb41
+0	string SB2100	SeaBeam 2100 multibeam sonar
+0	string SB2100DR	SeaBeam 2100 DR multibeam sonar
+0	string SB2100PR SeaBeam 2100 PR multibeam sonar
+
+# This corresponds to MB-System format 94, L-3/ELAC/SeaBeam XSE vendor
+# format. It is the format of our upgraded SeaBeam 2112 on R/V KNORR.
+0    string $HSF    XSE multibeam
+
+# mb121 https://www.saic.com/maritime/gsf/
+8	string	GSF-v	SAIC generic sensor format (GSF) sonar data,
+>&0	regex [0-9]+\\.[0-9]+	version %s
+
+# MGD77 - https://www.ngdc.noaa.gov/mgg/dat/geodas/docs/mgd77.htm
+# mb161
+9	string MGD77	MGD77 Header, Marine Geophysical Data Exchange Format
+
+# MBSystem processing caches the mbinfo output
+1	string	Swath\ Data\ File:	mbsystem info cache
+
+# Caris John Hughes Clark format
+0	string	HDCS	Caris multibeam sonar related data
+1	string	Start/Stop\ parameter\ header:	Caris ASCII project summary
+
+######################################################################
+#
+# Visualization and 3D modeling
+#
+######################################################################
+
+# IVS - IVS3d.com Tagged Data Representation
+0	string	%%\ TDR\ 2.0	IVS Fledermaus TDR file
+
+# http://www.ecma-international.org/publications/standards/Ecma-363.htm
+# 3D in PDFs
+0	string	U3D	ECMA-363, Universal 3D
+
+######################################################################
+#
+# Support files
+#
+######################################################################
+
+# https://midas.psi.ch/elog/
+0	string	$@MID@$	elog journal entry
+
+# Geospatial Designs https://www.geospatialdesigns.com/surfer6_format.htm
+0	string		DSBB	Surfer 6 binary grid file
+>4	leshort		x	\b, %d
+>6	leshort		x	\bx%d
+>8	ledouble	x	\b, minx=%g
+>16	ledouble	x	\b, maxx=%g
+>24	ledouble	x	\b, miny=%g
+>32	ledouble	x	\b, maxy=%g
+>40	ledouble	x	\b, minz=%g
+>48	ledouble	x	\b, maxz=%g
+
+# magic for LAS format files
+# alex myczko <alex@aiei.ch>
+# https://www.asprs.org/wp-content/uploads/2010/12/LAS_1_3_r11.pdf
+0	string		LASF	LIDAR point data records
+>24	byte		>0	\b, version %u
+>25	byte		>0	\b.%u
+>26	string		>\0	\b, SYSID %s
+>58	string		>\0	\b, Generating Software %s
+
+# magic for PCD format files
+# alex myczko <alex@aiei.ch>
+# http://pointclouds.org/documentation/tutorials/pcd_file_format.php
+0	string		#\ .PCD	Point Cloud Data
diff --git a/magic/Magdir/geos b/magic/Magdir/geos
new file mode 100644
index 0000000..66c2bd1
--- /dev/null
+++ b/magic/Magdir/geos
@@ -0,0 +1,20 @@
+
+#------------------------------------------------------------------------------
+# $File: geos,v 1.4 2009/09/19 16:28:09 christos Exp $
+# GEOS files (Vidar Madsen, vidar@gimp.org)
+# semi-commonly used in embedded and handheld systems.
+0	belong	0xc745c153	GEOS
+>40	byte	1	executable
+>40	byte	2	VMFile
+>40	byte	3	binary
+>40	byte	4	directory label
+>40	byte	<1	unknown
+>40	byte	>4	unknown
+>4	string	>\0	\b, name "%s"
+#>44	short	x	\b, version %d
+#>46	short	x	\b.%d
+#>48	short	x	\b, rev %d
+#>50	short	x	\b.%d
+#>52	short	x	\b, proto %d
+#>54	short	x	\br%d
+#>168	string	>\0	\b, copyright "%s"
diff --git a/magic/Magdir/gimp b/magic/Magdir/gimp
new file mode 100644
index 0000000..e763cbe
--- /dev/null
+++ b/magic/Magdir/gimp
@@ -0,0 +1,77 @@
+
+#------------------------------------------------------------------------------
+# $File: gimp,v 1.10 2019/10/15 18:19:40 christos Exp $
+# GIMP Gradient: file(1) magic for the GIMP's gradient data files (.ggr)
+# by Federico Mena <federico@nuclecu.unam.mx>
+
+0       string/t        GIMP\ Gradient  GIMP gradient data
+#!:mime	text/plain
+!:mime	text/x-gimp-ggr
+!:ext	ggr
+
+# GIMP palette (.gpl)
+# From: Markus Heidelberg <markus.heidelberg@web.de>
+0       string/t        GIMP\ Palette   GIMP palette data
+# URL:		https://docs.gimp.org/en/gimp-concepts-palettes.html
+# Reference:	http://fileformats.archiveteam.org/wiki/GIMP_Palette
+#!:mime	text/plain
+!:mime	text/x-gimp-gpl
+!:ext	gpl
+
+#------------------------------------------------------------------------------
+# XCF:  file(1) magic for the XCF image format used in the GIMP (.xcf) developed
+#       by Spencer Kimball and Peter Mattis
+#       ('Bucky' LaDieu, nega@vt.edu)
+
+# URL:		https://en.wikipedia.org/wiki/XCF_(file_format)
+# Reference:	https://gitlab.gnome.org/GNOME/gimp/blob/master/devel-docs/xcf.txt
+0	string		gimp\ xcf	GIMP XCF image data,
+!:mime	image/x-xcf
+!:ext	xcf
+>9	string		file		version 0,
+>9	string		v		version
+>>10	string		>\0		%s,
+>14	belong		x		%u x
+>18	belong		x		%u,
+>22     belong          0               RGB Color
+>22     belong          1               Greyscale
+>22     belong          2               Indexed Color
+>22	belong		>2		Unknown Image Type.
+
+#------------------------------------------------------------------------------
+# XCF:  file(1) magic for the patterns used in the GIMP (.pat), developed
+#       by Spencer Kimball and Peter Mattis
+#       ('Bucky' LaDieu, nega@vt.edu)
+
+# Reference:	http://fileformats.archiveteam.org/wiki/GIMP_Pattern
+20      string          GPAT            GIMP pattern data,
+>24     string          x               %s
+!:mime	image/x-gimp-pat
+!:ext	pat
+
+#------------------------------------------------------------------------------
+# XCF:  file(1) magic for the brushes used in the GIMP (.gbr), developed
+#       by Spencer Kimball and Peter Mattis
+#       ('Bucky' LaDieu, nega@vt.edu)
+
+20      string          GIMP            GIMP brush data
+# Reference:	http://fileformats.archiveteam.org/wiki/GIMP_Brush
+!:mime	image/x-gimp-gbr
+# some sources also list gpb
+!:ext	gbr
+
+# From:		Joerg Jenderek
+# URL:		https://docs.gimp.org/en/gimp-using-animated-brushes.html
+# Reference:	http://fileformats.archiveteam.org/wiki/GIMP_Animated_Brush
+# share\gimp\2.0\brushes\Legacy\confetti.gih
+0	search/21/b	\040ncells:		GIMP animated brush data
+!:mime	image/x-gimp-gih
+!:ext	gih
+
+# GIMP Curves File
+# From: "Nelson A. de Oliveira" <naoliv@gmail.com>
+0	string	#\040GIMP\040Curves\040File	GIMP curve file
+#!:mime	text/plain
+!:mime	text/x-gimp-curve
+!:ext	/txt
+
diff --git a/magic/Magdir/git b/magic/Magdir/git
new file mode 100644
index 0000000..67eab32
--- /dev/null
+++ b/magic/Magdir/git
@@ -0,0 +1,13 @@
+
+#------------------------------------------------------------------------------
+# $File: git,v 1.2 2020/08/09 16:57:15 christos Exp $
+# git:  file(1) magic for Git objects
+
+0	string	blob\040
+>5	regex	[0-9a-f]+		Git blob %s
+
+0	string	tree\040
+>5	regex	[0-9a-f]+		Git tree %s
+
+0	string	commit\040
+>7	regex	[0-9a-f]+		Git commit %s
diff --git a/magic/Magdir/glibc b/magic/Magdir/glibc
new file mode 100644
index 0000000..3b856f3
--- /dev/null
+++ b/magic/Magdir/glibc
@@ -0,0 +1,21 @@
+
+#------------------------------------------------------------------------------
+# $File: glibc,v 1.1 2018/10/11 15:35:43 christos Exp $
+# glibc locale files
+#
+# https://sourceware.org/git/?p=glibc.git;f=locale/localeinfo.h;h=68822a63#l32
+
+0	belong	0x20070920	glibc locale file LC_CTYPE
+0	belong	0x14110320	glibc locale file LC_NUMERIC
+0	belong	0x17110320	glibc locale file LC_TIME
+0	belong	0x17100520	glibc locale file LC_COLLATE
+0	belong	0x11110320	glibc locale file LC_MONETARY
+0	belong	0x10110320	glibc locale file LC_MESSAGES
+0	belong	0x13110320	glibc locale file LC_ALL
+0	belong	0x12110320	glibc locale file LC_PAPER
+0	belong	0x1d110320	glibc locale file LC_NAME
+0	belong	0x1c110320	glibc locale file LC_ADDRESS
+0	belong	0x1f110320	glibc locale file LC_TELEPHONE
+0	belong	0x1e110320	glibc locale file LC_MEASUREMENT
+0	belong	0x19110320	glibc locale file LC_IDENTIFICATION
+
diff --git a/magic/Magdir/gnome b/magic/Magdir/gnome
new file mode 100644
index 0000000..7a45d1d
--- /dev/null
+++ b/magic/Magdir/gnome
@@ -0,0 +1,59 @@
+
+#------------------------------------------------------------------------------
+# $File: gnome,v 1.7 2020/06/23 16:17:08 christos Exp $
+# GNOME related files
+
+# Contributed by Josh Triplett
+# FIXME: Could be simplified if pstring supported two-byte counts
+0         string   GnomeKeyring\n\r\0\n GNOME keyring
+>&0       ubyte    0                    \b, major version 0
+>>&0      ubyte    0                    \b, minor version 0
+>>>&0     ubyte    0                    \b, crypto type 0 (AES)
+>>>&0     ubyte    >0                   \b, crypto type %u (unknown)
+>>>&1     ubyte    0                    \b, hash type 0 (MD5)
+>>>&1     ubyte    >0                   \b, hash type %u (unknown)
+>>>&2     ubelong  0xFFFFFFFF           \b, name NULL
+>>>&2     ubelong  !0xFFFFFFFF
+>>>>&-4   ubelong  >255                 \b, name too long for file's pstring type
+>>>>&-4   ubelong  <256
+>>>>>&-1  pstring  x                    \b, name "%s"
+>>>>>>&0  ubeqdate x                    \b, last modified %s
+>>>>>>&8  ubeqdate x                    \b, created %s
+>>>>>>&16 ubelong  &1
+>>>>>>>&0 ubelong  x                    \b, locked if idle for %u seconds
+>>>>>>&16 ubelong  ^1                   \b, not locked if idle
+>>>>>>&24 ubelong  x                    \b, hash iterations %u
+>>>>>>&28 ubequad  x                    \b, salt %llu
+>>>>>>&52 ubelong  x                    \b, %u item(s)
+
+# From: Alex Beregszaszi <alex@fsn.hu>
+4	string	gtktalog		GNOME Catalogue (gtktalog)
+>13	string	>\0			version %s
+
+# Summary: GStreamer binary registry
+# Extension: .bin
+# Submitted by: Josh Triplett <josh@joshtriplett.org>
+0	belong	0xc0def00d		GStreamer binary registry
+>4	string	x			\b, version %s
+
+# GVariant Database file
+# By Elan Ruusamae <glen@delfi.ee>
+# https://github.com/GNOME/gvdb/blob/master/gvdb-format.h
+# It's always "GVariant", it's byte swapped on incompatible archs
+# See https://github.com/GNOME/gvdb/blob/master/gvdb-builder.c
+# file_builder_serialise()
+# https://developer.gnome.org/glib/2.34/glib-GVariant.html#GVariant
+0	string	GVariant	GVariant Database file,
+# version is never filled. probably future extension
+>8	lelong	x		version %d
+# not sure are these usable, so commented out
+#>>16	lelong	x		start %d,
+#>>>20	lelong	x		end %d
+
+# G-IR database made by gobject-introspect toolset,
+# https://live.gnome.org/GObjectIntrospection
+0	string		GOBJ\nMETADATA\r\n\032	G-IR binary database
+>16	byte		x			\b, v%d
+>17	byte		x			\b.%d
+>20	short		x			\b, %d entries
+>22	short		x			\b/%d local
diff --git a/magic/Magdir/gnu b/magic/Magdir/gnu
new file mode 100644
index 0000000..761d657
--- /dev/null
+++ b/magic/Magdir/gnu
@@ -0,0 +1,173 @@
+
+#------------------------------------------------------------------------------
+# $File: gnu,v 1.24 2021/04/26 15:56:00 christos Exp $
+# gnu:  file(1) magic for various GNU tools
+#
+# GNU nlsutils message catalog file format
+#
+# GNU message catalog (.mo and .gmo files)
+
+# Update: Joerg Jenderek
+# URL: https://www.gnu.org/software/gettext/manual/html_node/MO-Files.html
+# Reference: ftp://ftp.gnu.org/pub/gnu/gettext/gettext-0.19.8.tar.gz/
+#	gettext-0.19.8.1/gettext-runtime/intl/gmo.h
+# Note: maybe call it like "GNU translation gettext machine object"
+0	string		\336\22\4\225	GNU message catalog (little endian),
+#0	ulelong	0x950412DE		GNU-format message catalog data
+# TODO: write lines in such a way that code can also be called for big endian variant
+#>0	use		gettext-object
+#0	name		gettext-object
+>4	ulelong		x		revision
+!:mime	application/x-gettext-translation
+# mo extension is also used for Easeus Partition Master PE32 executable module
+# like ConvertFatToNTFS.mo
+!:ext	gmo/mo
+# only found three revision combinations 0.0 0.1 1.1 as unsigned 32-bit
+# major revision
+>4	ulelong/0xFFff	x		%u.
+# minor revision
+>4	ulelong&0x0000FFff	x	\b%u
+>>8	ulelong		x		\b, %u message
+# plural s
+>>8	ulelong		>1		\bs
+# size of hashing table
+#>20	ulelong		x		\b, %u hash
+#>20	ulelong		>1		\bes
+#>24	ulelong		x		at %#x
+# for revision x.0 offset of table with originals is 1Ch if directly after header
+>4	ulelong&0x0000FFff	=0
+>>12	ulelong		!0x1C		\b, at %#x string table
+# but for x.1 table offset i found is 30h. That means directly after bigger header
+>4	ulelong&0x0000FFff	>0
+>>12	ulelong		!0x30		\b, at %#x string table
+# The following variables are only used in .mo files with minor revision >= 1
+# number of system dependent segments
+#>>28	ulelong		x		\b, %u segment
+#>>28	ulelong		>1		\bs
+# offset of table describing system dependent segments
+#>>32	ulelong		x		at %#x
+# number of system dependent strings pairs
+>>36	ulelong		x		\b, %u sysdep message
+>>36	ulelong		>1		\bs
+# offset of table with start offsets of original sysdep strings
+#>>40	ulelong		x		\b, at %#x sysdep strings
+# offset of table with start offsets of translated sysdep strings
+#>>44	ulelong		x		\b, at %#x sysdep translations
+# >>(44.l)	ulelong	x		%#x chars
+# >>>&0		ulelong	x		at %#x
+# >>>>(&-4)	string	x		"%s"
+# string table after big header
+#>>48	ubequad		x		\b, string table %#llx
+#
+# 0th string length seems to be always 0
+#>(12.l)	ulelong	x		\b, %u chars
+#>>&0		ulelong	x		at %#x
+# if 1st string length positive inspect offset and string
+#>(12.l+8)	ulelong	>0		\b, %u chars
+#>>&0		ulelong	x		at %#x
+# if 2nd string length positive inspect offset and string
+# >(12.l+16)	ulelong	>0		\b, %u chars
+# >>&0		ulelong	x		at %#x
+# skip newline byte
+#>>>(&-4)	ubyte	=0x0A
+#>>>>&0		string	x		"%s"
+#>>>(&-4)	ubyte	!0x0A
+#>>>>&-1		string	x		'%s'
+# offset of table with translation strings
+#>16	ulelong		x		\b, at %#x translation table
+# check translation 0 length and offset
+>(16.l)		ulelong	>0
+>>&0		ulelong	x
+# translation 0 seems to be often Project-Id with name and version
+>>>(&-4)	string	x		\b, %s
+# trans. 1 with bytes >= 1 unlike icoutils-0.31.0\po\en@boldquot.gmo with 1 NL
+>(16.l+8)	ulelong	>1
+>>&0		ulelong	x
+>>>(&-4)	ubyte	!0x0A
+>>>>&-1		string	x		'%s'
+# 1 New Line like in tar-1.29\po\de.gmo
+>>>(&-4)	ubyte	=0x0A
+>>>>&0		ubyte	!0x0A
+>>>>>&-1	string	x		'%s'
+# 2nd New Line like in parted-3.1\po\de.gmo
+>>>>&0		ubyte	=0x0A
+>>>>>&0		string	x		'%s'
+
+0	string		\225\4\22\336	GNU message catalog (big endian),
+#0	ubelong	0x950412DE		GNU-format message catalog data
+!:mime	application/x-gettext-translation
+!:ext	gmo/mo
+# TODO: for big endian use same code as for little endian
+#>0	use		\^gettext-object
+# DEBUG code
+#>16	ubelong		x		\b, at %#x translation table
+#>(16.L)		ubelong	x		%#x chars
+#>>&0		ubelong	x		at %#x
+# unexpected value HERE!
+#>>>(&-4)	ubequad	x		%#llx
+#
+>4	beshort		x		revision %d.
+>6	beshort		>0		\b%d,
+>>8	belong		x		%d messages,
+>>36	belong		x		%d sysdep messages
+>6	beshort		=0		\b%d,
+>>8	belong		x		%d messages
+
+
+# GnuPG
+# The format is very similar to pgp
+0	string          \001gpg                 GPG key trust database
+>4	byte            x                       version %d
+# Note: magic.mime had 0x8501 for the next line instead of 0x8502
+0	beshort		0x8502			GPG encrypted data
+!:mime	text/PGP # encoding: data
+
+# Update: Joerg Jenderek
+# Note:	PGP and GPG use same data structure.
+#	So recognition is now done by ./pgp with start test for byte 0x99
+# This magic is not particularly good, as the keyrings don't have true
+# magic. Nevertheless, it covers many keyrings.
+# 0	ubeshort-0x9901	<2
+# >3	byte		4
+# >>4	bedate		x		GPG key public ring, created %s
+# !:mime application/x-gnupg-keyring
+
+# Symmetric encryption
+0	leshort		0x0d8c
+>4	leshort		0x0203
+>>2	leshort		0x0204		GPG symmetrically encrypted data (3DES cipher)
+>>2	leshort		0x0304		GPG symmetrically encrypted data (CAST5 cipher)
+>>2	leshort		0x0404		GPG symmetrically encrypted data (BLOWFISH cipher)
+>>2	leshort		0x0704		GPG symmetrically encrypted data (AES cipher)
+>>2	leshort		0x0804		GPG symmetrically encrypted data (AES192 cipher)
+>>2	leshort		0x0904		GPG symmetrically encrypted data (AES256 cipher)
+>>2	leshort		0x0a04		GPG symmetrically encrypted data (TWOFISH cipher)
+>>2	leshort		0x0b04		GPG symmetrically encrypted data (CAMELLIA128 cipher)
+>>2	leshort		0x0c04		GPG symmetrically encrypted data (CAMELLIA192 cipher)
+>>2	leshort		0x0d04		GPG symmetrically encrypted data (CAMELLIA256 cipher)
+
+
+# GnuPG Keybox file
+# <https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=kbx/keybox-blob.c;hb=HEAD>
+# From: Philipp Hahn <hahn@univention.de>
+0	belong	32
+>4	byte	1
+>>8	string	KBXf	GPG keybox database
+>>>5	byte	1	version %d
+>>>16	bedate	x	\b, created-at %s
+>>>20	bedate	x	\b, last-maintained %s
+
+
+# From: James Youngman <jay@gnu.org>
+# gnu find magic
+0	string	\0LOCATE	GNU findutils locate database data
+>7	string	>\0		\b, format %s
+>7	string	02		\b (frcode)
+
+# Files produced by GNU gettext
+
+# gettext message catalogue
+0	search/1024	\nmsgid
+>&0	search/1024	\nmsgstr	GNU gettext message catalogue text
+!:strength +100
+!:mime text/x-po
diff --git a/magic/Magdir/gnumeric b/magic/Magdir/gnumeric
new file mode 100644
index 0000000..928ad3e
--- /dev/null
+++ b/magic/Magdir/gnumeric
@@ -0,0 +1,8 @@
+
+#------------------------------------------------------------------------------
+# $File: gnumeric,v 1.4 2009/09/19 16:28:09 christos Exp $
+# gnumeric:  file(1) magic for Gnumeric spreadsheet
+# This entry is only semi-helpful, as Gnumeric compresses its files, so
+# they will ordinarily reported as "compressed", but at least -z helps
+39	string	=<gmr:Workbook	Gnumeric spreadsheet
+!:mime	application/x-gnumeric
diff --git a/magic/Magdir/gpt b/magic/Magdir/gpt
new file mode 100644
index 0000000..c2fd51c
--- /dev/null
+++ b/magic/Magdir/gpt
@@ -0,0 +1,240 @@
+
+#------------------------------------------------------------------------------
+# $File: gpt,v 1.5 2020/12/12 20:01:47 christos Exp $
+#
+# GPT Partition table patterns.
+# Author: Rogier Goossens (goossens.rogier@gmail.com)
+# Note that a GPT-formatted disk must contain an MBR as well.
+#
+
+# The initial segment (up to >>>>>>>>422) was copied from the X86
+# partition table code (aka MBR).
+# This is kept separate, so that MBR partitions are not reported as well.
+# (use -k if you do want them as well)
+
+# First, detect the MBR partition table
+# If more than one GPT protective MBR partition exists, don't print anything
+# (the other MBR detection code will then just print the MBR partition table)
+0x1FE			leshort		0xAA55
+>3			string		!MS
+>>3			string		!SYSLINUX
+>>>3			string		!MTOOL
+>>>>3			string		!NEWLDR
+>>>>>5			string		!DOS
+# not FAT (32 bit)
+>>>>>>82		string		!FAT32
+#not Linux kernel
+>>>>>>>514		string		!HdrS
+#not BeOS
+>>>>>>>>422		string		!Be\ Boot\ Loader
+# GPT with protective MBR entry in partition 1 (only)
+>>>>>>>>>450		ubyte		0xee
+>>>>>>>>>>466		ubyte		!0xee
+>>>>>>>>>>>482		ubyte		!0xee
+>>>>>>>>>>>>498		ubyte		!0xee
+#>>>>>>>>>>>>>446	use		gpt-mbr-partition
+>>>>>>>>>>>>>(454.l*8192)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>0			use		gpt-mbr-type
+>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>0			ubyte		x		of 8192 bytes
+>>>>>>>>>>>>>(454.l*8192)	string		!EFI\ PART
+>>>>>>>>>>>>>>(454.l*4096)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>0		ubyte		x		of 4096 bytes
+>>>>>>>>>>>>>>(454.l*4096)	string		!EFI\ PART
+>>>>>>>>>>>>>>>(454.l*2048)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>>0		ubyte		x		of 2048 bytes
+>>>>>>>>>>>>>>>(454.l*2048)	string		!EFI\ PART
+>>>>>>>>>>>>>>>>(454.l*1024)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>>>0		ubyte		x		of 1024 bytes
+>>>>>>>>>>>>>>>>(454.l*1024)	string		!EFI\ PART
+>>>>>>>>>>>>>>>>>(454.l*512)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>>>>0		ubyte		x		of 512 bytes
+# GPT with protective MBR entry in partition 2 (only)
+>>>>>>>>>450		ubyte		!0xee
+>>>>>>>>>>466		ubyte		0xee
+>>>>>>>>>>>482		ubyte		!0xee
+>>>>>>>>>>>>498		ubyte		!0xee
+#>>>>>>>>>>>>>462	use		gpt-mbr-partition
+>>>>>>>>>>>>>(470.l*8192)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>0			use		gpt-mbr-type
+>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>0			ubyte		x		of 8192 bytes
+>>>>>>>>>>>>>(470.l*8192)	string		!EFI\ PART
+>>>>>>>>>>>>>>(470.l*4096)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>0		ubyte		x		of 4096 bytes
+>>>>>>>>>>>>>>(470.l*4096)	string		!EFI\ PART
+>>>>>>>>>>>>>>>(470.l*2048)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>>0		ubyte		x		of 2048 bytes
+>>>>>>>>>>>>>>>(470.l*2048)	string		!EFI\ PART
+>>>>>>>>>>>>>>>>(470.l*1024)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>>>0		ubyte		x		of 1024 bytes
+>>>>>>>>>>>>>>>>(470.l*1024)	string		!EFI\ PART
+>>>>>>>>>>>>>>>>>(470.l*512)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>>>>0		ubyte		x		of 512 bytes
+# GPT with protective MBR entry in partition 3 (only)
+>>>>>>>>>450		ubyte		!0xee
+>>>>>>>>>>466		ubyte		!0xee
+>>>>>>>>>>>482		ubyte		0xee
+>>>>>>>>>>>>498		ubyte		!0xee
+#>>>>>>>>>>>>>478	use		gpt-mbr-partition
+>>>>>>>>>>>>>(486.l*8192)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>0			use		gpt-mbr-type
+>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>0			ubyte		x		of 8192 bytes
+>>>>>>>>>>>>>(486.l*8192)	string		!EFI\ PART
+>>>>>>>>>>>>>>(486.l*4096)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>0		ubyte		x		of 4096 bytes
+>>>>>>>>>>>>>>(486.l*4096)	string		!EFI\ PART
+>>>>>>>>>>>>>>>(486.l*2048)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>>0		ubyte		x		of 2048 bytes
+>>>>>>>>>>>>>>>(486.l*2048)	string		!EFI\ PART
+>>>>>>>>>>>>>>>>(486.l*1024)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>>>0		ubyte		x		of 1024 bytes
+>>>>>>>>>>>>>>>>(486.l*1024)	string		!EFI\ PART
+>>>>>>>>>>>>>>>>>(486.l*512)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>>>>0		ubyte		x		of 512 bytes
+# GPT with protective MBR entry in partition 4 (only)
+>>>>>>>>>450		ubyte		!0xee
+>>>>>>>>>>466		ubyte		!0xee
+>>>>>>>>>>>482		ubyte		!0xee
+>>>>>>>>>>>>498		ubyte		0xee
+#>>>>>>>>>>>>>494	use		gpt-mbr-partition
+>>>>>>>>>>>>>(502.l*8192)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>0			use		gpt-mbr-type
+>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>0			ubyte		x		of 8192 bytes
+>>>>>>>>>>>>>(502.l*8192)	string		!EFI\ PART
+>>>>>>>>>>>>>>(502.l*4096)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>0		ubyte		x		of 4096 bytes
+>>>>>>>>>>>>>>(502.l*4096)	string		!EFI\ PART
+>>>>>>>>>>>>>>>(502.l*2048)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>>0		ubyte		x		of 2048 bytes
+>>>>>>>>>>>>>>>(502.l*2048)	string		!EFI\ PART
+>>>>>>>>>>>>>>>>(502.l*1024)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>>>0		ubyte		x		of 1024 bytes
+>>>>>>>>>>>>>>>>(502.l*1024)	string		!EFI\ PART
+>>>>>>>>>>>>>>>>>(502.l*512)	string		EFI\ PART	GPT partition table
+>>>>>>>>>>>>>>>>>>0		use		gpt-mbr-type
+>>>>>>>>>>>>>>>>>>&-8		use		gpt-table
+>>>>>>>>>>>>>>>>>>0		ubyte		x		of 512 bytes
+
+# The following code does GPT detection and processing, including
+# sector size detection.
+# It has to be duplicated above because the top-level pattern
+# (i.e. not called using 'use') must print *something* for file
+# to count it as a match. Text only printed in named patterns is
+# not counted, and causes file to continue, and try and match
+# other patterns.
+#
+# Unfortunately, when assuming sector sizes >=16k, if the sector size
+# happens to be 512 instead, we may find confusing data after the GPT
+# table...  If the GPT table has less than 128 entries, this may even
+# happen for assumed sector sizes as small as 4k
+# This could be solved by checking for the presence of the backup GPT
+# header as well, but that makes the logic extremely complex
+##0		name		gpt-mbr-partition
+##>(8.l*8192)	string		EFI\ PART
+##>>(8.l*8192)	use		gpt-mbr-type
+##>>&-8		use		gpt-table
+##>>0		ubyte		x		of 8192 bytes
+##>(8.l*8192)	string		!EFI\ PART
+##>>(8.l*4096)	string		EFI\ PART	GPT partition table
+##>>>0		use		gpt-mbr-type
+##>>>&-8		use		gpt-table
+##>>>0		ubyte		x		of 4096 bytes
+##>>(8.l*4096)	string		!EFI\ PART
+##>>>(8.l*2048)	string		EFI\ PART	GPT partition table
+##>>>>0		use		gpt-mbr-type
+##>>>>&-8		use		gpt-table
+##>>>>0		ubyte		x		of 2048 bytes
+##>>>(8.l*2048)	string		!EFI\ PART
+##>>>>(8.l*1024)	string		EFI\ PART	GPT partition table
+##>>>>>0		use		gpt-mbr-type
+##>>>>>&-8	use		gpt-table
+##>>>>>0		ubyte		x		of 1024 bytes
+##>>>>(8.l*1024)	string		!EFI\ PART
+##>>>>>(8.l*512)	string		EFI\ PART	GPT partition table
+##>>>>>>0		use		gpt-mbr-type
+##>>>>>>&-8	use		gpt-table
+##>>>>>>0		ubyte		x		of 512 bytes
+
+# Print details of MBR type for a GPT-disk
+# Calling code ensures that there is only one 0xee partition.
+0		name		gpt-mbr-type
+# GPT with protective MBR entry in partition 1
+>450		ubyte		0xee
+>>454		ulelong		1
+>>>462		string		!\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0	\b (with hybrid MBR)
+>>454		ulelong		!1													\b (nonstandard: not at LBA 1)
+# GPT with protective MBR entry in partition 2
+>466		ubyte		0xee
+>>470		ulelong		1
+>>>478		string		\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+>>>>446		string		!\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0					\b (with hybrid MBR)
+>>>478		string		!\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0	\b (with hybrid MBR)
+>>470		ulelong		!1									\b (nonstandard: not at LBA 1)
+# GPT with protective MBR entry in partition 3
+>482		ubyte		0xee
+>>486		ulelong		1
+>>>494		string		\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+>>>>446		string		!\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0	\b (with hybrid MBR)
+>>>494		string		!\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0					\b (with hybrid MBR)
+>>486		ulelong		!1									\b (nonstandard: not at LBA 1)
+# GPT with protective MBR entry in partition 4
+>498		ubyte		0xee
+>>502		ulelong		1
+>>>446		string		!\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0	\b (with hybrid MBR)
+>>502		ulelong		!1													\b (nonstandard: not at LBA 1)
+
+# Print the information from a GPT partition table structure
+0		name		gpt-table
+>10		uleshort	x		\b, version %u
+>8		uleshort	x		\b.%u
+>56		ulelong		x		\b, GUID: %08x
+>60		uleshort	x		\b-%04x
+>62		uleshort	x		\b-%04x
+>64		ubeshort	x		\b-%04x
+>66		ubeshort	x		\b-%04x
+>68		ubelong		x		\b%08x
+#>80		uleshort	x		\b, %d partition entries
+>32		ulequad+1	x		\b, disk size: %lld sectors
+
+# In case a GPT data-structure is at LBA 0, report it as well
+# This covers systems which are not GPT-aware, and which show
+# and allow access to the protective partition. This code will
+# detect the contents of such a partition.
+0		string		EFI\ PART	GPT data structure (nonstandard: at LBA 0)
+>0		use		gpt-table
+>0		ubyte		x		(sector size unknown)
+
+
diff --git a/magic/Magdir/gpu b/magic/Magdir/gpu
new file mode 100644
index 0000000..36d7124
--- /dev/null
+++ b/magic/Magdir/gpu
@@ -0,0 +1,28 @@
+
+#------------------------------------------------------------------------------
+# $File: gpu,v 1.3 2021/04/26 15:56:00 christos Exp $
+# gpu: file(1) magic for GPU input files
+
+# Standard Portable Intermediate Representation (SPIR)
+# Documentation: https://www.khronos.org/spir
+# Typical file extension: .spv
+
+0	belong	0x07230203	Khronos SPIR-V binary, big-endian
+>4	belong	x		\b, version %#08x
+>8	belong	x		\b, generator %#08x
+
+0	lelong	0x07230203      Khronos SPIR-V binary, little-endian
+>4	lelong	x		\b, version %#08x
+>8	lelong	x		\b, generator %#08x
+
+# Vulkan Trace file
+# Documentation:
+# https://github.com/LunarG/VulkanTools/blob/master/vktrace/vktrace_common/\
+# vktrace_trace_packet_identifiers.h
+# Typical file extension: .vktrace
+
+8	lequad  0xABADD068ADEAFD0C	Vulkan trace file, little-endian
+>0	leshort	x			\b, version %d
+
+8	bequad  0xABADD068ADEAFD0C	Vulkan trace file, big-endian
+>0	beshort	x			\b, version %d
diff --git a/magic/Magdir/grace b/magic/Magdir/grace
new file mode 100644
index 0000000..25bd759
--- /dev/null
+++ b/magic/Magdir/grace
@@ -0,0 +1,21 @@
+
+#------------------------------------------------------------------------------
+# $File: grace,v 1.4 2009/09/19 16:28:09 christos Exp $
+# ACE/gr and Grace type files - PLEASE DO NOT REMOVE THIS LINE
+#
+# ACE/gr binary
+0	string	\000\000\0001\000\000\0000\000\000\0000\000\000\0002\000\000\0000\000\000\0000\000\000\0003		old ACE/gr binary file
+>39	byte	>0			- version %c
+# ACE/gr ascii
+0	string	#\ xvgr\ parameter\ file	ACE/gr ascii file
+0	string	#\ xmgr\ parameter\ file	ACE/gr ascii file
+0	string	#\ ACE/gr\ parameter\ file	ACE/gr ascii file
+# Grace projects
+0	string	#\ Grace\ project\ file		Grace project file
+>23	string	@version\  			(version
+>>32	byte	>0 				%c
+>>33	string	>\0 				\b.%.2s
+>>35	string	>\0 				\b.%.2s)
+# ACE/gr fit description files
+0	string	#\ ACE/gr\ fit\ description\ 	ACE/gr fit description file
+# end of ACE/gr and Grace type files - PLEASE DO NOT REMOVE THIS LINE
diff --git a/magic/Magdir/graphviz b/magic/Magdir/graphviz
new file mode 100644
index 0000000..d8bf22d
--- /dev/null
+++ b/magic/Magdir/graphviz
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: graphviz,v 1.9 2019/04/30 04:01:40 christos Exp $
+# graphviz:  file(1) magic for https://www.graphviz.org/
+
+# FIXME: These patterns match too generally. For example, the first
+# line matches a LaTeX file containing the word "graph" (with a {
+# following later) and the second line matches this file.
+#0	regex/100l	[\r\n\t\ ]*graph[\r\n\t\ ]+.*\\{	graphviz graph text
+#!:mime	text/vnd.graphviz
+#0	regex/100l	[\r\n\t\ ]*digraph[\r\n\t\ ]+.*\\{	graphviz digraph text
+#!:mime	text/vnd.graphviz
diff --git a/magic/Magdir/gringotts b/magic/Magdir/gringotts
new file mode 100644
index 0000000..b674754
--- /dev/null
+++ b/magic/Magdir/gringotts
@@ -0,0 +1,48 @@
+
+#------------------------------------------------------------------------------
+# $File: gringotts,v 1.6 2017/03/17 21:35:28 christos Exp $
+# gringotts:  file(1) magic for Gringotts
+# http://devel.pluto.linux.it/projects/Gringotts/
+# author: Germano Rizzo <mano@pluto.linux.it>
+#GRG3????Y
+0	string	GRG		Gringotts data file
+#file format 1
+>3	string		1		v.1, MCRYPT S2K, SERPENT crypt, SHA-256 hash, ZLib lvl.9
+#file format 2
+>3	string		2		v.2, MCRYPT S2K,
+>>8	byte&0x70	0x00		RIJNDAEL-128 crypt,
+>>8	byte&0x70	0x10		SERPENT crypt,
+>>8	byte&0x70	0x20		TWOFISH crypt,
+>>8	byte&0x70	0x30		CAST-256 crypt,
+>>8	byte&0x70	0x40		SAFER+ crypt,
+>>8	byte&0x70	0x50		LOKI97 crypt,
+>>8	byte&0x70	0x60		3DES crypt,
+>>8	byte&0x70	0x70		RIJNDAEL-256 crypt,
+>>8	byte&0x08	0x00		SHA1 hash,
+>>8	byte&0x08	0x08		RIPEMD-160 hash,
+>>8	byte&0x04	0x00		ZLib
+>>8	byte&0x04	0x04		BZip2
+>>8	byte&0x03	0x00		lvl.0
+>>8	byte&0x03	0x01		lvl.3
+>>8	byte&0x03	0x02		lvl.6
+>>8	byte&0x03	0x03		lvl.9
+#file format 3
+>3	string		3		v.3, OpenPGP S2K,
+>>8	byte&0x70	0x00		RIJNDAEL-128 crypt,
+>>8	byte&0x70	0x10		SERPENT crypt,
+>>8	byte&0x70	0x20		TWOFISH crypt,
+>>8	byte&0x70	0x30		CAST-256 crypt,
+>>8	byte&0x70	0x40		SAFER+ crypt,
+>>8	byte&0x70	0x50		LOKI97 crypt,
+>>8	byte&0x70	0x60		3DES crypt,
+>>8	byte&0x70	0x70		RIJNDAEL-256 crypt,
+>>8	byte&0x08	0x00		SHA1 hash,
+>>8	byte&0x08	0x08		RIPEMD-160 hash,
+>>8	byte&0x04	0x00		ZLib
+>>8	byte&0x04	0x04		BZip2
+>>8	byte&0x03	0x00		lvl.0
+>>8	byte&0x03	0x01		lvl.3
+>>8	byte&0x03	0x02		lvl.6
+>>8	byte&0x03	0x03		lvl.9
+#file format >3
+>3	string		>3		v.%.1s (unknown details)
diff --git a/magic/Magdir/hardware b/magic/Magdir/hardware
new file mode 100644
index 0000000..e92986c
--- /dev/null
+++ b/magic/Magdir/hardware
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: hardware,v 1.1 2018/08/02 06:32:52 christos Exp $
+# hardware magic
+
+# EDID
+# https://en.wikipedia.org/wiki/Extended_Display_Identification_Data
+0	string		\x00\xFF\xFF\xFF\xFF\xFF\xFF\x00
+>19	byte		x
+>>18	byte		x	EDID data, version %u.
+>>19	byte		x	\b%u
+#>>17	ubyte+1990	<255	\b, manufactured %u
diff --git a/magic/Magdir/hitachi-sh b/magic/Magdir/hitachi-sh
new file mode 100644
index 0000000..f64489f
--- /dev/null
+++ b/magic/Magdir/hitachi-sh
@@ -0,0 +1,30 @@
+
+#------------------------------------------------------------------------------
+# $File: hitachi-sh,v 1.10 2020/12/12 20:01:47 christos Exp $
+# hitach-sh: file(1) magic for Hitachi Super-H
+#
+# Super-H COFF
+#
+# updated by Joerg Jenderek at Oct 2015
+# https://en.wikipedia.org/wiki/COFF
+# https://de.wikipedia.org/wiki/Common_Object_File_Format
+# http://www.delorie.com/djgpp/doc/coff/filhdr.html
+# below test line conflicts with 2nd NTFS filesystem sector
+# 2nd NTFS filesystem sector often starts with 0x05004e00 for unicode string 5 NTLDR
+# and Portable Gaming Notation Compressed format (*.WID http://pgn.freeservers.com/)
+0	beshort		0x0500
+# test for unused flag bits (0x8000,0x0800,0x0400,0x0200,x0080) in f_flags
+>18	ubeshort&0x8E80	0
+# use big endian variant of subroutine to display name+variables+flags
+# for common object formatted files
+>>0	use				\^display-coff
+!:strength -10
+
+0	leshort		0x0550
+# test for unused flag bits in f_flags
+>18	uleshort&0x8E80	0
+# use little endian variant of subroutine to
+# display name+variables+flags for common object formatted files
+>>0	use				display-coff
+!:strength -10
+
diff --git a/magic/Magdir/hp b/magic/Magdir/hp
new file mode 100644
index 0000000..d57169e
--- /dev/null
+++ b/magic/Magdir/hp
@@ -0,0 +1,433 @@
+
+#------------------------------------------------------------------------------
+# $File: hp,v 1.25 2019/01/13 00:32:38 christos Exp $
+# hp:  file(1) magic for Hewlett Packard machines (see also "printer")
+#
+# XXX - somebody should figure out whether any byte order needs to be
+# applied to the "TML" stuff; I'm assuming the Apollo stuff is
+# big-endian as it was mostly 68K-based.
+#
+# I think the 500 series was the old stack-based machines, running a
+# UNIX environment atop the "SUN kernel"; dunno whether it was
+# big-endian or little-endian.
+#
+# Daniel Quinlan (quinlan@yggdrasil.com): hp200 machines are 68010 based;
+# hp300 are 68020+68881 based; hp400 are also 68k.  The following basic
+# HP magic is useful for reference, but using "long" magic is a better
+# practice in order to avoid collisions.
+#
+# Guy Harris (guy@netapp.com): some additions to this list came from
+# HP-UX 10.0's "/usr/include/sys/unistd.h" (68030, 68040, PA-RISC 1.1,
+# 1.2, and 2.0).  The 1.2 and 2.0 stuff isn't in the HP-UX 10.0
+# "/etc/magic", though, except for the "archive file relocatable library"
+# stuff, and the 68030 and 68040 stuff isn't there at all - are they not
+# used in executables, or have they just not yet updated "/etc/magic"
+# completely?
+#
+# 0	beshort		200		hp200 (68010) BSD binary
+# 0	beshort		300		hp300 (68020+68881) BSD binary
+# 0	beshort		0x20c		hp200/300 HP-UX binary
+# 0	beshort		0x20d		hp400 (68030) HP-UX binary
+# 0	beshort		0x20e		hp400 (68040?) HP-UX binary
+# 0	beshort		0x20b		PA-RISC1.0 HP-UX binary
+# 0	beshort		0x210		PA-RISC1.1 HP-UX binary
+# 0	beshort		0x211		PA-RISC1.2 HP-UX binary
+# 0	beshort		0x214		PA-RISC2.0 HP-UX binary
+
+#
+# The "misc" stuff needs a byte order; the archives look suspiciously
+# like the old 177545 archives (0xff65 = 0177545).
+#
+#### Old Apollo stuff
+0	beshort		0627		Apollo m68k COFF executable
+>18	beshort		^040000		not stripped
+>22	beshort		>0		- version %d
+0	beshort		0624		apollo a88k COFF executable
+>18	beshort		^040000		not stripped
+>22	beshort		>0		- version %d
+0       long            01203604016     TML 0123 byte-order format
+0       long            01702407010     TML 1032 byte-order format
+0       long            01003405017     TML 2301 byte-order format
+0       long            01602007412     TML 3210 byte-order format
+#### PA-RISC 1.1
+0	belong 		0x02100106	PA-RISC1.1 relocatable object
+0	belong 		0x02100107	PA-RISC1.1 executable
+>168	belong		&0x00000004	dynamically linked
+>(144)	belong		0x054ef630	dynamically linked
+>96	belong		>0		- not stripped
+
+0	belong 		0x02100108	PA-RISC1.1 shared executable
+>168	belong&0x4	0x4		dynamically linked
+>(144)	belong		0x054ef630	dynamically linked
+>96	belong		>0		- not stripped
+
+0	belong 		0x0210010b	PA-RISC1.1 demand-load executable
+>168	belong&0x4	0x4		dynamically linked
+>(144)	belong		0x054ef630	dynamically linked
+>96	belong		>0		- not stripped
+
+0	belong 		0x0210010e	PA-RISC1.1 shared library
+>96	belong		>0		- not stripped
+
+0	belong 		0x0210010d	PA-RISC1.1 dynamic load library
+>96	belong		>0		- not stripped
+
+#### PA-RISC 2.0
+0	belong		0x02140106	PA-RISC2.0 relocatable object
+
+0       belong		0x02140107	PA-RISC2.0 executable
+>168	belong		&0x00000004	dynamically linked
+>(144)	belong		0x054ef630	dynamically linked
+>96	belong		>0		- not stripped
+
+0       belong		0x02140108	PA-RISC2.0 shared executable
+>168	belong		&0x00000004	dynamically linked
+>(144)	belong		0x054ef630	dynamically linked
+>96	belong		>0		- not stripped
+
+0       belong		0x0214010b	PA-RISC2.0 demand-load executable
+>168	belong		&0x00000004	dynamically linked
+>(144)	belong		0x054ef630	dynamically linked
+>96	belong		>0		- not stripped
+
+0       belong		0x0214010e	PA-RISC2.0 shared library
+>96	belong		>0		- not stripped
+
+0       belong		0x0214010d	PA-RISC2.0 dynamic load library
+>96	belong		>0		- not stripped
+
+#### 800
+0	belong 		0x020b0106	PA-RISC1.0 relocatable object
+
+0	belong 		0x020b0107	PA-RISC1.0 executable
+>168	belong&0x4	0x4		dynamically linked
+>(144)	belong		0x054ef630	dynamically linked
+>96	belong		>0		- not stripped
+
+0	belong 		0x020b0108	PA-RISC1.0 shared executable
+>168	belong&0x4	0x4		dynamically linked
+>(144)	belong		0x054ef630	dynamically linked
+>96	belong		>0		- not stripped
+
+0	belong 		0x020b010b	PA-RISC1.0 demand-load executable
+>168	belong&0x4	0x4		dynamically linked
+>(144)	belong		0x054ef630	dynamically linked
+>96	belong		>0		- not stripped
+
+0	belong 		0x020b010e	PA-RISC1.0 shared library
+>96	belong		>0		- not stripped
+
+0	belong 		0x020b010d	PA-RISC1.0 dynamic load library
+>96	belong		>0		- not stripped
+
+#### 500
+0	long		0x02080106	HP s500 relocatable executable
+>16	long		>0		- version %d
+
+0	long		0x02080107	HP s500 executable
+>16	long		>0		- version %d
+
+0	long		0x02080108	HP s500 pure executable
+>16	long		>0		- version %d
+
+#### 200
+0	belong 		0x020c0108	HP s200 pure executable
+>4	beshort		>0		- version %d
+>8	belong		&0x80000000	save fp regs
+>8	belong		&0x40000000	dynamically linked
+>8	belong		&0x20000000	debuggable
+>36	belong		>0		not stripped
+
+0	belong		0x020c0107	HP s200 executable
+>4	beshort		>0		- version %d
+>8	belong		&0x80000000	save fp regs
+>8	belong		&0x40000000	dynamically linked
+>8	belong		&0x20000000	debuggable
+>36	belong		>0		not stripped
+
+0	belong		0x020c010b	HP s200 demand-load executable
+>4	beshort		>0		- version %d
+>8	belong		&0x80000000	save fp regs
+>8	belong		&0x40000000	dynamically linked
+>8	belong		&0x20000000	debuggable
+>36	belong		>0		not stripped
+
+0	belong		0x020c0106	HP s200 relocatable executable
+>4	beshort		>0		- version %d
+>6	beshort		>0		- highwater %d
+>8	belong		&0x80000000	save fp regs
+>8	belong		&0x20000000	debuggable
+>8	belong		&0x10000000	PIC
+
+0	belong 		0x020a0108	HP s200 (2.x release) pure executable
+>4	beshort		>0		- version %d
+>36	belong		>0		not stripped
+
+0	belong		0x020a0107	HP s200 (2.x release) executable
+>4	beshort		>0		- version %d
+>36	belong		>0		not stripped
+
+0	belong		0x020c010e	HP s200 shared library
+>4	beshort		>0		- version %d
+>6	beshort		>0		- highwater %d
+>36	belong		>0		not stripped
+
+0	belong		0x020c010d	HP s200 dynamic load library
+>4	beshort		>0		- version %d
+>6	beshort		>0		- highwater %d
+>36	belong		>0		not stripped
+
+#### MISC
+0	long		0x0000ff65	HP old archive
+0	long		0x020aff65	HP s200 old archive
+0	long		0x020cff65	HP s200 old archive
+0	long		0x0208ff65	HP s500 old archive
+
+0	long		0x015821a6	HP core file
+
+0	long		0x4da7eee8	HP-WINDOWS font
+>8	byte		>0		- version %d
+0	string		Bitmapfile	HP Bitmapfile
+
+0	string		IMGfile	CIS 	compimg HP Bitmapfile
+# XXX - see "lif"
+#0	short		0x8000		lif file
+0	long		0x020c010c	compiled Lisp
+
+0	string		msgcat01	HP NLS message catalog,
+>8	long		>0		%d messages
+
+# Summary: HP-48/49 calculator
+# Created by: phk@data.fls.dk
+# Modified by (1): AMAKAWA Shuhei <sa264@cam.ac.uk>
+# Modified by (2): Samuel Thibault <samuel.thibault@ens-lyon.org> (HP49 support)
+0	string		HPHP		HP
+>4	string		48		48 binary
+>4	string		49		49 binary
+>7	byte		>64		- Rev %c
+>8	leshort		0x2911		(ADR)
+>8	leshort		0x2933		(REAL)
+>8	leshort		0x2955		(LREAL)
+>8	leshort		0x2977		(COMPLX)
+>8	leshort		0x299d		(LCOMPLX)
+>8	leshort		0x29bf		(CHAR)
+>8	leshort		0x29e8		(ARRAY)
+>8	leshort		0x2a0a		(LNKARRAY)
+>8	leshort		0x2a2c		(STRING)
+>8	leshort		0x2a4e		(HXS)
+>8	leshort		0x2a74		(LIST)
+>8	leshort		0x2a96		(DIR)
+>8	leshort		0x2ab8		(ALG)
+>8	leshort		0x2ada		(UNIT)
+>8	leshort		0x2afc		(TAGGED)
+>8	leshort		0x2b1e		(GROB)
+>8	leshort		0x2b40		(LIB)
+>8	leshort		0x2b62		(BACKUP)
+>8	leshort		0x2b88		(LIBDATA)
+>8	leshort		0x2d9d		(PROG)
+>8	leshort		0x2dcc		(CODE)
+>8	leshort		0x2e48		(GNAME)
+>8	leshort		0x2e6d		(LNAME)
+>8	leshort		0x2e92		(XLIB)
+
+0	string		%%HP:		HP text
+>6	string		T(0)		- T(0)
+>6	string		T(1)		- T(1)
+>6	string		T(2)		- T(2)
+>6	string		T(3)		- T(3)
+>10	string		A(D)		A(D)
+>10	string		A(R)		A(R)
+>10	string		A(G)		A(G)
+>14	string		F(.)		F(.);
+>14	string		F(,)		F(,);
+
+
+# Summary: HP-38/39 calculator
+# Created by: Samuel Thibault <samuel.thibault@ens-lyon.org>
+0	string		HP3
+>3	string		8		HP 38
+>3	string		9		HP 39
+>4	string		Bin		binary
+>4	string		Asc		ASCII
+>7	string		A		(Directory List)
+>7	string		B		(Zaplet)
+>7	string		C		(Note)
+>7	string		D		(Program)
+>7	string		E		(Variable)
+>7	string		F		(List)
+>7	string		G		(Matrix)
+>7	string		H		(Library)
+>7	string		I		(Target List)
+>7	string		J		(ASCII Vector specification)
+>7	string		K		(wildcard)
+
+# Summary: HP-38/39 calculator
+# Created by: Samuel Thibault <samuel.thibault@ens-lyon.org>
+0	string		HP3
+>3	string		8		HP 38
+>3	string		9		HP 39
+>4	string		Bin		binary
+>4	string		Asc		ASCII
+>7	string		A		(Directory List)
+>7	string		B		(Zaplet)
+>7	string		C		(Note)
+>7	string		D		(Program)
+>7	string		E		(Variable)
+>7	string		F		(List)
+>7	string		G		(Matrix)
+>7	string		H		(Library)
+>7	string		I		(Target List)
+>7	string		J		(ASCII Vector specification)
+>7	string		K		(wildcard)
+
+# hpBSD magic numbers
+0	beshort		200		hp200 (68010) BSD
+>2	beshort		0407		impure binary
+>2	beshort		0410		read-only binary
+>2	beshort		0413		demand paged binary
+0	beshort		300		hp300 (68020+68881) BSD
+>2	beshort		0407		impure binary
+>2	beshort		0410		read-only binary
+>2	beshort		0413		demand paged binary
+#
+# From David Gero <dgero@nortelnetworks.com>
+# HP-UX 10.20 core file format from /usr/include/sys/core.h
+# Unfortunately, HP-UX uses corehead blocks without specifying the order
+# There are four we care about:
+#     CORE_KERNEL, which starts with the string "HP-UX"
+#     CORE_EXEC, which contains the name of the command
+#     CORE_PROC, which contains the signal number that caused the core dump
+#     CORE_FORMAT, which contains the version of the core file format (== 1)
+# The only observed order in real core files is KERNEL, EXEC, FORMAT, PROC
+# but we include all 6 variations of the order of the first 3, and
+# assume that PROC will always be last
+# Order 1: KERNEL, EXEC, FORMAT, PROC
+0x10		string	HP-UX
+>0		belong	2
+>>0xC		belong	0x3C
+>>>0x4C		belong	0x100
+>>>>0x58	belong	0x44
+>>>>>0xA0	belong	1
+>>>>>>0xAC	belong	4
+>>>>>>>0xB0	belong	1
+>>>>>>>>0xB4	belong	4		core file
+>>>>>>>>>0x90	string	>\0		from '%s'
+>>>>>>>>>0xC4	belong	3		- received SIGQUIT
+>>>>>>>>>0xC4	belong	4		- received SIGILL
+>>>>>>>>>0xC4	belong	5		- received SIGTRAP
+>>>>>>>>>0xC4	belong	6		- received SIGABRT
+>>>>>>>>>0xC4	belong	7		- received SIGEMT
+>>>>>>>>>0xC4	belong	8		- received SIGFPE
+>>>>>>>>>0xC4	belong	10		- received SIGBUS
+>>>>>>>>>0xC4	belong	11		- received SIGSEGV
+>>>>>>>>>0xC4	belong	12		- received SIGSYS
+>>>>>>>>>0xC4	belong	33		- received SIGXCPU
+>>>>>>>>>0xC4	belong	34		- received SIGXFSZ
+# Order 2: KERNEL, FORMAT, EXEC, PROC
+>>>0x4C		belong	1
+>>>>0x58	belong	4
+>>>>>0x5C	belong	1
+>>>>>>0x60	belong	0x100
+>>>>>>>0x6C	belong	0x44
+>>>>>>>>0xB4	belong	4		core file
+>>>>>>>>>0xA4	string	>\0		from '%s'
+>>>>>>>>>0xC4	belong	3		- received SIGQUIT
+>>>>>>>>>0xC4	belong	4		- received SIGILL
+>>>>>>>>>0xC4	belong	5		- received SIGTRAP
+>>>>>>>>>0xC4	belong	6		- received SIGABRT
+>>>>>>>>>0xC4	belong	7		- received SIGEMT
+>>>>>>>>>0xC4	belong	8		- received SIGFPE
+>>>>>>>>>0xC4	belong	10		- received SIGBUS
+>>>>>>>>>0xC4	belong	11		- received SIGSEGV
+>>>>>>>>>0xC4	belong	12		- received SIGSYS
+>>>>>>>>>0xC4	belong	33		- received SIGXCPU
+>>>>>>>>>0xC4	belong	34		- received SIGXFSZ
+# Order 3: FORMAT, KERNEL, EXEC, PROC
+0x24		string	HP-UX
+>0		belong	1
+>>0xC		belong	4
+>>>0x10		belong	1
+>>>>0x14	belong	2
+>>>>>0x20	belong	0x3C
+>>>>>>0x60	belong	0x100
+>>>>>>>0x6C	belong	0x44
+>>>>>>>>0xB4	belong	4		core file
+>>>>>>>>>0xA4	string	>\0		from '%s'
+>>>>>>>>>0xC4	belong	3		- received SIGQUIT
+>>>>>>>>>0xC4	belong	4		- received SIGILL
+>>>>>>>>>0xC4	belong	5		- received SIGTRAP
+>>>>>>>>>0xC4	belong	6		- received SIGABRT
+>>>>>>>>>0xC4	belong	7		- received SIGEMT
+>>>>>>>>>0xC4	belong	8		- received SIGFPE
+>>>>>>>>>0xC4	belong	10		- received SIGBUS
+>>>>>>>>>0xC4	belong	11		- received SIGSEGV
+>>>>>>>>>0xC4	belong	12		- received SIGSYS
+>>>>>>>>>0xC4	belong	33		- received SIGXCPU
+>>>>>>>>>0xC4	belong	34		- received SIGXFSZ
+# Order 4: EXEC, KERNEL, FORMAT, PROC
+0x64		string	HP-UX
+>0		belong	0x100
+>>0xC		belong	0x44
+>>>0x54		belong	2
+>>>>0x60	belong	0x3C
+>>>>>0xA0	belong	1
+>>>>>>0xAC	belong	4
+>>>>>>>0xB0	belong	1
+>>>>>>>>0xB4	belong	4		core file
+>>>>>>>>>0x44	string	>\0		from '%s'
+>>>>>>>>>0xC4	belong	3		- received SIGQUIT
+>>>>>>>>>0xC4	belong	4		- received SIGILL
+>>>>>>>>>0xC4	belong	5		- received SIGTRAP
+>>>>>>>>>0xC4	belong	6		- received SIGABRT
+>>>>>>>>>0xC4	belong	7		- received SIGEMT
+>>>>>>>>>0xC4	belong	8		- received SIGFPE
+>>>>>>>>>0xC4	belong	10		- received SIGBUS
+>>>>>>>>>0xC4	belong	11		- received SIGSEGV
+>>>>>>>>>0xC4	belong	12		- received SIGSYS
+>>>>>>>>>0xC4	belong	33		- received SIGXCPU
+>>>>>>>>>0xC4	belong	34		- received SIGXFSZ
+# Order 5: FORMAT, EXEC, KERNEL, PROC
+0x78		string	HP-UX
+>0		belong	1
+>>0xC		belong	4
+>>>0x10		belong	1
+>>>>0x14	belong	0x100
+>>>>>0x20	belong	0x44
+>>>>>>0x68	belong	2
+>>>>>>>0x74	belong	0x3C
+>>>>>>>>0xB4	belong	4		core file
+>>>>>>>>>0x58	string	>\0		from '%s'
+>>>>>>>>>0xC4	belong	3		- received SIGQUIT
+>>>>>>>>>0xC4	belong	4		- received SIGILL
+>>>>>>>>>0xC4	belong	5		- received SIGTRAP
+>>>>>>>>>0xC4	belong	6		- received SIGABRT
+>>>>>>>>>0xC4	belong	7		- received SIGEMT
+>>>>>>>>>0xC4	belong	8		- received SIGFPE
+>>>>>>>>>0xC4	belong	10		- received SIGBUS
+>>>>>>>>>0xC4	belong	11		- received SIGSEGV
+>>>>>>>>>0xC4	belong	12		- received SIGSYS
+>>>>>>>>>0xC4	belong	33		- received SIGXCPU
+>>>>>>>>>0xC4	belong	34		- received SIGXFSZ
+# Order 6: EXEC, FORMAT, KERNEL, PROC
+>0		belong	0x100
+>>0xC		belong	0x44
+>>>0x54		belong	1
+>>>>0x60	belong	4
+>>>>>0x64	belong	1
+>>>>>>0x68	belong	2
+>>>>>>>0x74	belong	0x2C
+>>>>>>>>0xB4	belong	4		core file
+>>>>>>>>>0x44	string	>\0		from '%s'
+>>>>>>>>>0xC4	belong	3		- received SIGQUIT
+>>>>>>>>>0xC4	belong	4		- received SIGILL
+>>>>>>>>>0xC4	belong	5		- received SIGTRAP
+>>>>>>>>>0xC4	belong	6		- received SIGABRT
+>>>>>>>>>0xC4	belong	7		- received SIGEMT
+>>>>>>>>>0xC4	belong	8		- received SIGFPE
+>>>>>>>>>0xC4	belong	10		- received SIGBUS
+>>>>>>>>>0xC4	belong	11		- received SIGSEGV
+>>>>>>>>>0xC4	belong	12		- received SIGSYS
+>>>>>>>>>0xC4	belong	33		- received SIGXCPU
+>>>>>>>>>0xC4	belong	34		- received SIGXFSZ
+
+
diff --git a/magic/Magdir/human68k b/magic/Magdir/human68k
new file mode 100644
index 0000000..707c740
--- /dev/null
+++ b/magic/Magdir/human68k
@@ -0,0 +1,26 @@
+
+#------------------------------------------------------------------------------
+# $File: human68k,v 1.6 2021/04/26 15:56:00 christos Exp $
+# human68k:  file(1) magic for Human68k (X680x0 DOS) binary formats
+# Magic too short!
+#0		string	HU		Human68k
+#>68		string	LZX		LZX compressed
+#>>72		string	>\0		(version %s)
+#>(8.L+74)	string	LZX		LZX compressed
+#>>(8.L+78)	string	>\0		(version %s)
+#>60		belong	>0		binded
+#>(8.L+66)	string	#HUPAIR		hupair
+#>0		string	HU		X executable
+#>(8.L+74)	string	#LIBCV1		- linked PD LIBC ver 1
+#>4		belong	>0		- base address %#x
+#>28		belong	>0		not stripped
+#>32		belong	>0		with debug information
+#0		beshort	0x601a		Human68k Z executable
+#0		beshort	0x6000		Human68k object file
+#0		belong	0xd1000000	Human68k ar binary archive
+#0		belong	0xd1010000	Human68k ar ascii archive
+#0		beshort	0x0068		Human68k lib archive
+#4		string	LZX		Human68k LZX compressed
+#>8		string	>\0		(version %s)
+#>4		string	LZX		R executable
+#2		string	#HUPAIR		Human68k hupair R executable
diff --git a/magic/Magdir/ibm370 b/magic/Magdir/ibm370
new file mode 100644
index 0000000..dc976f8
--- /dev/null
+++ b/magic/Magdir/ibm370
@@ -0,0 +1,52 @@
+
+#------------------------------------------------------------------------------
+# $File: ibm370,v 1.11 2021/03/14 16:51:45 christos Exp $
+# ibm370:  file(1) magic for IBM 370 and compatibles.
+#
+# "ibm370" said that 0x15d == 0535 was "ibm 370 pure executable".
+# What the heck *is* "USS/370"?
+# AIX 4.1's "/etc/magic" has
+#
+#	0	short		0535		370 sysV executable
+#	>12	long		>0		not stripped
+#	>22	short		>0		- version %d
+#	>30	long		>0		- 5.2 format
+#	0	short		0530		370 sysV pure executable
+#	>12	long		>0		not stripped
+#	>22	short		>0		- version %d
+#	>30	long		>0		- 5.2 format
+#
+# instead of the "USS/370" versions of the same magic numbers.
+#
+0	beshort		0537		370 XA sysV executable
+>12	belong		>0		not stripped
+>22	beshort		>0		- version %d
+>30	belong		>0		- 5.2 format
+0	beshort		0532		370 XA sysV pure executable
+>12	belong		>0		not stripped
+>22	beshort		>0		- version %d
+>30	belong		>0		- 5.2 format
+0	beshort		054001		370 sysV pure executable
+>12	belong		>0		not stripped
+0	beshort		055001		370 XA sysV pure executable
+>12	belong		>0		not stripped
+0	beshort		056401		370 sysV executable
+>12	belong		>0		not stripped
+0	beshort		057401		370 XA sysV executable
+>12	belong		>0		not stripped
+0       beshort		0531		SVR2 executable (Amdahl-UTS)
+>12	belong		>0		not stripped
+>24     belong		>0		- version %d
+0	beshort		0534		SVR2 pure executable (Amdahl-UTS)
+>12	belong		>0		not stripped
+>24	belong		>0		- version %d
+0	beshort		0530		SVR2 pure executable (USS/370)
+>12	belong		>0		not stripped
+>24	belong		>0		- version %d
+0	beshort		0535		SVR2 executable (USS/370)
+>12	belong		>0		not stripped
+>24	belong		>0		- version %d
+
+# NETDATA (https://en.wikipedia.org/wiki/NETDATA)
+#	-\INMR01 In EBCDIC
+0	string 		\x60\xe0\xc9\xd5\xd4\xd9\xf0\xf1	IBM NETDATA file
diff --git a/magic/Magdir/ibm6000 b/magic/Magdir/ibm6000
new file mode 100644
index 0000000..724b64d
--- /dev/null
+++ b/magic/Magdir/ibm6000
@@ -0,0 +1,35 @@
+
+#------------------------------------------------------------------------------
+# $File: ibm6000,v 1.15 2021/07/03 14:01:46 christos Exp $
+# ibm6000:  file(1) magic for RS/6000 and the RT PC.
+#
+0	beshort		0x01df		executable (RISC System/6000 V3.1) or obj module
+>12	belong		>0		not stripped
+# Breaks sun4 statically linked execs.
+#0      beshort		0x0103		executable (RT Version 2) or obj module
+#>2	byte		0x50		pure
+#>28	belong		>0		not stripped
+#>6	beshort		>0		- version %ld
+# GRR: line below is too general as it matches also TTComp archive, ASCII, 1K handled by ./archive
+0	beshort		0x0104		shared library
+# GRR: line below is too general as it matches also TTComp archive, ASCII, 2K handled by ./archive
+0	beshort		0x0105		ctab data
+0	beshort		0xfe04		structured file
+0	string		0xabcdef	AIX message catalog
+0	belong		0x000001f9	AIX compiled message catalog
+0	string		\<aiaff>	archive
+0	string		\<bigaf>	archive (big format)
+0	belong		0x09006bea	AIX backup/restore format file
+0	belong		0x09006fea	AIX backup/restore format file
+
+0	beshort		0x01f7		64-bit XCOFF executable or object module
+>20	belong		0		not stripped
+# GRR: this test is still too general as it catches also many FATs of DOS filesystems
+4	belong		&0x0feeddb0
+# real core dump could not be 32-bit and 64-bit together
+>7	byte&0x03	!3		AIX core file
+>>1	byte		&0x01		fulldump
+>>7	byte		&0x01		32-bit
+>>>0x6e0	string	>\0		\b, %s
+>>7	byte		&0x02		64-bit
+>>>0x524	string	>\0		\b, %s
diff --git a/magic/Magdir/icc b/magic/Magdir/icc
new file mode 100644
index 0000000..15fd76b
--- /dev/null
+++ b/magic/Magdir/icc
@@ -0,0 +1,214 @@
+
+#------------------------------------------------------------------------------
+# $File: icc,v 1.7 2021/04/26 15:56:00 christos Exp $
+# icc:  file(1) magic for International Color Consortium file formats
+
+#
+# Color profiles as per the ICC's "Image technology colour management -
+# Architecture, profile format, and data structure" specification.
+# See
+#
+#	http://www.color.org/specification/ICC1v43_2010-12.pdf
+#
+# for Specification ICC.1:2010 (Profile version 4.3.0.0).
+# URL: http://fileformats.archiveteam.org/wiki/ICC_profile
+# Reference: http://www.color.org/iccmax/ICC.2-2016-7.pdf
+# Update: Joerg Jenderek
+#
+# Bytes 36 to 39 contain a generic profile file signature of "acsp";
+# bytes 40 to 43 "may be used to identify the primary platform/operating
+# system framework for which the profile was created".
+#
+#	check and display ICC/ICM color profile
+0	name	color-profile
+>36	string		acsp
+# skip ASCII like Cognacspirit.txt by month <= 12
+>>26	ubeshort	<13
+# platform/operating system. Only 5 mentioned
+
+#
+# This appears to be what's used for Apple ColorSync profiles.
+# Instead of adding that, Apple just changed the generic "acsp" entry
+# to be for "ColorSync ICC Color Profile" rather than "Kodak Color
+# Management System, ICC Profile".
+# Yes, it's "APPL", not "AAPL"; see the spec.
+>>>40	string		APPL		ColorSync
+
+# Microsoft ICM color profile
+>>>40	string		MSFT		Microsoft
+
+# Yes, that's a blank after "SGI".
+>>>40	string		SGI\ 		SGI
+
+# XXX - is this what's used for the Sun KCMS or not?  The standard file
+# uses just "acsp" for that, but Apple's file uses it for "ColorSync",
+# and there *is* an identified "primary platform" value of SUNW.
+>>>40	string		SUNW		Sun KCMS
+
+# 5th platform
+>>>40	string		TGNT		Taligent
+
+# remaining "l" "e" of "color profile" printed later to avoid error
+>>>40	string		x 		color profi
+#>>>40	string		x		(%.4s)
+!:mime	application/vnd.iccprofile
+# for "ICM" extension only versions 2.x and for Kodak "CC" 2.0 is found
+>>>8	ubyte		=2
+# do not use empty message text to avoid error like
+# icc, 82: Warning: Current entry does not yet have a description for adding a EXTENSION type
+# file.exe: could not find any valid magic files!
+>>>>9	ubyte		!0		\ble
+!:ext	icc/icm
+# minor version
+>>>>9	ubyte		=0		\bl
+# Kodak colour management system
+>>>>>4	string		=KCMS		\be
+!:ext	icc/icm/cc
+>>>>>4	string		!KCMS		\be
+!:ext	icc/icm
+>>>8	ubyte		!2		\ble
+!:ext	icc
+# Profile version major.4bit-minor.sub1.sub2 like 4.3.0.0 (04300000h)
+>>>8	ubyte		x		%u
+>>>9	ubyte/16	x		\b.%u
+# reserved and shall be null but 205.205 in umx1220u.icm
+>>>10	ubyte		>0		\b.%u
+>>>>11	ubyte		>0		\b.%u
+# preferred colour management module like appl CCMS KCMS Lino UCCM "Win " "FF  "
+# skip space like in brmsl08f.icm and null like in brmsl09f.icm, brmsl07f.icm
+>>>4	string		>\ 		\b, type %.2s
+>>>>6	string		>\  		\b%.1s
+>>>>>7	string		>\  		\b%.1s
+# colour space "XYZ " "Lab " "RGB " CMYK GRAY ...
+>>>16	string		x		\b, %.3s
+>>>19	string		>\  		\b%.1s
+# Profile Connection Space (PCS) field usually "XYZ " or "Lab " but sometimes
+# null or CMYK like in ISOcoated_v2_to_PSOcoated_v3_DeviceLink.icc
+>>>20	string		>\0		\b/%.3s
+>>>>23	string		>\ 		\b%.1s
+# eleven device classes
+>>>12	string		x		\b-%.4s device
+# skip 00001964h in hpf69000.icc or 0h in XRDC50Q.ICM or " ROT" in brmsl05f.icm
+>>>52	string		>\040
+# skip "none" model like in "Trinitron Compatible 9300K G2.2.icm"
+>>>>52	ubelong		!0x6e6f6e65
+# device manufacturer field like "HP  " "IBM " EPSO
+>>>>>48	string		x		\b, %.2s
+>>>>>50	string		>\  		\b%.1s
+>>>>>51	string		>\  		\b%.1s
+# model like "ADI " "A265" and skip 20000404h in IS330.icm for RICOH RUSSIAN-SC
+>>>>>52	string		>\ \  		\b/%.3s
+>>>>>>55 string		>\  		\b%.1s
+>>>>>52	string		x		model
+# creator (often same as manufacture) like HP SONY XROX or null like in A925A.icm
+>>>80	string		>\0		by %.2s
+>>>>82	string		>\  		\b%.1s
+>>>>>83	string		>\  		\b%.1s
+# profile size
+>>>0	ubelong		x		\b, %u bytes
+# skip invalid date 0 like in linearSRGB.icc
+>>>24	ubequad		!0
+# datetime dd-mm-yyyy hh:mm:ss
+>>>>28	ubeshort	x		\b, %u
+# month <= 12
+>>>>26	ubeshort	x		\b-%u
+# year
+>>>>24	ubeshort	x		\b-%u
+# do not display midnight time like in CNHP8308.ICC
+>>>>30	ubequad&0xFFffFFffFFff0000	!0
+# hour <= 24
+>>>>>30	ubeshort	x		%u
+# minutes <= 59
+>>>>>32	ubeshort	x		\b:%.2u
+# seconds <= 59
+>>>>>34	ubeshort	x		\b:%.2u
+# vendor specific flags like 2 in HPCLJ5.ICM
+>>>44	ubeshort	>0		\b, %#x vendor flags
+# profile flags bits 0-2 of least 16 used by ICC
+#>>>44	ubelong		>0		\b, %#x flags
+# icEmbeddedProfileTrue
+>>>44	ubelong		&1		\b, embedded
+# icEmbeddedProfileFalse
+#>>>44	ubelong		^1		\b, not embedded
+# icUseWithEmbeddedDataOnly
+>>>44	ubelong		&2		\b, dependently
+# icUseAnywhere
+#>>>44	ubelong		^2		\b, independently
+>>>44	ubelong		&4		\b, MCS
+#>>>44	ubelong		^4		\b, no MCS
+# vendor specific device attributes 1~srgb.icc
+# E000D00h~CNB7QEDA.ICM C000A00h~CNB5FCAA.ICM 01040401h~CNB25PE3.ICM
+>>>56	ubelong		>0		\b, %#x vendor attribute
+# ICC device attributes bits 0-7 used
+#>>>60	ubelong		x		\b, %#x attribute
+# http://www.color.org/icc34.h
+>>>60	ubelong		&0x01		\b, transparent
+#>>>60	ubelong		^0x01		\b, reflective
+>>>60	ubelong		&0x02		\b, matte
+#>>>60	ubelong		^0x02		\b, glossy
+>>>60	ubelong		&0x04		\b, negative
+#>>>60	ubelong		^0x04		\b, positive
+>>>60	ubelong		&0x08		\b, black&white
+#>>>60	ubelong		^0x08		\b, colour
+>>>60	ubelong		&0x10		\b, non-paper
+#>>>60	ubelong		^0x10		\b, paper
+>>>60	ubelong		&0x20		\b, non-textured
+#>>>60	ubelong		^0x20		\b, textured
+>>>60	ubelong		&0x40		\b, non-isotropic
+#>>>60	ubelong		^0x40		\b, isotropic
+>>>60	ubelong		&0x80		\b, self-luminous
+#>>>60	ubelong		^0x80		\b, non-self-luminous
+# rendering intent 0-3 but 7AEA5027h in EE051__1.ICM 6CB1BCh in EE061__1.ICM
+>>>64	ubelong		>3		\b, %#x rendering intent
+#>>>64	ubelong		=0		\b, perceptual
+>>>64	ubelong		=1		\b, relative colorimetric
+>>>64	ubelong		=2		\b, saturation
+>>>64	ubelong		=3		\b, absolute colorimetric
+# PCS illuminant (3*s15Fixed16Numbers) often 0000f6d6 00010000 0000d32d
+>>>71	ubequad		!0xd6000100000000d3	\b, PCS
+# usually X~0.9642*65536=63189.8112~63190=F6D5h ; but also found
+# often F6D6 in gt5000r.icm, F6B8 in kodakce.icm, F6CA in RSWOP.icm
+>>>>68	ubelong			!0x0000f6d5	X=%#x
+# usually Y=1.0~00010000h but Y=0 in brmsl07f.icm
+>>>>72	ubelong			!0x00010000	Y=%#x
+# usually Z~0.8249*65536=54060.6464~54061=D32Dh ; but also found
+# D2F7 in hp1200c.icm, often D32C in A925A.icm, D309 in RSWOP.icm , D2F8 in kodak_dc.icm
+>>>>76	ubelong			!0x0000d32d	Z=%#x
+# Profile ID. MD5 fingerprinting method as defined in Internet RFC 1321.
+>>>84	ubequad		>0		\b, %#llx MD5
+# reserved in older versions should be zero but also found CDCDCDCDCDCDCDCD
+#>>100	ubequad		x		\b %#llx reserved
+# tag table
+# 6 <= tags count <= 43
+#>>>128	ubelong		>43		\b, %u tags
+>>>128	ubelong		x
+# shall contain the profileDescriptionTag "desc" , copyrightTag "cprt"
+# search range = tags count * 12 -8=< maximal tag count * 12 -8= 43 * 12 -8= 508
+>>>>132	search/508	cprt
+# but no copyright tag in linearSRGB.icc
+# beneath /System/Library/Frameworks/WebKit.framework/
+# Versions/A/Frameworks/WebCore.framework/Versions/A/Resources
+>>>>132	default		x		\b, no copyright tag
+# 1st tag
+#>>>132	string		x		\b, 1st tag %.4s
+#>>>136	ubelong		x		%#x offset
+#>>>140	ubelong		x		%#x len
+# 2nd tag,...
+# look also for profileDescriptionTag "desc"
+>>>132	search/508	desc
+# look further for TextDescriptionType "desc" signature
+>>>>(&0.L)	string		=desc
+>>>>>&4		pstring/l	x	"%s"
+# look alternative for multiLocalizedUnicodeType "mluc" signature like in VideoPAL.icc
+>>>>(&0.L)	string		=mluc
+>>>>>&(&8.L)	ubequad		x
+>>>>>>&4	bestring16	x	'%s'
+
+# Any other profile.
+# XXX - should we use "acsp\0\0\0\0" for "no primary platform" profiles,
+# and use "acsp" for everything else and dump the "primary platform"
+# string in those cases?
+36	string		acsp
+>0	use		color-profile
+
+
diff --git a/magic/Magdir/iff b/magic/Magdir/iff
new file mode 100644
index 0000000..258d16a
--- /dev/null
+++ b/magic/Magdir/iff
@@ -0,0 +1,80 @@
+
+#------------------------------------------------------------------------------
+# $File: iff,v 1.18 2022/03/21 19:57:18 christos Exp $
+# iff:	file(1) magic for Interchange File Format (see also "audio" & "images")
+#
+# Daniel Quinlan (quinlan@yggdrasil.com) -- IFF was designed by Electronic
+# Arts for file interchange.  It has also been used by Apple, SGI, and
+# especially Commodore-Amiga.
+#
+# IFF files begin with an 8 byte FORM header, followed by a 4 character
+# FORM type, which is followed by the first chunk in the FORM.
+
+0	string		FORM		IFF data
+#>4	belong		x		\b, FORM is %d bytes long
+# audio formats
+>8	string		AIFF		\b, AIFF audio
+!:mime	audio/x-aiff
+>8	string		AIFC		\b, AIFF-C compressed audio
+!:mime	audio/x-aiff
+>8	string		8SVX		\b, 8SVX 8-bit sampled sound voice
+!:mime	audio/x-aiff
+>8	string		16SV		\b, 16SV 16-bit sampled sound voice
+>8	string		SAMP		\b, SAMP sampled audio
+>8	string		MAUD		\b, MAUD MacroSystem audio
+>8	string		SMUS		\b, SMUS simple music
+>8	string		CMUS		\b, CMUS complex music
+# image formats
+>8	string		ILBMBMHD	\b, ILBM interleaved image
+>>20	beshort		x		\b, %d x
+>>22	beshort		x		%d
+>8	string		RGBN		\b, RGBN 12-bit RGB image
+>8	string		RGB8		\b, RGB8 24-bit RGB image
+>8	string		DEEP		\b, DEEP TVPaint/XiPaint image
+>8	string		DR2D		\b, DR2D 2-D object
+>8	string		TDDD		\b, TDDD 3-D rendering
+>8	string		LWOB		\b, LWOB 3-D object
+>8	string		LWO2		\b, LWO2 3-D object, v2
+>8	string		LWLO		\b, LWLO 3-D layered object
+>8	string		REAL		\b, REAL Real3D rendering
+>8	string		MC4D		\b, MC4D MaxonCinema4D rendering
+>8	string		ANIM		\b, ANIM animation
+>8	string		YAFA		\b, YAFA animation
+>8	string		SSA\ 		\b, SSA super smooth animation
+>8	string		FANT		\b, Fantavision animation
+>8	string		ACBM		\b, ACBM continuous image
+>8	string		FAXX		\b, FAXX fax image
+>8	string		STFX		\b, ST-Fax image
+>8	string		IMAGIHDR	\b, CD-i image
+# other formats
+>8	string		FTXT		\b, FTXT formatted text
+>8	string		CTLG		\b, CTLG message catalog
+>8	string		PREF		\b, PREF preferences
+>8	string		DTYP		\b, DTYP datatype description
+>8	string		PTCH		\b, PTCH binary patch
+>8	string		AMFF		\b, AMFF AmigaMetaFile format
+>8	string		WZRD		\b, WZRD StormWIZARD resource
+>8	string		DOC\040		\b, DOC desktop publishing document
+>8	string		SWRT		\b, SWRT Final Copy/Writer document
+>8	string		WORD		\b, ProWrite document
+>8	string 		WTXT		\b, WTXT Wordworth document
+>8	string 		WOWO		\b, WOWO Wordworth document
+>8	string		WVQA 		\b, Westwood Studios VQA Multimedia,
+>>24	leshort		x		%d video frames,
+>>26	leshort		x		%d x
+>>28	leshort		x		%d
+>8	string		MOVE		\b, Wing Commander III Video
+>>12	string		_PC_		\b, PC version
+>>12	string		3DO_		\b, 3DO version
+
+# These go at the end of the iff rules
+#
+# David Griffith <dave@661.org>
+# I don't see why these might collide with anything else.
+#
+# Interactive Fiction related formats
+#
+>8	string		IFRS		\b, Blorb Interactive Fiction
+>>24	string		Exec		with executable chunk
+>8	string          IFZS		\b, Z-machine or Glulx saved game file (Quetzal)
+!:mime	application/x-blorb
diff --git a/magic/Magdir/images b/magic/Magdir/images
new file mode 100644
index 0000000..48e9f6d
--- /dev/null
+++ b/magic/Magdir/images
@@ -0,0 +1,4219 @@
+
+#------------------------------------------------------------------------------
+# $File: images,v 1.243 2023/07/17 16:49:09 christos Exp $
+# images:  file(1) magic for image formats (see also "iff", and "c-lang" for
+# XPM bitmaps)
+#
+# originally from jef@helios.ee.lbl.gov (Jef Poskanzer),
+# additions by janl@ifi.uio.no as well as others. Jan also suggested
+# merging several one- and two-line files into here.
+#
+# little magic: PCX (first byte is 0x0a)
+
+# Targa - matches `povray', `ppmtotga' and `xv' outputs
+# by Philippe De Muyter <phdm@macqel.be>
+# URL: http://justsolve.archiveteam.org/wiki/TGA
+# Reference: http://www.dca.fee.unicamp.br/~martino/disciplinas/ea978/tgaffs.pdf
+# Update: Joerg Jenderek
+# at 2, byte ImgType must be 1, 2, 3, 9, 10 or 11
+#	,32 or 33 (both not observed)
+# at 1, byte CoMapType must be 1 if ImgType is 1 or 9, 0 otherwise
+#	or theoretically 2-128 reserved for use by Truevision or 128-255 may be used for developer applications
+# at 3, leshort Index is 0 for povray, ppmtotga and xv outputs
+# `xv' recognizes only a subset of the following (RGB with pixelsize = 24)
+# `tgatoppm' recognizes a superset (Index may be anything)
+#
+# test of Color Map Type 0~no 1~color map
+# and Image Type 1 2 3 9 10 11 32 33
+# and Color Map Entry Size 0 15 16 24 32
+0	ubequad&0x00FeC400000000C0	0
+# Conflict with MPEG sequences.
+!:strength -40
+# Prevent conflicts with CRI ADX.
+#>(2.S-2) belong	!0x28632943
+# above line does not work for rgb32_top_left_rle.tga
+# skip some MPEG sequence *.vob and some CRI ADX audio with improbable interleave bits
+>17	ubyte&0xC0		!0xC0
+# skip more garbage like *.iso by looking for positive image type
+>>2	ubyte			>0
+# skip some compiled terminfo like xterm+tmux by looking for image type less equal 33
+>>>2	ubyte			<34
+# skip some MPEG sequence *.vob HV001T01.EVO winnicki.mpg with unacceptable alpha channel depth 11
+>>>>17	ubyte&0x0F		!11
+# skip arches.3200 , Finder.Root , Slp.1 by looking for low pixel depth 1 8 15 16 24 32
+>>>>>16	ubyte			1
+>>>>>>0		use		tga-image
+>>>>>16	ubyte			8
+>>>>>>0		use		tga-image
+>>>>>16	ubyte			15
+>>>>>>0		use		tga-image
+>>>>>16	ubyte			16
+>>>>>>0		use		tga-image
+>>>>>16	ubyte			24
+>>>>>>0		use		tga-image
+>>>>>16	ubyte			32
+>>>>>>0		use		tga-image
+#	display tga bitmap image information
+0	name				tga-image
+>2	ubyte		<34		Targa image data
+!:mime	image/x-tga
+!:apple	????TPIC
+# normal extension .tga but some Truevision products used others:
+# tpic (Apple),icb (Image Capture Board),vda (Video Display Adapter),vst (NuVista),win (UNSURE about that)
+!:ext	tga/tpic/icb/vda/vst
+# image type 1 2 3 9 10 11 32 33
+>2	ubyte&0xF7	1		- Map
+>2	ubyte&0xF7	2		- RGB
+# alpha channel
+>>17	ubyte&0x0F	>0		\bA
+>2	ubyte&0xF7	3		- Mono
+# type not found, but by http://www.fileformat.info/format/tga/corion.htm
+# Compressed color-mapped data, using Huffman, Delta, and runlength encoding
+>2	ubyte		32		- Color
+# Compressed color-mapped data, using Huffman, Delta, and RLE. 4-pass quadtree- type process
+>2	ubyte		33		- Color
+# Color Map Type 0~no 1~color map
+>1	ubyte		1		(
+# first color map entry, 0 normal
+>>3	uleshort	>0		\b%d-
+# color map length 0 2 1dh 3bh d9h 100h
+>>5	uleshort	x		\b%d)
+# 8~run length encoding bit
+>2	ubyte&0x08	8		- RLE
+# gimp can create big pictures!
+>12	uleshort	>0		%d x
+>12	uleshort	=0		65536 x
+# image height. 0 interpreted as 65536
+>14	uleshort	>0		%d
+>14	uleshort	=0		65536
+# Image Pixel depth 1 8 15 16 24 32
+>16	ubyte		x		x %d
+# X origin of image. 0 normal
+>8	uleshort	>0		+%d
+# Y origin of image. 0 normal; positive for top
+>10	uleshort	>0		+%d
+# Image descriptor: bits 3-0 give the alpha channel depth, bits 5-4 give direction
+# alpha depth like: 1 8
+>17	ubyte&0x0F	>0		- %d-bit alpha
+# bits 5-4 give direction. normal bottom left
+>17	ubyte		&0x20		- top
+#>17	ubyte		^0x20		- bottom
+>17	ubyte		&0x10		- right
+#>17	ubyte		^0x10		- left
+# some info say other bits 6-7 should be zero
+# but data storage interleave by http://www.fileformat.info/format/tga/corion.htm
+# 00 - no interleave;01 - even/odd interleave; 10 - four way interleave; 11 - reserved
+#>17	ubyte&0xC0	0x00		- no interleave
+>17	ubyte&0xC0	0x40		- interleave
+>17	ubyte&0xC0	0x80		- four way interleave
+>17	ubyte&0xC0	0xC0		- reserved
+# positive length implies identification field
+>0	ubyte		>0
+>>18	string		x		"%s"
+# last 18 bytes of newer tga file footer signature
+>18	search/4261301/s	TRUEVISION-XFILE.\0
+# extension area offset if not 0
+>>&-8		ulelong			>0
+# length of the extension area. normal 495 for version 2.0
+>>>(&-4.l)	uleshort		0x01EF
+# AuthorName[41]
+>>>>&0		string			>\0		- author "%-.40s"
+# Comment[324]=4 * 80 null terminated
+>>>>&41		string			>\0		- comment "%-.80s"
+# date
+>>>>&365	ubequad&0xffffFFFFffff0000	!0
+# Day
+>>>>>&-6	uleshort		x		%d
+# Month
+>>>>>&-8	uleshort		x		\b-%d
+# Year
+>>>>>&-4	uleshort		x		\b-%d
+# time
+>>>>&371	ubequad&0xffffFFFFffff0000	!0
+# hour
+>>>>>&-8	uleshort		x		%d
+# minutes
+>>>>>&-6	uleshort		x		\b:%.2d
+# second
+>>>>>&-4	uleshort		x		\b:%.2d
+# JobName[41]
+>>>>&377	string			>\0		- job "%-.40s"
+# JobHour Jobminute Jobsecond
+>>>>&418	ubequad&0xffffFFFFffff0000	!0
+>>>>>&-8	uleshort		x		%d
+>>>>>&-6	uleshort		x		\b:%.2d
+>>>>>&-4	uleshort		x		\b:%.2d
+# SoftwareId[41]
+>>>>&424	string			>\0		- %-.40s
+# SoftwareVersionNumber
+>>>>&424	ubyte			>0
+>>>>>&40	uleshort/100		x		%d
+>>>>>&40	uleshort%100		x		\b.%d
+# VersionLetter
+>>>>>&42	ubyte			>0x20		\b%c
+# KeyColor
+>>>>&468	ulelong			>0		- keycolor %#8.8x
+# Denominator of Pixel ratio. 0~no pixel aspect
+>>>>&474	uleshort		>0
+# Numerator
+>>>>>&-4	uleshort		>0		- aspect %d
+>>>>>&-2	uleshort		x		\b/%d
+# Denominator of Gamma ratio. 0~no Gamma value
+>>>>&478	uleshort		>0
+# Numerator
+>>>>>&-4	uleshort		>0		- gamma %d
+>>>>>&-2	uleshort		x		\b/%d
+# ColorOffset
+#>>>>&480	ulelong			x		- col offset %#8.8x
+# StampOffset
+#>>>>&484	ulelong			x		- stamp offset %#8.8x
+# ScanOffset
+#>>>>&488	ulelong			x		- scan offset %#8.8x
+# AttributesType
+#>>>>&492	ubyte			x		- Attributes %#x
+## EndOfTGA
+
+# PBMPLUS images
+# URL: 		https://en.wikipedia.org/wiki/Netpbm
+# The next byte following the magic is always whitespace.
+# adding 65 to strength so that Netpbm images comes before "x86 boot sector" or
+# "DOS/MBR boot sector" identified by ./filesystems
+0	name		netpbm
+>3	regex/s		=\^[0-9]{1,50}[\040\t\f\r\n]+[0-9]{1,50}	Netpbm image data
+>>&0	regex		=[0-9]{1,50} 			\b, size = %s x
+>>>&0	regex		=[0-9]{1,50}			\b %s
+
+0	search/1	P1
+# test for whitespace after 2 byte magic
+>2	regex/2		[\040\t\f\r\n]
+# skip DROID x-fmt-164-signature-id-583.pbm with ten 0 digits
+>>3	string		!000000000
+>>>0	use		netpbm
+>>>0	string		x	\b, bitmap
+!:strength + 65
+!:mime	image/x-portable-bitmap
+!:ext	pbm
+# check for character # starting a comment line
+>>>3	ubyte		=0x23
+>>>>4	string		x	%s
+
+0	search/1	P2
+>0	regex/4		P2[\040\t\f\r\n]
+>>0	use		netpbm
+>>0	string		x	\b, greymap
+!:strength + 65
+# american spelling gray
+!:mime	image/x-portable-graymap
+!:ext	pgm
+
+0	search/1	P3
+>0	regex/4		P3[\040\t\f\r\n]
+>>0	use		netpbm
+>>0	string		x	\b, pixmap
+!:strength + 65
+!:mime	image/x-portable-pixmap
+!:ext	ppm
+
+0	string		P4
+>0	regex/4		P4[\040\t\f\r\n]
+>>0	use		netpbm
+>>0	string		x	\b, rawbits, bitmap
+!:strength + 65
+!:mime	image/x-portable-bitmap
+!:ext	pbm
+
+0	string		P5
+>0	regex/4		P5[\040\t\f\r\n]
+>>0	use		netpbm
+>>0	string		x	\b, rawbits, greymap
+!:strength + 65
+!:mime	image/x-portable-greymap
+!:ext	pgm
+
+0	string		P6
+>0	regex/4		P6[\040\t\f\r\n]
+>>0	use		netpbm
+>>0	string		x	\b, rawbits, pixmap
+!:strength + 65
+!:mime	image/x-portable-pixmap
+!:ext	ppm/pnm
+
+# URL: 		https://en.wikipedia.org/wiki/Netpbm#PAM_graphics_format
+# Reference:	http://fileformats.archiveteam.org/wiki/Portable_Arbitrary_Map
+# Update:	Joerg Jenderek
+0	string		P7
+# skip DROID fmt-405-signature-id-589.pam by looking for character like New Line 
+>2	ubyte		!0xAB
+#>2	ubyte		=0x0A
+>>3	search/256/b	WIDTH		Netpbm PAM image file, size =
+!:mime	image/x-portable-arbitrarymap
+!:ext	pam
+!:strength + 65
+>>>&1	string		x		%s
+>>>3	search/256/b	HEIGHT		x
+>>>>&1	string		x		%s
+# at offset 2 a New Line character (0xA) should appear
+>>>2	ubyte		!0x0A		\b, %#x at offset 2 instead new line
+
+# From: bryanh@giraffe-data.com (Bryan Henderson)
+0	string		\117\072	Solitaire Image Recorder format
+>4	string		\013		MGI Type 11
+>4	string		\021		MGI Type 17
+0	string		.MDA		MicroDesign data
+>21	ubyte		48		version 2
+>21	ubyte		51		version 3
+0	string		.MDP		MicroDesign page data
+>21	ubyte		48		version 2
+>21	ubyte		51		version 3
+
+# NIFF (Navy Interchange File Format, a modification of TIFF) images
+# [GRR:  this *must* go before TIFF]
+0	string		IIN1		NIFF image data
+!:mime	image/x-niff
+
+# Canon RAW version 1 (CRW) files are a type of Canon Image File Format
+# (CIFF) file. These are apparently all little-endian.
+# From: Adam Buchbinder <adam.buchbinder@gmail.com>
+# URL: https://www.sno.phy.queensu.ca/~phil/exiftool/canon_raw.html
+0	string		II\x1a\0\0\0HEAPCCDR	Canon CIFF raw image data
+!:mime	image/x-canon-crw
+>16	uleshort	x	\b, version %d.
+>14	uleshort	x	\b%d
+
+# Canon RAW version 2 (CR2) files are a kind of TIFF with an extra magic
+# number. Put this above the TIFF test to make sure we detect them.
+# These are apparently all little-endian.
+# From: Adam Buchbinder <adam.buchbinder@gmail.com>
+# URL: https://libopenraw.freedesktop.org/wiki/Canon_CR2
+0	string		II\x2a\0\x10\0\0\0CR	Canon CR2 raw image data
+!:mime	image/x-canon-cr2
+!:strength +80
+>10	ubyte		x	\b, version %d.
+>11	ubyte		x	\b%d
+
+# Fujifilm RAF RAW image files with embedded JPEG data and compressed
+# or uncompressed CFA RAW data. Byte order: Big Endian.
+# URL: https://libopenraw.freedesktop.org/formats/raf/
+# Useful info from http://fileformats.archiveteam.org/wiki/Fujifilm_RAF.
+# File extension: RAF
+# Works for both the FinePix S2 Pro and the X-T3. Anybody have some more Fuji
+# raw samples available?
+# -- David Dyer-Bennet <dd-b@dd-b.net> 9-Sep-2021
+0	string		FUJIFILMCCD-RAW		Fujifilm RAF raw image data
+!:mime  image/x-fuji-raf
+!:ext	raf
+>0x10	string		x			\b, format version %4.4s
+>0x1C	string		x			\b, camera %s
+
+# Tag Image File Format, from Daniel Quinlan (quinlan@yggdrasil.com)
+# The second word of TIFF files is the TIFF version number, 42, which has
+# never changed.  The TIFF specification recommends testing for it.
+0	string		MM\x00\x2a	TIFF image data, big-endian
+!:strength +70
+!:mime	image/tiff
+!:ext	tif/tiff
+>(4.L)	use		\^tiff_ifd
+0	string		II\x2a\x00	TIFF image data, little-endian
+!:mime	image/tiff
+!:strength +70
+!:ext	tif/tiff
+>(4.l)	use		tiff_ifd
+
+0	name		tiff_ifd
+>0	uleshort	x		\b, direntries=%d
+>2	use		tiff_entry
+
+0	name		tiff_entry
+# NewSubFileType
+>0	uleshort	0xfe
+>>12	use		tiff_entry
+>0	uleshort	0x100
+>>4	ulelong		1
+>>>12	use		tiff_entry
+>>>8	uleshort	x		\b, width=%d
+>0	uleshort	0x101
+>>4	ulelong		1
+>>>8	uleshort	x		\b, height=%d
+>>>12	use		tiff_entry
+>0	uleshort	0x102
+>>8	uleshort	x		\b, bps=%d
+>>12	use		tiff_entry
+>0	uleshort	0x103
+>>4	ulelong		1		\b, compression=
+>>>8	uleshort	1		\bnone
+>>>8	uleshort	2		\bhuffman
+>>>8	uleshort	3		\bbi-level group 3
+>>>8	uleshort	4		\bbi-level group 4
+>>>8	uleshort	5		\bLZW
+>>>8	uleshort	6		\bJPEG (old)
+>>>8	uleshort	7		\bJPEG
+>>>8	uleshort	8		\bdeflate
+>>>8	uleshort	9		\bJBIG, ITU-T T.85
+>>>8	uleshort	0xa		\bJBIG, ITU-T T.43
+>>>8	uleshort	0x7ffe		\bNeXT RLE 2-bit
+>>>8	uleshort	0x8005		\bPackBits (Macintosh RLE)
+>>>8	uleshort	0x8029		\bThunderscan RLE
+>>>8	uleshort	0x807f		\bRasterPadding (CT or MP)
+>>>8	uleshort	0x8080		\bRLE (Line Work)
+>>>8	uleshort	0x8081		\bRLE (High-Res Cont-Tone)
+>>>8	uleshort	0x8082		\bRLE (Binary Line Work)
+>>>8	uleshort	0x80b2		\bDeflate (PKZIP)
+>>>8	uleshort	0x80b3		\bKodak DCS
+>>>8	uleshort	0x8765		\bJBIG
+>>>8	uleshort	0x8798		\bJPEG2000
+>>>8	uleshort	0x8799		\bNikon NEF Compressed
+>>>8	default		x
+>>>>8	uleshort	x		\b(unknown %#x)
+>>>12	use		tiff_entry
+>0	uleshort	0x106		\b, PhotometricInterpretation=
+>>8	clear		x
+>>8	uleshort	0		\bWhiteIsZero
+>>8	uleshort	1		\bBlackIsZero
+>>8	uleshort	2		\bRGB
+>>8	uleshort	3		\bRGB Palette
+>>8	uleshort	4		\bTransparency Mask
+>>8	uleshort	5		\bCMYK
+>>8	uleshort	6		\bYCbCr
+>>8	uleshort	8		\bCIELab
+>>8	default		x
+>>>8	uleshort	x		\b(unknown=%#x)
+>>12	use		tiff_entry
+# FillOrder
+>0	uleshort	0x10a
+>>4	ulelong		1
+>>>12	use		tiff_entry
+# DocumentName
+>0	uleshort	0x10d
+>>(8.l)	string		x		\b, name=%s
+>>>12	use		tiff_entry
+# ImageDescription
+>0	uleshort	0x10e
+>>(8.l)	string		x		\b, description=%s
+>>>12	use		tiff_entry
+# Make
+>0	uleshort	0x10f
+>>(8.l)	string		x		\b, manufacturer=%s
+>>>12	use		tiff_entry
+# Model
+>0	uleshort	0x110
+>>(8.l)	string		x		\b, model=%s
+>>>12	use		tiff_entry
+# StripOffsets
+>0	uleshort	0x111
+>>12	use		tiff_entry
+# Orientation
+>0	uleshort	0x112		\b, orientation=
+>>8	uleshort	1		\bupper-left
+>>8	uleshort	3		\blower-right
+>>8	uleshort	6		\bupper-right
+>>8	uleshort	8		\blower-left
+>>8	uleshort	9		\bundefined
+>>8	default		x
+>>>8	uleshort	x		\b[*%d*]
+>>12	use		tiff_entry
+# XResolution
+>0	uleshort	0x11a
+>>8	ulelong		x		\b, xresolution=%d
+>>12	use		tiff_entry
+# YResolution
+>0	uleshort	0x11b
+>>8	ulelong		x		\b, yresolution=%d
+>>12	use		tiff_entry
+# ResolutionUnit
+>0	uleshort	0x128
+>>8	uleshort	x		\b, resolutionunit=%d
+>>12	use		tiff_entry
+# Software
+>0	uleshort	0x131
+>>(8.l)	string		x		\b, software=%s
+>>12	use		tiff_entry
+# Datetime
+>0	uleshort	0x132
+>>(8.l)	string		x		\b, datetime=%s
+>>12	use		tiff_entry
+# HostComputer
+>0	uleshort	0x13c
+>>(8.l)	string		x		\b, hostcomputer=%s
+>>12	use		tiff_entry
+# WhitePoint
+>0	uleshort	0x13e
+>>12	use		tiff_entry
+# PrimaryChromaticities
+>0	uleshort	0x13f
+>>12	use		tiff_entry
+# YCbCrCoefficients
+>0	uleshort	0x211
+>>12	use		tiff_entry
+# YCbCrPositioning
+>0	uleshort	0x213
+>>12	use		tiff_entry
+# ReferenceBlackWhite
+>0	uleshort	0x214
+>>12	use		tiff_entry
+# Copyright
+>0	uleshort	0x8298
+>>(8.l)	string		x		\b, copyright=%s
+>>12	use		tiff_entry
+# ExifOffset
+>0	uleshort	0x8769
+>>12	use		tiff_entry
+# GPS IFD
+>0	uleshort	0x8825		\b, GPS-Data
+>>12	use		tiff_entry
+
+#>0	uleshort	x		\b, unknown=%#x
+#>>12	use		tiff_entry
+
+0	string		MM\x00\x2b	Big TIFF image data, big-endian
+!:mime	image/tiff
+0	string		II\x2b\x00	Big TIFF image data, little-endian
+!:mime	image/tiff
+
+# PNG [Portable Network Graphics, or "PNG's Not GIF"] images
+# (Greg Roelofs, newt@uchicago.edu)
+# (Albert Cahalan, acahalan@cs.uml.edu)
+#
+# 137 P N G \r \n ^Z \n [4-byte length] I H D R [HEAD data] [HEAD crc] ...
+#
+
+# IHDR parser
+0	name		png-ihdr
+>0	ubelong		x		\b, %d x
+>4	ubelong		x		%d,
+>8	ubyte		x		%d-bit
+>9	ubyte		0		grayscale,
+>9	ubyte		2		\b/color RGB,
+>9	ubyte		3		colormap,
+>9	ubyte		4		gray+alpha,
+>9	ubyte		6		\b/color RGBA,
+#>10	ubyte		0		deflate/32K,
+>12	ubyte		0		non-interlaced
+>12	ubyte		1		interlaced
+
+# Standard PNG image.
+0	string		\x89PNG\x0d\x0a\x1a\x0a\x00\x00\x00\x0DIHDR	PNG image data
+!:mime	image/png
+!:ext   png
+!:strength +10
+>16	use		png-ihdr
+
+# Apple CgBI PNG image.
+0	string		\x89PNG\x0d\x0a\x1a\x0a\x00\x00\x00\x04CgBI
+>24	string  	\x00\x00\x00\x0DIHDR	PNG image data (CgBI)
+!:mime	image/png
+!:ext   png
+!:strength +10
+>>32	use		png-ihdr
+
+# possible GIF replacements; none yet released!
+# (Greg Roelofs, newt@uchicago.edu)
+#
+# GRR 950115:  this was mine ("Zip GIF"):
+0	string		GIF94z		ZIF image (GIF+deflate alpha)
+!:mime	image/x-unknown
+#
+# GRR 950115:  this is Jeremy Wohl's Free Graphics Format (better):
+#
+0	string		FGF95a		FGF image (GIF+deflate beta)
+!:mime	image/x-unknown
+#
+# GRR 950115:  this is Thomas Boutell's Portable Bitmap Format proposal
+# (best; not yet implemented):
+#
+0	string		PBF		PBF image (deflate compression)
+!:mime	image/x-unknown
+
+# GIF
+# Strength set up to beat 0x55AA DOS/MBR signature word lookups (+65)
+0	string		GIF8		GIF image data
+!:strength +80
+!:mime	image/gif
+!:apple	8BIMGIFf
+!:ext	gif
+>4	string		7a		\b, version 8%s,
+>4	string		9a		\b, version 8%s,
+>6	uleshort	>0		%d x
+>8	uleshort	>0		%d
+#>10	ubyte		&0x80		color mapped,
+#>10	ubyte&0x07	=0x00		2 colors
+#>10	ubyte&0x07	=0x01		4 colors
+#>10	ubyte&0x07	=0x02		8 colors
+#>10	ubyte&0x07	=0x03		16 colors
+#>10	ubyte&0x07	=0x04		32 colors
+#>10	ubyte&0x07	=0x05		64 colors
+#>10	ubyte&0x07	=0x06		128 colors
+#>10	ubyte&0x07	=0x07		256 colors
+
+# ITC (CMU WM) raster files.  It is essentially a byte-reversed Sun raster,
+# 1 plane, no encoding.
+0	string		\361\0\100\273	CMU window manager raster image data
+>4	ulelong		>0		%d x
+>8	ulelong		>0		%d,
+>12	ulelong		>0		%d-bit
+
+# Magick Image File Format
+# URL:		https://imagemagick.org/script/miff.php
+# Reference:	http://fileformats.archiveteam.org/wiki/MIFF
+# Update:	Joerg Jenderek
+# http://www.nationalarchives.gov.uk/pronom/fmt/930
+0	search/256/bc	id=imagemagick
+# skip bad ASCII text by following new line~0x0A or space~0x20 character
+#>&0	ubyte		x		\b, next character %#x
+# called by TriD ImageMagick Machine independent File Format bitmap
+>&0	ubyte&0xD5	0		MIFF image data
+# https://reposcope.com/mimetype/image/miff
+#!:mime	image/miff
+!:mime	image/x-miff
+!:ext	miff/mif
+# examples with standard file(1) magic
+#>>0	string		=id=ImageMagick	with standard magic
+# examples with unusual file(1) magic like 
+>>0	string		!id=ImageMagick	starting with
+# start with comment (brace) like http://samples.fileformat.info/.../AQUARIUM.MIF
+>>>0	ubyte		=0x7b		comment
+# skip second character which is often a newline and show comment
+>>>>2	string		x		"%s"
+# does not start with comment, probably letters with other case like Id=ImageMagick
+# ImageMagick-7.0.9-2/Magick++/demo/smile_anim.miff
+>>>0	ubyte		!0x7b
+>>>>0	string		>\0		'%-.14s'
+# URL:		https://imagemagick.org/
+# Reference:	https://imagemagick.org/script/magick-vector-graphics.php
+# From:		Joerg Jenderek
+# Note:		all white-spaces between commands are ignored
+0	string		push
+# skip some white spaces
+>5	search/3	graphic-context	ImageMagick Vector Graphic
+# TODO: look for dangerous commands like CVE-2016-3715
+#!:mime	text/plain
+!:mime	image/x-mvg
+!:ext	mvg
+
+# Artisan
+0	long		1123028772	Artisan image data
+>4	long		1		\b, rectangular 24-bit
+>4	long		2		\b, rectangular 8-bit with colormap
+>4	long		3		\b, rectangular 32-bit (24-bit with matte)
+
+# FIG (Facility for Interactive Generation of figures), an object-based format
+# URL: 		http://fileformats.archiveteam.org/wiki/Fig
+#		https://en.wikipedia.org/wiki/Xfig
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/f/fig.trid.xml
+# https://web.archive.org/web/20070920204655/http://epb.lbl.gov/xfig/fig-format.html
+# Update:	Joerg Jenderek
+# Note:		called "FIG vector drawing" by TrID,
+#		4 byte magic is assumed to be always at offset 0 and
+#		verified by `fig2mpdf -v bootloader.fig && file bootloader.pdf`
+#0	search/1/tb	#FIG		FIG image text
+# GRR: with --keep-going option the line above gives duplicate messages
+0	search/1/ts	#FIG
+>&0	use		image-xfig
+# binary data variant with non ASCII text characters like Control-A or �C in thermostat.fig
+0	search/1/bs	#FIG
+>&0	use		image-xfig
+#	display XFIG image describing text, mime type, file name extension and version
+0	name		image-xfig
+>8	ubyte		x		FIG image text
+#!:mime	text/plain
+# https://reposcope.com/mimetype/image/x-xfig
+!:mime	image/x-xfig
+!:ext	fig
+# version string like: 1.4 2.1 3.1 3.2
+>5	string		x		\b, version %.3s
+# some times after version text like: "Produced by xfig version 3.2.5-alpha5"
+>8	ubyte		>0x0D
+>>8	string		x		"%s"
+# should be point character (2Eh) of version string according to TrID
+#>6	ubyte		!0x2E		\b, at 6 %#x
+# caret character (23h) at the beginning in most or probably all examples
+#>0	ubyte		!0x23		\b, starting with character %#x
+# URL: 		http://fileformats.archiveteam.org/wiki/DeskMate_Draw
+#		http://en.wikipedia.org/wiki/Deskmate
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/d/dm-fig.trid.xml
+# From:		Joerg Jenderek
+# Note:		called "DeskMate Draw drawing" by TrID
+0	string		\x14FIG		DeskMate Drawing
+#!:mime	application/octet-stream
+!:mime	image/x-deskmate-fig
+!:ext	fig
+# TODO:
+#	"Cabri 3D Figure"	by TrID fig-cabri.trid.xml
+#	"Playmation Figure"	by TrID fig-playmation.trid.xml
+
+# PHIGS
+0	string		ARF_BEGARF		PHIGS clear text archive
+0	string		@(#)SunPHIGS		SunPHIGS
+# version number follows, in the form m.n
+>40	string		SunBin			binary
+>32	string		archive			archive
+
+# GKS (Graphics Kernel System)
+0	string		GKSM		GKS Metafile
+>24	string		SunGKS		\b, SunGKS
+
+# CGM image files
+# Update:	Joerg Jenderek
+# URL: 		http://fileformats.archiveteam.org/wiki/CGM
+#		https://en.wikipedia.org/wiki/Computer_Graphics_Metafile
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/c/cgm-ct.trid.xml
+#		http://standards.iso.org/ittf/PubliclyAvailableStandards/c032381_ISO_IEC_8632-4_1999(E).zip
+# Note:		called "Computer Graphics Metafile (Clear Text)" by TrID and
+#		"Computer Graphics Metafile ASCII" by DROID or CGM by XnView
+#		verified by LibreOffice and partly by XnView `nconvert -info *.CGM`
+# According to TrID only letter B and M are always upcased and by DROID often only B is upcased for command BEGIN METAFILE
+0	string/c	begmf
+# skip SOME DROID fmt-301-signature-id-359.cgm fmt-301-signature-id-361.cgm fmt-302-signature-id-364.cgm
+# fmt-302-signature-id-365.cgm x-fmt-142-signature-id-350.cgm x-fmt-142-signature-id-351.cgm
+>5	short		!0
+# skip other versions of DROID fmt-301-signature-id-359.cgm fmt-301-signature-id-361.cgm fmt-302-signature-id-364.cgm
+# fmt-302-signature-id-365.cgm x-fmt-142-signature-id-350.cgm x-fmt-142-signature-id-351.cgm
+>>5	short		!0xABab		clear text Computer Graphics Metafile
+# https://reposcope.com/mimetype/image/cgm
+!:mime	image/cgm
+!:ext	cgm
+# SF:NAME like: 'metafile example';
+>>>5	string		x		%s
+# look for command METAFILE VERSION (MFVERSION <SOFTSEP> <I:VERSION>)
+>>>2	search/128/c	mfversion
+#>>>>&0	ubyte		x		SOFTSEP=%#x
+# version like: 1 3 4
+>>>>&1	ubyte		>0x31		\b, version %c
+# Summary:	Computer Graphics Metafile (binary)
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/c/cgm-bin.trid.xml
+#		https://standards.iso.org/ittf/PubliclyAvailableStandards/c032380_ISO_IEC_8632-3_1999(E).zip
+# Note:		called "Computer Graphics Metafile (binary)" by TrID and DROID or CGM by XnView
+#		verified by LibreOffice and partly by XnView `nconvert -info *.CGM`
+# look for BEGIN METAFILE (element Class 0 and ID 1 and "random" Parameter) that is binary C C C C 0 0 0 0 0 0 1 P P P P P
+0	ubeshort&0xFFe0		0x0020
+# skip SOME DROID fmt-303-signature-id-368.cgm fmt-304-signature-id-369.cgm fmt-305-signature-id-370.cgm fmt-306-signature-id-371.cgm
+# with containing only 28 bytes
+>28	ubyte			x
+# look for METAFILE VERSION (element class 1 and id 1 and parameter P1 with length 2) that is binary 0 0 0 1 i i i i i i 1 P P P 1 P
+# with "low" version; 2nd worst case argentin.cgm with parameter length 56
+# worst MS.CGM
+#>>2	search/73/b		\x10\x22\0	binary Computer Graphics Metafile
+>>2	search/128/b		\x10\x22\0	binary Computer Graphics Metafile
+!:mime	image/cgm
+!:ext	cgm
+# metafile 2 byte version number like: 1 (most) 2 3 4
+>>>&-1	ubeshort		>1		\b, version %u
+# length number of 1st parameter octets in range 0 to 30 implies short command
+>>>0	ubeshort&0x001F		<31		\b, parameter length %u
+# length of string like: 8 9 10 11 12 29
+#>>>>2		ubyte		x		\b, %u BYTES (SHORT)
+# string like: 'HiJaak 2' 'Example 1' 'sahara.cgm' 'MASTERCLIPS--Art Of Business '
+>>>>2		pstring		>\0		'%s'
+# after 1st short command with even parameter length comes 2nd command like: 1022h 0010h (EAF00010.CGM 'HiJaak 2' FLOPPY2.CGM TIGER.CGM 'B:\TIGER.CGM')
+>>>>0  		ubeshort&0x0001	=0
+>>>>>(2.b+3)	ubeshort	!0x1022		\b, 2nd command %#4.4x (short even)
+# after 1st short command with odd parameter length comes nil padding byte followed 2nd command like: 1022h
+>>>>0  		ubeshort&0x0001	=1
+#>>>>>(2.b+3)	ubyte		!0		\b, PADDING %#x
+>>>>>(2.b+4)	ubeshort	!0x1022		\b, 2nd command %#4.4x (short odd)
+# 11111 binary (decimal 31) in the parameter field indicates that the command is in long-form
+>>>0	ubeshort&0x001F		=0x1F
+# bit 15 is partition flag with 1 for 'not-last' partition and 0 for 'last' partition
+>>>>2  		ubeshort&0x8000	!0		\b, partition flag %#4.4x
+# bits 0 to 14 is parameter list length; the number of following parameter octets; range 0 to 32767
+# length of 1st long command parameter like: 53
+>>>>2  		ubeshort&0x7Fff	x		\b, parameter length %u (long)
+# The two header words are then followed by lenghth of 1st string like: 52
+#>>>>4		ubyte		x		\b, %u BYTES
+# string like: 'K:\PROJECTS\GRAPHICS\DWKS3.5\CLIPART\FLAGS\Italy.cgm'
+>>>>4		pstring/B	x		'%s'
+# odd long parameter length implies single null padding octet to start command on word boundary
+>>>>2  		ubeshort&0x0001	=1
+# after 1st long command with odd parameter length comes nil padding byte followed by 2nd command like: 1022h
+#>>>>>(4.b+5)		ubyte	!0		\b, PADDING %#x
+>>>>>(4.b+6)		ubeshort !0x1022	\b, 2nd command %#4.4x (long odd)
+# even long parameter length implies next command directly is following
+>>>>2  		ubeshort&0x0001	=0
+# after 1st long command with even parameter length comes 2nd command like: 1022h 0x1054 (MS.CGM)
+>>>>>(4.b+5)	ubeshort	!0x1022		\b, 2nd command %#4.4x (long even)
+# look for END METAFILE (element class 0 and id 2 and 0 parameter) that is binary 0 0 0 0 i i i i i 1 i P P P P P
+>>>-2	ubeshort		!0x0040		\b, NOT_FOUND_END_METAFILE
+
+# MGR bitmaps  (Michael Haardt, u31b3hs@pool.informatik.rwth-aachen.de)
+0	string	yz	MGR bitmap, modern format, 8-bit aligned
+0	string	zz	MGR bitmap, old format, 1-bit deep, 16-bit aligned
+0	string	xz	MGR bitmap, old format, 1-bit deep, 32-bit aligned
+0	string	yx	MGR bitmap, modern format, squeezed
+
+# Fuzzy Bitmap (FBM) images
+0	string		%bitmap\0	FBM image data
+>30	long		0x31		\b, mono
+>30	long		0x33		\b, color
+
+# facsimile data
+1	string		PC\ Research,\ Inc	group 3 fax data
+>29	ubyte		0		\b, normal resolution (204x98 DPI)
+>29	ubyte		1		\b, fine resolution (204x196 DPI)
+# From: Herbert Rosmanith <herp@wildsau.idv.uni.linz.at>
+0	string		Sfff		structured fax file
+
+# From: Joerg Jenderek <joerg.jen.der.ek@gmx.net>
+# URL:	http://fileformats.archiveteam.org/wiki/Award_BIOS_logo
+# Note:	verified by XnView command `nconvert -fullinfo *.EPA`
+0	string		\x11\x06	Award BIOS Logo, 136 x 84
+!:mime	image/x-award-bioslogo
+!:ext	epa
+0	string		\x11\x09	Award BIOS Logo, 136 x 126
+!:mime	image/x-award-bioslogo
+!:ext	epa
+# https://telparia.com/fileFormatSamples/image/epa/IO.EPA
+# Note:	by bitmap-awbm-v1x1009.trid.xml called "Award BIOS logo bitmap (128x126) (v1)"
+#	verified by RECOIL `recoil2png -o tmp.png IO.EPA; file tmp.png`
+0	string		\x10\x09	Award BIOS Logo, 128 x 126
+!:mime	image/x-award-bioslogo
+!:ext	epa
+#0	string		\x07\x1f	BIOS Logo corrupted?
+# http://www.blackfiveservices.co.uk/awbmtools.shtml
+# http://biosgfx.narod.ru/v3/
+# http://biosgfx.narod.ru/abr-2/
+0	string		AWBM
+# Note:    by bitmap-awbm.trid.xml called "Award BIOS logo bitmap (v2)"
+>4	uleshort	<1981		Award BIOS Logo, version 2
+#>4	uleshort	<1981		Award BIOS bitmap
+!:mime	image/x-award-bioslogo2
+#!:mime	image/x-award-bmp
+!:ext	epa/bmp
+# image width is a multiple of 4
+>>4	uleshort&0x0003	0
+>>>4	uleshort	x		\b, %d
+>>>6	uleshort	x		x %d
+>>4	uleshort&0x0003	>0		\b,
+>>>4	uleshort&0x0003	=1
+>>>>4	uleshort	x		%d+3
+>>>4	uleshort&0x0003	=2
+>>>>4	uleshort	x		%d+2
+>>>4	uleshort&0x0003	=3
+>>>>4	uleshort	x		%d+1
+>>>6	uleshort	x		x %d
+# at offset 8 starts imagedata followed by "RGB " marker
+
+# PC bitmaps (OS/2, Windows BMP files)  (Greg Roelofs, newt@uchicago.edu)
+# https://en.wikipedia.org/wiki/BMP_file_format#DIB_header_.\
+# 28bitmap_information_header.29
+# Note:	variant starting direct with DIB header see
+#	http://fileformats.archiveteam.org/wiki/BMP
+#	verified by ImageMagick version 6.8.9-8 command `identify *.dib`
+0	uleshort		40
+# skip bad samples like GAME by looking for valid number of color planes
+>12	uleshort	1		Device independent bitmap graphic
+!:mime	image/x-ms-bmp
+!:apple	????BMPp
+!:ext	dib
+>>4	ulelong		x		\b, %d x
+>>8	ulelong		x		%d x
+>>14	uleshort	x		%d
+# number of color planes (must be 1) 
+#>>12	uleshort	>1		\b, %u color planes
+# compression method: 0~no 1~RLE 8-bit/pixel 3~Huffman 1D
+#>>16	ulelong		3		\b, Huffman 1D compression
+>>16	ulelong		>0		\b, %u compression
+# image size is the size of raw bitmap; a dummy 0 can be given for BI_RGB bitmaps
+>>20	ulelong		x		\b, image size %u
+# horizontal and vertical resolution of the image (pixel per metre, signed integer) 
+>>24	ulelong		>0		\b, resolution %d x
+>>>28	ulelong		x		%d px/m
+# number of colors in palette, or 0 to default to 2**n
+#>>32	ulelong		>0		\b, %u colors
+# number of important colors used, or 0 when every color is important
+>>36	ulelong		>0		\b, %u important colors
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/VBM_(VDC_BitMap)
+# Reference:	http://csbruce.com/cbm/postings/csc19950906-1.txt
+#		http://mark0.net/download/triddefs_xml.7z
+#		defs/b/bitmap-vbm.trid.xml
+#		defs/b/bitmap-vbm-v3.trid.xml
+# Note:		called "VDC BitMap" by TrID
+#		verified by RECOIL `recoil2png -o tmp.png coke_can.vbm; file tmp.png`
+# begin with a signature of 'B' 'M' 0xCB, followed by a version byte 2 or 3
+# Similar to the unrelated Windows BMP format
+#	check for VDC bitmap and then display image dimension and version
+0	name		bitmap-vbm
+>2	ubyte		0xCB		VDC bitmap
+!:mime	image/x-commodore-vbm
+# http://recoil.sourceforge.net/formats.html
+!:ext	bm/vbm
+# the VBM format version number: 2 or 3
+>>3	ubyte		x		\b, version %u
+# width of the image in Hi/Lo format 
+>>4	ubeshort	x		\b, %u
+# height of the image
+>>6	ubeshort	x		x %u
+# version 3 images have the following additional header information 
+>>3	ubyte		=3
+# data-encoding type: 0~uncompressed 1~RLE-compressed 
+>>>8	ubyte		0		\b, uncompressed
+>>>8	ubyte		1		\b, RLE-compressed
+# byte code for general RLE repetitions
+#>>>9	ubyte		x		\b, RLE repetition code 0x%x
+# reserved := 0
+#>>>14	short		>0		\b, reserved 0x%x
+# length of comment text; 0~no comment text
+#>>>16	ubeshort	>0		\b, comment length %u
+>>>16	pstring/H	>0		\b, comment "%s"
+#
+0	string		BM
+# check for magic and version 2 of VDC bitmap or BMP with cbSize=715=CB02
+>2	ubeshort		0xCB02
+>>6	short		=0
+>>>0	use     	bitmap-bmp
+# VDC bitmap height or maybe a few OS/2 BMP with nonzero "hotspot coordinates"
+>>6	short		!0
+>>>0	use     	bitmap-vbm
+# check for magic and version 3 of VDC bitmap or BMP with cbSize=971=CB03
+>2	ubeshort		0xCB03
+# check for reserved value (=0) of VDC bitmap
+>>14	short		=0
+>>>0	use     	bitmap-vbm
+# BMP with cbSize=????03CBh and dib header size != 0
+>>14	short		!0
+>>>0	use     	bitmap-bmp
+# cbSize is size of header or file size of Windows BMP bitmap
+>2	default		x
+>>0	use     	bitmap-bmp
+0	name		bitmap-bmp
+>14	ulelong		12		PC bitmap, OS/2 1.x format
+!:mime	image/bmp
+!:ext	bmp
+>>18	uleshort	x		\b, %d x
+>>20	uleshort	x		%d
+# number of color planes (must be 1)
+#>>22	uleshort	!1		\b, %u color planes
+# number of bits per pixel (color depth); found 4 8
+>>24	uleshort	x		x %d
+# x, y coordinates of the hotspot
+>>6	uleshort	>0		\b, hotspot %ux
+>>>8	uleshort	x		\b%u
+# cbSize; size of file or header like 1Ah 228C8h
+>>2	ulelong		x		\b, cbSize %u
+#>>2	ulelong		x		\b, cbSize 0x%8.8x
+# offBits; offset to bitmap data like: 
+>>10	ulelong		x	\b, bits offset %u
+# http://fileformats.archiveteam.org/wiki/BMP#OS.2F2_BMP_2.0 no examples found
+>14	ulelong		48		PC bitmap, OS/2 2.x format (DIB header size=48)
+>14	ulelong		24		PC bitmap, OS/2 2.x format (DIB header size=24)
+# http://entropymine.com/jason/bmpsuite/bmpsuite/q/pal8os2v2-16.bmp
+# Note:    by bitmap-bmp-v2o.trid.xml called "Windows Bitmap (v2o)"
+>14	ulelong		16		PC bitmap, OS/2 2.x format (DIB header size=16)
+!:mime	image/bmp
+!:apple	????BMPp
+!:ext	bmp
+# image width and height fields are unsigned integers for OS/2
+>>18	ulelong		x		\b, %u x
+>>22	ulelong		x		%u
+# number of bits per pixel (color depth); found 8
+>>28	uleshort	>1		x %u
+# x, y coordinates of the hotspot
+>>6	uleshort	>0		\b, hotspot %ux
+>>>8	uleshort	x		\b%u
+# number of color planes (must be 1)
+#>>26	uleshort	>1		\b, %u color planes
+# cbSize; size of file like: 241E
+>>2	ulelong		x		\b, cbSize %u
+#>>2	ulelong		x		\b, cbSize 0x%x
+# offBits; offset to bitmap data like: 41E
+>>10	ulelong		x	\b, bits offset %u
+#>>10	ulelong		x	\b, bits offset 0x%x
+>14	ulelong		64		PC bitmap, OS/2 2.x format
+!:mime	image/bmp
+!:apple	????BMPp
+!:ext	bmp
+# image width and height fields are unsigned integers for OS/2
+>>18	ulelong		x		\b, %u x
+>>22	ulelong		x		%u
+# number of bits per pixel (color depth); found 1 4 8
+>>28	uleshort	>1		x %u
+# x, y coordinates of the hotspot
+>>6	uleshort	>0		\b, hotspot %ux
+>>>8	uleshort	x		\b%u
+>>26	uleshort	>1		\b, %u color planes
+# cbSize; size of file or headers
+>>2	ulelong		x		\b, cbSize %u
+# BMP with cbSize 000002CBh=715 or 000003CBh=971 maybe misinterpreted as VDC bitmap
+#>>2	ulelong		x		\b, cbSize %#x
+# offBits; offset to bitmap data like 56h 5Eh 8Eh 43Eh
+>>10	ulelong		x	\b, bits offset %u
+#>>10	ulelong		x	\b, bits offset %#x
+#>>(10.l) ubequad	!0	\b, bits %#16.16llx
+# BITMAPV2INFOHEADER	adds RGB bit masks
+>14	ulelong		52		PC bitmap, Adobe Photoshop
+!:mime	image/bmp
+!:apple	????BMPp
+!:ext	bmp
+>>18	ulelong		x		\b, %d x
+>>22	ulelong		x		%d x
+# number of bits per pixel (color depth); found 16 32
+>>28	uleshort	x		%d
+# x, y coordinates of the hotspot; should be zero for Windows variant
+>>6	uleshort	>0		\b, hotspot %ux
+>>>8	uleshort	x		\b%u
+# cbSize; size of file like: 14A 7F42
+>>2	ulelong		x		\b, cbSize %u
+#>>2	ulelong		x		\b, cbSize 0x%x
+# offBits; offset to bitmap data like: 42h
+>>10	ulelong		x	\b, bits offset %u
+#>>10	ulelong		x	\b, bits offset 0x%x
+# BITMAPV3INFOHEADER	adds alpha channel bit mask
+>14	ulelong		56		PC bitmap, Adobe Photoshop with alpha channel mask
+!:mime	image/bmp
+!:apple	????BMPp
+!:ext	bmp
+>>18	ulelong		x		\b, %d x
+>>22	ulelong		x		%d x
+# number of bits per pixel (color depth); found 16 32
+>>28	uleshort		x		%d
+# x, y coordinates of the hotspot; should be zero for Windows variant
+>>6	uleshort	>0		\b, hotspot %ux
+>>>8	uleshort	x		\b%u
+# cbSize; size of file like: 4E 7F46 131DE 14046h
+>>2	ulelong		x		\b, cbSize %u
+#>>2	ulelong		x		\b, cbSize 0x%x
+# offBits; offset to bitmap data like: 46h
+>>10	ulelong			x	\b, bits offset %u
+#>>10	ulelong			x	\b, bits offset 0x%x
+>14	ulelong		40
+# jump 4 bytes before end of file/header to skip fmt-116-signature-id-118.dib
+# broken for large bitmaps
+#>>(2.l-4)	ulong	x		PC bitmap, Windows 3.x format
+>>14	ulelong		40		PC bitmap, Windows 3.x format
+!:mime	image/bmp
+!:apple	????BMPp
+>>>18	ulelong		x		\b, %d x
+>>>22	ulelong		x		%d
+# 320 x 400		https://en.wikipedia.org/wiki/LOGO.SYS
+>>>18	ulequad		=0x0000019000000140	x
+!:ext	bmp/sys
+>>>18	ulequad		!0x0000019000000140
+# compression method 2~RLE 4-bit/pixel implies also extension rle
+>>>>30	ulelong		2		x
+!:ext	bmp/rle
+# not RLE compressed and not 320x400 dimension
+>>>>30	default		x
+# "small" dimensions like: 14x15 15x16 16x14 16x16 32x32
+#	https://en.wikipedia.org/wiki/Favicon
+>>>>>18	ulequad&0xffFFffC0ffFFffC0 =0	x
+# https://www.politi-kdigital.de/favicon.ico
+# http://forum.rpc1.org/favicon.ico
+!:ext	bmp/ico
+# "big" dimensions > 63
+>>>>>18	default		x		x
+!:ext	bmp
+# number of bits per pixel (color depth); found 1 2 4 8 16 24 32
+>>>28	uleshort	x		%d
+# x, y coordinates of the hotspot; there is no hotspot in bitmaps, so values 0
+#>>>6	uleshort	>0		\b, hotspot %ux
+#>>>>8	uleshort	x		\b%u
+# number of color planes (must be 1), except badplanes.bmp for testing
+#>>>26	uleshort	>1		\b, %u color planes
+# compression method: 0~no 1~RLE 8-bit/pixel 2~RLE 4-bit/pixel 3~Huffman 1D 6~RGBA bit field masks
+#>>>30	ulelong		3		\b, Huffman 1D compression
+>>>30	ulelong		>0		\b, %u compression
+# image size is the size of raw bitmap; a dummy 0 can be given for BI_RGB bitmaps
+>>>34	ulelong		>0		\b, image size %u
+# horizontal and vertical resolution of the image (pixel per metre, signed integer) 
+>>>38	ulelong		>0		\b, resolution %d x
+>>>>42	ulelong		x		%d px/m
+# number of colors in palette 16 256, or 0 to default to 2**n
+#>>>46	ulelong		>0		\b, %u colors
+# number of important colors used, or 0 when every color is important
+>>>50	ulelong		>0		\b, %u important colors
+# cbSize; often size of file
+>>>2	ulelong		x		\b, cbSize %u
+#>>>2	ulelong		x		\b, cbSize %#x
+# offBits; offset to bitmap data like 36h 76h BEh 236h 406h 436h 4E6h
+>>>10	ulelong		x	\b, bits offset %u
+#>>>10	ulelong		x	\b, bits offset %#x
+#>>>(10.l) ubequad	!0	\b, bits %#16.16llxd
+>14	ulelong		124		PC bitmap, Windows 98/2000 and newer format
+!:mime	image/bmp
+!:ext	bmp
+>>18	ulelong		x		\b, %d x
+>>22	ulelong		x		%d x
+# color planes; must be 1
+#>>>26	uleshort	>1		\b, %u color planes
+# number of bits per pixel (color depth); found 4 8 16 24 32 1 (fmt-119-signature-id-121.bmp) 0 (rgb24jpeg.bmp rgb24png.bmp)
+>>28	uleshort	x		%d
+# x, y coordinates of the hotspot; should be zero for Windows variant
+>>6	uleshort	>0		\b, hotspot %ux
+>>>8	uleshort	x		\b%u
+# cbSize; size of file like: 8E AA 48A 999 247A 4F02 7F8A 3F88E B216E 1D4C8A 100008A
+>>2	ulelong		x		\b, cbSize %u
+#>>2	ulelong		x		\b, cbSize 0x%x
+# offBits; offset to bitmap data like: 8A 47A ABABABAB (fmt-119-signature-id-121.bmp)
+>>10	ulelong		x	\b, bits offset %u
+#>>10	ulelong		x	\b, bits offset 0x%x
+>14	ulelong		108		PC bitmap, Windows 95/NT4 and newer format
+!:mime	image/bmp
+!:ext	bmp
+>>18	ulelong		x		\b, %d x
+>>22	ulelong		x		%d x
+# number of bits per pixel (color depth); found 8 24 32
+>>28	uleshort	x		%d
+# x, y coordinates of the hotspot; should be zero for Windows variant
+>>6	uleshort	>0		\b, hotspot %ux
+>>>8	uleshort	x		\b%u
+# cbSize; size of file like: 82 8A 9A 9F86 1E07A 3007A 88B7A C007A 
+>>2	ulelong		x		\b, cbSize %u
+#>>2	ulelong		x		\b, cbSize 0x%x
+# offBits; offset to bitmap data like: 7A 7E 46A
+>>10	ulelong		x	\b, bits offset %u
+#>>10	ulelong		x	\b, bits offset 0x%x
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/OS/2_Icon
+# Reference:	http://www.fileformat.info
+#		/format/os2bmp/spec/902d5c253f2a43ada39c2b81034f27fd/view.htm
+# Note: verified by command like `deark -l -d3 OS2MEMU.ICO`
+0	string		IC
+# skip Lotus smart icon *.smi by looking for valid hotspot coordinates
+>6	ulelong&0xFF00FF00	=0	OS/2 icon
+# jump 4 bytes before end of header/file and test for accessibility
+#>>(2.l-4) ubelong	x	End of header is OK!
+!:mime	image/x-os2-ico
+!:ext	ico
+# cbSize; size of header or file in bytes like 1ah 120h 420h
+>>2	ulelong		x	\b, cbSize %u
+# xHotspot, yHotspot; coordinates of the hotspot for icons like 16 32
+>>6	uleshort	x	\b, hotspot %ux
+>>8	uleshort	x	\b%u
+# offBits; offset in bytes to the beginning of the bit-map pel data like 20h
+>>10	ulelong		x	\b, bits offset %u
+#>>(10.l) ubequad	x	\b, bits %#16.16llx
+#0	string		PI		PC pointer image data
+#0	string		CI		PC color icon data
+0	string		CI
+# test also for valid dib header sizes 12 or 64
+>14	ulelong		<65		OS/2
+# test also for valid hotspot coordinates
+#>>6	ulelong&0xFE00FE00	=0	OS/2
+!:mime	image/x-os2-ico
+!:ext	ico
+>>14	ulelong		12		1.x color icon
+# image width and height fields are unsigned integers for OS/2
+>>>18	uleshort	x		%u x
+# stored height = 2 * real height
+>>>20	uleshort/2	x		%u
+# number of bits per pixel (color depth). Typical 32 24 16 8 4 but only 1 found
+>>>24	uleshort	>1		x %u
+# color planes; must be 1
+#>>>22	uleshort	>1		\b, %u color planes
+>>14	ulelong		64		2.x color icon
+# image width and height
+>>>18	ulelong		x		%u x
+# stored height = 2 * real height
+>>>22	ulelong/2	x		%u
+# number of bits per pixel (color depth). only 1 found
+>>>28	uleshort	>1		x %u
+#>>>26	uleshort	>1		\b, %u color planes
+# compression method: 0~no 3~Huffman 1D
+>>>30	ulelong		3		\b, Huffman 1D compression
+#>>>30	ulelong		>0		\b, %u compression
+# xHotspot, yHotspot; coordinates of the hotspot like 0 1 16 20 32 33 63 64
+>>6	uleshort	x	\b, hotspot %ux
+>>8	uleshort	x	\b%u
+# cbSize; size of header or maybe file in bytes like 1Ah 4Eh 84Eh
+>>2	ulelong		x	\b, cbSize %u
+#>>2	ulelong		x	\b, cbSize %x
+# offBits; offset to bitmap data (pixel array) like E4h 3Ah 66h 6Ah 33Ah 4A4h
+>>10	ulelong		x	\b, bits offset %u
+#>>10	ulelong		x	\b, bits offset %#x
+#>>(10.l) ubequad	!0	\b, bits %#16.16llx
+# dib header size: 12~Ch~OS/2 1.x 64~40h~OS/2 2.x
+#>>14	ulelong		x		\b, dib header size %u
+#0	string		CP		PC color pointer image data
+# URL:		http://fileformats.archiveteam.org/wiki/OS/2_Pointer
+# Reference:	http://www.fileformat.info/format/os2bmp/egff.htm
+0	string		CP
+# skip many Corel Photo-Paint image "CPT9FILE" by checking for positive bits offset
+>10	ulelong		>0
+# skip CPU-Z Report by checking for valid dib header sizes 12 or 64
+>>14	ulelong		=12
+>>>0		use		os2-ptr
+>>14	ulelong		=64
+>>>0		use		os2-ptr
+#	display information of OS/2 pointer bitmaps
+0	name		os2-ptr
+>14	ulelong		x		OS/2
+# http://extension.nirsoft.net/PTR
+!:mime	image/x-ibm-pointer
+!:ext	ptr
+>>14	ulelong		12		1.x color pointer
+# image width and height fields are unsigned integers for OS/2
+>>>18	uleshort	x		%u x
+# stored height = 2 * real height
+>>>20	uleshort/2	x		%u
+# number of bits per pixel (color depth). Typical 32 24 16 8 4 but only 1 found
+>>>24	uleshort	>1		x %u
+# color planes; must be 1
+#>>>22	uleshort	>1		\b, %u color planes
+>>14	ulelong		64		2.x color pointer
+# image width and height
+>>>18	ulelong		x		%u x
+# stored height = 2 * real height
+>>>22	ulelong/2	x		%u
+# number of bits per pixel (color depth). only 1 found
+>>>28	uleshort	>1		x %u
+#>>>26	uleshort	>1		\b, %u color planes
+# compression method: 0~no 3~Huffman 1D
+>>>30	ulelong		3		\b, Huffman 1D compression
+#>>>30	ulelong		>0		\b, %u compression
+# xHotspot, yHotspot; coordinates of the hotspot like 0 3 4 8 15 16 23 27 31
+>>6	uleshort	x	\b, hotspot %ux
+>>8	uleshort	x	\b%u
+# cbSize; size of header or maybe file in bytes like 1Ah 4Eh
+>>2	ulelong		x	\b, cbSize %u
+#>>2	ulelong		x	\b, cbSize %x
+# offBits; offset to bitmap data (pixel array) like 6Ah A4h E4h 4A4h
+>>10	ulelong		x	\b, bits offset %u
+#>>10	ulelong		x	\b, bits offset %#x
+#>>(10.l) ubequad	!0	\b, bits %#16.16llx
+# dib header size: 12~Ch~OS/2 1.x 64~40h~OS/2 2.x
+#>>14	ulelong		x		\b, dib header size %u
+# Conflicts with other entries [BABYL]
+# URL:	http://fileformats.archiveteam.org/wiki/BMP#OS.2F2_Bitmap_Array
+# Note:	container for OS/2 icon "IC", color icon "CI", color pointer "CP" or bitmap "BM"
+#0	string		BA		PC bitmap array data
+0	string		BA
+# skip old Emacs RMAIL BABYL ./mail.news by checking for low header size
+>2	ulelong		<0x004c5942	OS/2 graphic array
+!:mime	image/x-os2-graphics
+#!:apple	????BMPf
+# cbSize; size of header like 28h 5Ch
+>>2	ulelong		x	\b, cbSize %u
+#>>2	ulelong		x	\b, cbSize %#x
+# offNext; offset to data like 0 48h F2h 4Eh 64h C6h D2h D6h DAh E6h EAh 348h
+>>6	ulelong		>0	\b, data offset %u
+#>>6	ulelong		>0	\b, data offset %#x
+#>>(6.l) ubequad	!0	\b, data %#16.16llx
+# dimensions of the intended device like 640 x 480 for VGA or 1024 x 768
+>>10	uleshort	>0		\b, display %u
+>>>12	uleshort	>0		x %u
+# usType of first array element
+#>>14	string		x		\b, usType %2.2s
+# 1 space char after "1st"
+# no *.bga examples found https://www.openwith.org/file-extensions/bga/1342
+>>14	string		BM	\b; 1st 
+!:ext	bmp/bga
+>>14	string		CI	\b; 1st 
+!:ext	ico
+>>14	string		CP	\b; 1st 
+!:ext	ico
+>>14	string		IC	\b; 1st 
+!:ext	ico
+# no white-black pointer found
+#>>14	string		PT	\b; 1st 
+#!:ext	
+>>14	indirect	x	
+
+# XPM icons (Greg Roelofs, newt@uchicago.edu)
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/XPM
+# Reference:	http://www.x.org/docs/XPM/xpm.pdf
+#		http://mark0.net/download/triddefs_xml.7z/defs/b/bitmap-xpm.trid.xml
+# Note:		called "X PixMap bitmap" by TrID and "X-Windows Pixmap Image" by DROID via PUID x-fmt/208
+# starting with c comment like: logo.xpm
+0	string			/*\040
+# 9 byte c-comment "/* XPM */" not at the beginning like: mozicon16.xpm mozicon50.xpm (thunderbird)
+>0	search/0xCE		/*\ XPM\ */
+# skip DROID x-fmt-208-signature-id-620.xpm by looking for char array without explict length
+# and match mh-logo.xpm (emacs)
+>>&0		search/1249	[]
+>>>0		use		xpm-image
+# non standard because no 9 byte c-comment "/* XPM */" like: logo.xpm in qemu package
+>0	default			x
+# words are separated by a white space which can be composed of space and tabulation characters
+>>0		search/0x52	static\040char\040
+# skip debug.c testmlc.c by looking for char array without explict length
+# https://www.clamav.net/downloads/production/clamav-0.104.2.tar.gz
+# clamav-0.104.2\libclammspack\mspack\debug.c 
+>>>&0		search/64	[]
+>>>>0		use		xpm-image
+#	display X pixmap image information
+0	name			xpm-image
+>0	string		x	X pixmap image text
+#!:mime	text/plain
+# https://reposcope.com/mimetype/image/x-xpixmap
+# alias
+#!:mime	image/x-xpm
+!:mime	image/x-xpixmap
+!:ext	xpm
+# NO pm example found!
+#!:ext	xpm/pm
+# look for start of character array at beginning of a line like: psetupl.xpm (OpenOffice 4.1.7)
+>0	search/0x406	\n"
+# DEBUG VALUES string
+#>>&0	string		x		'%s'
+# width with optional white space before like: 16 24 32 48 1280
+>>&0	regex/8		[0-9]{1,5}	\b, %s
+# height with white space like: 15 16 17 24 32 48 1024
+>>>&0	regex/8		[0-9]{1,5}	x %s
+# number of colors with white space like: 1 2 3 4 5 8 11 14 162 255 but unrelistic 4294967295 by hardcopy tool
+>>>>&0	regex/12	[0-9]{1,9}	x %s
+# chars_per_pixel with white space like: 1 2
+>>>>>&0	regex/14	[0-9]{1,2}	\b, %s chars/pixel
+# non standard because not starting with 9 byte c-comment "/* XPM */"
+>0	string		!/*\ XPM\ */
+>>0	string		x	\b, 1st line "%s"
+
+# Utah Raster Toolkit RLE images (janl@ifi.uio.no)
+0	uleshort	0xcc52		RLE image data,
+>6	uleshort	x		%d x
+>8	uleshort	x		%d
+>2	uleshort	>0		\b, lower left corner: %d
+>4	uleshort	>0		\b, lower right corner: %d
+>10	ubyte&0x1	=0x1		\b, clear first
+>10	ubyte&0x2	=0x2		\b, no background
+>10	ubyte&0x4	=0x4		\b, alpha channel
+>10	ubyte&0x8	=0x8		\b, comment
+>11	ubyte		>0		\b, %d color channels
+>12	ubyte		>0		\b, %d bits per pixel
+>13	ubyte		>0		\b, %d color map channels
+
+# image file format (Robert Potter, potter@cs.rochester.edu)
+0	string		Imagefile\ version-	iff image data
+# this adds the whole header (inc. version number), informative but longish
+>10	string		>\0		%s
+
+# Sun raster images, from Daniel Quinlan (quinlan@yggdrasil.com)
+0	ubelong		0x59a66a95	Sun raster image data
+>4	ubelong		>0		\b, %d x
+>8	ubelong		>0		%d,
+>12	ubelong		>0		%d-bit,
+#>16	ubelong		>0		%d bytes long,
+>20	ubelong		0		old format,
+#>20	ubelong		1		standard,
+>20	ubelong		2		compressed,
+>20	ubelong		3		RGB,
+>20	ubelong		4		TIFF,
+>20	ubelong		5		IFF,
+>20	ubelong		0xffff		reserved for testing,
+>24	ubelong		0		no colormap
+>24	ubelong		1		RGB colormap
+>24	ubelong		2		raw colormap
+#>28	ubelong		>0		colormap is %d bytes long
+
+# SGI image file format, from Daniel Quinlan (quinlan@yggdrasil.com)
+#
+# See
+#	http://reality.sgi.com/grafica/sgiimage.html
+#
+0	ubeshort		474		SGI image data
+#>2	ubyte		0		\b, verbatim
+>2	ubyte		1		\b, RLE
+#>3	ubyte		1		\b, normal precision
+>3	ubyte		2		\b, high precision
+>4	ubeshort	x		\b, %d-D
+>6	ubeshort	x		\b, %d x
+>8	ubeshort	x		%d
+>10	ubeshort	x		\b, %d channel
+>10	ubeshort	!1		\bs
+>80	string		>0		\b, "%s"
+
+0	string		IT01		FIT image data
+>4	ubelong		x		\b, %d x
+>8	ubelong		x		%d x
+>12	ubelong		x		%d
+#
+0	string		IT02		FIT image data
+>4	ubelong		x		\b, %d x
+>8	ubelong		x		%d x
+>12	ubelong		x		%d
+#
+2048	string		PCD_IPI		Kodak Photo CD image pack file
+>0xe02	ubyte&0x03	0x00		, landscape mode
+>0xe02	ubyte&0x03	0x01		, portrait mode
+>0xe02	ubyte&0x03	0x02		, landscape mode
+>0xe02	ubyte&0x03	0x03		, portrait mode
+0	string		PCD_OPA		Kodak Photo CD overview pack file
+
+# FITS format.  Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>
+# FITS is the Flexible Image Transport System, the de facto standard for
+# data and image transfer, storage, etc., for the astronomical community.
+# (FITS floating point formats are big-endian.)
+0	string	SIMPLE\ \ =	FITS image data
+!:mime	image/fits
+!:ext	fits/fts
+>109	string	8		\b, 8-bit, character or unsigned binary integer
+>108	string	16		\b, 16-bit, two's complement binary integer
+>107	string	\ 32		\b, 32-bit, two's complement binary integer
+>107	string	-32		\b, 32-bit, floating point, single precision
+>107	string	-64		\b, 64-bit, floating point, double precision
+
+# other images
+0	string	This\ is\ a\ BitMap\ file	Lisp Machine bit-array-file
+
+# From SunOS 5.5.1 "/etc/magic" - appeared right before Sun raster image
+# stuff.
+#
+0	ubeshort		0x1010		PEX Binary Archive
+
+# DICOM medical imaging data
+# URL:		https://en.wikipedia.org/wiki/DICOM#Data_format
+# Note:		"dcm" is the official file name extension
+# 		XnView mention also "dc3" and "acr" as file name extension
+128	string	DICM			DICOM medical imaging data
+!:mime	application/dicom
+!:ext dcm/dicom/dic
+
+# XWD - X Window Dump file.
+# URL:		http://fileformats.archiveteam.org/wiki/XWD
+# Reference:	https://wiki.multimedia.cx/index.php?title=XWD
+#		http://mark0.net/download/triddefs_xml.7z/defs/x/xdm-x11.trid.xml
+# Note:		called "X-Windows Screen Dump (X11)" by TrID and
+#		"X-Windows Screen Dump" version X11 by DROID via PUID fmt/483
+#		verfied by XnView `nconvert -in xwd -info *`
+#		and ImageMagick 6.9.11 `identify -verbose *` as XWD X Windows system window dump
+#		and `xwud -in fig41.wxd -dumpheader`
+#   As described in /usr/X11R6/include/X11/XWDFile.h
+#   used by the xwd program.
+#   Bradford Castalia, idaeim, 1/01
+#   updated by Adam Buchbinder, 2/09 and Joerg Jenderek, May 2022
+# The following assumes version 7 of the format; the first long is the length
+# of the header, which is at least 25 4-byte longs, and the one at offset 8
+# is a constant which is always either 1 or 2. Offset 12 is the pixmap depth,
+# which is a maximum of 32.
+# Size of the entire file header (bytes) like: 100 104 105 106 107 109 110 113 114 115 118 172
+0	ubelong	>99
+# pixmap_format; Pixmap format; 0~1-bit (XYBitmap) format 1~single-plane (XYPixmap) 2~bitmap with two or more planes (ZPixmap)
+>8	ubelong	<3
+# pixmap_depth; Pixmap depth; value 1 - 32
+>>12	ubelong	<33
+# file_version; XWD_FILE_VERSION=7
+>>>4	ubelong	7
+# skip DROID fmt-401-signature-id-618.xwd by test for existing border field
+>>>>96	ubelong	x			X-Window screen dump image data, version X11
+# ./images (version 1.205) labeled the above entry as "XWD X Window Dump image data"
+# https://reposcope.com/mimetype/image/x-xwindowdump
+!:mime	image/x-xwindowdump
+#!:ext	xwd
+!:ext	xwd/dmp
+# https://www.xnview.com/en/image_formats/ NO example with x11 suffix FOUND!
+#!:ext	xwd/dmp/x11
+# https://www.nationalarchives.gov.uk/PRONOM/fmt/401 NO example with xdm suffix FOUND!
+#!:ext	xwd/dmp/x11/xmd
+# file comment if header > 100; so not in MARBLES.XWD and hardcopy-x-window-v11.xwd
+>>>>>0	ubelong	>100
+# comment or windows name
+>>>>>>100 string	>\0			\b, "%s"
+# pixmap_width;	pixmap width like: 576 800 1014 1280 1419 NOT -1414812757=abABabABh
+>>>>>16	ubelong	x			\b, %dx
+# pixmap_height; pixmap height like: 449 454 600 704 720 1001 1024 NOT -1414812757=abABabABh
+>>>>>20	ubelong	x			\b%dx
+# pixmap_depth;	pixmap depth
+>>>>>12	ubelong	x			\b%d
+# XOffset; Bitmap X offset; pixel numbers to ignore at the beginning of each scan-line
+#>>>>>24	ubelong	x			\b, %u ignore
+# ByteOrder; byte order of image data: 0~least significant byte first 1~most significant byte first
+>>>>>28	ubelong	>0			\b, order %u
+# BitmapUnit; bitmap base data size unit in each scan line like: 8 16 32
+#>>>>>32	ubelong	x			\b, unit %u
+# BitmapBitOrder; bit-order of image data; apparently same as ByteOrder
+#>>>>>36	ubelong	x			\b, bit order %u
+# BitmapPad; number of padding bits added to each scan line like: 8 16 32
+#>>>>>40	ubelong	x			\b, pad %u
+# BitsPerPixel; Bits per pixel: 1~StaticGray and GrayScale 2-15~StaticColor and PseudoColor 16,24,32~TrueColor and DirectColor
+#>>>>>44	ubelong	x			\b, %u bits/pixel
+# BytesPerLine; size of each scan line in bytes
+#>>>>>48	ubelong	x			\b, %u bytes/line
+# VisualClass; class of the image: 0~StaticGray 1~GrayScale 2~StaticColor 3~PseudoColor 4~TrueColor 5~DirectColor
+#>>>>>52	ubelong	x			\b, %u Class
+# RedMask; red RGB mask values used by ZPixmaps like: 0 0xff0000
+#>>>>>56	ubelong	!0			\b, %#x red
+# GreenMask; green mask like: 0
+#>>>>>60	ubelong	!0			\b, %#x green
+# BlueMask; blue mask like: 0 0xff
+#>>>>>64	ubelong	!0			\b, %#x blue
+# BitsPerRgb; Size of each color mask in bits like: 0 1 8 24
+#>>>>>68	ubelong	x			\b, %u bits/RGB
+# NumberOfColors; number of colors in image like: 256 4 2 0 (WHAT DOES THIS MEAN?)
+>>>>>72	ubelong	x			\b, %u colors
+# ColorMapEntries; number of entries in color map like: 256 16 2 0~no color map
+>>>>>76	ubelong	x			%u entries
+# WindowWidth; window width
+#>>>>>80	ubelong	x			\b, %u width
+# WindowHeight; window height
+#>>>>>84	ubelong	x			\b, %u height
+# WindowX; Window upper left X coordinate like: 0 24 32 80 237 290 422 466 568 (lenna.dmp)
+>>>>>88	ubelong	!0			\b, x=%d
+# WindowY; Window upper left Y coordinate like: 0 8 18 26 60 73 107 (fig41.xwd) 128
+>>>>>92	ubelong	!0			\b, y=%d
+# WindowBorderWidth; Window border width; apparently pixmap_width=WindowWidth+2*WindowBorderWidth
+# like: 1 (fig41.xwd) 2 (maze.dmp) 3 (lenna.dmp mandrill.dmp)
+>>>>>96	ubelong	>0			\b, %u border
+# From:		Joerg Jenderek
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/x/xdm-x10.trid.xml
+# Note:		called "X-Windows Screen Dump (X10)" by TrID and
+#		"X-Windows Screen Dump" version X10 by DROID via PUID x-fmt/300
+#		verfied by XnView `nconvert -in xwd -info *`
+# HeaderSize is the size of the header in bytes; always 40 for X10 variant
+0	ubelong		=0x000000028
+# FileVersion; always 6 for X10 variant
+>4	ubelong		=6
+# skip DROID x-fmt-300-signature-id-619.xdm by test existing border field
+>>36	ubeshort	x		X-Window screen dump image data, version X10
+!:mime	image/x-xwindowdump
+!:ext	xwd
+# http://www.nationalarchives.gov.uk/pronom/fmt/401 NO example with xdm suffix FOUND!
+#!:ext	xwd/xdm
+# PixmapWidth; pixmap width like: 127 1280
+>>>20	ubelong		x		\b, %d
+# PixmapHeight; pixmap height like: 64 1024
+>>>24	ubelong		x		\bx%d
+# DisplayPlanes; number of display planes like: 1 4 8
+>>>12	ubelong		x		\bx%u
+# DisplayType; display type like: 1 3
+#>>>8	ubelong		x		\b, type %u
+# PixmapFormat; pixmap format like: 1~bitmap with two or more planes (ZPixmap) 0~single-plane bitmap (XYBitmap)
+#>>>16	ubelong	x			\b, %u format
+# WindowWidth; window width; probably PixmapWidth=WindowWidth+2*WindowBorderWidth
+#>>>28	ubeshort	x		\b, width %u
+# WindowHeight;  window height; probably PixmapWidth=PixmapHeight+2*WindowBorderWidth
+#>>>30	ubeshort	x		\b, height %u
+# WindowX; window upper left X coordinate like: 0
+>>>32	ubeshort		!0	\b, x=%d
+# WindowY; window upper left Y coordinate like: 0
+>>>34	ubeshort		!0	\b, y=%d
+# WindowBorderWidth; window border width like: 0
+>>>36	ubeshort	!0		\b, %u border
+# WindowNumColors; Number of color entries in window like: 2 16 256
+#>>>38	ubeshort	x		\b, %u colors
+# if the image is a PseudoColor image, a color map immediately follows the header. X10COLORMAP[WindowNumColors];
+# EntryNumber; number of the color-map entry like: 0
+#>>>40	ubeshort	x		\b, colors #%u
+# Red; red-channel value
+#>>>42	ubeshort	!0		\b, red %#x
+# Green; green-channel value
+#>>>44	ubeshort	!0		\b, green %#x
+# Blue; blue-channel value
+#>>>46	ubeshort	!0		\b, blue %#x
+# 2ND Entry like: 2
+#>>>48	ubeshort	x		\b, colors #%u
+
+# PDS - Planetary Data System
+#   These files use Parameter Value Language in the header section.
+#   Unfortunately, there is no certain magic, but the following
+#   strings have been found to be most likely.
+0	string	NJPL1I00		PDS (JPL) image data
+2	string	NJPL1I			PDS (JPL) image data
+0	string	CCSD3ZF			PDS (CCSD) image data
+2	string	CCSD3Z			PDS (CCSD) image data
+0	string	PDS_			PDS image data
+0	string	LBLSIZE=		PDS (VICAR) image data
+
+# pM8x: ATARI STAD compressed bitmap format
+#
+# from Oskar Schirmer <schirmer@scara.com> Feb 2, 2001
+# p M 8 5/6 xx yy zz data...
+# Atari ST STAD bitmap is always 640x400, bytewise runlength compressed.
+# bytes either run horizontally (pM85) or vertically (pM86). yy is the
+# most frequent byte, xx and zz are runlength escape codes, where xx is
+# used for runs of yy.
+#
+0	string	pM85		Atari ST STAD bitmap image data (hor)
+>5	ubyte	0x00		(white background)
+>5	ubyte	0xFF		(black background)
+0	string	pM86		Atari ST STAD bitmap image data (vert)
+>5	ubyte	0x00		(white background)
+>5	ubyte	0xFF		(black background)
+
+# From: Alex Myczko <alex@aiei.ch>
+# https://www.atarimax.com/jindroush.atari.org/afmtatr.html
+0	uleshort	0x0296		Atari ATR image
+
+# URL:		http://fileformats.archiveteam.org/wiki/DEGAS_image
+# Reference:	https://wiki.multimedia.cx/index.php?title=Degas
+# From:		Joerg Jenderek
+#		http://mark0.net/download/triddefs_xml.7z/defs/b
+#		bitmap-pi2-degas.trid.xml bitmap-pi3-degas.trid.xml
+#		bitmap-pc1-degas.trid.xml bitmap-pc2-degas.trid.xml bitmap-pc3-degas.trid.xml 
+# Note:		verified by NetPBM `pi3topbm sigirl1.pi3 | file`
+# 		`deark -m degas -l -d2 ataribak.pi1` 
+#		XnView `nconvert -fullinfo *.p??`
+# DEGAS low-res uncompressed bitmap *.pi1
+0		beshort		0x0000
+# skip some ISO 9660 CD-ROM filesystems like plpbt.iso by test for 4 non black colors in palette entries
+>2		quad		!0
+# skip g3test.g3 by test for unused bits of 2nd color entry
+>>4		ubeshort&0xF000	0
+#>>>0		beshort	x	1ST_VALUE=%x
+#>>>-0		offset	x	FILE_SIZE=%lld
+# standard DEGAS low-res uncompressed bitmap *.pi1 with file size 32034
+>>>-0		offset	=32034
+#>>>>0		beshort	x	1st_VALUE=%x
+# like: 8ball.pi1 teddy.pi1 sonic01.pi1 
+>>>>0		use		degas-bitmap
+# about 61 DEGAS Elite low-res uncompressed bitmap *.pi1 with file size 32066
+>>>-0		offset	=32066
+# like: spider.pi1 pinkgirl.pi1 frog3.pi1
+>>>>0		use		degas-bitmap
+# about 55 DEGAS Elite low-res uncompressed bitmap *.pi1 with file size 32128
+>>>-0		offset	=32128
+# like: mountain.pi1 bigspid.pi1 alf33.pi1
+>>>>0		use		degas-bitmap
+# 1 DEGAS Elite low-res uncompressed bitmap *.pi1 with file size 44834
+>>>-0		offset	=44834
+# like: kenshin.pi1
+>>>>0		use		degas-bitmap
+# DEGAS mid-res uncompressed bitmap *.pi2 (strength=50) after GEM Images like:
+# BEETHVEN.IMG CHURCH.IMG GAMEOVR4.IMG TURKEY.IMG clinton.img
+0		beshort		0x0001
+#!:strength +0
+# skip many control files like gnucash-4.8.setup.exe.aria2 by test for non black in 4 palette entries
+>2		quad		!0
+# skip control file load-v0001.aria2 and many GEM Image data like
+# GAMEOVR4.IMG BEETHVEN.IMG CHURCH.IMG TURKEY.IMG clinton.img
+# by test for valid file sizes
+# standard DEGAS mid-res uncompressed bitmap *.pi2 with file size 32034
+>>-0		offset	=32034
+# (39/41) like: GEMINI03.PI2 ST_TOOLS.PI2 TBX_DEMO.PI2
+>>>0		use		degas-bitmap
+# few DEGAS Elite mid-res uncompressed bitmap *.pi2 with file size 32066
+>>-0		offset	=32066
+# (2/41) like: medres.pi2
+>>>0		use		degas-bitmap
+# DEGAS high-res uncompressed bitmap *.pi3
+0	beshort		0x0002
+# skip Intel ia64 COFF msvcrt.lib by test for unused bits of 1st atari color palette entry
+>2		ubeshort&0xF000	0
+# skip few Adobe PhotoShop Brushes like Faux-Spitzen.abr by check
+# for invalid Adobe PhotoShop Brush UTF16-LE string length
+>>19		ubyte			=0
+# many like: 4th_ofj2.pi3 GEMINI03.PI3 PEOPLE18.PI3 POWERFIX.PI3 abydos.pi3 highres.pi3 sigirl1.pi3 vanna5.pi3
+>>>0		use		degas-bitmap
+# Adobe PhotoShop Brush UTF16-LE string length 15 "Gitter - klein " 8 "Kreis 1 "
+>>19		ubyte			!0
+#>>19		ubyte			!0	\b, NOTE LENGTH %u
+#>>>21		lestring16		x	\b, BRUSH NOTE "%s"
+>>>(19.b*2)	ubequad			x
+# maybe last character of Adobe PhotoShop Brush UTF16-LE string and terminating nul char like
+# 006e0000 for n in "Faux-Spitzen.abr" 00310000 for 1 in "Verschiedene Spitzen.abr"
+# 00000000 "LEREDACT.PI3" 03730773 "TBX_DEMO.PI3"
+#>>>>&8		ubelong			x	\b, LAST CHAR+NIL %8.8x
+>>>>&8		ubelong&0xff00ffFF	!0
+# skip many Adobe Photoshop Color swatch (ANPA-Farben.aco TOYO-Farbsystem.aco) with invalid 3rd color entry (1319 2201 2206 21f5 2480 24db 25fd)
+>>>>>6		ubeshort&0xF000	0
+# skip few Adobe Photoshop Color swatch (FOCOLTONE-Farben.aco "PANTONE process coated.aco") with invalid 4th color entry  (ffff)
+>>>>>>8		ubeshort&0xF000	0
+# many DEGAS bitmap like: ARABDEMO.PI3 ELMRSESN.PI3 GEMVIEW.PI3 LEREDACT.PI3 PICCOLO.PI3 REPRO_JR.PI3 ST_TOOLS.PI3 TBX_DEMO.PI3 evgem7.pi3
+>>>>>>>0	use		degas-bitmap
+# test for last character of Adobe PhotoShop Brush UTF16-LE string and terminating nul char
+>>>>&8		ubelong&0xff00ffFF	=0
+# select last DEGAS bitmaps by invalid last char of brush note like BASICNES.PI3 DB_HELP.PI3 DB_WRITR.PI3 LEREDACT.PI3
+>>>>>&-4	ubelong&0x00FF0000	<0x00200000
+>>>>>>0		use		degas-bitmap
+# last character of Adobe PhotoShop Brush UTF16-LE note
+#>>>>>&-4	ubelong&0x00FF0000	>0x001F0000	\b, THAT IS ABR
+# DEGAS low-res compressed bitmap *.pc1 like: BATTLSHP.PC1 GNUCHESS.PC1 MEDUSABL.PC1 MOONLORD.PC1 WILDROSE.PC1
+0		beshort			0x8000
+# skip lif files handled via ./lif by test for unused bits of 1st palette entry
+>2		ubeshort&0xF000		0
+# skip CRI ADX ADPCM audio (R04HT.adx R03T-15552.adx) with 44100 Hz misinterpreted as 5th color entry value AC44h
+>>10		ubeshort&0xF000		0
+# skip few (fmt-840-signature-id-1195.adx fmt-840-signature-id-1199.adx) by test for 4 first non black colors in palette entries
+>>>2		quad			!0
+>>>>0		use		degas-bitmap
+# DEGAS mid-res compressed bitmap *.pc2 like: abydos.pc2 ARTIS3.PC2 SMTHDRAW.PC2 STAR_2K.PC2 TX2_DEMO.PC2
+0		beshort			0x8001
+# skip many (1274/1369) PostScript Type 1 font (DarkGardenMK.pfb coupbi.pfb MONOBOLD.PFB) with invalid 1st atari color palette entry 5506 5b06 6906 7906 7e06 fb15
+>2		ubeshort&0xF000		0
+# skip some (95/1369) PostScript Type 1 font (fmt-525-signature-id-816.pfb LUXEMBRG.PFB) with invalid 3rd atari color palette entry 2521
+>>6		ubeshort&0xF000		0
+>>>0		use		degas-bitmap
+# DEGAS high-res compressed bitmap *.pc3 like: abydos.pc3 COYOTE.PC3 ELEPHANT.PC3 TX2_DEMO.PC3 SMTHDRAW.PC3
+0		beshort			0x8002
+# skip some (36/212) Python Pickle (factor_cache.pickle environment.pickle) with invalid 1st atari color entry (2863 6363 7d71)
+>2		ubeshort&0xF000		0
+>>0		use		degas-bitmap
+# display information of Atari DEGAS and DEGAS Elite bitmap images
+0	name		degas-bitmap
+>0	ubyte		x		Atari DEGAS
+#!:mime	application/octet-stream
+!:mime	image/x-atari-degas
+# compressed
+>0	ubyte		=0x80		Elite compressed
+# uncompressed
+#>0	ubyte		=0x00		uncompressed
+#>0	ubyte		=0x00		un.
+>0	ubyte		=0x00
+# check for existence of footer for DEGAS Elite images
+>>32042	ubequad		x		Elite
+>0	beshort		0x0000		bitmap
+!:ext	pi1
+>0	beshort		0x0001		bitmap
+!:ext	pi2
+>0	beshort		0x0002		bitmap
+# no example with SUH extension found
+#!:ext	pi3/suh
+!:ext	pi3
+>0	beshort		0x8000		bitmap
+!:ext	pc1
+>0	beshort		0x8001		bitmap
+!:ext	pc2
+>0	beshort		0x8002		bitmap
+!:ext	pc3
+# low resolution; 320x200, 16 colors
+>1	ubyte		=0		320 x 200 x 16
+# medium resolution; 640x200, 4 colors
+>1	ubyte		=1		640 x 200 x 4
+# high resolution; 640x400, 2 colors 
+>1	ubyte		=2		640 x 400 x 2
+# http://fileformats.archiveteam.org/wiki/Atari_ST_color_palette
+# hardware_palette[16]; 9 bit ?????RRR?GGG?BBB; 12 bit ????RRRRGGGGBBBB for Atari STE
+# for Atari DEGAS apparently no Spectrum 512 Enhanced 15 bit palette RGB?RRRRGGGGBBBB 
+# Red Green Blue unused bit ? often 0 but not bilboule.pi1; color_value (examples or numbers)
+# 1st color palette entry like: 0777 (61) 0fff (LEREDACT.PI3) 0fcf (devgem7.pi3) 0001 (9)
+>2	ubeshort	x		\b, color palette %4.4x
+# 2nd palette entry like: 0000 (32) 0700 (38) 0f00 (LEREDACT.PI3 devgem7.pi3)
+>4	ubeshort	x		%4.4x
+# 3rd palette entry
+>6	ubeshort	x		%4.4x
+# 4th palette entry like: 0000 (72)
+>8	ubeshort	x		%4.4x
+# 5th palette entry
+>10	ubeshort	x		%4.4x
+>2	ubeshort	x		...
+# 6th palette entry
+#>12	ubeshort	x		%4.4x
+# 7th palette entry like: 0000 (16) 0001 (ELMRSESN.PI3 elmrsesn.pi3) 0070 (51) 00f0 (BASICNES.PI3 LEREDACT.PI3) 00f8 (devgem7.pi3)
+#>14	ubeshort	x		%4.4x
+# 8th palette entry
+#>16	ubeshort	x		%4.4x
+# 9 palette entry
+#>18	ubeshort	x		%4.4x
+# 10 palette entry
+#>20	ubeshort	x		%4.4x
+# 11 palette entry
+#>22	ubeshort	x		%4.4x
+# 12 palette entry
+#>24	ubeshort	x		%4.4x
+# 13 palette entry
+#>26	ubeshort	x		%4.4x
+# 14th palette entry
+#>28	ubeshort	x		%4.4x
+# 15th palette entry
+#>30	ubeshort	x		%4.4x
+# 16th palette entry
+#>32	ubeshort	x		%4.4x
+# data[16000] for uncompressed images; pixel data
+#>34	ubequad		x		\b, DATA %#16.16llx...
+# footer for Elite variant images
+# https://www.fileformat.info/format/atari/egff.htm
+# https://pulkomandy.tk/projects/GrafX2/wiki/Develop/FileFormats/Atari
+# left_color_animation[4]; like: 0000000000000000 0000000100020003 fffafff000000030 (bigspid.pi1)
+#>32034  ubequad		!0		\b, color animations %16.16llx (left)
+# right_color_animation[4]; like: 0000000000000000 0000000100020003
+#>>32042  ubequad	!0		%16.16llx (right)
+# channel_direction[4]; 0~left 1~none 2~right like: 0001000100010001 0002000000010001 (cycle2.pi1)
+# sometimes unexpected like: feaafc0000000000 (bigspid.pi1)
+#>32050  ubequad		!0		\b, channel directions %16.16llx
+# channel_delay[4]; 128 - channel delay, timebase 1/60 s
+#>32058  ubequad		!0		\b, channel delays %16.16llx
+
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/GED
+#		https://recoil.sourceforge.net/formats.html#Atari-8-bit
+# Reference:	https://sourceforge.net/projects/recoil/files/recoil/6.3.4/recoil-6.3.4.tar.gz
+#		recoil-6.3.4/recoil.c
+#		http://mark0.net/download/triddefs_xml.7z/defs/b/bitmap-ged.trid.xml
+# Note:		called "Atari GED bitmap" by TrID; file size 11302
+#		and verified by RECOIL graphic tool
+0	string		\xFF\xFF0SO\x7F		Atari GED bitmap, 160x200
+#!:mime	application/octet-stream
+!:mime	image/x-atari-ged
+!:ext	ged
+
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/ImageLab/PrintTechnic
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/b/bitmap-b_w.trid.xml
+# Note:		called "ImageLab bitmap" by TrID
+#		verfied by XnView `nconvert -fullinfo "MAEDCHEN.B&W"`
+0	string		B&W256	ImageLab bitmap
+!:mime	image/x-ilab
+#	https://www.xnview.com/de/image_formats/
+# GRR: add char & inside parse_ext in ../../src/apprentice.c to avoid in file version 5.40 error like:
+# Magdir\images, 1090: Warning: EXTENSION type `        b_w/b&w' has bad char '&'
+!:ext	b_w/b&w
+# Width
+>6	ubeshort	x	\b, %u
+# Height
+>8	ubeshort	x	x %u
+
+# XXX:
+# This is bad magic 0x5249 == 'RI' conflicts with RIFF and other
+# magic.
+# SGI RICE image file <mpruett@sgi.com>
+#0	ubeshort	0x5249		RICE image
+#>2	ubeshort	x		v%d
+#>4	ubeshort	x		(%d x
+#>6	ubeshort	x		%d)
+#>8	ubeshort	0		8 bit
+#>8	ubeshort	1		10 bit
+#>8	ubeshort	2		12 bit
+#>8	ubeshort	3		13 bit
+#>10	ubeshort	0		4:2:2
+#>10	ubeshort	1		4:2:2:4
+#>10	ubeshort	2		4:4:4
+#>10	ubeshort	3		4:4:4:4
+#>12	ubeshort	1		RGB
+#>12	ubeshort	2		CCIR601
+#>12	ubeshort	3		RP175
+#>12	ubeshort	4		YUV
+
+# PCX image files
+# From: Dan Fandrich <dan@coneharvesters.com>
+# updated by Joerg Jenderek at Feb 2013 by https://de.wikipedia.org/wiki/PCX
+# https://web.archive.org/web/20100206055706/http://www.qzx.com/pc-gpe/pcx.txt
+# GRR: original test was still too general as it catches xbase examples T5.DBT,T6.DBT with 0xa000000
+# test for bytes 0x0a,version byte (0,2,3,4,5),compression byte flag(0,1), bit depth (>0) of PCX or T5.DBT,T6.DBT
+0	ubelong&0xffF8fe00	0x0a000000
+# for PCX bit depth > 0
+>3	ubyte		>0
+# test for valid versions
+>>1	ubyte		<6
+>>>1	ubyte		!1	PCX
+!:mime	image/x-pcx
+#!:mime	image/pcx
+>>>>1	ubyte		0	ver. 2.5 image data
+>>>>1	ubyte		2	ver. 2.8 image data, with palette
+>>>>1	ubyte		3	ver. 2.8 image data, without palette
+>>>>1	ubyte		4	for Windows image data
+>>>>1	ubyte		5	ver. 3.0 image data
+>>>>4	uleshort	x	bounding box [%d,
+>>>>6	uleshort	x	%d] -
+>>>>8	uleshort	x	[%d,
+>>>>10	uleshort	x	%d],
+>>>>65	ubyte		>1	%d planes each of
+>>>>3	ubyte		x	%d-bit
+>>>>68	ubyte		1	colour,
+>>>>68	ubyte		2	grayscale,
+# this should not happen
+>>>>68	default		x	image,
+>>>>12	uleshort	>0	%d x
+>>>>>14	uleshort	x	%d dpi,
+>>>>2	ubyte		0	uncompressed
+>>>>2	ubyte		1	RLE compressed
+
+# Adobe Photoshop
+# From: Asbjoern Sloth Toennesen <asbjorn@lila.io>
+# URL: 		http://fileformats.archiveteam.org/wiki/PSD
+# Reference:	https://www.adobe.com/devnet-apps/photoshop/fileformatashtml/
+# Note:		verfied by XnView `nconvert -fullinfo *.psd *.psb *.pdd`
+#		and ImageMagick `identify -verbose *.pdd`
+0	string		8BPS
+# skip DROID x-fmt-92-signature-id-277.psd by checking valid width
+>18	ubelong		>0	Adobe Photoshop
+!:mime	image/vnd.adobe.photoshop
+!:apple	????8BPS
+# version: always equal to 1, but 2 for PSB
+>>4   beshort 1
+# URL: 		http://fileformats.archiveteam.org/wiki/PhotoDeluxe
+# EXTRAS/PHOTOS/DEMOPIX/ORIGINAL.PDD
+>>>34	search/0xC0d7	PHUT	Image (PhotoDeluxe)
+!:ext	pdd
+>>>34	default		x	Image
+!:ext	psd
+# URL: 		http://fileformats.archiveteam.org/wiki/PSB
+>>4   beshort 2 Image (PSB)
+!:ext	psb
+# width in pixels: 1-30000 1-300000 for PSB
+>>18  belong  x \b, %d x
+>>14  belong  x %d,
+# The color mode; 0~Bitmap 1~Grayscale 2~Indexed 3~RGB 4~CMYK 7~Multichannel 9~Duotone 9~Lab
+>>24  beshort 0 bitmap
+>>24  beshort 1 grayscale
+# the number of channels; range is 1 to 56
+>>>12 beshort 2 with alpha
+>>24  beshort 2 indexed
+>>24  beshort 3 RGB
+>>>12 beshort 4 \bA
+>>24  beshort 4 CMYK
+>>>12 beshort 5 \bA
+>>24  beshort 7 multichannel
+>>24  beshort 8 duotone
+>>24  beshort 9 lab
+>>12  beshort > 1
+>>>12 beshort x \b, %dx
+>>12  beshort 1 \b,
+>>22  beshort x %d-bit channel
+>>12  beshort > 1 \bs
+# 6 reserved bytes; must be zero, but spaces inside ImageMagick input.psd
+# https://download.imagemagick.org/ImageMagick/download/ImageMagick-7.0.11-11.zip
+# ImageMagick-7.0.11-11\PerlMagick\t\input.psd
+>>6   bequad&0xFFffFFffFFff0000 !0 \b, at offset 6
+>>>6  belong  x	 0x%8.8x
+>>>6  beshort x   \b%4.4x
+
+# From:		Joerg Jenderek
+# URL:		https://www.adobe.com/devnet-apps/photoshop/fileformatashtml/
+#		http://fileformats.archiveteam.org/wiki/Photoshop
+# Reference:	http://www.nomodes.com/aco.html
+# Note:		registers as Photoshop.SwatchesFile for Photoshop.exe on Windows
+# check for valid versions like: 2 (newest) 1 (old) 0 (oldest no examples)
+0		ubeshort				<3
+# skip few Atari DEGAS med-res bitmap (DIAGRAM1.PI2) and many ISO 9660 CD-ROM by check for invalid low color numbers (0)
+>2		ubeshort				>0
+# skip few Targa (bmpsuite-15col.tga rgb24_top_left_colormap.tga) by check for invalid high color space ID (F0 1D)
+>>4		ubeshort				<16
+# skip many (69/327) Targa image *.TGA by check of accessing near the ending of first color space section (size=nc*5*2)
+>>>(2.S*10)	ubelong					x
+# RGB branch for Adobe Photoshop Color swatch
+>>>>4		ubeshort				=0
+# skip many (220/327) Targa by check of for invalid high RGB color z value (hexadecimal 2 3 2e03 4600 5e04 7502 8002 8b05 c700)
+>>>>>12			ubeshort			=0
+# RGB branch for Adobe Photoshop Color swatch for older versions
+>>>>>>0				ubeshort		<2
+>>>>>>>0				use		adobe-aco
+# RGB branch for Adobe Photoshop Color swatch for newer version 2
+>>>>>>0				ubeshort		=2
+# skip many (74/176) Atari DEGAS hi-res bitmap (*.PI3) by check for invalid low color name length (0)
+>>>>>>>16				ubeshort	>0
+>>>>>>>>0					use	adobe-aco
+# non RGB branch for Adobe Photoshop Color swatch
+>>>>4		ubeshort				!0
+# non RGB branch for Adobe Photoshop Color swatch for older versions
+>>>>>0			ubeshort			<2
+# skip many GEM Image (CHURCH.IMG TIGER.IMG) by check for invalid second high color space ID (55 114 143 157 256 288 450)
+>>>>>>14			ubeshort		<16
+>>>>>>>0				use		adobe-aco
+# non RGB branch for Adobe Photoshop Color swatch for newer version 2
+>>>>>0			ubeshort			=2
+# skip few Atari DEGAS hi-res bitmap (pal1wb-blue.pi3) and few ABR by check for invalid "high" nil bytes (7) before color name length
+>>>>>>14			ubeshort		=0
+>>>>>>>0				use		adobe-aco
+#	display Adobe Photoshop Color swatch file information (version, number of colors, color spaces, coordinates, names)
+0	name		adobe-aco
+>0		ubeshort				x		Adobe Photoshop Color swatch, version %u
+#!:mime		application/octet-stream
+!:mime		application/x-adobe-aco
+!:apple		????8BCO
+!:ext		aco
+>0		ubeshort				<2
+>>(2.S*10)	ubelong					x
+# version 2 section after version 1 section
+>>>&0		ubeshort				2		and 2
+# nc; number of colors like: 20 50 86 88 126 204 300 1050 1137 1280 2092 3010 4096
+>2		ubeshort				x		\b, %u colors
+# maybe last 4 bytes of first section (probably y z color value) like: 0 0x66660000 0xfe700000 0xffff0000
+#>(2.S*10)	ubelong					x		1ST_SECTION_END=%#8.8x
+>0		ubeshort				<2		\b; 1st
+# first older Adobe Photoshop Color entry
+>>4			use				aco-color
+>>>2				ubeshort		>1		\b; 2nd
+# second older Adobe Photoshop Color entry
+>>>>14					use		aco-color
+>0		ubeshort				=2		\b; 1st
+# first new Adobe Photoshop Color entry
+>>4			use				aco-color-v2
+>>>2				ubeshort		>1		\b; 2nd
+# jump first color name length words
+>>>>(16.S*2)				ubequad		x
+# second new Adobe Photoshop Color entry
+>>>>>&10					use	aco-color-v2
+#	display Adobe Photoshop Color entry (color space, color coordinates)
+0	name		aco-color
+# each color spec entry occupies five words
+# color space: 0~RGB 1~HSB 2~CMYK 3~Pantone 4~Focoltone 5~Trumatch 6~Toyo 7~Lab 8~Grayscale 9?~wideCMYK 10~HKS ...
+#>0		ubeshort				x		COLOR_ENTRY
+>0		ubeshort				0		RGB
+>0		ubeshort				1		HSB
+>0		ubeshort				2		CMYK
+>0		ubeshort				3		Pantone
+>0		ubeshort				4		Focoltone
+>0		ubeshort				5		Trumatch
+>0		ubeshort				6		Toyo
+>0		ubeshort				7		Lab
+>0		ubeshort				8		Grayscale
+>0		ubeshort				9		wide CMYK
+>0		ubeshort				10		HKS
+# unofficial
+# >0		ubeshort				12		foo
+# >0		ubeshort				13		bar
+# >0		ubeshort				14		FOO
+# >0		ubeshort				15		BAR
+>0		ubeshort				x		space (%u)
+# color coordinate w
+>2		ubeshort				x		\b, w %#x
+# color coordinate x
+>4		ubeshort				x		\b, x %#x
+# color coordinate y
+>6		ubeshort				x		\b, y %#x
+# color coordinate z; zero for RGB space
+>8		ubeshort				x		\b, z %#x
+#	display Adobe Photoshop Color entry version 2 (color space, color coordinates names)
+0	name		aco-color-v2
+>0		use					aco-color
+#>10		ubeshort				x		\b, NUL_BYTES %#x
+# color name length plus one (len+1) like: 7 8 9 13 14 15 16 17 22 26
+#>>12		ubeshort			 	x		\b, LENGTH %u
+>>12		ubeshort-1				x		\b, %u chars
+# len words; UTF-16 representation of the color name like: "DIC 1s" "PANTONE Process Yellow PC"
+>>14		bestring16				x		"%s"
+# followed by nil word
+
+# XV thumbnail indicator (ThMO)
+# URL:		https://en.wikipedia.org/wiki/Xv_(software)
+# Reference:	http://fileformats.archiveteam.org/wiki/XV_thumbnail
+# Update:	Joerg Jenderek
+0	string		P7\ 332		XV thumbnail image data
+#0	string		P7\ 332		XV "thumbnail file" (icon) data
+!:mime	image/x-xv-thumbnail
+# thumbnail .xvpic/foo.bar for graphic foo.bar
+!:ext	p7/gif/tif/xpm/jpg
+
+# NITF is defined by United States MIL-STD-2500A
+0	string	NITF	National Imagery Transmission Format
+>25	string	>\0	dated %.14s
+
+# GEM Image: Version 1, Headerlen 8 (Wolfram Kleff)
+# Format variations from: Bernd Nuernberger <bernd.nuernberger@web.de>
+# Update: Joerg Jenderek
+# See http://fileformats.archiveteam.org/wiki/GEM_Raster
+# For variations, also see:
+#    https://www.seasip.info/Gem/ff_img.html (Ventura)
+#    http://www.atari-wiki.com/?title=IMG_file (XIMG, STTT)
+#    http://www.fileformat.info/format/gemraster/spec/index.htm (XIMG, STTT)
+#    http://sylvana.net/1stguide/1STGUIDE.ENG (TIMG)
+0       beshort     0x0001
+# header_size
+>2      beshort     0x0008
+>>0     use gem_info
+>2      beshort     0x0009
+>>0     use gem_info
+# no example for NOSIG
+>2      beshort     24
+>>0     use gem_info
+# no example for HYPERPAINT
+>2      beshort     25
+>>0     use gem_info
+16      string      XIMG\0
+>0      use gem_info
+# no example
+16      string      STTT\0\x10
+>0      use gem_info
+# no example or description
+16      string      TIMG\0
+>0      use gem_info
+
+0   name        gem_info
+# version is 2 for some XIMG and 1 for all others
+>0	ubeshort		<0x0003		GEM
+# https://www.snowstone.org.uk/riscos/mimeman/mimemap.txt
+!:mime	image/x-gem
+# header_size 24 25 27 59 779 words for colored bitmaps
+>>2	ubeshort	>9
+>>>16	string		STTT\0\x10	STTT
+>>>16	string		TIMG\0		TIMG
+# HYPERPAINT or NOSIG variant
+>>>16	string		\0\x80
+>>>>2	ubeshort	=24		NOSIG
+>>>>2	ubeshort	!24		HYPERPAINT
+# NOSIG or XIMG variant
+>>>16	default		x
+>>>>16	string		!XIMG\0		NOSIG
+>>16	string		=XIMG\0		XIMG Image data
+!:ext	img/ximg
+# to avoid Warning: Current entry does not yet have a description for adding a EXTENSION type
+>>16	string		!XIMG\0		Image data
+!:ext	img
+# header_size is 9 for Ventura files and 8 for other GEM Paint files
+>>2	ubeshort	9		(Ventura)
+#>>2	ubeshort	8		(Paint)
+>>12	ubeshort	x		%d x
+>>14	ubeshort	x		%d,
+# 1 4 8
+>>4	ubeshort	x		%d planes,
+# in tenths of a millimetre
+>>8	ubeshort	x		%d x
+>>10	ubeshort	x		%d pixelsize
+# pattern_size 1-8. 2 for GEM Paint
+>>6	ubeshort	!2		\b, pattern size %d
+
+# GEM Metafile (Wolfram Kleff)
+0	ulelong		0x0018FFFF	GEM Metafile data
+>4	uleshort	x		version %d
+
+#
+# SMJPEG. A custom Motion JPEG format used by Loki Entertainment
+# Software Torbjorn Andersson <d91tan@Update.UU.SE>.
+#
+0	string	\0\nSMJPEG	SMJPEG
+>8	ubelong	x		%d.x data
+# According to the specification you could find any number of _TXT
+# headers here, but I can't think of any way of handling that. None of
+# the SMJPEG files I tried it on used this feature. Even if such a
+# file is encountered the output should still be reasonable.
+>16	string		_SND		\b,
+>>24	ubeshort	>0		%d Hz
+>>26	ubyte		8		8-bit
+>>26	ubyte		16		16-bit
+>>28	string		NONE		uncompressed
+# >>28	string		APCM		ADPCM compressed
+>>27	ubyte		1		mono
+>>28	ubyte		2		stereo
+# Help! Isn't there any way to avoid writing this part twice?
+# Yes, use a name/use
+>>32	string		_VID		\b,
+# >>>48	string		JFIF		JPEG
+>>>40	ubelong		>0		%d frames
+>>>44	ubeshort	>0		(%d x
+>>>46	ubeshort	>0		%d)
+>16	string		_VID		\b,
+# >>32	string		JFIF		JPEG
+>>24	ubelong		>0		%d frames
+>>28	ubeshort	>0		(%d x
+>>30	ubeshort	>0		%d)
+
+0	string	Paint\ Shop\ Pro\ Image\ File	Paint Shop Pro Image File
+
+# taken from fkiss: (<yav@mte.biglobe.ne.jp> ?)
+0	string		KiSS		KISS/GS
+>4	ubyte		16		color
+>>5	ubyte		x		%d bit
+>>8	uleshort	x		%d colors
+>>10	uleshort	x		%d groups
+>4	ubyte		32		cell
+>>5	ubyte		x		%d bit
+>>8	uleshort	x		%d x
+>>10	uleshort	x		%d
+>>12	uleshort	x		+%d
+>>14	uleshort	x		+%d
+
+# Webshots (www.webshots.com), by John Harrison
+0       string          C\253\221g\230\0\0\0 Webshots Desktop .wbz file
+
+# Hercules DASD image files
+# From Jan Jaeger <jj@septa.nl> and Jay Maynard <jaymaynard@gmail.com>
+0       string  CKD_P370        Hercules CKD DASD image file
+>8      lelong  x               \b, %d heads per cylinder
+>12     lelong  x               \b, track size %d bytes
+>16     byte    x               \b, device type 33%2.2X
+
+0       string  CKD_C370        Hercules compressed CKD DASD image file
+>8      lelong  x               \b, %d heads per cylinder
+>12     lelong  x               \b, track size %d bytes
+>16     byte    x               \b, device type 33%2.2X
+>552    lelong  x               \b, %d total cylinders
+>>557   byte    0               \b, no compression
+>>557   byte    1               \b, ZLIB compression
+>>557   byte    2               \b, BZ2 compression
+
+0       string  CKD_S370        Hercules CKD DASD shadow file
+>8      lelong  x               \b, %d heads per cylinder
+>12     lelong  x               \b, track size %d bytes
+>16     byte    x               \b, device type 33%2.2X
+
+0       string  CKD_P064        Hercules CKD64 DASD image file
+>8      lelong  x               \b, %d heads per cylinder
+>12     lelong  x               \b, track size %d bytes
+>16     byte    x               \b, device type 33%2.2X
+
+0       string  CKD_C064        Hercules compressed CKD64 DASD image file
+>8      lelong  x               \b, %d heads per cylinder
+>12     lelong  x               \b, track size %d bytes
+>16     byte    x               \b, device type 33%2.2X
+>524    lelong  x               \b, %d total cylinders
+>>585   byte    0               \b, no compression
+>>585   byte    1               \b, ZLIB compression
+>>585   byte    2               \b, BZ2 compression
+
+0       string  CKD_S064        Hercules CKD64 DASD shadow file
+>8      lelong  x               \b, %d heads per cylinder
+>12     lelong  x               \b, track size %d bytes
+>16     byte    x               \b, device type 33%2.2X
+
+# Squeak images and programs - etoffi@softhome.net
+0	string		\146\031\0\0	Squeak image data
+0	search/1	'From\040Squeak	Squeak program text
+
+# partimage: file(1) magic for PartImage files (experimental, incomplete)
+# Author: Hans-Joachim Baader <hjb@pro-linux.de>
+0		string	PaRtImAgE-VoLuMe	PartImage
+>0x0020		string	0.6.1		file version %s
+>>0x0060	ulelong	>-1		volume %d
+#>>0x0064 8 byte identifier
+#>>0x007c reserved
+>>0x0200	string	>\0		type %s
+>>0x1400	string	>\0		device %s,
+>>0x1600	string	>\0		original filename %s,
+# Some fields omitted
+>>0x2744	ulelong	0		not compressed
+>>0x2744	ulelong	1		gzip compressed
+>>0x2744	ulelong	2		bzip2 compressed
+>>0x2744	ulelong	>2		compressed with unknown algorithm
+>0x0020		string	>0.6.1		file version %s
+>0x0020		string	<0.6.1		file version %s
+
+# DCX is multi-page PCX, using a simple header of up to 1024
+# offsets for the respective PCX components.
+# From: Joerg Wunsch <joerg_wunsch@uriah.heep.sax.de>
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/DCX
+0	ulelong	987654321	DCX multi-page
+# http://www.nationalarchives.gov.uk/pronom/x-fmt/348
+!:mime	image/x-dcx
+!:ext	dcx
+# The first file offset usually starts at file offset 0x1004
+# print 1 space after 0x100? offset and then handles PCX images by ./images
+>4	ulelong	x		\b, at %#x 
+>(4.l)	indirect		x
+# possible 2nd PCX image
+#>8	ulelong	!0		\b, at %#x 
+#>>(8.l)	indirect		x
+# possible 3rd PCX image
+#>12	ulelong	!0		\b, at %#x 
+#>>(12.l)	indirect		x
+
+# Simon Walton <simonw@matteworld.com>
+# Kodak Cineon format for scanned negatives
+# http://www.kodak.com/US/en/motion/support/dlad/
+0	ulelong  0xd75f2a80	Cineon image data
+>200	ubelong  >0		\b, %d x
+>204	ubelong  >0		%d
+
+
+# Bio-Rad .PIC is an image format used by microscope control systems
+# and related image processing software used by biologists.
+# From: Vebjorn Ljosa <vebjorn@ljosa.com>
+# BOOL values are two-byte integers; use them to rule out false positives.
+# https://web.archive.org/web/20050317223257/www.cs.ubc.ca/spider/ladic/text/biorad.txt
+# Samples: https://www.loci.wisc.edu/software/sample-data
+14	uleshort	<2
+>62	uleshort	<2
+>>54	uleshort	12345		Bio-Rad .PIC Image File
+>>>0	uleshort	>0		%d x
+>>>2	uleshort	>0		%d,
+>>>4	uleshort	=1		1 image in file
+>>>4	uleshort	>1		%d images in file
+
+# From Jan "Yenya" Kasprzak <kas@fi.muni.cz>
+# The description of *.mrw format can be found at
+# http://www.dalibor.cz/minolta/raw_file_format.htm
+0	string	\000MRM			Minolta Dimage camera raw image data
+
+# Summary: DjVu image / document
+# Extension: .djvu
+# Reference: http://djvu.org/docs/DjVu3Spec.djvu
+# Submitted by: Stephane Loeuillet <stephane.loeuillet@tiscali.fr>
+# Modified by (1): Abel Cheung <abelcheung@gmail.com>
+0	string	AT&TFORM
+>12	string	DJVM		DjVu multiple page document
+!:mime	image/vnd.djvu
+>12	string	DJVU		DjVu image or single page document
+!:mime	image/vnd.djvu
+>12	string	DJVI		DjVu shared document
+!:mime	image/vnd.djvu
+>12	string	THUM		DjVu page thumbnails
+!:mime	image/vnd.djvu
+
+# Originally by Marc Espie
+# Modified by Robert Minsk <robertminsk at yahoo.com>
+# https://www.openexr.com/openexrfilelayout.pdf
+0	ulelong		20000630	OpenEXR image data,
+!:mime image/x-exr
+>4	ulelong&0x000000ff x		version %d,
+>4	ulelong		^0x00000200	storage: scanline
+>4	ulelong		&0x00000200	storage: tiled
+>8	search/0x1000	compression\0	\b, compression:
+>>&16	ubyte		0		none
+>>&16	ubyte		1		rle
+>>&16	ubyte		2		zips
+>>&16	ubyte		3		zip
+>>&16	ubyte		4		piz
+>>&16	ubyte		5		pxr24
+>>&16	ubyte		6		b44
+>>&16	ubyte		7		b44a
+>>&16	ubyte		8		dwaa
+>>&16	ubyte		9		dwab
+>>&16	ubyte		>9		unknown
+>8	 search/0x1000	dataWindow\0	\b, dataWindow:
+>>&10	ulelong		x		(%d
+>>&14	ulelong		x		%d)-
+>>&18	ulelong		x		\b(%d
+>>&22	ulelong		x		%d)
+>8	search/0x1000	displayWindow\0	\b, displayWindow:
+>>&10	ulelong		x		(%d
+>>&14	ulelong		x		%d)-
+>>&18	ulelong		x		\b(%d
+>>&22	ulelong		x		%d)
+>8	search/0x1000	lineOrder\0	 \b, lineOrder:
+>>&14	ubyte		0		increasing y
+>>&14	ubyte		1		decreasing y
+>>&14	ubyte		2		random y
+>>&14	ubyte		>2		unknown
+
+# SMPTE Digital Picture Exchange Format, SMPTE DPX
+#
+# ANSI/SMPTE 268M-1994, SMPTE Standard for File Format for Digital
+# Moving-Picture Exchange (DPX), v1.0, 18 February 1994
+# Robert Minsk <robertminsk at yahoo.com>
+# Modified by Harry Mallon <hjmallon at gmail.com>
+0	string		SDPX	DPX image data, big-endian,
+!:mime image/x-dpx
+>0	use		dpx_info
+0	string		XPDS	DPX image data, little-endian,
+!:mime image/x-dpx
+>0	use		\^dpx_info
+
+0	name		dpx_info
+>768	ubeshort	<4
+>>772	ubelong		x	%dx
+>>776	ubelong		x	\b%d,
+>768	ubeshort	>3
+>>776	ubelong		x	%dx
+>>772	ubelong		x	\b%d,
+>768	ubeshort	0	left to right/top to bottom
+>768	ubeshort	1	right to left/top to bottom
+>768	ubeshort	2	left to right/bottom to top
+>768	ubeshort	3	right to left/bottom to top
+>768	ubeshort	4	top to bottom/left to right
+>768	ubeshort	5	top to bottom/right to left
+>768	ubeshort	6	bottom to top/left to right
+>768	ubeshort	7	bottom to top/right to left
+
+# From: Tom Hilinski <tom.hilinski@comcast.net>
+# Update:	Joerg Jenderek
+# URL: 		https://en.wikipedia.org/wiki/NetCDF
+#		http://fileformats.archiveteam.org/wiki/NetCDF
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/n/netcdf.trid.xml
+#		https://www.loc.gov/preservation/digital/formats/fdd/fdd000330.shtml
+# Note:		called "NetCDF Network Common Data Form" by TrID and
+#		"netCDF-3 Classic" by DROID via PUID fmt/282
+# https://www.unidata.ucar.edu/packages/netcdf/
+0	string	CDF\001
+# skip DROID fmt-282-signature-id-298.nc by test for more content bytes
+>3	uleshort	>0		NetCDF Data Format data
+#!:mime	application/netcdf
+# https://reposcope.com/mimetype/application/x-netcdf
+!:mime	application/x-netcdf
+!:ext	nc
+# https://fileinfo.com/extension/cdf
+# https://www.file-extensions.org/cdf-file-extension-unidata-network-common-data-form
+# in 1994 changed from CDF to NC file extension avoid a clash with other file formats
+#!:ext	nc/cdf
+# 64-bit offset netcdf Classic https://www.unidata.ucar.edu/software/netcdf/docs/file_format_specifications
+# Note:		called "netCDF-3 64-bit" by DROID via PUID fmt/283
+0	string	CDF\002
+# skip DROID fmt-283-signature-id-299.nc by test for more content bytes
+>3	uleshort	>0		NetCDF Data Format data (64-bit offset)
+#!:mime	application/netcdf
+!:mime	application/x-netcdf
+!:ext	nc
+
+# From: Michael Liu
+# https://en.wikipedia.org/wiki/Common_Data_Format
+0	ubelong	0xCDF30001	Common Data Format (Version 3 or later) data
+!:mime  application/x-cdf
+
+0	ubelong	0xCDF26002	Common Data Format (Version 2.6 or 2.7) data
+!:mime  application/x-cdf
+
+0	ubelong	0x0000FFFF	Common Data Format (Version 2.5 or earlier) data
+!:mime  application/x-cdf
+
+# Hierarchical Data Format, used to facilitate scientific data exchange
+# specifications at http://hdf.ncsa.uiuc.edu/
+# URL: 		http://fileformats.archiveteam.org/wiki/HDF
+#		https://en.wikipedia.org/wiki/Hierarchical_Data_Format
+# Reference:	https://portal.hdfgroup.org/download/attachments/52627880/HDF5_File_Format_Specification_Version-3.0.pdf
+0	ubelong	0x0e031301	Hierarchical Data Format (version 4) data
+!:mime	application/x-hdf
+!:ext	hdf/hdf4/h4
+0	string	\211HDF\r\n\032\n	Hierarchical Data Format (version 5) data
+#!:mime	application/x-hdf
+!:mime	application/x-hdf5
+!:ext	h5/hdf5/hdf/he5
+512	string	\211HDF\r\n\032\n
+# skip Matlab v5 mat-file testhdf5_7.4_GLNX86.mat handled by ./mathematica
+>0	string	!MATLAB			Hierarchical Data Format (version 5) with 512 bytes user block
+#!:mime	application/x-hdf
+!:mime	application/x-hdf5
+!:ext	h5/hdf5/hdf/he5
+1024	string	\211HDF\r\n\032\n	Hierarchical Data Format (version 5) with 1k user block
+#!:mime	application/x-hdf
+!:mime	application/x-hdf5
+!:ext	h5/hdf5/hdf/he5
+2048	string	\211HDF\r\n\032\n	Hierarchical Data Format (version 5) with 2k user block
+#!:mime	application/x-hdf
+!:mime	application/x-hdf5
+!:ext	h5/hdf5/hdf/he5
+4096	string	\211HDF\r\n\032\n	Hierarchical Data Format (version 5) with 4k user block
+#!:mime	application/x-hdf
+!:mime	application/x-hdf5
+!:ext	h5/hdf5/hdf/he5
+
+# From: Tobias Burnus <burnus@net-b.de>
+# Xara (for a while: Corel Xara) is a graphic package, see
+# http://www.xara.com/ for Windows and as GPL application for Linux
+0	string	XARA\243\243	Xara graphics file
+
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Corel_Gallery
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/b/bmf-corel.trid.xml 
+# Note:		called "Corel Binary Material Format" by TrID and
+# 		"Corel Flow" by XnView
+0	string	@CorelBMF\n\rCorel\040Corporation 	Corel GALLERY Clipart
+!:mime	image/x-corel-bmf
+!:ext	bmf
+
+# https://www.cartesianinc.com/Tech/
+# Reference:	http://fileformats.archiveteam.org/wiki/Cartesian_Perceptual_Compression
+0	string	CPC\262		Cartesian Perceptual Compression image
+!:mime	image/x-cpi
+!:ext	cpi/cpc
+
+# From Albert Cahalan <acahalan@gmail.com>
+# puredigital used it for the CVS disposable camcorder
+#8       lelong		4       ZBM bitmap image data
+#>4      uleshort	x       %u x
+#>6      uleshort	x       %u
+
+# From Albert Cahalan <acahalan@gmail.com>
+# uncompressed 5:6:5 HighColor image for OLPC XO firmware icons
+0       string		C565     OLPC firmware icon image data
+>4      uleshort	x       %u x
+>6      uleshort	x       %u
+
+# Applied Images - Image files from Cytovision
+# Gustavo Junior Alves <gjalves@gjalves.com.br>
+0	string	\xce\xda\xde\xfa	Cytovision Metaphases file
+0	string	\xed\xad\xef\xac	Cytovision Karyotype file
+0	string	\x0b\x00\x03\x00	Cytovision FISH Probe file
+0	string	\xed\xfe\xda\xbe	Cytovision FLEX file
+0	string	\xed\xab\xed\xfe	Cytovision FLEX file
+0	string	\xad\xfd\xea\xad	Cytovision RATS file
+
+# Wavelet Scalar Quantization format used in gray-scale fingerprint images
+# From Tano M Fotang <mfotang@quanteq.com>
+0	string	\xff\xa0\xff\xa8\x00	Wavelet Scalar Quantization image data
+
+# Type:		PCO B16 image files
+# URL:		http://www.pco.de/fileadmin/user_upload/db/download/MA_CWDCOPIE_0412b.pdf
+# From:		Florian Philipp <florian.philipp@binarywings.net>
+# Extension:	.b16
+# Description:	Pixel image format produced by PCO Camware, typically used
+#		together with PCO cameras.
+# Note:		Different versions exist for e.g. 8 bit and 16 bit images.
+#		Documentation is incomplete.
+0	string/b	PCO-	PCO B16 image data
+>12	ulelong		x	\b, %dx
+>16	ulelong		x	\b%d
+>20	ulelong		0	\b, short header
+>20	ulelong		-1	\b, extended header
+>>24	ulelong		0	\b, grayscale
+>>>36	ulelong		0	linear LUT
+>>>36	ulelong		1	logarithmic LUT
+>>>28	ulelong		x	[%d
+>>>32	ulelong		x	\b,%d]
+>>24	ulelong		1	\b, color
+>>>64	ulelong		0	linear LUT
+>>>64	ulelong		1	logarithmic LUT
+>>>40	ulelong		x	r[%d
+>>>44	ulelong		x	\b,%d]
+>>>48	ulelong		x	g[%d
+>>>52	ulelong		x	\b,%d]
+>>>56	ulelong		x	b[%d
+>>>60	ulelong		x	\b,%d]
+
+# Polar Monitor Bitmap (.pmb) used as logo for Polar Electro watches
+# From: Markus Heidelberg <markus.heidelberg at web.de>
+0	string/t	[BitmapInfo2]	Polar Monitor Bitmap text
+!:mime	image/x-polar-monitor-bitmap
+
+# From: Rick Richardson <rickrich@gmail.com>
+# updated by: Joerg Jenderek
+# URL: http://techmods.net/nuvi/
+0	string	GARMIN\ BITMAP\ 01	Garmin Bitmap file
+# extension is also used for
+# Sony SRF raw image (image/x-sony-srf)
+# SRF map
+# Terragen Surface Map (https://www.planetside.co.uk/terragen)
+# FileLocator Pro search criteria file (https://www.mythicsoft.com/filelocatorpro)
+!:ext srf
+#!:mime	image/x-garmin-srf
+# version 1.00,2.00,2.10,2.40,2.50
+>0x2f	string		>0		\b, version %4.4s
+# width (2880,2881,3240)
+>0x55	uleshort	>0		\b, %dx
+# height (80,90)
+>>0x53	uleshort	x		\b%d
+
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Imageiio/imaginfo_(Ulead)
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p/pe3.trid.xml
+# Note:		called "Ulead Imageiio/Imaginfo thumbnail" by TrID
+0	string	IIO1$			Ulead Photo Explorer 3
+#!:mime	application/octet-stream
+!:mime	image/x-ulead-pe3
+# IMAGEIIO.PE3
+!:ext	pe3
+# look for DOS/Windows drive letter
+>5	search/192/s	:\\
+# directory or full name of corresponding imaginfo.pe3 like: "T:\SAMPLES\TEXTURES\SKY_SNOW\IIOE371.TMP "S:\PI3\PIMPACT3\PROGRAMS\PATTERNS\imaginfo.pe3"
+>>&-1	string	x			"%s"
+# look for DOS/Windows network path if no drive letter part
+>5	default		x
+>>5	search/192/s	\x5c\x5c
+# full name of corresponding imaginfo.pe3 like: "\\Lionking\upi\SAMPLES\IMAGES\ANIMALS\imaginfo.pe3"
+>>>&0	string	x			"%s"
+# Type:	Ulead Photo Explorer5 (.pe5)
+# URL:		http://fileformats.archiveteam.org/wiki/Imageiio/imaginfo_(Ulead)
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p/pe4.trid.xml
+# From:	Simon Horman <horms@debian.org>
+# Update:	Joerg Jenderek
+# Note:		some called "Ulead Imageiio/Imaginfo thumbnail" by TrID
+#		and used in various Ulead applications
+0	string	IIO2H			Ulead Photo Explorer 4 or 5
+#!:mime	application/octet-stream
+!:mime	image/x-ulead-pe4
+# IMAGEIIO.PE4 
+!:ext	pe4/pe5
+# look in most samples for JPEG signature like: SAMPLES/IMAGES/SCENES/IMAGINFO.PE4
+>0x4c2	search/0xE02/s	JFIF		with JPEG image data
+>>&-6	use			jpeg
+# near the end list of image names like: Img0001.pcd 1116012L.JPG NCARD4.TPL
+#
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p/pe3-imaginfo.trid.xml
+11	string	\001\0\0\0\0
+# check for version 3 part
+>19	string	\0\001\0\003\0
+>>0	use	ulead-imaginfo
+# From:		Joerg Jenderek
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p/pe4-imaginfo.trid.xml
+11	string	\001\0\0\0\0
+# check for version 4 part
+>19	string	\0\0\0\004\0
+>>0	use	ulead-imaginfo
+# display information about Ulead Imaginfo thumbnail (version, directory, image extension)
+0	name	ulead-imaginfo
+>22	ubyte	x			Ulead Imaginfo thumbnail
+#!:mime	application/octet-stream
+!:mime	image/x-ulead-imaginfo
+>22	ubyte	=3			\b, version 3
+# IMAGINFO.PE3
+!:ext	pe3
+>22	ubyte	=4			\b, version 4
+# IMAGINFO.PE4 
+!:ext	pe4
+# MAYBE ALSO VERSION 5 ?
+#>22	ubyte	=5			\b, version 5
+#!:ext	pe5
+>22	ubyte	x
+# look for DOS/Windows driver letter
+>>4	search/192/s	:\x5c
+# skip f:\Programme\iPhoto Plus 4\Template\Business Cards\IMAGINFO.PE4
+# by looking for driver letter in range A-Z
+>>>&-1	ubyte	>0x40
+# directory path like: "E:\iPE\CDSample\Images\Scenes" "D:\XmasCard\Samples" "C:\TEMP\PLANTS"
+>>>>&-5	pstring/l	>0		\b, "%s"
+# look for DOS/Windows network path if no valid drive letter part
+>>>&-1	default		x
+>>>>4	search/192/s	\x5c\x5c
+# directory path like: "\\FSX\SYS\OPPS\IPE.ENG\TEMPLATE\BUSINESS" "\\Lionking\upi\SAMPLES\IMAGES\ANIMALS"
+>>>>>&-4 pstring/l	>0		\b, "%s"
+# look for DOS/Windows network path if no drive letter part
+>>4	default		x
+>>>4	search/192/s	\x5c\x5c
+# directory path like: "\\FSX\SYS\opps\ipe.eng\samples" "\\DANIEL\IPE_CD\IPE.ITA"
+>>>>&-4 pstring/l	>0		\b, "%s"
+# look for point character inside image names
+>56	search/38/s	.
+# image name extension like: bmp jpg pcd tpl
+>>&1	string	x			with %-.3s images
+# Summary:	Ulead Pattern image (Corel Corporation)
+# URL:		https://en.wikipedia.org/wiki/Ulead_Systems
+#		https://www.file-extensions.org/pst-file-extension-ulead-pattern-image-format
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p/pst-ulead.trid.xml
+# From:		Joerg Jenderek
+# Note:		used also by CorelDraw Essentials 3 version 13.0.0.800
+#		there seems to exist other versions
+0	ubelong		0xFFFF0100
+>8	search/21	PresetInfo	Ulead pattern image
+#!:mime	application/octet-stream
+!:mime	image/x-ulead-pst
+!:ext	pst
+# string length like: 16 18 19 21 24
+#>>4	uleshort	x		n=%u
+# like: BlendPresetInfo DropShadowPresetInfo FileNewPresetInfo VectorExtrudePresetInfo EnvelopePresetInfo ContourPresetInfo DistortionPresetInfo
+>>4	pstring/h	x		"%s"
+
+# Type:	X11 cursor
+# URL:	http://webcvs.freedesktop.org/mime/shared-mime-info/freedesktop.org.xml.in?view=markup
+# From:	Mathias Brodala <info@noctus.net>
+0	string	Xcur			X11 cursor
+
+# Type:	Olympus ORF raw images.
+# URL:	https://libopenraw.freedesktop.org/wiki/Olympus_ORF
+# From:	Adam Buchbinder <adam.buchbinder@gmail.com>
+0	string		MMOR		Olympus ORF raw image data, big-endian
+!:mime	image/x-olympus-orf
+0	string		IIRO		Olympus ORF raw image data, little-endian
+!:mime	image/x-olympus-orf
+0	string		IIRS		Olympus ORF raw image data, little-endian
+!:mime	image/x-olympus-orf
+
+# Type: files used in modern AVCHD camcoders to store clip information
+# Extension: .cpi
+# From: Alexander Danilov <alexander.a.danilov@gmail.com>
+0	string	HDMV0100	AVCHD Clip Information
+
+# From: Adam Buchbinder <adam.buchbinder@gmail.com>
+# URL: http://local.wasp.uwa.edu.au/~pbourke/dataformats/pic/
+# Radiance HDR; usually has .pic or .hdr extension.
+0	string	#?RADIANCE\n	Radiance HDR image data
+!:mime	image/vnd.radiance
+
+# From: Adam Buchbinder <adam.buchbinder@gmail.com>
+# URL: https://www.mpi-inf.mpg.de/resources/pfstools/pfs_format_spec.pdf
+# Used by the pfstools packages. The regex matches for the image size could
+# probably use some work. The MIME type is made up; if there's one in
+# actual common use, it should replace the one below.
+0	string	PFS1\x0a	PFS HDR image data
+#!mime	image/x-pfs
+>1	regex	[0-9]*\ 	\b, %s
+>>1	regex	\ [0-9]{4}	\bx%s
+
+# Type: Foveon X3F
+# URL:  https://www.photofo.com/downloads/x3f-raw-format.pdf
+# From: Adam Buchbinder <adam.buchbinder@gmail.com>
+# Note that the MIME type isn't defined anywhere that I can find; if
+# there's a canonical type for this format, it should replace this one.
+0	string	FOVb	Foveon X3F raw image data
+!:mime	image/x-x3f
+>6	uleshort	x	\b, version %d.
+>4	uleshort	x	\b%d
+>28	ulelong		x	\b, %dx
+>32	ulelong		x	\b%d
+
+# Paint.NET file
+# From Adam Buchbinder <adam.buchbinder@gmail.com>
+0	string	PDN3	Paint.NET image data
+!:mime	image/x-paintnet
+
+# Not really an image.
+# From: "Tano M. Fotang" <mfotang@quanteq.com>
+0	string	\x46\x4d\x52\x00	ISO/IEC 19794-2 Format Minutiae Record (FMR)
+
+# doc: https://www.shikino.co.jp/eng/products/images/FLOWER.jpg.zip
+# example: https://www.shikino.co.jp/eng/products/images/FLOWER.wdp.zip
+90	ubequad		0x574D50484F544F00	JPEG-XR Image
+>98	ubyte&0x08	=0x08			\b, hard tiling
+>99	ubyte&0x80	=0x80			\b, tiling present
+>99	ubyte&0x40	=0x40			\b, codestream present
+>99	ubyte&0x38	x			\b, spatial xform=
+>99	ubyte&0x38	0x00			\bTL
+>99	ubyte&0x38	0x08			\bBL
+>99	ubyte&0x38	0x10			\bTR
+>99	ubyte&0x38	0x18			\bBR
+>99	ubyte&0x38	0x20			\bBT
+>99	ubyte&0x38	0x28			\bRB
+>99	ubyte&0x38	0x30			\bLT
+>99	ubyte&0x38	0x38			\bLB
+>100	ubyte&0x80	=0x80			\b, short header
+>>102	ubeshort+1	x			\b, %d
+>>104	ubeshort+1	x			\bx%d
+>100	ubyte&0x80	=0x00			\b, long header
+>>102	ubelong+1	x			\b, %x
+>>106	ubelong+1	x			\bx%x
+>101	ubeshort&0xf	x			\b, bitdepth=
+>>101	ubeshort&0xf	0x0			\b1-WHITE=1
+>>101	ubeshort&0xf	0x1			\b8
+>>101	ubeshort&0xf	0x2			\b16
+>>101	ubeshort&0xf	0x3			\b16-SIGNED
+>>101	ubeshort&0xf	0x4			\b16-FLOAT
+>>101	ubeshort&0xf	0x5			\b(reserved 5)
+>>101	ubeshort&0xf	0x6			\b32-SIGNED
+>>101	ubeshort&0xf	0x7			\b32-FLOAT
+>>101	ubeshort&0xf	0x8			\b5
+>>101	ubeshort&0xf	0x9			\b10
+>>101	ubeshort&0xf	0xa			\b5-6-5
+>>101	ubeshort&0xf	0xb			\b(reserved %d)
+>>101	ubeshort&0xf	0xc			\b(reserved %d)
+>>101	ubeshort&0xf	0xd			\b(reserved %d)
+>>101	ubeshort&0xf	0xe			\b(reserved %d)
+>>101	ubeshort&0xf	0xf			\b1-BLACK=1
+>101	ubeshort&0xf0	x			\b, colorfmt=
+>>101	ubeshort&0xf0	0x00			\bYONLY
+>>101	ubeshort&0xf0	0x10			\bYUV240
+>>101	ubeshort&0xf0	0x20			\bYWV422
+>>101	ubeshort&0xf0	0x30			\bYWV444
+>>101	ubeshort&0xf0	0x40			\bCMYK
+>>101	ubeshort&0xf0	0x50			\bCMYKDIRECT
+>>101	ubeshort&0xf0	0x60			\bNCOMPONENT
+>>101	ubeshort&0xf0	0x70			\bRGB
+>>101	ubeshort&0xf0	0x80			\bRGBE
+>>101	ubeshort&0xf0	>0x80			\b(reserved %#x)
+
+# From: Johan van der Knijff <johan.vanderknijff@kb.nl>
+#
+# BPG (Better Portable Graphics) format
+# https://bellard.org/bpg/
+# http://fileformats.archiveteam.org/wiki/BPG
+#
+0	string	\x42\x50\x47\xFB	BPG (Better Portable Graphics)
+!:mime  image/bpg
+
+# From: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Apple_Icon_Image_format
+0	string		icns		Mac OS X icon
+!:mime	image/x-icns
+!:apple	????icns
+!:ext icns
+>4	ubelong		>0
+# file size
+>>4	ubelong		x		\b, %d bytes
+# icon type
+>>8	string		x		\b, "%4.4s" type
+
+# TIM images
+# URL:		http://fileformats.archiveteam.org/wiki/TIM_(PlayStation_graphics)
+# Reference:	https://mrclick.zophar.net/TilEd/download/timgfx.txt
+# Update:	Joerg Jenderek
+# Note:		called as "PSX TIM *bpp bitmap" by bitmap-tim-*.trid.xml
+#		verified as "TIM PSX" by XnView `nconvert -fullinfo *.tim` and
+#		by RECOIL `recoil2png -o TMP.PNG input.tim; file TMP.PNG` and often
+#		as "PSX TIM" by ImageMagick version 7.1.0-10 command `identify *.tim`
+#		here signed integers are used but according to Kaitai unsigned
+0		ulelong		0x00000010
+# 32 Flag bits *cttt; c~CLUT flag t~type 000~4BPP 001~8BPP 010~16BPP 011~24BPP 100~Mixed
+#>4		ulelong  	x		FLAGS=%#x
+# 12+Size of CLUT (2Ch for 4BPP; 20Ch 40Ch 60Ch 80Ch C0Ch for 8BPP) or
+# +image data size (800Ch 2000Ch 2580C for 16BPP) (02000003h for dBase memo test.dbt)
+#>8		ulelong		x		\b, 12+CLUT or data size=%#8.8x
+# CLUT or data size remainder is 12 (Ch), but 03 for dBase memo test.dbt
+#>8		ubyte&0x0F	=0x0C		\b, SIZE REMAINDER IS 12
+# skip dBase III memo test.dbt with invalid flags 22D10189h
+>4		ulelong&0xffFFffF0	=0	Sony PlayStation PSX image,
+# file (version 5.40) labeled the above entry as "TIM image"
+!:mime	image/x-sony-tim
+!:ext	tim
+#>>4		ulelong&0x00000007	x	\b, BPP~%u
+# 4BPP and 8BPP examples exist with CLUT or without CLUT
+>>4		ulelong&0x07	0x0		4-Bit,
+>>4		ulelong&0x07	0x1		8-Bit,
+# 16BPP and 24BPP examples have no CLUT
+>>4		ulelong  	0x2		15-Bit,
+>>4		ulelong  	0x3		24-Bit,
+# no example
+>>4		ulelong&0x07  	0x4		Mixed-Bit,
+# CLUT flag set
+>>4		ulelong 	&8
+# 12 + size of CLUT like: 1000Ch 800Ch 400Ch 40Ch and 2FEh (KAGE.TIM)
+#>>>(8.l+8)	ulelong		x		\b, 12+CLUT SIZE=%#8.8x
+>>>(8.l+12)	uleshort	x		Pixel at (%d,
+>>>(8.l+14)	uleshort	x		\b%d) Size=
+# image width (to get actual width multiply by 4 for 4BPP and by 2 for 8BPP)
+>>>>4		ulelong  	0x8
+>>>>>(8.l+16)	uleshort*4	x		\b%d
+>>>>4		ulelong  	0x9
+>>>>>(8.l+16)	uleshort*2	x		\b%d
+# image height like: 32 64 128 144 160 208 256
+>>>(8.l+18)	uleshort	x		\bx%d,
+>>>4		ulelong 	0x8		16 CLUT Entries at
+>>>4		ulelong 	0x9		256 CLUT Entries at
+>>>12		uleshort	x		(%d,
+>>>14		uleshort	x		\b%d)
+# no Color LookUp Table (CLUT)
+>>4		ulelong		^8
+# image origin X Y
+>>>12		uleshort	x		Pixel at (%d,
+>>>14		uleshort	x		\b%d) Size=
+# real image width = multiply by 4 (4BPP) 2 (8BPP) 1 (16BPP) 2/3 (24BPP)
+>>>>4		ulelong  	0x0
+>>>>>16		uleshort*4	x		\b%d
+>>>>4		ulelong  	0x1
+>>>>>16		uleshort*2	x		\b%d
+>>>>4		ulelong  	0x2
+>>>>>16		uleshort		x		\b%d
+>>>>4		ulelong  	0x3
+# GRR: NOT working
+#>>>>>16		uleshort*2/3	x		\b%d
+>>>>>16		uleshort		x		\b2/3*%d
+# mixed format width not explained!
+>>>>4		ulelong  	0x4
+>>>>>16		uleshort		x		\b%d
+# image height like: 64 240 256
+>>>18		uleshort		x		\bx%d
+# TIM image data
+
+# MDEC streams
+0		ulelong		0x80010160	MDEC video stream,
+>16		uleshort	x		%dx
+>18		uleshort	x		\b%d
+#>8		ulelong		x		%d frames
+#>4		uleshort	x		secCount=%d;
+#>6		uleshort	x		nSectors=%d;
+#>12		ulelong		x		frameSize=%d;
+
+# BS encoded bitstreams
+2		uleshort	0x3800		BS image,
+# GRR: the above line is also true for binary Computer Graphics Metafile SAB00012.CGM with long parameter length 56 (=38h)
+>6		uleshort	x		Version %d,
+>4		uleshort	x		Quantization %d,
+>0		uleshort	x		(Decompresses to %d words)
+
+# Type: farbfeld image.
+# Url: http://tools.suckless.org/farbfeld/
+# From: Ian D. Scott <ian@iandouglasscott.com>
+#
+0		string		farbfeld	farbfeld image data,
+>8		ubelong		x		%dx
+>12		ubelong		x		\b%d
+
+# Type: Microsoft DirectDraw Surface (DXGI formats)
+# URL:	https://msdn.microsoft.com/library/default.asp?url=/library/en-us/directx9_c/directx/graphics/reference/DDSFileReference/ddsfileformat.asp
+# From: Morten Hustveit <morten@debian.org>
+# Updated by: David Korth <gerbilsoft@gerbilsoft.com>
+0	name	ms-directdraw-dx10
+>0	ulelong	x	\b, DXGI format:
+>0	ulelong	1	R32G32B32A32_TYPELESS
+>0	ulelong	2	R32G32B32A32_FLOAT
+>0	ulelong	3	R32G32B32A32_UINT
+>0	ulelong	4	R32G32B32A32_SINT
+>0	ulelong	5	R32G32B32_TYPELESS
+>0	ulelong	6	R32G32B32_FLOAT
+>0	ulelong	7	R32G32B32_UINT
+>0	ulelong	8	R32G32B32_SINT
+>0	ulelong	9	R16G16B16A16_TYPELESS
+>0	ulelong	10	R16G16B16A16_FLOAT
+>0	ulelong	11	R16G16B16A16_UNORM
+>0	ulelong	12	R16G16B16A16_UINT
+>0	ulelong	13	R16G16B16A16_SNORM
+>0	ulelong	14	R16G16B16A16_SINT
+>0	ulelong	15	R32G32_TYPELESS
+>0	ulelong	16	R32G32_FLOAT
+>0	ulelong	17	R32G32_UINT
+>0	ulelong	18	R32G32_SINT
+>0	ulelong	19	R32G8X24_TYPELESS
+>0	ulelong	20	D32_FLOAT_S8X24_UINT
+>0	ulelong	21	R32_FLOAT_X8X24_TYPELESS
+>0	ulelong	22	X32_TYPELESS_G8X24_UINT
+>0	ulelong	23	R10G10B10A2_TYPELESS
+>0	ulelong	24	R10G10B10A2_UNORM
+>0	ulelong	25	R10G10B10A2_UINT
+>0	ulelong	26	R11G11B10_FLOAT
+>0	ulelong	27	R8G8B8A8_TYPELESS
+>0	ulelong	28	R8G8B8A8_UNORM
+>0	ulelong	29	R8G8B8A8_UNORM_SRGB
+>0	ulelong	30	R8G8B8A8_UINT
+>0	ulelong	31	R8G8B8A8_SNORM
+>0	ulelong	32	R8G8B8A8_SINT
+>0	ulelong	33	R16G16_TYPELESS
+>0	ulelong	34	R16G16_FLOAT
+>0	ulelong	35	R16G16_UNORM
+>0	ulelong	36	R16G16_UINT
+>0	ulelong	37	R16G16_SNORM
+>0	ulelong	38	R16G16_SINT
+>0	ulelong	39	R32_TYPELESS
+>0	ulelong	40	D32_FLOAT
+>0	ulelong	41	R32_FLOAT
+>0	ulelong	42	R32_UINT
+>0	ulelong	43	R32_SINT
+>0	ulelong	44	R24G8_TYPELESS
+>0	ulelong	45	D24_UNORM_S8_UINT
+>0	ulelong	46	R24_UNORM_X8_TYPELESS
+>0	ulelong	47	X24_TYPELESS_G8_UINT
+>0	ulelong	48	R8G8_TYPELESS
+>0	ulelong	49	R8G8_UNORM
+>0	ulelong	50	R8G8_UINT
+>0	ulelong	51	R8G8_SNORM
+>0	ulelong	52	R8G8_SINT
+>0	ulelong	53	R16_TYPELESS
+>0	ulelong	54	R16_FLOAT
+>0	ulelong	55	D16_UNORM
+>0	ulelong	56	R16_UNORM
+>0	ulelong	57	R16_UINT
+>0	ulelong	58	R16_SNORM
+>0	ulelong	59	R16_SINT
+>0	ulelong	60	R8_TYPELESS
+>0	ulelong	61	R8_UNORM
+>0	ulelong	62	R8_UINT
+>0	ulelong	63	R8_SNORM
+>0	ulelong	64	R8_SINT
+>0	ulelong	65	A8_UNORM
+>0	ulelong	66	R1_UNORM
+>0	ulelong	67	R9G9B9E5_SHAREDEXP
+>0	ulelong	68	R8G8_B8G8_UNORM
+>0	ulelong	69	G8R8_G8B8_UNORM
+>0	ulelong	70	BC1_TYPELESS
+>0	ulelong	71	BC1_UNORM
+>0	ulelong	72	BC1_UNORM_SRGB
+>0	ulelong	73	BC2_TYPELESS
+>0	ulelong	74	BC2_UNORM
+>0	ulelong	75	BC2_UNORM_SRGB
+>0	ulelong	76	BC3_TYPELESS
+>0	ulelong	77	BC3_UNORM
+>0	ulelong	78	BC3_UNORM_SRGB
+>0	ulelong	79	BC4_TYPELESS
+>0	ulelong	80	BC4_UNORM
+>0	ulelong	81	BC4_SNORM
+>0	ulelong	82	BC5_TYPELESS
+>0	ulelong	83	BC5_UNORM
+>0	ulelong	84	BC5_SNORM
+>0	ulelong	85	B5G6R5_UNORM
+>0	ulelong	86	B5G5R5A1_UNORM
+>0	ulelong	87	B8G8R8A8_UNORM
+>0	ulelong	88	B8G8R8X8_UNORM
+>0	ulelong	89	R10G10B10_XR_BIAS_A2_UNORM
+>0	ulelong	90	B8G8R8A8_TYPELESS
+>0	ulelong	91	B8G8R8A8_UNORM_SRGB
+>0	ulelong	92	B8G8R8X8_TYPELESS
+>0	ulelong	93	B8G8R8X8_UNORM_SRGB
+>0	ulelong	94	BC6H_TYPELESS
+>0	ulelong	95	BC6H_UF16
+>0	ulelong	96	BC6H_SF16
+>0	ulelong	97	BC7_TYPELESS
+>0	ulelong	98	BC7_UNORM
+>0	ulelong	99	BC7_UNORM_SRGB
+>0	ulelong	100	AYUV
+>0	ulelong	101	Y410
+>0	ulelong	102	Y416
+>0	ulelong	103	NV12
+>0	ulelong	104	P010
+>0	ulelong	105	P016
+>0	ulelong	106	420_OPAQUE
+>0	ulelong	107	YUY2
+>0	ulelong	108	Y210
+>0	ulelong	109	Y216
+>0	ulelong	110	NV11
+>0	ulelong	111	AI44
+>0	ulelong	112	IA44
+>0	ulelong	113	P8
+>0	ulelong	114	A8P8
+>0	ulelong	115	B4G4R4A4_UNORM
+
+>0	ulelong	116	XBOX_R10G10B10_7E3_A2_FLOAT
+>0	ulelong	117	XBOX_R10G10B10_6E4_A2_FLOAT
+>0	ulelong	118	XBOX_D16_UNORM_S8_UINT
+>0	ulelong	119	XBOX_R16_UNORM_X8_TYPELESS
+>0	ulelong	120	XBOX_X16_TYPELESS_G8_UINT
+
+>0	ulelong	130	DXGI_FORMAT_P208
+>0	ulelong	131	DXGI_FORMAT_V208
+>0	ulelong	132	DXGI_FORMAT_V408
+
+>0	ulelong	133	ASTC_4X4_TYPELESS
+>0	ulelong	134	ASTC_4X4_UNORM
+>0	ulelong	135	ASTC_4X4_UNORM_SRGB
+>0	ulelong	137	ASTC_5X4_TYPELESS
+>0	ulelong	138	ASTC_5X4_UNORM
+>0	ulelong	139	ASTC_5X4_UNORM_SRGB
+>0	ulelong	141	ASTC_5X5_TYPELESS
+>0	ulelong	142	ASTC_5X5_UNORM
+>0	ulelong	143	ASTC_5X5_UNORM_SRGB
+>0	ulelong	145	ASTC_6X5_TYPELESS
+>0	ulelong	146	ASTC_6X5_UNORM
+>0	ulelong	147	ASTC_6X5_UNORM_SRGB
+>0	ulelong	149	ASTC_6X6_TYPELESS
+>0	ulelong	150	ASTC_6X6_UNORM
+>0	ulelong	151	ASTC_6X6_UNORM_SRGB
+>0	ulelong	153	ASTC_8X5_TYPELESS
+>0	ulelong	154	ASTC_8X5_UNORM
+>0	ulelong	155	ASTC_8X5_UNORM_SRGB
+>0	ulelong	157	ASTC_8X6_TYPELESS
+>0	ulelong	158	ASTC_8X6_UNORM
+>0	ulelong	159	ASTC_8X6_UNORM_SRGB
+>0	ulelong	161	ASTC_8X8_TYPELESS
+>0	ulelong	162	ASTC_8X8_UNORM
+>0	ulelong	163	ASTC_8X8_UNORM_SRGB
+>0	ulelong	165	ASTC_10X5_TYPELESS
+>0	ulelong	166	ASTC_10X5_UNORM
+>0	ulelong	167	ASTC_10X5_UNORM_SRGB
+>0	ulelong	169	ASTC_10X6_TYPELESS
+>0	ulelong	170	ASTC_10X6_UNORM
+>0	ulelong	171	ASTC_10X6_UNORM_SRGB
+>0	ulelong	173	ASTC_10X8_TYPELESS
+>0	ulelong	174	ASTC_10X8_UNORM
+>0	ulelong	175	ASTC_10X8_UNORM_SRGB
+>0	ulelong	177	ASTC_10X10_TYPELESS
+>0	ulelong	178	ASTC_10X10_UNORM
+>0	ulelong	179	ASTC_10X10_UNORM_SRGB
+>0	ulelong	181	ASTC_12X10_TYPELESS
+>0	ulelong	182	ASTC_12X10_UNORM
+>0	ulelong	183	ASTC_12X10_UNORM_SRGB
+>0	ulelong	185	ASTC_12X12_TYPELESS
+>0	ulelong	186	ASTC_12X12_UNORM
+>0	ulelong	187	ASTC_12X12_UNORM_SRGB
+
+>0	ulelong	190	XBOX_R10G10B10_SNORM_A2_UNORM
+>0	ulelong	189	XBOX_R4G4_UNORM
+>0	ulelong	0xFFFFFFFF	DXGI_FORMAT_FORCE_UINT
+
+# Type: Microsoft DirectDraw Surface (common data)
+# URL:	https://msdn.microsoft.com/library/default.asp?url=/library/en-us/directx9_c/directx/graphics/reference/DDSFileReference/ddsfileformat.asp
+# From: Morten Hustveit <morten@debian.org>
+# Updated by: David Korth <gerbilsoft@gerbilsoft.com>
+0	name	ms-directdraw-surface
+>0x10	ulelong	x			%u x
+>0x0C	ulelong	x			%u
+# Color depth.
+>0x58	ulelong	>0			\b, %u-bit color
+# Determine the pixel format.
+>0x50	ulelong&0x4	4
+# FIXME: Handle DX10 and XBOX formats.
+>>0x54	string	DX10
+>>>0x80	use	ms-directdraw-dx10
+>>0x54	string	!DX10			\b, compressed using %.4s
+>0x50	ulelong&0x2	0x2		\b, alpha only
+>0x50	ulelong&0x200	0x200		\b, YUV
+>0x50	ulelong&0x20000	0x20000		\b, luminance
+# RGB pixel format
+>0x50	ulelong&0x40	0x40
+
+# Determine the RGB format using the color masks.
+# ulequad order: 0xGGGGGGGGRRRRRRRR, 0xAAAAAAAABBBBBBBB
+
+>>0x58		ulelong	16
+
+# NOTE: 15-bit color formats usually have 16-bit listed as the color depth.
+>>>0x5C		ulequad	0x000003E000007C00
+>>>>0x64	ulequad 0x000000000000001F	\b, RGB555
+>>>0x5C		ulequad	0x000003E000001F00
+>>>>0x64	ulequad 0x000000000000007C	\b, BGR555
+
+>>>0x5C		ulequad	0x000007E00000F800
+>>>>0x64	ulequad 0x000000000000001F	\b, RGB565
+>>>0x5C		ulequad	0x000007E000001F00
+>>>>0x64	ulequad 0x00000000000000F8	\b, BGR565
+
+>>>0x5C		ulequad	0x000000F000000F00
+>>>>0x64	ulequad 0x0000F0000000000F	\b, ARGB4444
+>>>0x5C		ulequad	0x000000F00000000F
+>>>>0x64	ulequad 0x0000F00000000F00	\b, ABGR4444
+
+>>>0x5C		ulequad	0x00000F000000F000
+>>>>0x64	ulequad 0x0000000F000000F0	\b, RGBA4444
+>>>0x5C		ulequad	0x00000F00000000F0
+>>>>0x64	ulequad 0x0000000F0000F000	\b, BGRA4444
+
+>>>0x5C		ulequad	0x000000F000000F00
+>>>>0x64	ulequad 0x000000000000000F	\b, xRGB4444
+>>>0x5C		ulequad	0x000000F00000000F
+>>>>0x64	ulequad 0x0000000000000F00	\b, xBGR4444
+
+>>>0x5C		ulequad	0x00000F000000F000
+>>>>0x64	ulequad 0x00000000000000F0	\b, RGBx4444
+>>>0x5C		ulequad	0x00000F00000000F0
+>>>>0x64	ulequad 0x000000000000F000	\b, BGRx4444
+
+>>>0x5C		ulequad	0x000003E000007C00
+>>>>0x64	ulequad 0x000080000000001F	\b, ARGB1555
+>>>0x5C		ulequad	0x000003E000001F00
+>>>>0x64	ulequad 0x000080000000007C	\b, ABGR1555
+>>>0x5C		ulequad	0x000007C00000F800
+>>>>0x64	ulequad 0x000000010000003E	\b, RGBA5551
+>>>0x5C		ulequad	0x000007C00000003E
+>>>>0x64	ulequad 0x000000010000F800	\b, BGRA5551
+
+>>88		ulelong 24
+>>>0x5C		ulequad	0x0000FF0000FF0000
+>>>>0x64	ulequad 0x00000000000000FF	\b, RGB888
+>>>0x5C		ulequad	0x0000FF00000000FF
+>>>>0x64	ulequad 0x0000000000FF0000	\b, BGR888
+
+>>88		ulelong 32
+>>>0x5C		ulequad	0x0000FF0000FF0000
+>>>>0x64	ulequad 0xFF000000000000FF	\b, ARGB8888
+>>>0x5C		ulequad	0x0000FF00000000FF
+>>>>0x64	ulequad 0xFF00000000FF0000	\b, ABGR8888
+
+>>>0x5C		ulequad	0x00FF0000FF000000
+>>>>0x64	ulequad 0x000000FF0000FF00	\b, RGBA8888
+>>>0x5C		ulequad	0x00FF00000000FF00
+>>>>0x64	ulequad 0x000000FFFF000000	\b, BGBA8888
+
+>>>0x5C		ulequad	0x0000FF0000FF0000
+>>>>0x64	ulequad 0x00000000000000FF	\b, xRGB8888
+>>>0x5C		ulequad	0x0000FF00000000FF
+>>>>0x64	ulequad 0x0000000000FF0000	\b, xBGR8888
+
+>>>0x5C		ulequad	0x00FF0000FF000000
+>>>>0x64	ulequad 0x000000000000FF00	\b, RGBx8888
+>>>0x5C		ulequad	0x00FF00000000FF00
+>>>>0x64	ulequad 0x00000000FF000000	\b, BGBx8888
+
+# Less common 32-bit color formats.
+>>>0x5C		ulequad	0xFFFF00000000FFFF
+>>>>0x64	ulequad 0x0000000000000000	\b, G16R16
+>>>0x5C		ulequad	0x0000FFFFFFFF0000
+>>>>0x64	ulequad 0x0000000000000000	\b, R16G16
+
+>>>0x5C		ulequad	0x000FFC003FF00000
+>>>>0x64	ulequad 0xC0000000000003FF	\b, A2R10G10B10
+>>>0x5C		ulequad	0x000FFC00000003FF
+>>>>0x64	ulequad 0xC00000003FF00000	\b, A2B10G10R10
+
+# Type: Microsoft DirectDraw Surface
+# URL:	https://msdn.microsoft.com/library/default.asp?url=/library/en-us/directx9_c/directx/graphics/reference/DDSFileReference/ddsfileformat.asp
+# From: Morten Hustveit <morten@debian.org>
+# Updated by: David Korth <gerbilsoft@gerbilsoft.com>
+0	string/b	DDS\040\174\000\000\000 Microsoft DirectDraw Surface (DDS):
+>0	use	ms-directdraw-surface
+
+# Type: Sega PVR image.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://fabiensanglard.net/Mykaruga/tools/segaPVRFormat.txt
+# - https://github.com/yazgoo/pvrx2png
+# - https://github.com/nickworonekin/puyotools
+
+# Sega PVR header.
+0	name	sega-pvr-image-header
+>0x0C	uleshort	x	%u x
+>0x0E	uleshort	x	%u
+# Image format.
+>0x08	ubyte	0	\b, ARGB1555
+>0x08	ubyte	1	\b, RGB565
+>0x08	ubyte	2	\b, ARGB4444
+>0x08	ubyte	3	\b, YUV442
+>0x08	ubyte	4	\b, Bump
+>0x08	ubyte	5	\b, 4bpp
+>0x08	ubyte	6	\b, 8bpp
+# Image data type.
+>0x09	ubyte	0x01	\b, square twiddled
+>0x09	ubyte	0x02	\b, square twiddled & mipmap
+>0x09	ubyte	0x03	\b, VQ
+>0x09	ubyte	0x04	\b, VQ & mipmap
+>0x09	ubyte	0x05	\b, 8-bit CLUT twiddled
+>0x09	ubyte	0x06	\b, 4-bit CLUT twiddled
+>0x09	ubyte	0x07	\b, 8-bit direct twiddled
+>0x09	ubyte	0x08	\b, 4-bit direct twiddled
+>0x09	ubyte	0x09	\b, rectangle
+>0x09	ubyte	0x0B	\b, rectangular stride
+>0x09	ubyte	0x0D	\b, rectangular twiddled
+>0x09	ubyte	0x10	\b, small VQ
+>0x09	ubyte	0x11	\b, small VQ & mipmap
+>0x09	ubyte	0x12	\b, square twiddled & mipmap
+
+# Sega PVR image.
+0	string	PVRT
+>0x10	string	DDS\040\174\000\000\000 Sega PVR (Xbox) image:
+>>0x20	use	ms-directdraw-surface
+>0x10	ubelong	!0x44445320		Sega PVR image:
+>>0	use	sega-pvr-image-header
+
+# Sega PVR image with GBIX.
+0	string	GBIX
+>0x10	string	PVRT
+>>0x10	string	DDS\040\174\000\000\000 Sega PVR (Xbox) image:
+>>>0x20	use	ms-directdraw-surface
+>>0x10	ubelong	!0x44445320		Sega PVR image:
+>>>0x10	use	sega-pvr-image-header
+>>0x08	ulelong	x	\b, global index = %u
+
+# Sega GVR header.
+0	name	sega-gvr-image-header
+>0x0C	ubeshort	x	%u x
+>0x0E	ubeshort	x	%u
+# Image data format.
+>0x0B	ubyte	0	\b, I4
+>0x0B	ubyte	1	\b, I8
+>0x0B	ubyte	2	\b, IA4
+>0x0B	ubyte	3	\b, IA8
+>0x0B	ubyte	4	\b, RGB565
+>0x0B	ubyte	5	\b, RGB5A3
+>0x0B	ubyte	6	\b, ARGB8888
+>0x0B	ubyte	8	\b, CI4
+>0x0B	ubyte	9	\b, CI8
+>0x0B	ubyte	14	\b, DXT1
+
+# Sega GVR image.
+0	string	GVRT	Sega GVR image:
+>0x10	use	sega-gvr-image-header
+
+# Sega GVR image with GBIX.
+0	string	GBIX
+>0x10	string	GVRT	Sega GVR image:
+>>0x10	use	sega-gvr-image-header
+>>0x08	ubelong	x	\b, global index = %u
+
+# Sega GVR image with GCIX. (Wii)
+0	string	GCIX
+>0x10	string	GVRT	Sega GVR image:
+>>0x10	use	sega-gvr-image-header
+>>0x08	ubelong	x	\b, global index = %u
+
+# Light Field Picture
+# Documentation: http://optics.miloush.net/lytro/TheFileFormat.aspx
+# Typical file extensions: .lfp .lfr .lfx
+
+0	ubelong	0x894C4650
+>4	ubelong	0x0D0A1A0A
+>12	ubelong	0x00000000	Lytro Light Field Picture
+>8	ubelong	x		\b, version %d
+
+# Type: Vision Research Phantom CINE Format
+# URL: https://www.phantomhighspeed.com/
+# URL2: http://phantomhighspeed.force.com/vriknowledge/servlet/fileField?id=0BEU0000000Cfyk
+# From: Harry Mallon <hjmallon at gmail.com>
+#
+# This has a short "CI" code but the 44 is the size of the struct which is
+# stable
+0	string	CI
+>2	uleshort 44		Vision Research CINE Video,
+>>4	uleshort	0		Grayscale,
+>>4	uleshort 1		JPEG Compressed,
+>>4	uleshort 2		RAW,
+>>6	uleshort x		version %d,
+>>20	ulelong	x		%d frames,
+>>48	ulelong	x		%dx
+>>52	ulelong	x		\b%d
+
+# Type: ARRI Raw Image
+# Info: SMPTE RDD30:2014
+# From: Harry Mallon <hjmallon at gmail.com>
+0	string ARRI		ARRI ARI image data,
+>4	ulelong 0x78563412	little-endian,
+>4 	ulelong 0x12345678	big-endian,
+>12	ulelong x		version %d,
+>20	ulelong x 		%dx
+>24	ulelong x		\b%d
+
+# Type: Khronos KTX texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://www.khronos.org/opengles/sdk/tools/KTX/file_format_spec/
+
+# glEnum decoding.
+# NOTE: Only the most common formats are listed here.
+0	name	khronos-ktx-glEnum
+>0	ulelong	0x1907	\b, RGB
+>0	ulelong	0x1908	\b, RGBA
+>0	ulelong	0x1909	\b, LUMINANCE
+>0	ulelong	0x190A	\b, LUMINANCE_ALPHA
+>0	ulelong	0x80E1	\b, BGR
+>0	ulelong	0x80E2	\b, BGRA
+>0	ulelong	0x83A0	\b, RGB_S3TC
+>0	ulelong	0x83A1	\b, RGB4_S3TC
+>0	ulelong	0x83A2	\b, RGBA_S3TC
+>0	ulelong	0x83A3	\b, RGBA4_S3TC
+>0	ulelong	0x83A4	\b, RGBA_DXT5_S3TC
+>0	ulelong	0x83A5	\b, RGBA4_DXT5_S3TC
+>0	ulelong	0x83F0	\b, COMPRESSED_RGB_S3TC_DXT1_EXT
+>0	ulelong	0x83F1	\b, COMPRESSED_RGBA_S3TC_DXT1_EXT
+>0	ulelong	0x83F2	\b, COMPRESSED_RGBA_S3TC_DXT3_EXT
+>0	ulelong	0x83F3	\b, COMPRESSED_RGBA_S3TC_DXT5_EXT
+>0	ulelong	0x8D64	\b, ETC1_RGB8_OES
+>0	ulelong	0x9270	\b, COMPRESSED_R11_EAC
+>0	ulelong	0x9271	\b, COMPRESSED_SIGNED_R11_EAC
+>0	ulelong	0x9272	\b, COMPRESSED_RG11_EAC
+>0	ulelong	0x9273	\b, COMPRESSED_SIGNED_RG11_EAC
+>0	ulelong	0x9274	\b, COMPRESSED_RGB8_ETC2
+>0	ulelong	0x9275	\b, COMPRESSED_SRGB8_ETC2
+>0	ulelong	0x9276	\b, COMPRESSED_RGB8_PUNCHTHROUGH_ALPHA1_ETC2
+>0	ulelong	0x9277	\b, COMPRESSED_SRGB8_PUNCHTHROUGH_ALPHA1_ETC2
+>0	ulelong	0x9278	\b, COMPRESSED_RGBA2_ETC2_EAC
+>0	ulelong	0x9279	\b, COMPRESSED_SRGB8_ALPHA8_ETC2_EAC
+>0	ulelong	0x93B0	\b, COMPRESSED_RGBA_ASTC_4x4_KHR
+>0	ulelong	0x93B1	\b, COMPRESSED_RGBA_ASTC_5x4_KHR
+>0	ulelong	0x93B2	\b, COMPRESSED_RGBA_ASTC_5x5_KHR
+>0	ulelong	0x93B3	\b, COMPRESSED_RGBA_ASTC_6x5_KHR
+>0	ulelong	0x93B4	\b, COMPRESSED_RGBA_ASTC_6x6_KHR
+>0	ulelong	0x93B5	\b, COMPRESSED_RGBA_ASTC_8x5_KHR
+>0	ulelong	0x93B6	\b, COMPRESSED_RGBA_ASTC_8x6_KHR
+>0	ulelong	0x93B7	\b, COMPRESSED_RGBA_ASTC_8x8_KHR
+>0	ulelong	0x93B8	\b, COMPRESSED_RGBA_ASTC_10x5_KHR
+>0	ulelong	0x93B9	\b, COMPRESSED_RGBA_ASTC_10x6_KHR
+>0	ulelong	0x93BA	\b, COMPRESSED_RGBA_ASTC_10x8_KHR
+>0	ulelong	0x93BB	\b, COMPRESSED_RGBA_ASTC_10x10_KHR
+>0	ulelong	0x93BC	\b, COMPRESSED_RGBA_ASTC_12x10_KHR
+>0	ulelong	0x93BD	\b, COMPRESSED_RGBA_ASTC_12x12_KHR
+>0	ulelong	0x93D0	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_4x4_KHR
+>0	ulelong	0x93D1	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_5x4_KHR
+>0	ulelong	0x93D2	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_5x5_KHR
+>0	ulelong	0x93D3	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_6x5_KHR
+>0	ulelong	0x93D4	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_6x6_KHR
+>0	ulelong	0x93D5	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_8x5_KHR
+>0	ulelong	0x93D6	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_8x6_KHR
+>0	ulelong	0x93D7	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_8x8_KHR
+>0	ulelong	0x93D8	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x5_KHR
+>0	ulelong	0x93D9	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x6_KHR
+>0	ulelong	0x93DA	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x8_KHR
+>0	ulelong	0x93DB	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x10_KHR
+>0	ulelong	0x93DC	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_12x10_KHR
+>0	ulelong	0x93DD	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_12x12_KHR
+
+# Endian-specific KTX header.
+# TODO: glType (all textures I've seen so far are GL_UNSIGNED_BYTE)
+0	name	khronos-ktx-endian-header
+>20	ulelong	x	\b, %u
+>24	ulelong	>1	x %u
+>28	ulelong	>1	x %u
+>8	ulelong	>0
+>>8	use	khronos-ktx-glEnum
+>8	ulelong	0
+>>12	use	khronos-ktx-glEnum
+
+# Main KTX header.
+# Determine endianness, then check the rest of the header.
+0	string	\xABKTX\ 11\xBB\r\n\x1A\n	Khronos KTX texture
+>12	ulelong	0x04030201			(little-endian)
+>>16	use	khronos-ktx-endian-header
+>12	ubelong	0x04030201			(big-endian)
+>>16	use	\^khronos-ktx-endian-header
+
+# Type: Khronos KTX2 texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Based on draft19.
+# Reference: http://github.khronos.org/KTX-Specification/
+
+# Supercompression enum.
+0	name	khronos-ktx2-supercompression
+>0	ulelong	1	BasisLZ
+>0	ulelong	2	Zstandard
+>0	ulelong	3	ZLIB
+
+# Vulkan format identifier.
+# NOTE: Formats prohibited from KTX2 are commented out.
+0	name	khronos-ktx2-vkFormat
+>0	ulelong	0	UNDEFINED
+>0	ulelong	1	R4G4_UNORM_PACK8
+>0	ulelong	2	R4G4B4A4_UNORM_PACK16
+>0	ulelong	3	B4G4R4A4_UNORM_PACK16
+>0	ulelong	4	R5G6B5_UNORM_PACK16
+>0	ulelong	5	B5G6R5_UNORM_PACK16
+>0	ulelong	6	R5G5B5A1_UNORM_PACK16
+>0	ulelong	7	B5G5R5A1_UNORM_PACK16
+>0	ulelong	8	A1R5G5B5_UNORM_PACK16
+>0	ulelong	9	R8_UNORM
+>0	ulelong	10	R8_SNORM
+#>0	ulelong	11	R8_USCALED
+#>0	ulelong	12	R8_SSCALED
+>0	ulelong	13	R8_UINT
+>0	ulelong	14	R8_SINT
+>0	ulelong	15	R8_SRGB
+>0	ulelong	16	R8G8_UNORM
+>0	ulelong	17	R8G8_SNORM
+#>0	ulelong	18	R8G8_USCALED
+#>0	ulelong	19	R8G8_SSCALED
+>0	ulelong	20	R8G8_UINT
+>0	ulelong	21	R8G8_SINT
+>0	ulelong	22	R8G8_SRGB
+>0	ulelong	23	R8G8B8_UNORM
+>0	ulelong	24	R8G8B8_SNORM
+#>0	ulelong	25	R8G8B8_USCALED
+#>0	ulelong	26	R8G8B8_SSCALED
+>0	ulelong	27	R8G8B8_UINT
+>0	ulelong	28	R8G8B8_SINT
+>0	ulelong	29	R8G8B8_SRGB
+>0	ulelong	30	B8G8R8_UNORM
+>0	ulelong	31	B8G8R8_SNORM
+#>0	ulelong	32	B8G8R8_USCALED
+#>0	ulelong	33	B8G8R8_SSCALED
+>0	ulelong	34	B8G8R8_UINT
+>0	ulelong	35	B8G8R8_SINT
+>0	ulelong	36	B8G8R8_SRGB
+>0	ulelong	37	R8G8B8A8_UNORM
+>0	ulelong	38	R8G8B8A8_SNORM
+#>0	ulelong	39	R8G8B8A8_USCALED
+#>0	ulelong	40	R8G8B8A8_SSCALED
+>0	ulelong	41	R8G8B8A8_UINT
+>0	ulelong	42	R8G8B8A8_SINT
+>0	ulelong	43	R8G8B8A8_SRGB
+>0	ulelong	44	B8G8R8A8_UNORM
+>0	ulelong	45	B8G8R8A8_SNORM
+#>0	ulelong	46	B8G8R8A8_USCALED
+#>0	ulelong	47	B8G8R8A8_SSCALED
+>0	ulelong	48	B8G8R8A8_UINT
+>0	ulelong	49	B8G8R8A8_SINT
+>0	ulelong	50	B8G8R8A8_SRGB
+#>0	ulelong	51	A8B8G8R8_UNORM_PACK32
+#>0	ulelong	52	A8B8G8R8_SNORM_PACK32
+#>0	ulelong	53	A8B8G8R8_USCALED_PACK32
+#>0	ulelong	54	A8B8G8R8_SSCALED_PACK32
+#>0	ulelong	55	A8B8G8R8_UINT_PACK32
+#>0	ulelong	56	A8B8G8R8_SINT_PACK32
+#>0	ulelong	57	A8B8G8R8_SRGB_PACK32
+>0	ulelong	58	A2R10G10B10_UNORM_PACK32
+>0	ulelong	59	A2R10G10B10_SNORM_PACK32
+#>0	ulelong	60	A2R10G10B10_USCALED_PACK32
+#>0	ulelong	61	A2R10G10B10_SSCALED_PACK32
+>0	ulelong	62	A2R10G10B10_UINT_PACK32
+>0	ulelong	63	A2R10G10B10_SINT_PACK32
+>0	ulelong	64	A2B10G10R10_UNORM_PACK32
+>0	ulelong	65	A2B10G10R10_SNORM_PACK32
+#>0	ulelong	66	A2B10G10R10_USCALED_PACK32
+#>0	ulelong	67	A2B10G10R10_SSCALED_PACK32
+>0	ulelong	68	A2B10G10R10_UINT_PACK32
+>0	ulelong	69	A2B10G10R10_SINT_PACK32
+>0	ulelong	70	R16_UNORM
+>0	ulelong	71	R16_SNORM
+#>0	ulelong	72	R16_USCALED
+#>0	ulelong	73	R16_SSCALED
+>0	ulelong	74	R16_UINT
+>0	ulelong	75	R16_SINT
+>0	ulelong	76	R16_SFLOAT
+>0	ulelong	77	R16G16_UNORM
+>0	ulelong	78	R16G16_SNORM
+#>0	ulelong	79	R16G16_USCALED
+#>0	ulelong	80	R16G16_SSCALED
+>0	ulelong	81	R16G16_UINT
+>0	ulelong	82	R16G16_SINT
+>0	ulelong	83	R16G16_SFLOAT
+>0	ulelong	84	R16G16B16_UNORM
+>0	ulelong	85	R16G16B16_SNORM
+#>0	ulelong	86	R16G16B16_USCALED
+#>0	ulelong	87	R16G16B16_SSCALED
+>0	ulelong	88	R16G16B16_UINT
+>0	ulelong	89	R16G16B16_SINT
+>0	ulelong	90	R16G16B16_SFLOAT
+>0	ulelong	91	R16G16B16A16_UNORM
+>0	ulelong	92	R16G16B16A16_SNORM
+#>0	ulelong	93	R16G16B16A16_USCALED
+#>0	ulelong	94	R16G16B16A16_SSCALED
+>0	ulelong	95	R16G16B16A16_UINT
+>0	ulelong	96	R16G16B16A16_SINT
+>0	ulelong	97	R16G16B16A16_SFLOAT
+>0	ulelong	98	R32_UINT
+>0	ulelong	99	R32_SINT
+>0	ulelong	100	R32_SFLOAT
+>0	ulelong	101	R32G32_UINT
+>0	ulelong	102	R32G32_SINT
+>0	ulelong	103	R32G32_SFLOAT
+>0	ulelong	104	R32G32B32_UINT
+>0	ulelong	105	R32G32B32_SINT
+>0	ulelong	106	R32G32B32_SFLOAT
+>0	ulelong	107	R32G32B32A32_UINT
+>0	ulelong	108	R32G32B32A32_SINT
+>0	ulelong	109	R32G32B32A32_SFLOAT
+>0	ulelong	110	R64_UINT
+>0	ulelong	111	R64_SINT
+>0	ulelong	112	R64_SFLOAT
+>0	ulelong	113	R64G64_UINT
+>0	ulelong	114	R64G64_SINT
+>0	ulelong	115	R64G64_SFLOAT
+>0	ulelong	116	R64G64B64_UINT
+>0	ulelong	117	R64G64B64_SINT
+>0	ulelong	118	R64G64B64_SFLOAT
+>0	ulelong	119	R64G64B64A64_UINT
+>0	ulelong	120	R64G64B64A64_SINT
+>0	ulelong	121	R64G64B64A64_SFLOAT
+>0	ulelong	122	B10G11R11_UFLOAT_PACK32
+>0	ulelong	123	E5B9G9R9_UFLOAT_PACK32
+>0	ulelong	124	D16_UNORM
+>0	ulelong	125	X8_D24_UNORM_PACK32
+>0	ulelong	126	D32_SFLOAT
+>0	ulelong	127	S8_UINT
+>0	ulelong	128	D16_UNORM_S8_UINT
+>0	ulelong	129	D24_UNORM_S8_UINT
+>0	ulelong	130	D32_SFLOAT_S8_UINT
+
+>0	ulelong	131	BC1_RGB_UNORM_BLOCK
+>0	ulelong	132	BC1_RGB_SRGB_BLOCK
+>0	ulelong	133	BC1_RGBA_UNORM_BLOCK
+>0	ulelong	134	BC1_RGBA_SRGB_BLOCK
+>0	ulelong	135	BC2_UNORM_BLOCK
+>0	ulelong	136	BC2_SRGB_BLOCK
+>0	ulelong	137	BC3_UNORM_BLOCK
+>0	ulelong	138	BC3_SRGB_BLOCK
+>0	ulelong	139	BC4_UNORM_BLOCK
+>0	ulelong	140	BC4_SNORM_BLOCK
+>0	ulelong	141	BC5_UNORM_BLOCK
+>0	ulelong	142	BC5_SNORM_BLOCK
+>0	ulelong	143	BC6H_UFLOAT_BLOCK
+>0	ulelong	144	BC6H_SFLOAT_BLOCK
+>0	ulelong	145	BC7_UNORM_BLOCK
+>0	ulelong	146	BC7_SRGB_BLOCK
+
+>0	ulelong	147	ETC2_R8G8B8_UNORM_BLOCK
+>0	ulelong	148	ETC2_R8G8B8_SRGB_BLOCK
+>0	ulelong	149	ETC2_R8G8B8A1_UNORM_BLOCK
+>0	ulelong	150	ETC2_R8G8B8A1_SRGB_BLOCK
+>0	ulelong	151	ETC2_R8G8B8A8_UNORM_BLOCK
+>0	ulelong	152	ETC2_R8G8B8A8_SRGB_BLOCK
+
+>0	ulelong	153	EAC_R11_UNORM_BLOCK
+>0	ulelong	154	EAC_R11_SNORM_BLOCK
+>0	ulelong	155	EAC_R11G11_UNORM_BLOCK
+>0	ulelong	156	EAC_R11G11_SNORM_BLOCK
+
+>0	ulelong	157	ASTC_4x4_UNORM_BLOCK
+>0	ulelong	158	ASTC_4x4_SRGB_BLOCK
+>0	ulelong	159	ASTC_5x4_UNORM_BLOCK
+>0	ulelong	160	ASTC_5x4_SRGB_BLOCK
+>0	ulelong	161	ASTC_5x5_UNORM_BLOCK
+>0	ulelong	162	ASTC_5x5_SRGB_BLOCK
+>0	ulelong	163	ASTC_6x5_UNORM_BLOCK
+>0	ulelong	164	ASTC_6x5_SRGB_BLOCK
+>0	ulelong	165	ASTC_6x6_UNORM_BLOCK
+>0	ulelong	166	ASTC_6x6_SRGB_BLOCK
+>0	ulelong	167	ASTC_8x5_UNORM_BLOCK
+>0	ulelong	168	ASTC_8x5_SRGB_BLOCK
+>0	ulelong	169	ASTC_8x6_UNORM_BLOCK
+>0	ulelong	170	ASTC_8x6_SRGB_BLOCK
+>0	ulelong	171	ASTC_8x8_UNORM_BLOCK
+>0	ulelong	172	ASTC_8x8_SRGB_BLOCK
+>0	ulelong	173	ASTC_10x5_UNORM_BLOCK
+>0	ulelong	174	ASTC_10x5_SRGB_BLOCK
+>0	ulelong	175	ASTC_10x6_UNORM_BLOCK
+>0	ulelong	176	ASTC_10x6_SRGB_BLOCK
+>0	ulelong	177	ASTC_10x8_UNORM_BLOCK
+>0	ulelong	178	ASTC_10x8_SRGB_BLOCK
+>0	ulelong	179	ASTC_10x10_UNORM_BLOCK
+>0	ulelong	180	ASTC_10x10_SRGB_BLOCK
+>0	ulelong	181	ASTC_12x10_UNORM_BLOCK
+>0	ulelong	182	ASTC_12x10_SRGB_BLOCK
+>0	ulelong	183	ASTC_12x12_UNORM_BLOCK
+>0	ulelong	184	ASTC_12x12_SRGB_BLOCK
+
+>0	ulelong	1000156000	G8B8G8R8_422_UNORM
+>0	ulelong	1000156001	B8G8R8G8_422_UNORM
+>0	ulelong	1000156002	G8_B8_R8_3PLANE_420_UNORM
+>0	ulelong	1000156003	G8_B8R8_2PLANE_420_UNORM
+>0	ulelong	1000156004	G8_B8_R8_3PLANE_422_UNORM
+>0	ulelong	1000156005	G8_B8R8_2PLANE_422_UNORM
+>0	ulelong	1000156006	G8_B8_R8_3PLANE_444_UNORM
+>0	ulelong	1000156007	R10X6_UNORM_PACK16
+>0	ulelong	1000156008	R10X6G10X6_UNORM_2PACK16
+>0	ulelong	1000156009	R10X6G10X6B10X6A10X6_UNORM_4PACK16
+>0	ulelong	1000156010	G10X6B10X6G10X6R10X6_422_UNORM_4PACK16
+>0	ulelong	1000156011	B10X6G10X6R10X6G10X6_422_UNORM_4PACK16
+>0	ulelong	1000156012	G10X6_B10X6_R10X6_3PLANE_420_UNORM_3PACK16
+>0	ulelong	1000156013	G10X6_B10X6R10X6_2PLANE_420_UNORM_3PACK16
+>0	ulelong	1000156014	G10X6_B10X6_R10X6_3PLANE_422_UNORM_3PACK16
+>0	ulelong	1000156015	G10X6_B10X6R10X6_2PLANE_422_UNORM_3PACK16
+>0	ulelong	1000156016	G10X6_B10X6_R10X6_3PLANE_444_UNORM_3PACK16
+>0	ulelong	1000156017	R12X4_UNORM_PACK16
+>0	ulelong	1000156018	R12X4G12X4_UNORM_2PACK16
+>0	ulelong	1000156019	R12X4G12X4B12X4A12X4_UNORM_4PACK16
+>0	ulelong	1000156020	G12X4B12X4G12X4R12X4_422_UNORM_4PACK16
+>0	ulelong	1000156021	B12X4G12X4R12X4G12X4_422_UNORM_4PACK16
+>0	ulelong	1000156022	G12X4_B12X4_R12X4_3PLANE_420_UNORM_3PACK16
+>0	ulelong	1000156023	G12X4_B12X4R12X4_2PLANE_420_UNORM_3PACK16
+>0	ulelong	1000156024	G12X4_B12X4_R12X4_3PLANE_422_UNORM_3PACK16
+>0	ulelong	1000156025	G12X4_B12X4R12X4_2PLANE_422_UNORM_3PACK16
+>0	ulelong	1000156026	G12X4_B12X4_R12X4_3PLANE_444_UNORM_3PACK16
+>0	ulelong	1000156027	G16B16G16R16_422_UNORM
+>0	ulelong	1000156028	B16G16R16G16_422_UNORM
+>0	ulelong	1000156029	G16_B16_R16_3PLANE_420_UNORM
+>0	ulelong	1000156030	G16_B16R16_2PLANE_420_UNORM
+>0	ulelong	1000156031	G16_B16_R16_3PLANE_422_UNORM
+>0	ulelong	1000156032	G16_B16R16_2PLANE_422_UNORM
+>0	ulelong	1000156033	G16_B16_R16_3PLANE_444_UNORM
+
+>0	ulelong	1000054000	PVRTC1_2BPP_UNORM_BLOCK_IMG
+>0	ulelong	1000054001	PVRTC1_4BPP_UNORM_BLOCK_IMG
+>0	ulelong	1000054002	PVRTC2_2BPP_UNORM_BLOCK_IMG
+>0	ulelong	1000054003	PVRTC2_4BPP_UNORM_BLOCK_IMG
+>0	ulelong	1000054004	PVRTC1_2BPP_SRGB_BLOCK_IMG
+>0	ulelong	1000054005	PVRTC1_4BPP_SRGB_BLOCK_IMG
+>0	ulelong	1000054006	PVRTC2_2BPP_SRGB_BLOCK_IMG
+>0	ulelong	1000054007	PVRTC2_4BPP_SRGB_BLOCK_IMG
+
+>0	ulelong	1000066000	ASTC_4x4_SFLOAT_BLOCK_EXT
+>0	ulelong	1000066001	ASTC_5x4_SFLOAT_BLOCK_EXT
+>0	ulelong	1000066002	ASTC_5x5_SFLOAT_BLOCK_EXT
+>0	ulelong	1000066003	ASTC_6x5_SFLOAT_BLOCK_EXT
+>0	ulelong	1000066004	ASTC_6x6_SFLOAT_BLOCK_EXT
+>0	ulelong	1000066005	ASTC_8x5_SFLOAT_BLOCK_EXT
+>0	ulelong	1000066006	ASTC_8x6_SFLOAT_BLOCK_EXT
+>0	ulelong	1000066007	ASTC_8x8_SFLOAT_BLOCK_EXT
+>0	ulelong	1000066008	ASTC_10x5_SFLOAT_BLOCK_EXT
+>0	ulelong	1000066009	ASTC_10x6_SFLOAT_BLOCK_EXT
+>0	ulelong	1000066010	ASTC_10x8_SFLOAT_BLOCK_EXT
+>0	ulelong	1000066011	ASTC_10x10_SFLOAT_BLOCK_EXT
+>0	ulelong	1000066012	ASTC_12x10_SFLOAT_BLOCK_EXT
+>0	ulelong	1000066013	ASTC_12x12_SFLOAT_BLOCK_EXT
+
+# Main KTX2 header.
+0	string	\xABKTX\ 20\xBB\r\n\x1A\n	Khronos KTX2 texture
+>20	ulelong	x	\b, %u
+>24	ulelong	>1	x %u
+>28	ulelong	>1	x %u
+>32	ulelong	>1	\b, %u layers
+>36	ulelong	>1	\b, %u faces
+>40	ulelong	>1	\b, %u mipmaps
+>44	ulelong	>0	\b,
+>>44	use	khronos-ktx2-supercompression
+>12	ulelong	>0	\b,
+>>12	use	khronos-ktx2-vkFormat
+
+# Type: Valve VTF texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://developer.valvesoftware.com/wiki/Valve_Texture_Format
+
+# VTF image formats.
+0	name	vtf-image-format
+>0	ulelong	0	RGBA8888
+>0	ulelong	1	ABGR8888
+>0	ulelong	2	RGB888
+>0	ulelong	3	BGR888
+>0	ulelong	4	RGB565
+>0	ulelong	5	I8
+>0	ulelong	6	IA88
+>0	ulelong	7	P8
+>0	ulelong	8	A8
+>0	ulelong	9	RGB888 (bluescreen)
+>0	ulelong	10	BGR888 (bluescreen)
+>0	ulelong	11	ARGB8888
+>0	ulelong	12	BGRA8888
+>0	ulelong	13	DXT1
+>0	ulelong	14	DXT3
+>0	ulelong	15	DXT5
+>0	ulelong	16	BGRx8888
+>0	ulelong	17	BGR565
+>0	ulelong	18	BGRx5551
+>0	ulelong	19	BGRA4444
+>0	ulelong	20	DXT1+A1
+>0	ulelong	21	BGRA5551
+>0	ulelong	22	UV88
+>0	ulelong	23	UVWQ8888
+>0	ulelong	24	RGBA16161616F
+>0	ulelong	25	RGBA16161616
+>0	ulelong	26	UVLX8888
+
+# Main VTF header.
+0	string	VTF\0				Valve Texture Format
+>4	ulelong	x				v%u
+>8	ulelong	x				\b.%u
+>0x10	uleshort	x				\b, %u
+>0x12	uleshort	>1				x %u
+>4	lequad	0x0000000700000002
+>>0x3F	uleshort	>1				x %u
+>0x18	uleshort	>1				\b, %u frames
+>0x38	ubyte	x				\b, mipmaps: %u
+>0x34	ulelong	>-1				\b,
+>>0x34	use	vtf-image-format
+
+# Type: Valve VTF3 (PS3) texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+0	string		VTF3	Valve Texture Format (PS3)
+>0x14	ubeshort		x	\b, %u
+>0x16	ubeshort		x	\b x %u
+>0x10	ubelong&0x2000	0	\b, DXT1
+>0x10	ubelong&0x2000	0x2000	\b, DXT5
+
+# Type: ASTC texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://stackoverflow.com/questions/22600678/determine-internal-format-of-given-astc-compressed-image-through-its-header
+# - https://stackoverflow.com/a/22682244
+0	ulelong	0x5ca1ab13			ASTC
+>4	ubyte	x				%u
+>5	ubyte	x				\bx%u
+>6	ubyte	>1				\bx%u
+# X, Y, and Z dimensions are stored as 24-bit LE.
+# Pretend it's 32-bit and mask off the high byte.
+>7	ulelong&0x00FFFFFF	x		texture, %u
+>10	ulelong&0x00FFFFFF	x		x %u
+>13	ulelong&0x00FFFFFF	>1		x %u
+
+# Zebra Metafile graphic
+# http://www.fileformat.info/format/zbr/egff.htm
+0	ubeshort	0x9a02	Zebra Metafile graphic
+>2	uleshort 1	(version 1.x)
+>2	uleshort	2	(version 1.1x or 1.2x)
+>2	uleshort	3	(version 1.49)
+>2	uleshort	4	(version 1.50)
+>4	string	x	(comment = %s)
+
+# Microsoft Paint graphic
+# http://www.fileformat.info/format/mspaint/egff.htm
+0	string	DanM 	icrosoft Paint image data (version 1.x)
+>4	uleshort	x	(%d
+>>6	uleshort	x	x %d)
+0	string	LinS 	Microsoft Paint image data (version 2.0)
+>4	uleshort	x	(%d
+>>6	uleshort	x	x %d)
+
+# reMarkable tablet internal file format (https://www.remarkable.com/)
+# https://github.com/ax3l/lines-are-beautiful
+# https://plasma.ninja/blog/devices/remarkable/binary/format/2017/12/26/\
+#	reMarkable-lines-file-format.html#what-to-do-next
+# from Axel Huebl
+0		string	reMarkable
+>11		string	lines
+>>17		string	with
+>>>22		string	selections
+>>>>33		string	and
+>>>>>37		string	layers
+>>>>>>43	ulelong	x	reMarkable tablet notebook lines, 1404 x 1872, %x page(s)
+
+# newer per-page files for the reMarkable
+0		string	reMarkable
+>11		string	.lines
+>>18		string	file,
+>>>24		string	version=
+>>>>32		ubyte	x	reMarkable tablet page (v%c), 1404 x 1872,
+>>>>>43		ulelong	x	%d layer(s)
+
+# Type: PVR3 texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - http://cdn.imgtec.com/sdk-documentation/PVR+File+Format.Specification.pdf
+
+# PVR3 pixel formats.
+0	name		pvr3-pixel-format
+>0	ulelong	0	PVRTC 2bpp RGB
+>0	ulelong	1	PVRTC 2bpp RGBA
+>0	ulelong	2	PVRTC 4bpp RGB
+>0	ulelong	3	PVRTC 4bpp RGBA
+>0	ulelong	4	PVRTC-II 2bpp
+>0	ulelong	5	PVRTC-II 4bpp
+>0	ulelong	6	ETC1
+>0	ulelong	7	DXT1
+>0	ulelong	8	DXT2
+>0	ulelong	9	DXT3
+>0	ulelong	10	DXT4
+>0	ulelong	11	DXT5
+>0	ulelong	12	BC4
+>0	ulelong	13	BC5
+>0	ulelong	14	BC6
+>0	ulelong	15	BC7
+>0	ulelong	16	UYVY
+>0	ulelong	17	YUY2
+>0	ulelong	18	BW1bpp
+>0	ulelong	19	R9G9B9E5 Shared Exponent
+>0	ulelong	20	RGBG8888
+>0	ulelong	21	GRGB8888
+>0	ulelong	22	ETC2 RGB
+>0	ulelong	23	ETC2 RGBA
+>0	ulelong	24	ETC2 RGB A1
+>0	ulelong	25	EAC R11
+>0	ulelong	26	EAC RG11
+>0	ulelong	27	ASTC_4x4
+>0	ulelong	28	ASTC_5x4
+>0	ulelong	29	ASTC_5x5
+>0	ulelong	30	ASTC_6x5
+>0	ulelong	31	ASTC_6x6
+>0	ulelong	32	ASTC_8x5
+>0	ulelong	33	ASTC_8x6
+>0	ulelong	34	ASTC_8x8
+>0	ulelong	35	ASTC_10x5
+>0	ulelong	36	ASTC_10x6
+>0	ulelong	37	ASTC_10x8
+>0	ulelong	38	ASTC_10x10
+>0	ulelong	39	ASTC_12x10
+>0	ulelong	40	ASTC_12x12
+>0	ulelong	41	ASTC_3x3x3
+>0	ulelong	42	ASTC_4x3x3
+>0	ulelong	43	ASTC_4x4x3
+>0	ulelong	44	ASTC_4x4x4
+>0	ulelong	45	ASTC_5x4x4
+>0	ulelong	46	ASTC_5x5x4
+>0	ulelong	47	ASTC_5x5x5
+>0	ulelong	48	ASTC_6x5x5
+>0	ulelong	49	ASTC_6x6x5
+>0	ulelong	50	ASTC_6x6x6
+
+0	string		PVR\x03			PowerVR 3.0 texture:
+>0x18	ulelong		x	%u x
+>0x1C	ulelong		x	%u
+>0x20	ulelong		>1	x %u
+>0x08	ubyte		x	\b,
+>0x0C	ulelong		0
+>>0x08	use	pvr3-pixel-format
+>0x0C	ulelong		!0
+>>0x08	ubyte	!0	%c
+>>>0x0C	ubyte	!0	\b%u
+>>0x09	ubyte	!0	\b%c
+>>>0x0D	ubyte	!0	\b%u
+>>0x0A	ubyte	!0	\b%c
+>>>0x0E	ubyte	!0	\b%u
+>>0x0B	ubyte	!0	\b%c
+>>>0x0F	ubyte	!0	\b%u
+>0x10	ulelong		1	\b, sRGB
+>0x04	ulelong&0x02	0x02	\b, premultiplied alpha
+
+0	string		\x03RVP			PowerVR 3.0 texture: BE,
+>0x18	ubelong		x	%u x
+>0x1C	ubelong		x	%u
+>0x20	ubelong		>1	x %u
+>0x08	ubyte		x	\b,
+>0x0C	ubelong		0
+>>0x08	use	pvr3-pixel-format
+>0x0C	ubelong		!0
+>>0x0B	ubyte	!0	%c
+>>>0x0F	ubyte	!0	\b%u
+>>0x0A	ubyte	!0	\b%c
+>>>0x0E	ubyte	!0	\b%u
+>>0x09	ubyte	!0	\b%c
+>>>0x0D	ubyte	!0	\b%u
+>>0x08	ubyte	!0	\b%c
+>>>0x0C	ubyte	!0	\b%u
+>0x10	ubelong		1	\b, sRGB
+>0x04	ubelong&0x02	0x02	\b, premultiplied alpha
+
+# Type: Microsoft Xbox XPR0 texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://github.com/Cxbx-Reloaded/Cxbx-Reloaded/blob/develop/src/core/hle/D3D8/XbD3D8Types.h
+
+# XPR pixel formats.
+0	name	xbox-xpr-pixel-format
+>0	ubyte	0x00	L8
+>0	ubyte	0x01	AL8
+>0	ubyte	0x02	ARGB1555
+>0	ubyte	0x03	RGB555
+>0	ubyte	0x04	ARGB4444
+>0	ubyte	0x05	RGB565
+>0	ubyte	0x06	ARGB8888
+>0	ubyte	0x07	xRGB8888
+>0	ubyte	0x0B	P8
+>0	ubyte	0x0C	DXT1
+>0	ubyte	0x0E	DXT2
+>0	ubyte	0x0F	DXT4
+>0	ubyte	0x10	Linear ARGB1555
+>0	ubyte	0x11	Linear RGB565
+>0	ubyte	0x12	Linear ARGB8888
+>0	ubyte	0x13	Linear L8
+>0	ubyte	0x16	Linear R8B8
+>0	ubyte	0x17	Linear G8B8
+>0	ubyte	0x19	A8
+>0	ubyte	0x1A	A8L8
+>0	ubyte	0x1B	Linear AL8
+>0	ubyte	0x1C	Linear RGB555
+>0	ubyte	0x1D	Linear ARGB4444
+>0	ubyte	0x1E	Linear xRGB8888
+>0	ubyte	0x1F	Linear A8
+>0	ubyte	0x20	Linear A8L8
+>0	ubyte	0x24	YUY2
+>0	ubyte	0x25	UYVY
+>0	ubyte	0x27	L6V5U5
+>0	ubyte	0x28	V8U8
+>0	ubyte	0x29	R8B8
+>0	ubyte	0x2A	D24S8
+>0	ubyte	0x2B	F24S8
+>0	ubyte	0x2C	D16
+>0	ubyte	0x2D	F16
+>0	ubyte	0x2E	Linear D24S8
+>0	ubyte	0x2F	Linear F24S8
+>0	ubyte	0x30	Linear D16
+>0	ubyte	0x31	Linear F16
+>0	ubyte	0x32	L16
+>0	ubyte	0x33	V16U16
+>0	ubyte	0x35	Linear L16
+>0	ubyte	0x36	Linear V16U16
+>0	ubyte	0x37	Linear L6V5U5
+>0	ubyte	0x38	RGBA5551
+>0	ubyte	0x39	RGBA4444
+>0	ubyte	0x3A	QWVU8888
+>0	ubyte	0x3B	BGRA8888
+>0	ubyte	0x3C	RGBA8888
+>0	ubyte	0x3D	Linear RGBA5551
+>0	ubyte	0x3E	Linear RGBA4444
+>0	ubyte	0x3F	Linear ABGR8888
+>0	ubyte	0x40	Linear BGRA8888
+>0	ubyte	0x41	Linear RGBA8888
+>0	ubyte	0x64	Vertex Data
+
+0	string		XPR0	Microsoft Xbox XPR0 texture
+>0x19	ubyte	x	\b, format:
+>>0x19	use	xbox-xpr-pixel-format
+
+# ILDA Image Data Transfer Format
+# https://www.ilda.com/resources/StandardsDocs/ILDA_IDTF14_rev011.pdf
+#
+# Updated by Chuck Hein (laser@geekdude.com)
+#
+0	string		ILDA	ILDA Image Data Transfer Format
+>7	ubyte		0x00	3D Coordinates with Indexed Color
+>7	ubyte		0x01	2D Coordinates with Indexed Color
+>7	ubyte		0x02	Color Palette
+>7	ubyte		0x04	3D Coordinates with True Color
+>7	ubyte		0x05	2D Coordinates with True Color
+>8	string		>0	\b, palette %s
+>16	string		>0	\b, company %s
+>24	ubeshort	>0	\b, number of records %d
+>>26	ubeshort	x	\b, palette number %d
+>>28	ubeshort	>0	\b, number of frames %d
+>>30	ubyte		>0	\b, projector number %d
+
+# Dropbox "lepton" compressed jpeg format
+# https://github.com/dropbox/lepton
+0	ubelong&0xfffff0ff	0xcf84005a	Lepton image file
+>2	ubyte			x		(version %d)
+
+# Apple QuickTake camera raw images
+# https://en.wikipedia.org/wiki/Apple_QuickTake
+# dcraw can decode them
+0	name quicktake
+>4	ubelong		8
+>>544	ubeshort	x	\b, %dx
+>>546	ubeshort	x	\b%d
+>4	ubelong		4
+>>546	ubeshort	x	\b, %dx
+>>544	ubeshort	x	\b%d
+
+0	string	qktk	Apple QuickTake 100 Raw Image
+>0	use quicktake
+
+0	string	qktn
+>4	ubyte	0	Apple QuickTake 150 Raw Image
+>4	ubyte	>0	Apple QuickTake 200 Raw Image
+>0	use quicktake
+
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Corel_Photo-Paint_image
+# Reference:	http://blog.argasinski.eu/wp-content/uploads/2011/08/cpt-specification-0.01.pdf
+0	string	CPT
+>4	string	FILE		Corel Photo-Paint image, version
+# version like 7, 9 or 8
+>>3	ubyte	x		%c,
+!:mime	image/x-corel-cpt
+!:ext	cpt
+# if blocks_array_offset available jump blockNumber*8 bytes 
+>>0x34	ulelong		>0
+>>>(0x28.l*8)	ubyte	x
+# jump additional stored blocks_array_offset bytes forward to object block
+>>>>&(0x34.l-1) ulelong x	%u
+# object height in pixels
+>>>>>&0		ulelong	x	x %u
+# if no blocks_array_offset available jump blockNumber*8 bytes
+>>0x34	ulelong		=0
+>>>(0x28.l*8)	ubyte	x
+# jump additional 0x13C bytes forward to object block
+>>>>&0x13B	ulelong x	%u
+>>>>>&0	ulelong		x	x %u
+# image color model used
+>>0x8	ulelong	x
+>>>0x8	ulelong	0x1		RGB 24 bits
+>>>0x8	ulelong	0x3		CMYK 24 bits
+>>>0x8	ulelong	0x5		greyscale 8 bits
+>>>0x8	ulelong	0x6		black and white 1 bit
+>>>0x8	ulelong	0xA		RGB 8 bits
+# palette_length  number of colors * 3 in case of 8-bit RGB paletted image
+# 0 otherwise. Allowed values: 0 or [1..256] * 3
+#>>0xC	ulelong	>0		\b, palette length %u
+>>>>0xC	ulelong/3	<256	\b, %u colors
+>>>0x8	ulelong	0xB		LAB
+>>>0x8	ulelong	0xC		RGB 48 bits
+>>>0x8	ulelong	0xE		greyscale 16 bits
+# this should not happen
+>>>0x8	default	x		color model
+>>>>0x8	ulelong	x		%#x
+# bit 1 in CPT file flags: UCS-2 file comment present
+>>0x31	ubyte		&0x02
+# look for comment marker
+>>>0x100	search/0xc9d	\4\2\0\0
+# UCS-2 file comment
+>>>>&0		lestring16	x	"%s"
+# if no UCS-2 is present show ANSI file comment[112] if available
+>>0x31	ubyte&0x02	=0
+>>>0x3C string		>\0	"%-.112s"
+# reserved seems to be always 0
+#>>0x10	ulelong		>0	\b, reserved1 %u
+# horizontal real dpi = dpi_h * 25.4 / 10**6
+>>0x18	ulelong	x		\b, %u micro dots/mm
+# image vertical DPI in CPT DPI unit
+#>>0x1C	ulelong	x		\b, %u micro dots/mm
+# reserved seems to be always 0
+#>>0x20	ulelong		>0	\b, reserved2 %u
+#>>0x24	ulelong		>0	\b, reserved3 %u
+# blocks_count; number of CPT_Block blocks. Allowed values: > 0
+>>0x28	ulelong		x	\b, %u block
+# plural s
+>>0x28	ulelong		!1	\bs
+# CPT file flags
+# lower byte of CPT file flags: 0x94~CPT9FILE 0x01~often CPT7FILE 0x8C~CPT8FILE
+#>>0x30	ubyte		x	\b, lower flags %#x
+# upper byte of CPT file flags:
+#>>0x31	ubyte		>0	\b, upper flags %#x
+# bit 2 in CPT file flags: unknown
+#>>0x31	ubyte		&0x04	\b, with UNKNOWN
+# bits 3-7 in CPT file flags: unknown, seem to be often 0
+# show unusual flag combinations
+>>0x31	ubyte&0xFC	>0
+>>>0x30	uleshort	x	\b, flags %#4.4x
+# reserved seems to be always 0
+#>>0x32	uleshort	>0	\b, reserved4 %#x
+# blocks_array_offset is always 0 for CPT7 and CPT8 files created by PP7-PP8
+# typical values like: 13Ch 154h 43Ch 4F0h DA8h 
+>>0x34	ulelong	x		\b, array offset %#x
+# reserved seems to be often 0
+>>0x38	ulelong		>0	\b, reserved5 %#x
+# possible next master block
+#>>0x100	ubequad		!0	\b, next block=%#llx...
+# bit 0: ICC profile block present
+>>0x31	ubyte		&0x01	\b, with ICC profile
+# check for characteristic string acsp of color profile for DEBUGGING
+#>>>0x178	string	x	icc=%.4s
+#	display ICC/ICM color profile by ./icc
+#>>>0x154	use		color-profile
+
+# URL:		http://fileformats.archiveteam.org/wiki/CorelDRAW
+#		https://en.wikipedia.org/wiki/CorelDRAW
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/c/cdr-gen.trid.xml
+# Note:		called "CorelDRAW drawing (generic)" by TrID
+#		version til 2 WL-based; from version 3 til 13 handled by ./riff and from 14 zip based handled by ./archive
+0	ubelong&0xFFffF7ff	0x574C6500	Corel Draw Picture
+#!:mime						image/x-coreldraw
+!:mime						application/vnd.corel-draw
+!:ext						cdr
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/c/cdr-corel-10.trid.xml
+# Note:		called "CorelDRAW drawing (v1.0)" by TrID and
+#		"CorelDraw Drawing" with version "1.0" by DROID via PUID fmt/467
+#		only DROID fmt-467-signature-id-726.cdr example
+>2	ubyte			0x65		\b, version 1.0
+#>>4	ubelong			!0x45000000	\b, at 4 %#8.8x
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/c/cdr-corel-20.trid.xml
+# Note:		called "CorelDRAW drawing (v2.0)" by TrID and
+#		"CorelDraw Drawing" with version "2.0" by DROID via PUID fmt/466
+>2	ubyte			0x6D		\b, version 2.0
+# According to DROID 0xed080000 or 0x25050000
+#>>4	ubelong			!0xed080000
+#>>>4	ubelong			!0x25050000	\b, at 4 %#8.8x
+
+# Type: Crunch compressed texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://github.com/BinomialLLC/crunch/blob/44c8402e24441c7524ca364941fd224ab3b971e9/inc/crn_decomp.h#L267
+0	ubelong		0x4878004A	Crunch compressed texture:
+>0x0C	ubeshort	x	%u x
+>0x0E	ubeshort	x	%u
+>0x12	ubyte		0	\b, DXT1
+>0x12	ubyte		1	\b, DXT3
+>0x12	ubyte		2	\b, DXT5
+>0x12	ubyte		3	\b, DXT5 CCxY
+>0x12	ubyte		4	\b, DXT5 xGxR
+>0x12	ubyte		5	\b, DXT5 xGBR
+>0x12	ubyte		6	\b, DXT5 AGBR
+>0x12	ubyte		7	\b, DXn XY
+>0x12	ubyte		8	\b, DXn YX
+>0x12	ubyte		9	\b, DXT5 Alpha
+>0x12	ubyte		10	\b, ETC1
+>0x10	ubyte		>1	\b, %u images
+>0x11	ubyte		>1	\b, %u faces
+# TODO: Flags at 0x13? (ubeshort)
+
+# Type: BasisLZ compressed texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://github.com/BinomialLLC/basis_universal/blob/master/spec/basis_spec.txt
+0	uleshort		0x4273
+>0x04	uleshort		0x4D	BasisLZ
+>>0x02	uleshort		x	v%x compressed texture:
+>>0x14	ubyte			0	ETC1S
+>>0x14	ubyte			1	UASTC 4x4
+>>0x0E	ulelong&0xFFFFFF	>1	\b, %u slices
+>>0x11	ulelong&0xFFFFFF	>1	\b, %u images
+>>0x15	uleshort&0x02		2	\b, Y-flipped
+
+# MIME registration: https://www.iana.org/assignments/media-types/model/e57
+# Sample files: http://www.libe57.org/data.html
+# Reference implementation: http://www.libe57.org/
+# https://www.ri.cmu.edu/pub_files/2011/1/2011-huber-e57-v3.pdf
+0	string		ASTM-E57	ASTM E57 three-dimensional model
+!:mime model/e57
+!:ext e57
+
+# QOI [Quite OK Image Format] images
+# (Horia Mihai David, mihaidavid@posteo.net)
+#
+# QOI format by Dominic Szablewski <http://phoboslab.org/>
+#           <https://qoiformat.org/>
+#
+# Based on spec v1.0 (2022.01.05) <https://qoiformat.org/qoi-specification.pdf>
+
+0	string		qoif	QOI image data
+!:ext qoi
+!:mime image/x-qoi
+# See <https://github.com/phoboslab/qoi/issues/167>
+>4      ubelong		x       %ux
+>8      ubelong		x       \b%u,
+>>13	ubyte		0	s
+>>>12	ubyte		3	\bRGB
+>>>12	ubyte		4	\bRGBA
+>>>12	default		x
+>>>>12	ubyte		x	\b*bad channels %u*
+>>>13	ubyte		0	(linear alpha)
+>>13	ubyte		1
+>>>12	ubyte		3	RGB
+>>>12	ubyte		4	RGBA
+>>>13	ubyte		1	(all channels linear)
+>>13	default		x
+>>>13	ubyte		x	*bad colorspace %u*
+
+
+# Type: Godot 3, 4 texture (pixel format)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+0	name	godot-pixel-format
+>0	ulelong&0xFFFFF	0	L8
+>0	ulelong&0xFFFFF	1	LA8
+>0	ulelong&0xFFFFF	2	R8
+>0	ulelong&0xFFFFF	3	RG8
+>0	ulelong&0xFFFFF	4	RGB8
+>0	ulelong&0xFFFFF	5	RGBA8
+>0	ulelong&0xFFFFF	6	RGBA4444
+>0	ulelong&0xFFFFF	7	RGB565
+>0	ulelong&0xFFFFF	8	RF
+>0	ulelong&0xFFFFF	9	RGF
+>0	ulelong&0xFFFFF	10	RGBF
+>0	ulelong&0xFFFFF	11	RGBAF
+>0	ulelong&0xFFFFF	12	RH
+>0	ulelong&0xFFFFF	13	RGH
+>0	ulelong&0xFFFFF	14	RGBH
+>0	ulelong&0xFFFFF	15	RGBAH
+>0	ulelong&0xFFFFF	16	RGBE9995
+>0	ulelong&0xFFFFF	17	DXT1
+>0	ulelong&0xFFFFF	18	DXT3
+>0	ulelong&0xFFFFF	19	DXT5
+>0	ulelong&0xFFFFF	20	RGTC_R
+>0	ulelong&0xFFFFF	21	RGTC_RG
+>0	ulelong&0xFFFFF	22	BPTC_RGBA
+>0	ulelong&0xFFFFF	23	BPTC_RGBF
+>0	ulelong&0xFFFFF	24	BPTC_RGBFU
+>0	ulelong&0xFFFFF	25	PVRTC1_2
+>0	ulelong&0xFFFFF	26	PVRTC1_2A
+>0	ulelong&0xFFFFF	27	PVRTC1_4
+>0	ulelong&0xFFFFF	28	PVRTC1_4A
+>0	ulelong&0xFFFFF	29	ETC
+>0	ulelong&0xFFFFF	30	ETC2_R11
+>0	ulelong&0xFFFFF	31	ETC2_R11S
+>0	ulelong&0xFFFFF	32	ETC2_RG11
+>0	ulelong&0xFFFFF	33	ETC2_RG11S
+>0	ulelong&0xFFFFF	34	ETC2_RGB8
+>0	ulelong&0xFFFFF	35	ETC2_RGBA8
+>0	ulelong&0xFFFFF	36	ETC2_RGB8A1
+>0	ulelong&0xFFFFF	37	ASTC_8x8
+
+# Type: Godot 3, 4 texture (rescale display, width)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Shows rescale value if it's not a power of 2.
+0	name	godot-rescale-display-w
+>0	uleshort	0
+>0	uleshort	1
+>0	uleshort	2
+>0	uleshort	4
+>0	uleshort	8
+>0	uleshort	16
+>0	uleshort	32
+>0	uleshort	64
+>0	uleshort	128
+>0	uleshort	256
+>0	uleshort	512
+>0	uleshort	1024
+>0	uleshort	2048
+>0	uleshort	4096
+>0	uleshort	8192
+>0	uleshort	16384
+>0	uleshort	32768
+>0	default		x
+>>0	uleshort	x	(rescale to %u x
+
+# Type: Godot 3, 4 texture (rescale display, height)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Shows rescale value if it's not a power of 2.
+0	name	godot-rescale-display-h
+>0	clear	x
+>0	uleshort	0
+>0	uleshort	1
+>0	uleshort	2
+>0	uleshort	4
+>0	uleshort	8
+>0	uleshort	16
+>0	uleshort	32
+>0	uleshort	64
+>0	uleshort	128
+>0	uleshort	256
+>0	uleshort	512
+>0	uleshort	1024
+>0	uleshort	2048
+>0	uleshort	4096
+>0	uleshort	8192
+>0	uleshort	16384
+>0	uleshort	32768
+>0	default		x
+>>0	uleshort	x	%u)
+
+# Type: Godot 3 texture
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://github.com/godotengine/godot/blob/3.3/core/image.h
+# - https://github.com/godotengine/godot/blob/3.3/scene/resources/texture.cpp
+# - https://github.com/godotengine/godot/blob/3.3/scene/resources/texture.h
+# TODO: Don't show "rescale to" if it matches the image size.
+0	string	GDST	Godot 3 texture:
+!:ext	stex
+!:mime	image/x-godot-stex
+>4	uleshort	x	%u x
+>8	uleshort	x	%u
+>6	uleshort	0	\b,
+>6	uleshort	!0
+>>6	use	godot-rescale-display-w
+>>10	use	godot-rescale-display-h
+>>10	uleshort	x	\b,
+>16	ulelong&0x800000	!0		has mipmaps,
+>16	ulelong&0x100000	0x100000	lossless encoding
+>16	ulelong&0x200000	0x200000	lossy encoding
+>16	ulelong&0x300000	0
+>>16	use	godot-pixel-format
+
+# Type: Godot 4 texture
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://github.com/godotengine/godot/blob/master/core/io/image.h
+# - https://github.com/godotengine/godot/blob/master/scene/resources/texture.cpp
+# - https://github.com/godotengine/godot/blob/master/scene/resources/texture.h
+# TODO: Don't show "rescale to" if it matches the image size.
+0	string	GST2	Godot 4 texture
+!:ext	stex
+!:mime	image/x-godot-stex
+>4	ulelong		x	v%u:
+>0x28	uleshort	x	%u x
+>0x2A	uleshort	x	%u
+>8	use	godot-rescale-display-w
+>12	use	godot-rescale-display-h
+>12	uleshort	x	\b,
+>0x2C	ulelong		>1	%u mipmaps,
+>0x30	use	godot-pixel-format
+>0x24	ulelong		1	\b, embedded PNG image
+>0x24	ulelong		2	\b, embedded WebP image
+>0x24	ulelong		3	\b, Basis Universal
+
+# Summary:	iCEDraw graphic *.IDF
+# URL:		http://fileformats.archiveteam.org/wiki/ICEDraw
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/i/idf-icedraw.trid.xml
+# From:		Joerg Jenderek
+# Note:		called "iCEDraw graphic" by TrID, "iCEDraw text" by FFmpeg and "iCE Draw" by Ansilove
+#		verified by FFmpeg command `ffprobe ICE-9605.IDF` and `ansilove -s SQ-FORCE.IDF`
+0	string		\0041.4\0\0\0\0O\0	iCEDraw graphic
+#!:mime	application/octet-stream
+!:mime	image/x-idf
+!:ext	idf
+
+# Type: ColoRIX VGA Paint Image File (.rix/.sci/.scX)
+# From: Eddy Jansson <github.com/eloj>
+# Reference: https://www.fileformat.info/format/rix/spec/
+#
+0	name		rix-header
+>0	uleshort	x	\b, %u x
+>2	uleshort	x	%u
+# palette type:
+# .. if direct color, low bits encode bpp
+>4	ubyte&128	0
+>>4 ubyte&127		x	\b %u bpp (direct color)
+# .. else palette
+>4	ubyte&128	128
+>>4	ubyte&7		0	\b x 2
+>>4	ubyte&7		1	\b x 4
+>>4	ubyte&7		2	\b x 8
+>>4	ubyte&7		3	\b x 16
+>>4	ubyte&7		4	\b x 32
+>>4	ubyte&7		5	\b x 64
+>>4	ubyte&7		6	\b x 128
+>>4	ubyte&7		7	\b x 256
+# storage type
+#>5	ubyte&15	0	\b, Linear
+>5	ubyte&15	1	\b, Planar (0213)
+>5	ubyte&15	2	\b, Planar
+>5	ubyte&15	3	\b, Text
+>5	ubyte&15	4	\b, Planar lines
+>5	ubyte&128	128	\b (compressed)
+>5	ubyte&64	64	\b (extension)
+>5	ubyte&32	32	\b (encrypted)
+
+0	string	RIX3	ColoRIX Image
+>4	use		rix-header
+
+0	string	RIX7	ColoRIX Slideshow
+
+# http://fileformats.archiveteam.org/wiki/PaperPort_(MAX)
+0	string 	ViG	Visioneer PaperPort
+>3	string	Ae	2
+>3	string	Be	2
+>3	string	Cj	3-4
+>3	string	Em	5-7
+>3	string	Fk	8-12
+>3	default	x	MAX
diff --git a/magic/Magdir/inform b/magic/Magdir/inform
new file mode 100644
index 0000000..fe518ec
--- /dev/null
+++ b/magic/Magdir/inform
@@ -0,0 +1,9 @@
+
+#------------------------------------------------------------------------------
+# $File: inform,v 1.5 2009/09/19 16:28:09 christos Exp $
+# inform:  file(1) magic for Inform interactive fiction language
+
+# URL:  http://www.inform-fiction.org/
+# From: Reuben Thomas <rrt@sc3d.org>
+
+0	search/100/cW	constant\ story		Inform source text
diff --git a/magic/Magdir/intel b/magic/Magdir/intel
new file mode 100644
index 0000000..5177fea
--- /dev/null
+++ b/magic/Magdir/intel
@@ -0,0 +1,310 @@
+
+#------------------------------------------------------------------------------
+# $File: intel,v 1.23 2022/10/31 13:22:26 christos Exp $
+# intel:  file(1) magic for x86 Unix
+#
+# Various flavors of x86 UNIX executable/object (other than Xenix, which
+# is in "microsoft").  DOS is in "msdos"; the ambitious soul can do
+# Windows as well.
+#
+# Windows NT belongs elsewhere, as you need x86 and MIPS and Alpha and
+# whatever comes next (HP-PA Hummingbird?).  OS/2 may also go elsewhere
+# as well, if, as, and when IBM makes it portable.
+#
+# The `versions' should be un-commented if they work for you.
+# (Was the problem just one of endianness?)
+#
+0	leshort		0502		basic-16 executable
+>12	lelong		>0		not stripped
+#>22	leshort		>0		- version %d
+0	leshort		0503		basic-16 executable (TV)
+>12	lelong		>0		not stripped
+#>22	leshort		>0		- version %d
+0	leshort		0510		x86 executable
+>12	lelong		>0		not stripped
+0	leshort		0511		x86 executable (TV)
+>12	lelong		>0		not stripped
+0	leshort		=0512		iAPX 286 executable small model (COFF)
+>12	lelong		>0		not stripped
+#>22	leshort		>0		- version %d
+0	leshort		=0522		iAPX 286 executable large model (COFF)
+>12	lelong		>0		not stripped
+#>22	leshort		>0		- version %d
+# updated by Joerg Jenderek at Oct 2015
+# https://de.wikipedia.org/wiki/Common_Object_File_Format
+# http://www.delorie.com/djgpp/doc/coff/filhdr.html
+# ./msdos (version 5.25) labeled the next entry as "MS Windows COFF Intel 80386 object file"
+# ./intel (version 5.25) label labeled the next entry as "80386 COFF executable"
+# SGI labeled the next entry as "iAPX 386 executable" --Dan Quinlan
+0	leshort		=0514
+# use subroutine to display name+flags+variables for common object formatted files
+>0	use				display-coff
+#>12	lelong		>0		not stripped
+# no hint found, that at offset 22 is version
+#>22	leshort		>0		- version %d
+0	leshort		0x0200
+# no F_EXEC flag bit implies Intel ia64 COFF object file without optional header
+>18	leshort		^0x0002
+# skip some DEGAS high-res uncompressed bitmap *.pi3 handled by ./images like
+# GEMINI03.PI3 MODEM2.PI3 POWERFIX.PI3 sigirl1.pi3 vanna5.pi3
+# by test for valid starting character (often point 0x2E) of 1st section name
+>>20	ubyte		>0x1F
+>>>0	use				display-coff
+# F_EXEC flag bit implies Intel ia64 COFF executable
+>18	leshort		&0x0002
+>>0	use				display-coff
+0	leshort		0x8664
+>0	use				display-coff
+
+# rom: file(1) magic for BIOS ROM Extensions found in intel machines
+#      mapped into memory between 0xC0000 and 0xFFFFF
+# From: Alex Myczko <alex@aiei.ch>
+# updated by Joerg Jenderek
+# https://en.wikipedia.org/wiki/Option_ROM
+# URL:		http://fileformats.archiveteam.org/wiki/BIOS
+# Reference:	http://www.lejabeach.com/sisubb/BIOS_Disassembly_Ninjutsu_Uncovered.pdf
+0	beshort		0x55AA
+# skip misidentified raspberry pi pieeprom-*.bin by check for
+# unlikely high ROM size (0xF0*512=240*512) and not observed start instruction 0x0F 
+>2	ubeshort	!0xF00F
+# skip 2 byte sized eof.bin with start magic 
+>>0	use		rom-x86
+0	name		rom-x86
+>0	beshort		x		BIOS (ia32) ROM Ext.
+#!:mime	application/octet-stream
+!:mime	application/x-ibm-rom
+!:ext	rom/bin
+################################################################################
+# not Plug aNd Play ($PnP) like 00000000 (ide_xtp.bin kvmvapic.bin V7VGA.ROM) 000000fc (MCT-VGA.bin)
+# 55aaf00f (pieeprom-*.bin) 55aa40e9 (Trm3x5.bin) 24506f4f (sgabios-bin.rom)
+# 55aa4be9 (vgabios-stdvga.rom vgabios-cirrus-bin.rom vgabios-vmware-bin.rom)
+>(26.s)	ubelong		!0x24506e50
+#>(26.s)	ubelong		!0x24506e50	NOT PNP=%8.8x
+# also not PCI (PCIR) implies "old" ISA cards or foo like: 8a168404 (MCT-VGA.bin)
+# 55aaf00f (pieeprom*.bin)
+>>(24.s)	ubelong	!0x50434952
+#>>(24.s)	ubelong	!0x50434952	ISA CARD=%8.8x
+# "old" identification strings used in file version 5.41 and earlier
+# probably an USB controller
+>>>5	string		USB		USB
+# probably	https://en.wikipedia.org/wiki/Preboot_Execution_Environment
+>>>7	string		LDR		UNDI image
+# probably another Adaptec SCSI controller
+>>>26	string		Adaptec		Adaptec
+# http://minuszerodegrees.net/rom/bin/adaptec_aha1542cp_bios_908501-00.bin
+# already done by PNP variant
+#>>>28	string		Adaptec		Adaptec
+# probably Promise SCSI controller
+>>>42	string		PROMISE		Promise
+# old test for IBM compatible Video cards; INTERNAL FACTS WHY IS THIS WORKING?
+>30      string          IBM          IBM comp. Video
+# display exact text for IBM compatible Video cards with longer text
+>>33	ubyte		!0
+>>>30	string		x		"%s"
+# http://minuszerodegrees.net/rom/bin/unknown/MCT-VGA-16%20-%20TDVGA%203588%20BIOS%20Version%20V1.04A.zip
+# "IBM COMPATIBLETDVGA 3588 BIOS Version V1.04A2+"	"MCT-VGA-16 - TDVGA 3588 BIOS Version V1.04A.bin" 
+# "IBM VGA Compatible\001"				NVidia44.bin
+# "IBM EGA ROM Video Seven BIOS Code, Version 1.04"	V7VGA.ROM
+# "IBM"							vgabios-stdvga.rom
+# "IBM"							vgabios-vmware-bin.rom:
+# "IBM"							vgabios-cirrus-bin.rom
+# "IBM"							vgabios-virtio-bin.rom
+################################################################################
+# ROM size in 512B blocks must be interpreted as unsigned for ROM of network cards
+# like: efi-eepro100.rom efi-rtl8139.rom pxe-e1000.rom
+>2       ubyte            x            (%u*512)
+# file name		file size	calculated size	remark
+# eof.bin		2		-		with start magic nothing is shown here
+# orchid.bin		188		0	=0*512	on window 95 CD in Drivers\audio\orchid3d
+# multiboot.bin		1024		1024	=2*512	QEMU emulator
+# loader1.bin		512		2048	=4*512
+# ide_xtp.bin		8192		8192	=16*512
+# kvmvapic.bin		9216		9216	=18*512
+# V7VGA.ROM		18832		16384	=32*512
+# adaptec1542.bin	32768		16384	=32*512
+# MCT-VGA.bin		32768		24576	=48*512
+# 2975BIOS.BIN		32768		32256	=63*512
+# efi-e1000.rom		196608		64000	=125*512
+# efi-rtl8139.rom	176640		66048	=129*512
+# pieeprom*.bin		524288		122880	=240*512
+################################################################################
+# initialization vector with executable code; often near JuMP instruction E9 yy zz
+>3	ubyte			=0xE9	jmp
+# jmp offset like: 008fh 0093h 009fh 00afh 0143h 3ad7h 5417h 54ech 594dh 895fh 
+>>4	uleshort		x	%#4.4x
+# for initialization vector samples without 3 byte jump instruction
+>3	ubyte			!0xE9	instruction
+#	eb4b3734h	NVidia44.bin
+#	00003234h	V7VGA.ROM
+#	060e0731h	kvmvapic.bin
+#	cb000000h	linuxboot-bin.rom
+#	e80d0fcbh	PXE-Intel.rom
+#	b8004875h	orchid.bin
+>>3	ubelong			x	%#8.8x
+# For misidentified raspberry pi pieeprom-*.bin like: 0xf00f
+#>2	ubeshort		x	\b, AT 2 %#4.4x
+################################################################################
+#		new sections for BIOS (ia32) ROM Extension
+# 4 bytes ASCII Signature "$PnP" for Plug aNd Play expansion header
+>(26.s)	string		=$PnP		\b;
+#>(26.s)	string		=$PnP		FOUND $PnP
+# at 1Ah possible offset to expansion header structure; new for Plug aNd Play
+>>26		uleshort	x	at %#x PNP
+# Plug and Play vendor+device ID like: 0 0x000f1000 (2975BIOS.BIN) 0x31121095 (4243.bin) 0x04904215 (adaptec1542.bin)
+#>>(26.s+0x0A)	ulelong		!0	NOT-nullID=%8.8x
+>>(26.s+0x0A)	uleshort	!0
+# show PnP Vendor identification in human readable text form instead of numeric
+# For adaptec_ava1515_bios_585201-00.bin reverted endian! BUT IS THIS ALWAYS TRUE?
+>>>(26.s+0x0C)	use		\^PCI-vendor
+>>>(26.s+0x0A)	ubeshort	x	device=%#4.4x
+# 3 byte Device type code; probably the same meaning as in PCI section?
+# OK for	storage controller SCSI		(2975BIOS.BIN adaptec1542.bin)
+# and		network controller ethernet	(efi-e1000.rom efi-rtl8139.rom)
+>>(26.s+0x12)	use		PCI-class
+# structure revision like: 01h
+>>(26.s+4)	ubyte		!1	\b, revision %u
+# PnP Header structure length in multiple of 16 bytes like: 2
+>>(26.s+5)	uleshort	!2	\b, length %u*16
+# offset to next header; 0 if none
+>>(26.s+7)	uleshort	!0	\b, at %#x next header
+# reserved byte; seems to be zero
+>>(26.s+8)	ubyte		!0	\b, reserved %#x
+# 8-bit checksum for this header; calculated and patched by patch2pnprom
+>>(26.s+9)	ubyte		!0	\b, CRC %#x
+# pointer to optional manufacturer string; like: 0 (4243.bin) 59h 5ch 60h c7h 14eh 27ch 296h 324h 3662h
+>>(26.s+0x0E)	uleshort	>0	\b, at %#x
+>>>(26.s+0x0C)	uleshort	x
+# manufacturer ASCII-Z string like "http://ipxe.org" "Plop - Elmar Hanlhofer www.plop.at" "QEMU"
+>>>>(&0.s)	string		x	"%s"
+# pointer to optional product string; like: 0 (2975BIOS.BIN) 6ch 70h 7ch d9h 160h 281h 29bh 329h
+>>(26.s+0x10)	uleshort	>0	\b, at %#x
+>>>(26.s+0x0E)	uleshort	x
+# often human readable product ASCII-Z string like "iPXE" "Plop Boot Manager" 
+# "multiboot loader" "Intel UNDI, PXE-2.0 (build 082)"
+>>>>(&0.s)	string		x	"%s"
+# PnP Device indicators; contains bits that identify the device as being capable of bootable
+#>>(26.s+0x15)	ubyte		x	\b, INDICATORS %#x
+# device is a display device
+>>(26.s+0x15)	ubyte		&0x01	\b, display
+# device is an input device
+>>(26.s+0x15)	ubyte		&0x02	\b, input
+# device is an IPL device
+>>(26.s+0x15)	ubyte		&0x04	\b, IPL
+#>>(26.s+0x15)	ubyte		&0x08	reserved
+# ROM is only required if this device is selected as a boot device
+>>(26.s+0x15)	ubyte		&0x10	\b, bootable
+# indicates ROM is read cacheable
+>>(26.s+0x15)	ubyte		&0x20	\b, cacheable
+# ROM may be shadowed in RAM
+>>(26.s+0x15)	ubyte		&0x40	\b, shadowable
+# ROM supports the device driver initialization model
+>>(26.s+0x15)	ubyte		&0x80	\b, InitialModel
+# boot connection vector; an offset to a routine that hook into INT 9h, INT 10h, or INT 13h
+# 0 means disabled 0x0429 (4650_sr5.bin) 0x0072 (adaptec1542.bin)
+>>(26.s+0x16)	uleshort	!0	\b, boot vector offset %#x
+# disconnect vector; offset to routine that do cleanup from an unsuccessful boot attempt
+>>(26.s+0x18)	uleshort	!0	\b, disconnect offset %#x
+# bootstrap entry point/vector (BEV); offset to a routine (like RPL) that hook into INT 19h
+# 0 means disabled 0x3c (multiboot.bin) 0x358 (efi-rtl8139.rom) 0xae7 (PXE-Intel.rom)
+>>(26.s+0x1A)	uleshort	!0	\b, bootstrap offset %#x
+# 2nd reserved area; seems to be zero
+>>(26.s+0x1C)	uleshort	!0	\b, 2nd reserved %#x
+# static resource information vector; 0 means disabled
+>>(26.s+0x1E)	uleshort	!0	\b, static offset %#4.4x
+################################################################################
+# 4 bytes ASCII Signature "PCIR" for PCI Data Structure
+#>(24.s)	string			=PCIR	FOUND PCIR
+>(24.s)	string			=PCIR	\b;
+# pointer to PCI data structure like: 1Ch 38h 104h 8E44h 
+>>24	uleshort		x	at %#x PCI
+# Vendor identification (ID)		https://pci-ids.ucw.cz/v2.2/pci.ids
+#>>(24.s+4)	uleshort	x	ID=%4.4x
+# show Vendor identification in human readable text form instead of numeric
+>>(24.s+4)	use		PCI-vendor
+# device identification (ID)
+>>(24.s+6)	uleshort	x	device=%#4.4x
+# Base+sub class code			https://wiki.osdev.org/PCI
+>>(24.s+0x0D)	use		PCI-class
+# pointer to vital product data (VPD); 0 indicates no VPD; WHAT EXACTLY iS VPD?
+>>(24.s+8)	uleshort	!0	\b, at %#x VPD
+# PCI data structure length like: 24h 28h
+>>(24.s+0xA)	uleshort	>0x28	\b, length %u
+# PCI data structure revision like: 0 3
+>>(24.s+0xC)	ubyte		>0	\b, revision %u
+# image length (hexadecimal) in multiple of 512 bytes like: 54 56 68 6a 76 78 7c 7d 7e 7f 80 81 83
+# Apparently this gives the same information as given by byte at offset 2 but as 16-bit
+#>>(24.s+0x10)	uleshort	x	\b, length %u*512
+# revision level of code/data like: 0 1 201h 502h
+>>(24.s+0xC)	ubyte		>1	\b, code revision %#x
+# code type: 0~Intel x86/PC-AT compatible 1~Open firmware standard for PCI42 FF~Reserved
+>>(24.s+0x14)	ubyte		>0	\b, code type %#x
+# last image indicator; bit 7 indicates "last image"; bits 0-6 are reserved
+>>(24.s+0x15)	ubyte		>0
+>>>(24.s+0x15)	ubyte		=0x80	\b, last ROM
+# THIS SHOULD NOT HAPPEN!
+>>>(24.s+0x15)	ubyte		!0x80	\b, indicator %x
+# 3rd reserved area; seems to be zero in most cases but not for
+# efi-e1000.rom efi-rtl8139.rom
+>>(24.s+0x16)	ubeshort	!0	\b, 3rd reserved %#x
+
+# Flash descriptors for Intel SPI flash roms.
+# From Dr. Jesus <j@hug.gs>
+0	lelong		0x0ff0a55a	Intel serial flash for ICH/PCH ROM <= 5 or 3400 series A-step
+16	lelong		0x0ff0a55a	Intel serial flash for PCH ROM
+
+# From: 	Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Advanced_Configuration_and_Power_Interface
+# Reference:	https://uefi.org/sites/default/files/resources/ACPI_6_3_final_Jan30.pdf
+# Note:		generated for example by `cat /sys/firmware/acpi/tables/DSDT MyDSDT.aml`
+0	string		DSDT
+>0	use		acpi-table
+# not tested or other file format
+0	string		APIC
+>0	use		acpi-table
+#0	string		ASF!
+#>0	use		acpi-table
+0	string		FACP
+>0	use		acpi-table
+#0	string		FACS
+#>0	use		acpi-table
+0	string		MCFG
+>0	use		acpi-table
+0	string		SLIC
+>0	use		acpi-table
+0	string		SSDT
+>0	use		acpi-table
+0	name		acpi-table
+# skip ASCII text starting with DSDT by looking for valid "low" revision
+>8	ubyte		<17	ACPI Machine Language file
+# assume that ACPI tables size are lower than 16 MiB
+#>4	ulelong		<0x01000000
+# DSDT for Differentiated System Description Table
+>>0	string		x	'%.4s'
+#!:mime	application/octet-stream
+!:mime	application/x-intel-aml
+!:ext	aml
+# the manufacture model ID like: VBOXBIOS BXDSDT
+>>16	string		>\0	%.8s
+# OEM revision of DSDT for supplied OEM Table ID like: 0 1 2 20090511
+>>>24	ulelong		x	%x
+# OEM ID like: INTEL VBOX (VirtualBox) BXDSDT (qemu) MEDION or \030\001\0\0 for s3pt.aml
+>>10	ubyte		>040	by %c
+>>>11		ubyte	>040	\b%c
+>>>>12		ubyte	>040	\b%c
+>>>>>13		ubyte	>040	\b%c
+>>>>>>14	ubyte	>040	\b%c
+>>>>>>>15	ubyte	>040	\b%c
+# This field also sets the global integer width for the AML interpreter.
+# Values less than two will cause the interpreter to use 32-bit.
+# Values of two and greater will cause the interpreter to use full 64-bit.
+# 16 for asf!.aml, 67 fo rsdp.aml
+>>8	ubyte		x	\b, revision %u
+# length, in bytes, of the entire DSDT (including the header)
+>>4	ulelong		x	\b, %u bytes
+# entire table must sum to zero
+#>>9	ubyte		x	\b, checksum %#x
+# vendor ID for the ASL Compiler like: INTL MSFT ...
+>>28	string		>\0	\b, created by %.4s
+# revision number of the ASL Compiler like: 20051117 20140724 20190703 20200110 ...
+>>>32	ulelong		x	%x
+
diff --git a/magic/Magdir/interleaf b/magic/Magdir/interleaf
new file mode 100644
index 0000000..8e3aaf5
--- /dev/null
+++ b/magic/Magdir/interleaf
@@ -0,0 +1,9 @@
+
+#------------------------------------------------------------------------------
+# $File: interleaf,v 1.10 2009/09/19 16:28:10 christos Exp $
+# interleaf:  file(1) magic for InterLeaf TPS:
+#
+0	string		=\210OPS	Interleaf saved data
+0	string		=<!OPS		Interleaf document text
+>5	string		,\ Version\ =	\b, version
+>>17	string		>\0		%.3s
diff --git a/magic/Magdir/island b/magic/Magdir/island
new file mode 100644
index 0000000..f40521a
--- /dev/null
+++ b/magic/Magdir/island
@@ -0,0 +1,10 @@
+
+#------------------------------------------------------------------------------
+# $File: island,v 1.5 2009/09/19 16:28:10 christos Exp $
+# island:  file(1) magic for IslandWite/IslandDraw, from SunOS 5.5.1
+# "/etc/magic":
+# From: guy@netapp.com (Guy Harris)
+#
+4	string		pgscriptver	IslandWrite document
+13	string		DrawFile	IslandDraw document
+
diff --git a/magic/Magdir/ispell b/magic/Magdir/ispell
new file mode 100644
index 0000000..57a6e9e
--- /dev/null
+++ b/magic/Magdir/ispell
@@ -0,0 +1,63 @@
+
+#------------------------------------------------------------------------------
+# $File: ispell,v 1.8 2009/09/19 16:28:10 christos Exp $
+# ispell:  file(1) magic for ispell
+#
+# Ispell 3.0 has a magic of 0x9601 and ispell 3.1 has 0x9602.  This magic
+# will match 0x9600 through 0x9603 in *both* little endian and big endian.
+# (No other current magic entries collide.)
+#
+# Updated by Daniel Quinlan (quinlan@yggdrasil.com)
+#
+0	leshort&0xFFFC	0x9600		little endian ispell
+>0	byte		0		hash file (?),
+>0	byte		1		3.0 hash file,
+>0	byte		2		3.1 hash file,
+>0	byte		3		hash file (?),
+>2	leshort		0x00		8-bit, no capitalization, 26 flags
+>2	leshort		0x01		7-bit, no capitalization, 26 flags
+>2	leshort		0x02		8-bit, capitalization, 26 flags
+>2	leshort		0x03		7-bit, capitalization, 26 flags
+>2	leshort		0x04		8-bit, no capitalization, 52 flags
+>2	leshort		0x05		7-bit, no capitalization, 52 flags
+>2	leshort		0x06		8-bit, capitalization, 52 flags
+>2	leshort		0x07		7-bit, capitalization, 52 flags
+>2	leshort		0x08		8-bit, no capitalization, 128 flags
+>2	leshort		0x09		7-bit, no capitalization, 128 flags
+>2	leshort		0x0A		8-bit, capitalization, 128 flags
+>2	leshort		0x0B		7-bit, capitalization, 128 flags
+>2	leshort		0x0C		8-bit, no capitalization, 256 flags
+>2	leshort		0x0D		7-bit, no capitalization, 256 flags
+>2	leshort		0x0E		8-bit, capitalization, 256 flags
+>2	leshort		0x0F		7-bit, capitalization, 256 flags
+>4	leshort		>0		and %d string characters
+0	beshort&0xFFFC	0x9600		big endian ispell
+>1	byte		0		hash file (?),
+>1	byte		1		3.0 hash file,
+>1	byte		2		3.1 hash file,
+>1	byte		3		hash file (?),
+>2	beshort		0x00		8-bit, no capitalization, 26 flags
+>2	beshort		0x01		7-bit, no capitalization, 26 flags
+>2	beshort		0x02		8-bit, capitalization, 26 flags
+>2	beshort		0x03		7-bit, capitalization, 26 flags
+>2	beshort		0x04		8-bit, no capitalization, 52 flags
+>2	beshort		0x05		7-bit, no capitalization, 52 flags
+>2	beshort		0x06		8-bit, capitalization, 52 flags
+>2	beshort		0x07		7-bit, capitalization, 52 flags
+>2	beshort		0x08		8-bit, no capitalization, 128 flags
+>2	beshort		0x09		7-bit, no capitalization, 128 flags
+>2	beshort		0x0A		8-bit, capitalization, 128 flags
+>2	beshort		0x0B		7-bit, capitalization, 128 flags
+>2	beshort		0x0C		8-bit, no capitalization, 256 flags
+>2	beshort		0x0D		7-bit, no capitalization, 256 flags
+>2	beshort		0x0E		8-bit, capitalization, 256 flags
+>2	beshort		0x0F		7-bit, capitalization, 256 flags
+>4	beshort		>0		and %d string characters
+# ispell 4.0 hash files  kromJx <kromJx@crosswinds.net>
+# Ispell 4.0
+0       string          ISPL            ispell
+>4      long            x               hash file version %d,
+>8      long            x               lexletters %d,
+>12     long            x               lexsize %d,
+>16     long            x               hashsize %d,
+>20     long            x               stblsize %d
diff --git a/magic/Magdir/isz b/magic/Magdir/isz
new file mode 100644
index 0000000..4d9c030
--- /dev/null
+++ b/magic/Magdir/isz
@@ -0,0 +1,15 @@
+
+#------------------------------------------------------------------------------
+# $File: isz,v 1.5 2019/04/19 00:42:27 christos Exp $
+# ISO Zipped file format
+# https://www.ezbsystems.com/isz/iszspec.txt
+0	string	IsZ!	ISO Zipped file
+>4	byte	x	\b, header size %u
+>5	byte	x	\b, version %u
+>8	lelong	x	\b, serial %u
+#12	leshort	x	\b, sector size %u
+#>16	lelong	x	\b, total sectors %u
+>17	byte	>0	\b, password protected
+#>24	lequad	x	\b, segment size %llu
+#>32	lelong	x	\b, blocks %u
+#>36	lelong	x	\b, block size %u
diff --git a/magic/Magdir/java b/magic/Magdir/java
new file mode 100644
index 0000000..d361275
--- /dev/null
+++ b/magic/Magdir/java
@@ -0,0 +1,52 @@
+
+#------------------------------------------------------------
+# $File: java,v 1.22 2023/01/11 23:59:49 christos Exp $
+# Java ByteCode and Mach-O binaries (e.g., Mac OS X) use the
+# same magic number, 0xcafebabe, so they are both handled
+# in the entry called "cafebabe".
+#------------------------------------------------------------
+# Java serialization
+# From Martin Pool (m.pool@pharos.com.au)
+0	beshort		0xaced		Java serialization data
+>2	beshort		>0x0004		\b, version %d
+
+0	belong		0xfeedfeed	Java KeyStore
+!:mime	application/x-java-keystore
+0	belong		0xcececece	Java JCE KeyStore
+!:mime	application/x-java-jce-keystore
+
+# Java source
+0	regex	\^import.*;$	Java source
+!:mime	text/x-java
+
+# Java HPROF dumps
+# https://java.net/downloads/heap-snapshot/hprof-binary-format.html
+0	string		JAVA\x20PROFILE\x201.0.
+>0x12	byte		0
+>>0x11	ubyte-0x31	<2      Java HPROF dump,
+>>>0x17	beqdate/1000	x       created %s
+
+# Java jmod module
+# See https://hg.openjdk.java.net/jdk9/jdk9/jdk/file/tip/src/java.base/share/classes/jdk/internal/jmod/JmodFile.java
+# Grr. 2 byte magic "JM", really? In 2019?
+0	belong		0x4a4d0100	Java jmod module version 1.0
+!:mime	application/x-java-jmod
+
+# Java jlinked image
+# See https://hg.openjdk.java.net/jdk9/jdk9/jdk/file/tip/src/java.base/share/native/libjimage/imageFile.hpp
+0	belong	0xcafedada	Java module image (big endian)
+>4	beshort	>0x00	\b, version %d
+>6	beshort	x	\b.%d
+!:mime	application/x-java-image
+
+0	lelong	0xcafedada	Java module image (little endian)
+>6	leshort	>0x00	\b, version %d
+>4	leshort	x	\b.%d
+!:mime	application/x-java-image
+
+# JAR Manifest & Signature File
+# Reference: https://docs.oracle.com/javase/8/docs/technotes/guides/jar/jar.html
+0	string/t	Manifest-Version:\x201.0	JAR Manifest
+!:ext	MF
+0	string/t	Signature-Version:\x201.0	JAR Signature File
+!:ext	SF
diff --git a/magic/Magdir/javascript b/magic/Magdir/javascript
new file mode 100644
index 0000000..90a09cc
--- /dev/null
+++ b/magic/Magdir/javascript
@@ -0,0 +1,171 @@
+
+#------------------------------------------------------------------------------
+# $File: javascript,v 1.5 2023/01/12 00:02:16 christos Exp $
+# javascript:  magic for javascript and node.js scripts.
+#
+0	string/tw	#!/bin/node		Node.js script executable
+!:mime application/javascript
+0	string/tw	#!/usr/bin/node		Node.js script executable
+!:mime application/javascript
+0	string/tw	#!/bin/nodejs		Node.js script executable
+!:mime application/javascript
+0	string/tw	#!/usr/bin/nodejs	Node.js script executable
+!:mime application/javascript
+0	string/t		#!/usr/bin/env\ node	Node.js script executable
+!:mime application/javascript
+0	string/t		#!/usr/bin/env\ nodejs	Node.js script executable
+!:mime application/javascript
+
+# JavaScript
+# The strength is increased to beat the C++ & HTML rules
+0	search	"use\x20strict"	JavaScript source
+!:strength +30
+!:mime	application/javascript
+!:ext 	js
+0	search	'use\x20strict'	JavaScript source
+!:strength +30
+!:mime	application/javascript
+!:ext 	js
+0	regex	module(\\.|\\[["'])exports.*=	JavaScript source
+!:strength +30
+!:mime	application/javascript
+!:ext 	js
+0	regex	\^(const|var|let).*=.*require\\(	JavaScript source
+!:strength +30
+!:mime	application/javascript
+!:ext 	js
+0	regex	\^export\x20(function|class|default|const|var|let|async)\x20	JavaScript source
+!:strength +30
+!:mime	application/javascript
+!:ext 	js
+0	regex	\\((async\x20)?function[(\x20]	JavaScript source
+!:strength +30
+!:mime	application/javascript
+!:ext 	js
+0	regex	\^(import|export).*\x20from\x20	JavaScript source
+!:strength +30
+!:mime	application/javascript
+!:ext 	js
+0	regex	\^(import|export)\x20["']\\./	JavaScript source
+!:strength +30
+!:mime	application/javascript
+!:ext 	js
+0	regex	\^require\\(["']	JavaScript source
+!:strength +30
+!:mime	application/javascript
+!:ext 	js
+0	regex	typeof.*[!=]==	JavaScript source
+!:strength +30
+!:mime	application/javascript
+!:ext 	js
+
+# React Native minified JavaScript
+0	search/128	__BUNDLE_START_TIME__=	React Native minified JavaScript
+!:strength +30
+!:mime	application/javascript
+!:ext	bundle/jsbundle
+
+# Hermes by Facebook https://hermesengine.dev/
+# https://github.com/facebook/hermes/blob/master/include/hermes/\
+# BCGen/HBC/BytecodeFileFormat.h#L24
+0	lequad		0x1F1903C103BC1FC6	Hermes JavaScript bytecode
+>8	lelong		x			\b, version %d
+
+# v8 JavaScript engine bytecode
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL:	https://v8.dev/docs/ignition
+# Note: used in bytenode and NW.js protected source code
+# V8 bytecode extraction was added in NodeJS v5.7.0 (V8 4.6.85.31).
+# Version information is provided for some v8 versions found in NodeJS releases.
+2	uleshort		=0xC0DE
+>0	ulelong^0xC0DE0000	>0
+# Reservation table starts at 40
+>>40	ulelong&0xFFFFFF00	=0x80000000
+# Stub keys present
+>>>24	ulelong			>0
+>>>>0	ulelong^0xC0DE0000	x		v8 bytecode, external reference table size: %u bytes,
+>>>>4	ulelong			=0xEE4BF478	version 5.1.281.111,
+>>>>4	ulelong			=0xC4A0100C	version 5.5.372.43,
+>>>>8	ulelong			x		source size: %u bytes,
+>>>>12	ulelong			x		cpu features: %#08X,
+>>>>16	ulelong			x		flag hash: %#08X,
+>>>>20	ulelong			x		%u reservations,
+>>>>28	ulelong			x		payload size: %u bytes,
+>>>>32	ulelong			x		checksum1: %#08X,
+>>>>36	ulelong			x		checksum2: %#08X
+# No stub keys
+>>>24	ulelong			=0
+>>>>0	ulelong^0xC0DE0000	x		v8 bytecode, external reference table size: %u bytes,
+>>>>4	ulelong			=0x54F0AD81	version 6.2.414.46,
+>>>>4	ulelong			=0X7D1BF182	version 6.2.414.54,
+>>>>4	ulelong			=0x35BA122E	version 6.2.414.77,
+>>>>4	ulelong			=0X9319F9C2	version 6.2.414.78,
+>>>>4	ulelong			=0xB1240060	version 6.6.346.32,
+>>>>4	ulelong			=0x2B757060	version 6.7.288.46,
+>>>>4	ulelong			=0x09D147AA	version 6.7.288.49,
+>>>>4	ulelong			=0xF4D4F48A	version 6.8.275.32,
+>>>>4	ulelong			=0xD3961326	version 7.0.276.38,
+>>>>8	ulelong			x		source size: %u bytes,
+>>>>12	ulelong			x		cpu features: %#08X,
+>>>>16	ulelong			x		flag hash: %#08X,
+>>>>20	ulelong			x		%u reservations,
+>>>>28	ulelong			x		payload size: %u bytes,
+>>>>32	ulelong			x		checksum1: %#08X,
+>>>>36	ulelong			x		checksum2: %#08X
+# Reservation table starts at 32
+>>32	ulelong&0xFFFFFF00	=0x80000000
+# Second checksum present
+>>>28	ulelong			>0
+>>>>0	ulelong^0xC0DE0000	x		v8 bytecode, external reference table size: %u bytes,
+>>>>4	ulelong			=0x21DDF627	version 7.4.288.21,
+>>>>4	ulelong			=0x1FC9FE84	version 7.4.288.27,
+>>>>4	ulelong			=0x60A99E8B	version 7.5.288.22,
+>>>>4	ulelong			=0x4F665E90	version 7.6.303.29,
+>>>>4	ulelong			=0xC7ACFCDE	version 7.7.299.11,
+>>>>4	ulelong			=0x7F641D8F	version 7.7.299.13,
+>>>>4	ulelong			=0xFD9A4F2E	version 7.8.279.17,
+>>>>4	ulelong			=0x3A845324	version 7.8.279.23,
+>>>>4	ulelong			=0xFF52FEAF	version 7.9.317.25,
+>>>>8	ulelong			x		source size: %u bytes,
+>>>>12	ulelong			x		flag hash: %#08X,
+>>>>16	ulelong			x		%u reservations,
+>>>>20	ulelong			x		payload size: %u bytes,
+>>>>24	ulelong			x		checksum1: %#08X,
+>>>>28	ulelong			x		checksum2: %#08X
+# No second checksum
+>>>28	ulelong			=0
+>>>>0	ulelong^0xC0DE0000	x		v8 bytecode, external reference table size: %u bytes,
+>>>>4	ulelong			=0x8725E0F8	version 8.1.307.30,
+>>>>4	ulelong			=0x09ED1289	version 8.1.307.31,
+>>>>4	ulelong			=0xA5728C87	version 8.3.110.9,
+>>>>4	ulelong			=0xB45C5D30	version 8.4.371.23,
+>>>>4	ulelong			=0xED9C278B	version 8.4.371.19,
+>>>>4	ulelong			=0xD27BFF42	version 8.6.395.16,
+>>>>8	ulelong			x		source size: %u bytes,
+>>>>12	ulelong			x		flag hash: %#08X,
+>>>>16	ulelong			x		%u reservations,
+>>>>20	ulelong			x		payload size: %u bytes,
+>>>>24	ulelong			x		payload checksum: %#08X
+# No reservation table and code starts at 24
+>>32	ulelong		=0
+>>>0	ulelong^0xC0DE0000	x		v8 bytecode, external reference table size: %u bytes,
+>>>4	ulelong			=0x9A6F0B0F	version 9.0.257.17,
+>>>4	ulelong			=0x271D5D1E	version 9.0.257.24,
+>>>4	ulelong			=0x4EEA75DF	version 9.0.257.25,
+>>>4	ulelong			=0x80809479	version 9.1.269.36,
+>>>4	ulelong			=0x55C46F65	version 9.1.269.38,
+>>>4	ulelong			=0x8A9C758A	version 9.2.230.21,
+>>>4	ulelong			=0x9712F0E1	version 9.3.345.16,
+>>>4	ulelong			=0x29593715	version 9.4.146.19,
+>>>4	ulelong			=0xCD991825	version 9.4.146.24,
+>>>4	ulelong			=0xACDD64EE	version 9.4.146.26,
+>>>4	ulelong			=0xC96B4CD5	version 9.5.172.21,
+>>>4	ulelong			=0xBCCE4578	version 9.5.172.25,
+>>>4	ulelong			=0xA2EEA077	version 9.6.180.15,
+>>>4	ulelong			=0xFD350011	version 10.1.124.8,
+>>>4	ulelong			=0xBEF4028F	version 10.2.154.13,
+>>>4	ulelong			=0xAF632352	version 10.2.154.4,
+>>>8	ulelong			x		source size: %u bytes,
+>>>12	ulelong			x		flag hash: %#08X,
+>>>16	ulelong			x		payload size: %u bytes,
+>>>20	ulelong			x		payload checksum: %#08X
diff --git a/magic/Magdir/jpeg b/magic/Magdir/jpeg
new file mode 100644
index 0000000..9cebada
--- /dev/null
+++ b/magic/Magdir/jpeg
@@ -0,0 +1,252 @@
+
+#------------------------------------------------------------------------------
+# $File: jpeg,v 1.38 2022/12/02 17:42:04 christos Exp $
+# JPEG images
+# SunOS 5.5.1 had
+#
+#	0	string		\377\330\377\340	JPEG file
+#	0	string		\377\330\377\356	JPG file
+#
+# both of which turn into "JPEG image data" here.
+#
+0	belong			0xffd8fff7	JPEG-LS image data
+!:mime	image/jls
+!:ext jls
+>0	use			jpeg
+
+0	belong&0xffffff00	0xffd8ff00	JPEG image data
+!:mime	image/jpeg
+!:apple	8BIMJPEG
+!:strength *3
+!:ext jpeg/jpg/jpe/jfif
+>0	use			jpeg
+
+0	name		jpeg
+>6	string		JFIF		\b, JFIF standard
+# The following added by Erik Rossen <rossen@freesurf.ch> 1999-09-06
+# in a vain attempt to add image size reporting for JFIF.  Note that these
+# tests are not fool-proof since some perfectly valid JPEGs are currently
+# impossible to specify in magic(4) format.
+# First, a little JFIF version info:
+>>11	byte		x		\b %d.
+>>12	byte		x		\b%02d
+# Next, the resolution or aspect ratio of the image:
+>>13	byte		0		\b, aspect ratio
+>>13	byte		1		\b, resolution (DPI)
+>>13	byte		2		\b, resolution (DPCM)
+>>14	beshort		x		\b, density %dx
+>>16	beshort		x		\b%d
+>>4	beshort		x		\b, segment length %d
+# Next, show thumbnail info, if it exists:
+>>18	byte		!0		\b, thumbnail %dx
+>>>19	byte		x		\b%d
+>6	string		Exif		\b, Exif standard: [
+>>12	indirect/r	x
+>>12	string		x		\b]
+
+# Jump to the first segment
+>(4.S+4)	use		jpeg_segment
+
+# This uses recursion...
+0		name		jpeg_segment
+>0	beshort		0xFFFE
+# Recursion handled by FFE0
+#>>(2.S+2)	use			jpeg_segment
+>>2	pstring/HJ	x		\b, comment: "%s"
+
+>0	beshort		0xFFC0
+>>(2.S+2)	use			jpeg_segment
+>>4	byte		x		\b, baseline, precision %d
+>>7	beshort		x		\b, %dx
+>>5	beshort		x		\b%d
+>>9	byte		x		\b, components %d
+
+>0	beshort		0xFFC1
+>>(2.S+2)	use			jpeg_segment
+>>4	byte		x		\b, extended sequential, precision %d
+>>7	beshort		x		\b, %dx
+>>5	beshort		x		\b%d
+>>9	byte		x		\b, components %d
+
+>0	beshort		0xFFC2
+>>(2.S+2)	use			jpeg_segment
+>>4	byte		x		\b, progressive, precision %d
+>>7	beshort		x		\b, %dx
+>>5	beshort		x		\b%d
+>>9	byte		x		\b, components %d
+
+# Define Huffman Tables
+>0	beshort		0xFFC4
+>>(2.S+2)	use			jpeg_segment
+
+>0	beshort		0xFFE1
+# Recursion handled by FFE0
+#>>(2.S+2)	use			jpeg_segment
+>>4	string		Exif		\b, Exif Standard: [
+>>>10	indirect/r	x
+>>>10	string		x		\b]
+
+# Application specific markers
+>0	beshort&0xFFE0	=0xFFE0
+>>(2.S+2)	use			jpeg_segment
+
+# DB: Define Quantization tables
+# DD: Define Restart interval [XXX: wrong here, it is 4 bytes]
+# D8: Start of image
+# D9: End of image
+# Dn: Restart
+>0	beshort&0xFFD0	=0xFFD0
+>>0	beshort&0xFFE0	!0xFFE0
+>>>(2.S+2)	use			jpeg_segment
+
+#>0	beshort		x		unknown %#x
+#>>(2.S+2)	use			jpeg_segment
+
+# HSI is Handmade Software's proprietary JPEG encoding scheme
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/HSI_JPEG
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/b/bitmap-hsi1.trid.xml
+# Note:         called by TrID "HSI JPEG bitmap"
+0	string		hsi1		JPEG image data, HSI proprietary
+#!:mime	application/octet-stream
+!:mime	image/x-hsi
+!:ext	hsi/jpg
+
+# From: David Santinoli <david@santinoli.com>
+0	string		\x00\x00\x00\x0C\x6A\x50\x20\x20\x0D\x0A\x87\x0A	JPEG 2000
+# delete from ./animation (version 1.87) with jP (=6A50h) magic at offset 4
+# From: Johan van der Knijff <johan.vanderknijff@kb.nl>
+# Added sub-entries for JP2, JPX, JPM and MJ2 formats; added mimetypes
+# https://github.com/bitsgalore/jp2kMagic
+#
+# Now read value of 'Brand' field, which yields a few possibilities:
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/JP2
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/b/bitmap-jpeg2k.trid.xml
+# Note:         called by TrID "JPEG 2000 bitmap"
+>20	string		\x6a\x70\x32\x20	Part 1 (JP2)
+# aliases	image/jpeg2000, image/jpeg2000-image, image/x-jpeg2000-image
+!:mime	image/jp2
+!:ext	jp2
+# URL:		http://fileformats.archiveteam.org/wiki/JPX
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/b/bitmap-jpx.trid.xml
+# Note:         called by TrID "JPEG 2000 eXtended bitmap"
+>20	string		\x6a\x70\x78\x20	Part 2 (JPX)
+!:mime	image/jpx
+!:ext	jpf/jpx
+# URL:		http://fileformats.archiveteam.org/wiki/JPM
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/b/bitmap-jpm.trid.xml
+# Note:         called by TrID "JPEG 2000 eXtended bitmap"
+>20	string		\x6a\x70\x6d\x20	Part 6 (JPM)
+!:mime	image/jpm
+!:ext	jpm
+# URL:		http://fileformats.archiveteam.org/wiki/MJ2
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/v/video-mj2.trid.xml
+# Note:         called by TrID "Motion JPEG 2000 video"
+>20	string		\x6d\x6a\x70\x32	Part 3 (MJ2)
+!:mime	video/mj2
+!:ext	mj2/mjp2
+
+# Type: JPEG 2000 codesream
+# From: Mathieu Malaterre <mathieu.malaterre@gmail.com>
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/JPEG_2000_codestream
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/b/bitmap-jpc.trid.xml
+# Note:         called by TrID "JPEG-2000 Code Stream bitmap"
+0	belong		0xff4fff51						JPEG 2000 codestream
+# value like: 0701h FF50h
+#>45	ubeshort	x	\b, at 45 %#4.4x
+#!:mime	application/octet-stream
+# https://reposcope.com/mimetype/image/x-jp2-codestream
+!:mime	image/x-jp2-codestream
+!:ext	jpc/j2c/j2k
+# MAYBE also JHC like in byte_causal.jhc ?
+# WHAT IS THAT? DEAD ENTRY?
+#45	beshort		0xff52
+
+# JPEG extended range
+# URL:		http://fileformats.archiveteam.org/wiki/JPEG_XR
+# Reference:	https://www.itu.int/rec/T-REC-T.832
+#		http://mark0.net/download/triddefs_xml.7z/defs/b/bitmap-wmp.trid.xml
+# Note:         called by TrID "JPEG XR bitmap"
+0	string		\x49\x49\xbc
+# FILE_VERSION_ID; shall be equal to 1; other values are reserved for future use
+>3	byte		1
+# FIRST_IFD_OFFSET; shall be an integer multiple of 2; so skip DROID fmt-590-signature-id-931.wdp
+>>4	lelong%2	0	JPEG-XR
+#!:mime	image/vnd.ms-photo
+!:mime	image/jxr
+# NO example for HDP !
+!:ext	jxr/wdp/hdp
+# MAYBE also WMP ?
+#!:ext	jxr/wdp/hdp/wmp
+# moved from ./images (version 1.205 ), merged and
+# partly verified by XnView `nconvert -info abydos.jxr FLOWER.wdp`
+# example: https://web.archive.org/web/20160403012904/
+# http://shikino.co.jp/solution/upfile/FLOWER.wdp.zip
+>90	bequad		0x574D50484F544F00
+>>98	byte&0x08	=0x08			\b, hard tiling
+>>99	byte&0x80	=0x80			\b, tiling present
+>>99	byte&0x40	=0x40			\b, codestream present
+>>99	byte&0x38	x			\b, spatial xform=
+>>99	byte&0x38	0x00			\bTL
+>>99	byte&0x38	0x08			\bBL
+>>99	byte&0x38	0x10			\bTR
+>>99	byte&0x38	0x18			\bBR
+>>99	byte&0x38	0x20			\bBT
+>>99	byte&0x38	0x28			\bRB
+>>99	byte&0x38	0x30			\bLT
+>>99	byte&0x38	0x38			\bLB
+>>100	byte&0x80	=0x80			\b, short header
+>>>102	beshort+1	x			\b, %d
+>>>104	beshort+1	x			\bx%d
+>>100	byte&0x80	=0x00			\b, long header
+>>>102	belong+1	x			\b, %x
+>>>106	belong+1	x			\bx%x
+>>101	beshort&0xf	x			\b, bitdepth=
+>>>101	beshort&0xf	0x0			\b1-WHITE=1
+>>>101	beshort&0xf	0x1			\b8
+>>>101	beshort&0xf	0x2			\b16
+>>>101	beshort&0xf	0x3			\b16-SIGNED
+>>>101	beshort&0xf	0x4			\b16-FLOAT
+>>>101	beshort&0xf	0x5			\b(reserved 5)
+>>>101	beshort&0xf	0x6			\b32-SIGNED
+>>>101	beshort&0xf	0x7			\b32-FLOAT
+>>>101	beshort&0xf	0x8			\b5
+>>>101	beshort&0xf	0x9			\b10
+>>>101	beshort&0xf	0xa			\b5-6-5
+>>>101	beshort&0xf	0xb			\b(reserved %d)
+>>>101	beshort&0xf	0xc			\b(reserved %d)
+>>>101	beshort&0xf	0xd			\b(reserved %d)
+>>>101	beshort&0xf	0xe			\b(reserved %d)
+>>>101	beshort&0xf	0xf			\b1-BLACK=1
+>>101	beshort&0xf0	x			\b, colorfmt=
+>>>101	beshort&0xf0	0x00			\bYONLY
+>>>101	beshort&0xf0	0x10			\bYUV240
+>>>101	beshort&0xf0	0x20			\bYWV422
+>>>101	beshort&0xf0	0x30			\bYWV444
+>>>101	beshort&0xf0	0x40			\bCMYK
+>>>101	beshort&0xf0	0x50			\bCMYKDIRECT
+>>>101	beshort&0xf0	0x60			\bNCOMPONENT
+>>>101	beshort&0xf0	0x70			\bRGB
+>>>101	beshort&0xf0	0x80			\bRGBE
+>>>101	beshort&0xf0	>0x80			\b(reserved %#x)
+
+# JPEG XL
+# From: Ian Tester
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/JPEG_XL
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/b/bitmap-jxl.trid.xml
+# Note:         called by TrID "JPEG XL bitmap"
+0	string	\xff\x0a				JPEG XL codestream
+!:mime	image/jxl
+!:ext jxl
+
+# JPEG XL (transcoded JPEG file)
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/JPEG_XL
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/b/bitmap-jxl-iso.trid.xml 
+# Note:         called by TrID "JPEG XL bitmap (ISOBMFF)"
+0	string	\x00\x00\x00\x0cJXL\x20\x0d\x0a\x87\x0a	JPEG XL container
+!:mime	image/jxl
+!:ext jxl
diff --git a/magic/Magdir/karma b/magic/Magdir/karma
new file mode 100644
index 0000000..938a51d
--- /dev/null
+++ b/magic/Magdir/karma
@@ -0,0 +1,9 @@
+
+#------------------------------------------------------------------------------
+# $File: karma,v 1.8 2015/08/29 07:10:35 christos Exp $
+# karma:  file(1) magic for Karma data files
+#
+# From <rgooch@atnf.csiro.au>
+
+0	string	KarmaRHD\040Version	Karma Data Structure Version
+>16	belong		x		%u
diff --git a/magic/Magdir/kde b/magic/Magdir/kde
new file mode 100644
index 0000000..dda5819
--- /dev/null
+++ b/magic/Magdir/kde
@@ -0,0 +1,11 @@
+
+#------------------------------------------------------------------------------
+# $File: kde,v 1.5 2010/11/25 15:00:12 christos Exp $
+# kde:  file(1) magic for KDE
+
+0		string/t	[KDE\ Desktop\ Entry]	KDE desktop entry
+!:mime	application/x-kdelnk
+0		string/t	#\ KDE\ Config\ File	KDE config file
+!:mime	application/x-kdelnk
+0		string/t	#\ xmcd	xmcd database file for kscd
+!:mime	text/x-xmcd
diff --git a/magic/Magdir/keepass b/magic/Magdir/keepass
new file mode 100644
index 0000000..3d26efa
--- /dev/null
+++ b/magic/Magdir/keepass
@@ -0,0 +1,20 @@
+
+#------------------------------------------------------------------------------
+# $File: keepass,v 1.2 2019/04/19 00:42:27 christos Exp $
+# keepass: file(1) magic for KeePass file
+#
+# Keepass Password Safe:
+#  * original one: https://keepass.info/
+#  * *nix port:    https://www.keepassx.org/
+#  * android port: https://code.google.com/p/keepassdroid/
+
+0	lelong		0x9AA2D903	Keepass password database
+>4	lelong		0xB54BFB65	1.x KDB
+>>48	lelong		>0		\b, %d groups
+>>52	lelong		>0		\b, %d entries
+>>8	lelong&0x0f	1		\b, SHA-256
+>>8	lelong&0x0f	2		\b, AES
+>>8	lelong&0x0f	4		\b, RC4
+>>8	lelong&0x0f	8		\b, Twofish
+>>120	lelong		>0		\b, %d key transformation rounds
+>4	lelong		0xB54BFB67	2.x KDBX
diff --git a/magic/Magdir/kerberos b/magic/Magdir/kerberos
new file mode 100644
index 0000000..df6dc52
--- /dev/null
+++ b/magic/Magdir/kerberos
@@ -0,0 +1,45 @@
+
+#------------------------------------------------------------------------------
+# $File: kerberos,v 1.3 2019/04/19 00:42:27 christos Exp $
+# kerberos: MIT kerberos file binary formats
+#
+
+# This magic entry is for demonstration purposes and could be improved
+# if the following features were implemented in file:
+#
+# Strings inside [[ .. ]] in the descriptions have special meanings and
+# are not printed.
+#
+# 	- Provide some form of iteration in number of components
+#		[[${counter}=%d]] in the description
+#		then append
+#		[${counter}--] in the offset of the entries
+#	- Provide a way to round the next offset
+#		Add [R:4] after the offset?
+#	- Provide a way to have optional entries
+#		XXX: Syntax:
+#	- Provide a way to "save" entries to print them later.
+#		if the description is [[${name}=%s]], then nothing is
+#		printed and a subsequent entry in the same magic file
+#		can refer to ${name}
+#	- Provide a way to format strings as hex values
+#
+# https://www.gnu.org/software/shishi/manual/html_node/\
+#	The-Keytab-Binary-File-Format.html
+#
+
+0		name		keytab_entry
+#>0		beshort		x		\b, size=%d
+#>2		beshort		x		\b, components=%d
+>4		pstring/H	x		\b, realm=%s
+>>&0		pstring/H	x		\b, principal=%s/
+>>>&0		pstring/H	x		\b%s
+>>>>&0		belong		x		\b, type=%d
+>>>>>&0		bedate		x		\b, date=%s
+>>>>>>&0	byte		x		\b, kvno=%u
+#>>>>>>>&0	pstring/H	x
+#>>>>>>>>&0	belong		x
+#>>>>>>>>>>&0	use		keytab_entry
+
+0		belong		0x05020000	Kerberos Keytab file
+>4		use		keytab_entry
diff --git a/magic/Magdir/kicad b/magic/Magdir/kicad
new file mode 100644
index 0000000..212a550
--- /dev/null
+++ b/magic/Magdir/kicad
@@ -0,0 +1,85 @@
+
+#------------------------------------------------------------------------------
+# $File: kicad,v 1.2 2020/05/06 14:03:28 christos Exp $
+# kicad:  file(1) magic for KiCad files
+#
+# See
+#
+#	http://kicad-pcb.org
+#
+
+# KiCad Schematic Document
+0	    string  (kicad_sch
+>10	    byte    0x20		KiCad Schematic Document
+!:ext kicad_sch/kicad_sch-bak
+>>11	    string  (version
+>>>19	    byte    0x20
+>>>>20	    regex   [0-9.]+		(Version %s)
+
+# KiCad Schematic Document (Legacy)
+0	    string  EESchema
+>8	    byte    0x20
+>>9	    string  Schematic
+>>>18	    byte    0x20		KiCad Schematic Document (Legacy)
+!:ext sch/bak
+>>>>24	    string  Version
+>>>>>31	    byte    0x20
+>>>>>>32    string  x			(Version %s)
+
+# KiCad Symbol Library
+0	    string  (kicad_symbol_lib
+>17	    byte    0x20		KiCad Symbol Library
+!:ext kicad_sym
+>>18	    string  (version
+>>>26	    byte    0x20
+>>>>27	    regex   [0-9.]+		(Version %s)
+
+# KiCad Symbol Library (Legacy)
+0	    string  EESchema-LIBRARY
+>16	    byte    0x20		KiCad Symbol Library (Legacy)
+!:ext lib
+>>17	    string  Version
+>>>24	    byte    0x20
+>>>>25	    string  x			(Version %s)
+
+# KiCad Symbol Library Documentation (Legacy)
+0	    string  EESchema-DOCLIB
+>15	    byte    0x20		KiCad Symbol Library Documentation (Legacy)
+!:ext dcm
+>>17	    string  Version
+>>>24	    byte    0x20
+>>>>25	    string  x			(Version %s)
+
+# KiCad Board Layout
+0	    string  (kicad_pcb
+>10	    byte    0x20		KiCad Board Layout
+!:ext kicad_pcb/kicad_pcb-bak
+>>11	    string  (version
+>>>19	    byte    0x20
+>>>>20	    regex   [0-9.]+		(Version %s)
+
+# KiCad Footprint
+0	    string  (module
+>7	    byte    0x20		KiCad Footprint
+!:ext kicad_mod
+
+# KiCad Footprint (Legacy)
+0	    string  PCBNEW-LibModule-V1	    KiCad Footprint (Legacy)
+!:ext mod
+
+# KiCad Netlist
+0	    string  (export
+>7	    byte    0x20		KiCad Netlist
+!:ext net
+
+# KiCad Symbol Library Table
+0	    string  (sym_lib_table
+>14	    byte    0xA			KiCad Symbol Library Table
+>14	    byte    0xD			KiCad Symbol Library Table
+>14	    byte    0x20		KiCad Symbol Library Table
+
+# KiCad Footprint Library Table
+0	    string  (fp_lib_table
+>13	    byte    0xA			KiCad Footprint Library Table
+>13	    byte    0xD			KiCad Footprint Library Table
+>13	    byte    0x20		KiCad Footprint Library Table
diff --git a/magic/Magdir/kml b/magic/Magdir/kml
new file mode 100644
index 0000000..904f3b5
--- /dev/null
+++ b/magic/Magdir/kml
@@ -0,0 +1,34 @@
+
+#------------------------------------------------------------------------------
+# $File: kml,v 1.6 2019/05/21 04:50:10 christos Exp $
+# Type: Google KML, formerly Keyhole Markup Language
+# Future development of this format has been handed
+# over to the Open Geospatial Consortium.
+# https://www.opengeospatial.org/standards/kml/
+# From: Asbjoern Sloth Toennesen <asbjorn@lila.io>
+0 string/t    \<?xml
+>20  search/400 \ xmlns=
+>>&0 regex ['"]http://earth.google.com/kml Google KML document
+!:mime application/vnd.google-earth.kml+xml
+>>>&1 string 2.0' \b, version 2.0
+>>>&1 string 2.1' \b, version 2.1
+>>>&1 string 2.2' \b, version 2.2
+
+#------------------------------------------------------------------------------
+# Type: OpenGIS KML, formerly Keyhole Markup Language
+# This standard is maintained by the
+# Open Geospatial Consortium.
+# https://www.opengeospatial.org/standards/kml/
+# From: Asbjoern Sloth Toennesen <asbjorn@lila.io>
+>>&0 regex ['"]http://www.opengis.net/kml OpenGIS KML document
+!:mime application/vnd.google-earth.kml+xml
+>>>&1 string/t 2.2 \b, version 2.2
+
+#------------------------------------------------------------------------------
+# Type: Google KML Archive (ZIP based)
+# https://code.google.com/apis/kml/documentation/kml_tut.html
+# From: Asbjoern Sloth Toennesen <asbjorn@lila.io>
+0 string    PK\003\004
+>4  byte    0x14
+>>30  string doc.kml Compressed Google KML Document, including resources.
+!:mime application/vnd.google-earth.kmz
diff --git a/magic/Magdir/lammps b/magic/Magdir/lammps
new file mode 100644
index 0000000..5424383
--- /dev/null
+++ b/magic/Magdir/lammps
@@ -0,0 +1,64 @@
+#------------------------------------------------------------------------------
+# $File: lammps,v 1.1 2021/03/14 16:24:18 christos Exp $
+#
+
+# Magic file patterns for use with file(1) for the
+# LAMMPS molecular dynamics simulation software.
+# https://lammps.sandia.gov
+#
+# Updated: 2021-03-14 by akohlmey@gmail.com
+
+# Binary restart file for the LAMMPS MD code
+0        string  LammpS\ RestartT  LAMMPS binary restart file
+>0x14    long    x                 (rev %d),
+>>0x20   string  x                 Version %s,
+>>>0x10  lelong  0x0001            Little Endian
+>>>0x10  lelong  0x1000            Big Endian
+
+# Atom style binary dump file for the LAMMPS MD code
+# written on a little endian machine
+0         lequad  -8
+>0x08     string  DUMPATOM     LAMMPS atom style binary dump
+>>0x14    long    x            (rev %d),
+>>>0x10   lelong  0x0001       Little Endian,
+>>>>0x18  lequad  x            First time step: %lld
+
+# written on a big endian machine
+0         bequad  -8
+>0x08     string  DUMPATOM     LAMMPS atom style binary dump
+>>0x14    belong  x            (rev %d),
+>>>0x10   lelong  0x1000       Big Endian,
+>>>>0x18  bequad  x            First time step: %lld
+
+# Atom style binary dump file for the LAMMPS MD code
+# written on a little endian machine
+0         lequad  -10
+>0x08     string  DUMPCUSTOM   LAMMPS custom style binary dump
+>>0x16    lelong  x            (rev %d),
+>>>0x12   lelong  0x0001       Little Endian,
+>>>>0x1a  lequad  x            First time step: %lld
+
+# written on a big endian machine
+0         bequad  -10
+>0x08     string  DUMPCUSTOM   LAMMPS custom style binary dump
+>>0x16    belong  x            (rev %d),
+>>>0x12   lelong  0x1000       Big Endian,
+>>>>0x1a  bequad  x            First time step: %lld
+
+# LAMMPS log file
+0         string LAMMPS\ (                    LAMMPS log file
+>8        regex/16 [0-9]+\ [A-Za-z]+\ [0-9]+  written by version %s
+
+# Data file written either by LAMMPS, msi2lmp or VMD/TopoTools
+0      string LAMMPS\ data\ file  LAMMPS data file
+>0x12  string CGCMM\ style        written by TopoTools
+>0x12  string msi2lmp             written by msi2lmp
+>0x11  string via\ write_data     written by LAMMPS
+
+# LAMMPS data file written by OVITO
+0      string #\ LAMMPS\ data\ file   LAMMPS data file
+>0x13  string written\ by\ OVITO      written by OVITO
+
+# LAMMPS text mode dump file
+0      string    ITEM:\ TIMESTEP      LAMMPS text mode dump,
+>15    regex/16  [0-9]+               First time step: %s
diff --git a/magic/Magdir/lecter b/magic/Magdir/lecter
new file mode 100644
index 0000000..6ae87c1
--- /dev/null
+++ b/magic/Magdir/lecter
@@ -0,0 +1,6 @@
+
+#------------------------------------------------------------------------------
+# $File: lecter,v 1.4 2009/09/19 16:28:10 christos Exp $
+# DEC SRC Virtual Paper: Lectern files
+# Karl M. Hegbloom <karlheg@inetarena.com>
+0	string	lect	DEC SRC Virtual Paper Lectern file
diff --git a/magic/Magdir/lex b/magic/Magdir/lex
new file mode 100644
index 0000000..cc9fac5
--- /dev/null
+++ b/magic/Magdir/lex
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: lex,v 1.6 2009/09/19 16:28:10 christos Exp $
+# lex:  file(1) magic for lex
+#
+#	derived empirically, your offsets may vary!
+0	search/100	yyprevious	C program text (from lex)
+>3	search/1	>\0		 for %s
+# C program text from GNU flex, from Daniel Quinlan <quinlan@yggdrasil.com>
+0	search/100	generated\ by\ flex	C program text (from flex)
+# lex description file, from Daniel Quinlan <quinlan@yggdrasil.com>
+0	search/1	%{		lex description text
diff --git a/magic/Magdir/lif b/magic/Magdir/lif
new file mode 100644
index 0000000..3474a48
--- /dev/null
+++ b/magic/Magdir/lif
@@ -0,0 +1,50 @@
+
+#------------------------------------------------------------------------------
+# $File: lif,v 1.11 2022/10/19 20:15:16 christos Exp $
+# lif:  file(1) magic for lif
+#
+# (Daniel Quinlan <quinlan@yggdrasil.com>)
+#
+# Modified by:	Joerg Jenderek
+# URL:		https://www.hp9845.net/9845/projects/hpdir/
+#		https://github.com/bug400/lifutils
+# Reference:	https://www.hp9845.net/9845/downloads/manuals/LIF_excerpt_64941-90906_flpRef_Jan84.pdf
+# Note:		called by TrID "HP Logical Interchange Format disk image"
+0	beshort		0x8000
+# GRR: line above is too general as it catches also compressed DEGAS low-res bitmap *.pc1
+# skip many compressed DEGAS low-res bitmap *.pc1 by test for unused bytes
+>14	beshort		=0
+# skip MUNCHIE.PC1 BOARD.PC1 ENEMIES.PC1 by test for low version number
+>>20	ubeshort	<0x0100
+# skip DROID fmt-840-signature-id-1195.adx fmt-840-signature-id-1199.adx by test for ASCII like volume name
+>>>2	ubelong		>0x2020201F
+>>>>0	use		lif-file
+0	name		lif-file
+# LIF ID
+>0	beshort		x		lif file
+!:mime	application/x-lif-disk
+# lif used by Tony Duell LIF utilities; enhanced version by Joachim Siebold use also dat; hpi used by hpdir
+!:ext	lif/hpi/dat
+# volume label; A-Z 0-9 _ ; default are 6 spaces
+>2	string		x		"%.6s"
+#>2	ubelong		x		LABEL=%8.8x
+# version number; 0 for systems without extensions or 1 for model 64000
+>20	ubeshort	x		\b, version %u
+# LIF identifier; 010000 for system 3000
+>12	beshort		!0x1000		\b, LIF identifier %#x
+# directory start address in units like: 2
+>8	ubelong		x		\b, directory
+>8	ubelong		!2		start address %u
+# length of directory like: 2 4 7 10 12 14 (for model 64000) 16 18 20 24 30 50 57 77 80
+>16	ubelong		x		length %u
+# level 1 extensions
+>20	beshort		=0
+>>24	ubequad		!0		\b, for extensions %#llx...
+>20	beshort		>0
+>>24	ubequad		!0		\b, extensions %#llx...
+# word 21-126 reserved for extensions and future use; set to nil
+>42	ubequad		!0		\b, RESERVED %#llx
+# lif first file name for standard directory; 0xffff... means uninitialized
+>8	ubelong		2
+>>512	string		<\xff\xff	\b, 1st file %-.10s
+
diff --git a/magic/Magdir/linux b/magic/Magdir/linux
new file mode 100644
index 0000000..ae18114
--- /dev/null
+++ b/magic/Magdir/linux
@@ -0,0 +1,627 @@
+
+#------------------------------------------------------------------------------
+# $File: linux,v 1.85 2023/07/17 14:40:09 christos Exp $
+# linux:  file(1) magic for Linux files
+#
+# Values for Linux/i386 binaries, from Daniel Quinlan <quinlan@yggdrasil.com>
+# The following basic Linux magic is useful for reference, but using
+# "long" magic is a better practice in order to avoid collisions.
+#
+# 2	leshort		100		Linux/i386
+# >0	leshort		0407		impure executable (OMAGIC)
+# >0	leshort		0410		pure executable (NMAGIC)
+# >0	leshort		0413		demand-paged executable (ZMAGIC)
+# >0	leshort		0314		demand-paged executable (QMAGIC)
+#
+0	lelong		0x00640107	Linux/i386 impure executable (OMAGIC)
+>16	lelong		0		\b, stripped
+0	lelong		0x00640108	Linux/i386 pure executable (NMAGIC)
+>16	lelong		0		\b, stripped
+0	lelong		0x0064010b	Linux/i386 demand-paged executable (ZMAGIC)
+>16	lelong		0		\b, stripped
+0	lelong		0x006400cc	Linux/i386 demand-paged executable (QMAGIC)
+>16	lelong		0		\b, stripped
+#
+0	string		\007\001\000	Linux/i386 object file
+>20	lelong		>0x1020		\b, DLL library
+# Linux-8086 stuff:
+0	string		\01\03\020\04	Linux-8086 impure executable
+>28	long		!0		not stripped
+0	string		\01\03\040\04	Linux-8086 executable
+>28	long		!0		not stripped
+#
+0	string		\243\206\001\0	Linux-8086 object file
+#
+0	string		\01\03\020\20	Minix-386 impure executable
+>28	long		!0		not stripped
+0	string		\01\03\040\20	Minix-386 executable
+>28	long		!0		not stripped
+0	string		\01\03\04\20	Minix-386 NSYM/GNU executable
+>28	long		!0		not stripped
+# core dump file, from Bill Reynolds <bill@goshawk.lanl.gov>
+216	lelong		0421		Linux/i386 core file
+!:strength / 2
+>220	string		>\0		of '%s'
+>200	lelong		>0		(signal %d)
+#
+# LILO boot/chain loaders, from Daniel Quinlan <quinlan@yggdrasil.com>
+# this can be overridden by the DOS executable (COM) entry
+2	string		LILO		Linux/i386 LILO boot/chain loader
+#
+# Linux make config build file, from Ole Aamot <oka@oka.no>
+# Updated by Ken Sharp
+28	string		make\ config		Linux make config build file (old)
+49	search/70	Kernel\ Configuration	Linux make config build file
+
+#
+# PSF fonts, from H. Peter Anvin <hpa@yggdrasil.com>
+# Updated by Adam Buchbinder <adam.buchbinder@gmail.com>
+# See: https://www.win.tue.nl/~aeb/linux/kbd/font-formats-1.html
+0	leshort		0x0436		Linux/i386 PC Screen Font v1 data,
+>2	byte&0x01	0		256 characters,
+>2	byte&0x01	!0		512 characters,
+>2	byte&0x02	0		no directory,
+>2	byte&0x02	!0		Unicode directory,
+>3	byte		>0		8x%d
+0	string		\x72\xb5\x4a\x86\x00\x00 Linux/i386 PC Screen Font v2 data,
+>16	lelong		x		%d characters,
+>12	lelong&0x01	0		no directory,
+>12	lelong&0x01	!0		Unicode directory,
+>28	lelong		x		%d
+>24	lelong		x		\bx%d
+
+# Linux swap and hibernate files
+# Linux kernel: include/linux/swap.h
+# util-linux: libblkid/src/superblocks/swap.c
+
+# format v0, unsupported since 2002
+0xff6	string		SWAP-SPACE	Linux old swap file, 4k page size
+0x1ff6	string		SWAP-SPACE	Linux old swap file, 8k page size
+0x3ff6	string		SWAP-SPACE	Linux old swap file, 16k page size
+0x7ff6	string		SWAP-SPACE	Linux old swap file, 32k page size
+0xfff6	string		SWAP-SPACE	Linux old swap file, 64k page size
+
+# format v1, supported since 1998
+0		name	linux-swap
+>0x400	lelong		1	little endian, version %u,
+>>0x404	lelong		x	size %u pages,
+>>0x408	lelong		x	%u bad pages,
+>0x400	belong		1	big endian, version %u,
+>>0x404	belong		x	size %u pages,
+>>0x408	belong		x	%u bad pages,
+>0x41c	string		\0	no label,
+>0x41c	string		>\0	LABEL=%s,
+>0x40c	ubelong		x	UUID=%08x
+>0x410	ubeshort	x	\b-%04x
+>0x412	ubeshort	x	\b-%04x
+>0x414	ubeshort	x	\b-%04x
+>0x416	ubelong		x	\b-%08x
+>0x41a	ubeshort	x	\b%04x
+
+0xff6	string		SWAPSPACE2	Linux swap file, 4k page size,
+>0		use			linux-swap
+0x1ff6	string		SWAPSPACE2	Linux swap file, 8k page size,
+>0		use			linux-swap
+0x3ff6	string		SWAPSPACE2	Linux swap file, 16k page size,
+>0		use			linux-swap
+0x7ff6	string		SWAPSPACE2	Linux swap file, 32k page size,
+>0		use			linux-swap
+0xfff6	string		SWAPSPACE2	Linux swap file, 64k page size,
+>0		use			linux-swap
+
+0	name	linux-hibernate
+>0	string	S1SUSPEND	\b, with SWSUSP1 image
+>0	string	S2SUSPEND	\b, with SWSUSP2 image
+>0	string	ULSUSPEND	\b, with uswsusp image
+>0	string	LINHIB0001	\b, with compressed hibernate image
+>0	string	\xed\xc3\x02\xe9\x98\x56\xe5\x0c	\b, with tuxonice image
+>0	default	x			\b, with unknown hibernate image
+
+0xfec	string		SWAPSPACE2	Linux swap file, 4k page size,
+>0		use			linux-swap
+>0xff6	use			linux-hibernate
+0x1fec	string		SWAPSPACE2	Linux swap file, 8k page size,
+>0		use			linux-swap
+>0x1ff6	use			linux-hibernate
+0x3fec	string		SWAPSPACE2	Linux swap file, 16k page size,
+>0		use			linux-swap
+>0x3ff6	use			linux-hibernate
+0x7fec	string		SWAPSPACE2	Linux swap file, 32k page size,
+>0		use			linux-swap
+>0x7ff6	use			linux-hibernate
+0xffec	string		SWAPSPACE2	Linux swap file, 64k page size,
+>0		use			linux-swap
+>0xfff6	use			linux-hibernate
+
+#
+# Linux kernel boot images, from Albert Cahalan <acahalan@cs.uml.edu>
+# and others such as Axel Kohlmeyer <akohlmey@rincewind.chemie.uni-ulm.de>
+# and Nicolas Lichtmaier <nick@debian.org>
+# All known start with: b8 c0 07 8e d8 b8 00 90 8e c0 b9 00 01 29 f6 29
+# Linux kernel boot images (i386 arch) (Wolfram Kleff)
+# URL: https://www.kernel.org/doc/Documentation/x86/boot.txt
+514	string		HdrS		Linux kernel
+!:strength + 55
+# often no extension like in linux, vmlinuz, bzimage or memdisk but sometimes
+# Acronis Recovery kernel64.dat and Plop Boot Manager plpbtrom.bin
+# DamnSmallLinux 1.5 damnsmll.lnx 
+!:ext	/dat/bin/lnx
+>510	leshort		0xAA55		x86 boot executable
+>>518	leshort		>0x1ff
+>>>529	byte		0		zImage,
+>>>529	byte		1		bzImage,
+>>>526	lelong		>0
+>>>>(526.s+0x200) string	>\0	version %s,
+>>498	leshort		1		RO-rootFS,
+>>498	leshort		0		RW-rootFS,
+>>508	leshort		>0		root_dev %#X,
+>>502	leshort		>0		swap_dev %#X,
+>>504	leshort		>0		RAMdisksize %u KB,
+>>506	leshort		0xFFFF		Normal VGA
+>>506	leshort		0xFFFE		Extended VGA
+>>506	leshort		0xFFFD		Prompt for Videomode
+>>506	leshort		>0		Video mode %d
+# This also matches new kernels, which were caught above by "HdrS".
+0		belong	0xb8c0078e	Linux kernel
+>0x1e3		string	Loading		version 1.3.79 or older
+>0x1e9		string	Loading		from prehistoric times
+
+# System.map files - Nicolas Lichtmaier <nick@debian.org>
+8	search/1	\ A\ _text	Linux kernel symbol map text
+
+# LSM entries - Nicolas Lichtmaier <nick@debian.org>
+0	search/1	Begin3	Linux Software Map entry text
+0	search/1	Begin4	Linux Software Map entry text (new format)
+
+# From Matt Zimmerman, enhanced for v3 by Matthew Palmer
+0	belong	0x4f4f4f4d	User-mode Linux COW file
+>4	belong	<3		\b, version %d
+>>8	string	>\0		\b, backing file %s
+>4	belong	>2		\b, version %d
+>>32	string	>\0		\b, backing file %s
+
+############################################################################
+# Linux kernel versions
+
+0		string		\xb8\xc0\x07\x8e\xd8\xb8\x00\x90	Linux
+>497		leshort		0		x86 boot sector
+>>514		belong		0x8e	of a kernel from the dawn of time!
+>>514		belong		0x908ed8b4	version 0.99-1.1.42
+>>514		belong		0x908ed8b8	for memtest86
+
+>497		leshort		!0		x86 kernel
+>>504		leshort		>0		RAMdisksize=%u KB
+>>502		leshort		>0		swap=%#X
+>>508		leshort		>0		root=%#X
+>>>498		leshort		1		\b-ro
+>>>498		leshort		0		\b-rw
+>>506		leshort		0xFFFF		vga=normal
+>>506		leshort		0xFFFE		vga=extended
+>>506		leshort		0xFFFD		vga=ask
+>>506		leshort		>0		vga=%d
+>>514		belong		0x908ed881	version 1.1.43-1.1.45
+>>514		belong		0x15b281cd
+>>>0xa8e	belong		0x55AA5a5a	version 1.1.46-1.2.13,1.3.0
+>>>0xa99	belong		0x55AA5a5a	version 1.3.1,2
+>>>0xaa3	belong		0x55AA5a5a	version 1.3.3-1.3.30
+>>>0xaa6	belong		0x55AA5a5a	version 1.3.31-1.3.41
+>>>0xb2b	belong		0x55AA5a5a	version 1.3.42-1.3.45
+>>>0xaf7	belong		0x55AA5a5a	version 1.3.46-1.3.72
+>>514		string		HdrS
+>>>518		leshort		>0x1FF
+>>>>529		byte		0		\b, zImage
+>>>>529		byte		1		\b, bzImage
+>>>>(526.s+0x200) string 	>\0		\b, version %s
+
+# Linux boot sector thefts.
+0		belong		0xb8c0078e	Linux
+>0x1e6		belong		0x454c4b53	ELKS Kernel
+>0x1e6		belong		!0x454c4b53	style boot sector
+
+############################################################################
+# Linux S390 kernel image
+# Created by: Jan Kaluza <jkaluza@redhat.com>
+8 string \x02\x00\x00\x18\x60\x00\x00\x50\x02\x00\x00\x68\x60\x00\x00\x50\x40\x40\x40\x40\x40\x40\x40\x40 Linux S390
+>0x00010000 search/b/4096 \x00\x0a\x00\x00\x8b\xad\xcc\xcc
+# 64bit
+>>&0 string \xc1\x00\xef\xe3\xf0\x68\x00\x00 Z10 64bit kernel
+>>&0 string \xc1\x00\xef\xc3\x00\x00\x00\x00 Z9-109 64bit kernel
+>>&0 string \xc0\x00\x20\x00\x00\x00\x00\x00 Z990 64bit kernel
+>>&0 string \x00\x00\x00\x00\x00\x00\x00\x00 Z900 64bit kernel
+# 32bit
+>>&0 string \x81\x00\xc8\x80\x00\x00\x00\x00 Z10 32bit kernel
+>>&0 string \x81\x00\xc8\x80\x00\x00\x00\x00 Z9-109 32bit kernel
+>>&0 string \x80\x00\x20\x00\x00\x00\x00\x00 Z990 32bit kernel
+>>&0 string \x80\x00\x00\x00\x00\x00\x00\x00 Z900 32bit kernel
+
+############################################################################
+# Linux ARM compressed kernel image
+# From: Kevin Cernekee <cernekee@gmail.com>
+# Update: Joerg Jenderek
+0x24	lelong	0x016f2818	Linux kernel ARM boot executable zImage
+# There are three possible situations: LE, BE with LE bootloader and pure BE.
+# In order to aid telling these apart a new endian flag was added. In order
+# to support kernels before the flag and BE with LE bootloader was added we'll
+# do a negative check against the BE variant of the flag when we see a LE magic.
+>0x30	belong	!0x04030201	(little-endian)
+# raspian "kernel7.img", Vu+ Ultimo4K "kernel_auto.bin"
+!:ext	img/bin
+>0x30	belong	0x04030201	(big-endian)
+0x24	belong	0x016f2818	Linux kernel ARM boot executable zImage (big-endian)
+
+############################################################################
+# Linux AARCH64 kernel image
+0x38    lelong  0x644d5241  Linux kernel ARM64 boot executable Image
+>0x18   lelong  ^1          \b, little-endian
+>0x18   lelong  &1          \b, big-endian
+>0x18   lelong  &2          \b, 4K pages
+>0x18   lelong  &4          \b, 16K pages
+>0x18   lelong  &6          \b, 32K pages
+
+############################################################################
+# Linux 8086 executable
+0	lelong&0xFF0000FF 0xC30000E9	Linux-Dev86 executable, headerless
+>5	string		.
+>>4	string		>\0		\b, libc version %s
+
+0	lelong&0xFF00FFFF 0x4000301	Linux-8086 executable
+>2	byte&0x01	!0		\b, unmapped zero page
+>2	byte&0x20	0		\b, impure
+>2	byte&0x20	!0
+>>2	byte&0x10	!0		\b, A_EXEC
+>2	byte&0x02	!0		\b, A_PAL
+>2	byte&0x04	!0		\b, A_NSYM
+>2	byte&0x08	!0		\b, A_STAND
+>2	byte&0x40	!0		\b, A_PURE
+>2	byte&0x80	!0		\b, A_TOVLY
+>28     long            !0              \b, not stripped
+>37	string		.
+>>36	string		>\0		\b, libc version %s
+
+# 0	lelong&0xFF00FFFF 0x10000301	ld86 I80386 executable
+# 0	lelong&0xFF00FFFF 0xB000301	ld86 M68K executable
+# 0	lelong&0xFF00FFFF 0xC000301	ld86 NS16K executable
+# 0	lelong&0xFF00FFFF 0x17000301	ld86 SPARC executable
+
+# SYSLINUX boot logo files (from 'ppmtolss16' sources)
+# https://www.syslinux.org/wiki/index.php/SYSLINUX#Display_graphic_from_filename:
+# file extension .lss .16
+0	lelong	=0x1413f33d		SYSLINUX' LSS16 image data
+# syslinux-4.05/mime/image/x-lss16.xml
+!:mime image/x-lss16
+>4	leshort	x			\b, width %d
+>6	leshort	x			\b, height %d
+
+0	string	OOOM			User-Mode-Linux's Copy-On-Write disk image
+>4	belong	x			version %d
+
+# SE Linux policy database
+# From: Mike Frysinger <vapier@gentoo.org>
+0	lelong	0xf97cff8c		SE Linux policy
+>16	lelong	x			v%d
+>20	lelong	1			MLS
+>24	lelong	x			%d symbols
+>28	lelong	x			%d ocons
+
+# Linux Logical Volume Manager (LVM)
+# Emmanuel VARAGNAT <emmanuel.varagnat@guzu.net>
+#
+# System ID, UUID and volume group name are 128 bytes long
+# but they should never be full and initialized with zeros...
+#
+# LVM1
+#
+0x0	string/b	HM\001		LVM1 (Linux Logical Volume Manager), version 1
+>0x12c	string/b	>\0		, System ID: %s
+
+0x0	string/b	HM\002		LVM1 (Linux Logical Volume Manager), version 2
+>0x12c	string/b	>\0		, System ID: %s
+
+#  LVM2
+#
+# It seems that the label header can be in one the four first sector
+# of the disk... (from _find_labeller in lib/label/label.c of LVM2)
+#
+# 0x200 seems to be the common case
+0		name	lvm2
+# display UUID in LVM format + display all 32 bytes (instead of max string length: 31)
+>0x0          string  >\x2f          \b, UUID: %.6s
+>0x6          string  >\x2f          \b-%.4s
+>0xa          string  >\x2f          \b-%.4s
+>0xe          string  >\x2f          \b-%.4s
+>0x12         string  >\x2f          \b-%.4s
+>0x16         string  >\x2f          \b-%.4s
+>0x1a         string  >\x2f          \b-%.6s
+>0x20         lequad  x              \b, size: %lld
+
+
+# read the offset to add to the start of the header, and the header
+# start in 0x200
+0x218           string/b  LVM2\ 001      LVM2 PV (Linux Logical Volume Manager)
+>&(&-12.l-0x20) use	lvm2
+
+0x018           string/b  LVM2\ 001      LVM2 PV (Linux Logical Volume Manager)
+>&(&-12.l-0x20) use	lvm2
+
+0x418           string/b  LVM2\ 001      LVM2 PV (Linux Logical Volume Manager)
+>&(&-12.l-0x20) use	lvm2
+
+0x618           string/b  LVM2\ 001      LVM2 PV (Linux Logical Volume Manager)
+>&(&-12.l-0x20) use	lvm2
+
+# LVM snapshot
+# from Jason Farrel
+0	string	SnAp	LVM Snapshot (CopyOnWrite store)
+>4	lelong	!0	- valid,
+>4	lelong	0	- invalid,
+>8	lelong	x	version %d,
+>12	lelong	x	chunk_size %d
+
+# SE Linux policy database
+0	lelong	0xf97cff8c		SE Linux policy
+>16	lelong	x			v%d
+>20	lelong	1			MLS
+>24	lelong	x			%d symbols
+>28	lelong	x			%d ocons
+
+# Summary: Xen saved domain file
+# Created by: Radek Vokal <rvokal@redhat.com>
+0	string		LinuxGuestRecord	Xen saved domain
+>20	search/256	(name
+>>&1	string		x			(name %s)
+
+# Type: Xen, the virtual machine monitor
+# From: Radek Vokal <rvokal@redhat.com>
+0	string		LinuxGuestRecord	Xen saved domain
+#>2	regex		\(name\ [^)]*\)		%s
+>20	search/256	(name			(name
+>>&1	string		x			%s...)
+
+# Systemd journald files
+# See https://www.freedesktop.org/wiki/Software/systemd/journal-files/.
+# From: Zbigniew Jedrzejewski-Szmek <zbyszek@in.waw.pl>
+# Update: 	Joerg Jenderek
+# URL:		https://systemd.io/JOURNAL_FILE_FORMAT/
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/j/journal-sysd.trid.xml
+# Note:		called "systemd journal" by TrID
+#		verified by `journalctl --file=user-1000.journal`
+# check magic signature[8]
+0	string	LPKSHHRH
+# check that state is one of known values
+# STATE_OFFLINE~0 STATE_ONLINE~1 STATE_ARCHIVED~2
+>16		ubyte&252	0
+# check that each half of three unique id128s is non-zero
+# file_id
+>>24		ubequad		>0
+>>>32		ubequad		>0
+# machine_id
+>>>>40		ubequad		>0
+>>>>>48		ubequad		>0
+# boot_id; last writer
+>>>>>>56	ubequad		>0
+>>>>>>>64	ubequad		>0	Journal file
+#!:mime application/octet-stream
+!:mime application/x-linux-journal
+# provide more info
+# head_entry_realtime; contains a POSIX timestamp stored in microseconds
+>>>>>>>>184	leqdate/1000000	!0	\b, %s
+>>>>>>>>184	leqdate		0	empty
+# If a file is closed after writing the state field should be set to STATE_OFFLINE
+>>>>>>>>16	ubyte		0	\b,
+# for offline and empty only journal~ extension found
+>>>>>>>>>184	leqdate		0	offline
+# https://man7.org/linux/man-pages/man8/systemd-journald.service.8.html
+# GRR: add char ~ inside parse_ext in ../../src/apprentice.c to avoid in file version 5.44 error like:
+# Magdir/linux, 463: Warning: EXTENSION type `		journal~' has bad char '~'
+!:ext		journal~
+# for offline and non empty often *.journal~ but also user-1001.journal
+>>>>>>>>>184	leqdate		!0	offline
+!:ext		journal/journal~
+# if a file is opened for writing the state field should be set to STATE_ONLINE
+>>>>>>>>16	ubyte		1	\b,
+# for online and empty only journal~ extension found
+>>>>>>>>>184	leqdate		0	online
+# system@0005febee06e2ff2-f7ea54d10e4346ff.journal~
+!:ext		journal~
+# for online and non empty only journal extension found
+>>>>>>>>>184	leqdate		!0	online
+# system.journal user-1000.journal
+!:ext		journal
+# after a file has been rotated it should be set to STATE_ARCHIVED
+>>>>>>>>16	ubyte		2	\b, archived
+!:ext		journal
+# no *.journal~ found
+#!:ext		journal/journal~
+# compatible_flags
+>>>>>>>>8	ulelong&1	1	\b, sealed
+# incompatible_flags; COMPRESSED_XZ~1 COMPRESSED_LZ4~2 KEYED_HASH~4 COMPRESSED_ZSTD~8 COMPACT~16
+#>>>>>>>>12	ulelong		x	FLAGS=%#x
+>>>>>>>>12	ulelong&1	1	\b, compressed
+>>>>>>>>12	ulelong&2	!0	\b, compressed lz4
+>>>>>>>>12	ulelong&4	!0	\b, keyed hash siphash24
+>>>>>>>>12	ulelong&8	!0	\b, compressed zstd
+>>>>>>>>12	ulelong&16	!0	\b, compact
+# uint8_t reserved[7]; apparently nil
+#>>17		long		!0	\b, reserved %#8.8x
+# seqnum_id; like: 0 e623691afec94b5aa968ae2d726c49cc f98b2af481924b29 8d6816ca3639edc6
+#>>>>>>>>72	ubequad		x	\b, seqnum_id %#16.16llx
+#>>>>>>>>80	ubequad		x	b%16.16llx
+# header_size like: 100h
+>>>>>>>>88	ulequad		!0x100h	\b, header size %#llx
+# arena_size  like: 0 7fff00h ffff00h 17fff00h
+#>>>>>>>>96	ulequad		>0	\b, arena size %#llx
+# data_hash_table_offset like: 0 15f0h 15f0h
+#>>>>>>>>104	ulequad		>0	\b, hash table offset %#llx
+# data_hash_table_size like: 0 38e380h
+#>>>>>>>>112	ulequad		>0	\b, hash table size %#llx
+# field_hash_table_offset like: 0 110h
+#>>>>>>>>120	ulequad		>0	\b, field hash table offset %#llx
+# field_hash_table_size like: 0 14d0h
+#>>>>>>>>128	ulequad		>0	\b, field hash table size %#llx
+# tail_object_offset like: 0 43edd8h 511278h c68968h d487d0h efaa98h
+#>>>>>>>>136	ulequad		>0	\b, tail object offset %#llx
+# n_objects like: 0 1032h 5a2eh 92bdh a8b5h aa75h 112adh 40c23h 4714eh
+#>>>>>>>>144	ulequad		>0	\b, objects %#llx
+# n_entries like: 0 3aeh 235ah 2dc4h 3125h 16129h 187a1h
+>>>>>>>>152	ulequad		>0	\b, entries %#llx
+# tail_entry_seqnum like: 0 1988h 16249h 24c12h 24c12h 41e64h 9fefdh
+#>>>>>>>>160	ulequad		>0	\b, tail entry seqnum %#llx
+# head_entry_seqnum like: 0 1h 15dbh 6552h 213bfh 213bfh 3e672h 9a28ah
+#>>>>>>>>168	ulequad		>0	\b, head entry seqnum %#llx
+# entry_array_offset like: 0 390058h 3909d8h 3909e0h
+#>>>>>>>>176	ulequad		>0	\b, entry array offset %#llx
+
+# BCache backing and cache devices
+# From: Gabriel de Perthuis <g2p.code@gmail.com>
+0x1008		lequad		8
+>0x1018		string		\xc6\x85\x73\xf6\x4e\x1a\x45\xca\x82\x65\xf5\x7f\x48\xba\x6d\x81	BCache
+>>0x1010	ulequad		0	cache device
+>>0x1010	ulequad		1	backing device
+>>0x1010	ulequad		3	cache device
+>>0x1010	ulequad		4	backing device
+>>0x1048	string		>0	\b, label "%.32s"
+>>0x1028	ubelong		x	\b, uuid %08x
+>>0x102c	ubeshort	x	\b-%04x
+>>0x102e	ubeshort	x	\b-%04x
+>>0x1030	ubeshort	x	\b-%04x
+>>0x1032	ubelong		x	\b-%08x
+>>0x1036	ubeshort	x	\b%04x
+>>0x1038	ubelong		x	\b, set uuid %08x
+>>0x103c	ubeshort	x	\b-%04x
+>>0x103e	ubeshort	x	\b-%04x
+>>0x1040	ubeshort	x	\b-%04x
+>>0x1042	ubelong		x	\b-%08x
+>>0x1046	ubeshort	x	\b%04x
+
+# Linux device tree:
+# File format description can be found in the Linux kernel sources at
+# Documentation/devicetree/booting-without-of.txt
+# From Christoph Biedl
+0		belong		0xd00dfeed
+# structure must be within blob, strings are omitted to handle devicetrees > 1M
+>&(8.L)		byte		x
+>>20		belong		>1	Device Tree Blob version %d
+>>>4		belong		x	\b, size=%d
+>>>20		belong		>1
+>>>>28		belong		x	\b, boot CPU=%d
+>>>20		belong		>2
+>>>>32		belong		x	\b, string block size=%d
+>>>20		belong		>16
+>>>>36		belong		x	\b, DT structure block size=%d
+
+# glibc locale archive as defined in glibc locale/locarchive.h
+0		lelong		0xde020109	locale archive
+>24		lelong		x		%d strings
+
+# Linux Software RAID (mdadm)
+# Russell Coker <russell@coker.com.au>
+0	name	linuxraid
+>16	belong	x		UUID=%8x:
+>20	belong	x		\b%8x:
+>24	belong	x		\b%8x:
+>28	belong	x		\b%8x
+>32	string	x		name=%s
+>72	lelong	x		level=%d
+>92	lelong	x		disks=%d
+
+4096	lelong	0xa92b4efc	Linux Software RAID
+>4100	lelong	x		version 1.2 (%d)
+>4096	use	linuxraid
+
+0	lelong	0xa92b4efc	Linux Software RAID
+>4	lelong	x		version 1.1 (%d)
+>0	use	linuxraid
+
+# Summary:     Database file for mlocate
+# Description: A database file as used by mlocate, a fast implementation
+#              of locate/updatedb. It uses merging to reuse the existing
+#              database and avoid rereading most of the filesystem. It's
+#              the default version of locate on Arch Linux (and others).
+# File path:   /var/lib/mlocate/mlocate.db by default (but configurable)
+# Site:        https://fedorahosted.org/mlocate/
+# Format docs: https://linux.die.net/man/5/mlocate.db
+# Type: mlocate database file
+# URL:  https://fedorahosted.org/mlocate/
+# From: Wander Nauta <info@wandernauta.nl>
+0		string		\0mlocate	mlocate database
+>12		byte		x		\b, version %d
+>13		byte		1		\b, require visibility
+>16		string		x		\b, root %s
+
+# Dump files for iproute2 tool. Generated by the "ip r|a save" command. URL:
+# https://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2
+# From: Pavel Emelyanov <xemul@parallels.com>
+0		lelong		0x45311224	iproute2 routes dump
+0		lelong		0x47361222	iproute2 addresses dump
+
+# Image and service files for CRIU tool.
+# URL: https://criu.org
+# From: Pavel Emelyanov <xemul@parallels.com>
+0		lelong		0x54564319	CRIU image file v1.1
+0		lelong		0x55105940	CRIU service file
+0		lelong		0x58313116	CRIU inventory
+
+# Kdump compressed dump files
+# https://github.com/makedumpfile/makedumpfile/blob/master/IMPLEMENTATION
+
+0		string		KDUMP\x20\x20\x20	Kdump compressed dump
+>0		use		kdump-compressed-dump
+
+0		name		kdump-compressed-dump
+>8		long		x		v%d
+>12		string		>\0		\b, system %s
+>77		string		>\0		\b, node %s
+>142		string		>\0		\b, release %s
+>207		string		>\0		\b, version %s
+>272		string		>\0		\b, machine %s
+>337		string		>\0		\b, domain %s
+
+# Flattened format
+0		string		makedumpfile
+>16		bequad		1
+>>0x1010	string		KDUMP\x20\x20\x20	Flattened kdump compressed dump
+>>>0x1010	use		kdump-compressed-dump
+
+# Device Tree files
+0		search/1024	/dts-v1/	Device Tree File (v1)
+# beat c code
+!:strength +14
+
+
+# e2fsck undo file
+# David Gilman <davidgilman1@gmail.com>
+0		string		E2UNDO02	e2fsck undo file, version 2
+>44		lelong		x		\b, undo file is
+>>44		lelong&1	0		not finished
+>>44		lelong&1	1		finished
+>48		lelong		x		\b, undo file features:
+>>48		lelong&1	0		lacks filesystem offset
+>>48		lelong&1	1		has filesystem offset
+>>>64		lequad		x		at %#llx
+
+# ansible vault (does not really belong here)
+0		string		$ANSIBLE_VAULT;	Ansible Vault
+>&0		regex		[0-9]+\\.[0-9]+	\b, version %s
+>>&0		string		;
+>>>&0		regex		[A-Z0-9]+	\b, encryption %s
+
+# From:		Joerg Jenderek
+# URL:		https://www.gnu.org/software/grub
+# Reference:	https://ftp.gnu.org/gnu/grub/grub-2.06.tar.gz
+#		grub-2.06/include/grub/keyboard_layouts.h 
+#		grub-2.06/grub-core/commands/keylayouts.c
+# GRUB_KEYBOARD_LAYOUTS_FILEMAGIC
+0	string		GRUBLAYO		GRUB Keyboard
+!:mime			application/x-grub-keyboard
+!:ext			gkb
+# GRUB_KEYBOARD_LAYOUTS_VERSION like: 10
+>8	ulelong		!10			\b, version %u
+# 4 grub_uint32_t grub_keyboard_layout[160]
+# for normal french keyboard this is letter a
+>92	ubyte		!0x71
+>>92	ubyte		>0x40			\b, english q is %c
+#>732	ubyte		x			\b, english Q is %c
+# for normal german keyboard this is letter z
+>124	ubyte		!0x79
+>>124	ubyte		>0x40			\b, english y is %c
+#>764	ubyte		x			\b, english Y is %c
diff --git a/magic/Magdir/lisp b/magic/Magdir/lisp
new file mode 100644
index 0000000..c854fb7
--- /dev/null
+++ b/magic/Magdir/lisp
@@ -0,0 +1,78 @@
+
+#------------------------------------------------------------------------------
+# $File: lisp,v 1.27 2020/08/14 19:23:39 christos Exp $
+# lisp:  file(1) magic for lisp programs
+#
+# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
+
+# updated by Joerg Jenderek
+# GRR: This lot is too weak
+#0	string	;;
+# windows INF files often begin with semicolon and use CRLF as line end
+# lisp files are mainly created on unix system with LF as line end
+#>2	search/4096	!\r		Lisp/Scheme program text
+#>2	search/4096	\r		Windows INF file
+
+0	search/4096	(setq\ 			Lisp/Scheme program text
+!:mime	text/x-lisp
+0	search/4096	(defvar\ 		Lisp/Scheme program text
+!:mime	text/x-lisp
+0	search/4096	(defparam\ 		Lisp/Scheme program text
+!:mime	text/x-lisp
+0	search/4096	(defun\  		Lisp/Scheme program text
+!:mime	text/x-lisp
+0	search/4096	(autoload\ 		Lisp/Scheme program text
+!:mime	text/x-lisp
+0	search/4096	(custom-set-variables\ 	Lisp/Scheme program text
+!:mime	text/x-lisp
+
+# URL: https://en.wikipedia.org/wiki/Emacs_Lisp
+# Reference: https://ftp.gnu.org/old-gnu/emacs/elisp-manual-18-1.03.tar.gz
+# Update: Joerg Jenderek
+# Emacs 18 - this is always correct, but not very magical.
+0	string	\012(
+# look for emacs lisp keywords
+# GRR: split regex because it is too long or get error like
+# lisp, 36: Warning: cannot get string from `^(defun|defvar|defconst|defmacro|setq|fset|put|provide|require|'
+>&0	regex	\^(defun|defvar|defconst|defmacro|setq|fset)	Emacs v18 byte-compiled Lisp data
+!:mime	application/x-elc
+# https://searchcode.com/codesearch/view/2173420/
+# not really pure text
+!:apple	EMAxTEXT
+!:ext elc
+# remaining regex
+>&0	regex	\^(put|provide|require|random)	Emacs v18 byte-compiled Lisp data
+!:mime	application/x-elc
+!:apple	EMAxTEXT
+!:ext elc
+# missed cl.elc dbx.elc simple.elc look like normal lisp starting with ;;;
+
+# Emacs 19+ - ver. recognition added by Ian Springer
+# Also applies to XEmacs 19+ .elc files; could tell them apart with regexs
+# - Chris Chittleborough <cchittleborough@yahoo.com.au>
+# Update: Joerg Jenderek
+0	string	;ELC
+# version\0\0\0
+>4	byte	>18			Emacs/XEmacs v%d byte-compiled Lisp data
+# why less than 32 ? does not make sense to me. GNU Emacs version is 24.5 at April 2015
+#>4	byte    <32			Emacs/XEmacs v%d byte-compiled Lisp data
+!:mime	application/x-elc
+!:apple	EMAxTEXT
+!:ext elc
+
+# Files produced by GNU/Emacs pdumper
+0	string	DUMPEDGNUEMACS	GNU/Emacs pdumper image
+
+# Files produced by CLISP Common Lisp From: Bruno Haible <haible@ilog.fr>
+0	string	(SYSTEM::VERSION\040'	CLISP byte-compiled Lisp program (pre 2004-03-27)
+0	string	(|SYSTEM|::|VERSION|\040'	CLISP byte-compiled Lisp program text
+
+0	long	0x70768BD2		CLISP memory image data
+0	long	0xD28B7670		CLISP memory image data, other endian
+
+#.com and .bin for MIT scheme
+0	string	\372\372\372\372	MIT scheme (library?)
+
+# From: David Allouche <david@allouche.net>
+0	search/1	\<TeXmacs|	TeXmacs document text
+!:mime	text/texmacs
diff --git a/magic/Magdir/llvm b/magic/Magdir/llvm
new file mode 100644
index 0000000..6befe7a
--- /dev/null
+++ b/magic/Magdir/llvm
@@ -0,0 +1,22 @@
+
+#------------------------------------------------------------------------------
+# $File: llvm,v 1.10 2023/03/11 17:54:17 christos Exp $
+# llvm:  file(1) magic for LLVM byte-codes
+# URL:  https://llvm.org/docs/BitCodeFormat.html
+# From: Al Stone <ahs3@fc.hp.com>
+
+0	string	llvm	LLVM byte-codes, uncompressed
+0	string	llvc0	LLVM byte-codes, null compression
+0	string	llvc1	LLVM byte-codes, gzip compression
+0	string	llvc2	LLVM byte-codes, bzip2 compression
+0	string	CPCH	LLVM Pre-compiled header file
+
+0	lelong	0x0b17c0de	LLVM bitcode, wrapper
+# Are these Mach-O ABI values?  They appear to be.
+>16	lelong	0x01000007	x86_64
+>16	lelong	0x00000007	i386
+>16	lelong	0x00000012	ppc
+>16	lelong	0x01000012	ppc64
+>16	lelong 	0x0000000c	arm
+
+0	string	BC\xc0\xde	LLVM IR bitcode
diff --git a/magic/Magdir/locoscript b/magic/Magdir/locoscript
new file mode 100644
index 0000000..87771cc
--- /dev/null
+++ b/magic/Magdir/locoscript
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: locoscript,v 1.1 2021/01/03 20:56:25 christos Exp $
+# locoscript:  file(1) magic for LocoScript documents and related files
+#
+# See http://fileformats.archiveteam.org/wiki/LocoScript
+0	string	JOY\x01\x01	LocoScript 1 document
+0	string	JOY\x01\x02	LocoScript 2 document
+0	string	JOY\x01\x04	LocoScript 3 document
+0	string	JOY\x01\x06	LocoScript 4 document
+0	string	DOC\x01\x01	LocoScript PC document
+0	string	DOC\x01\x03	LocoScript Professional document
diff --git a/magic/Magdir/lua b/magic/Magdir/lua
new file mode 100644
index 0000000..ab17374
--- /dev/null
+++ b/magic/Magdir/lua
@@ -0,0 +1,31 @@
+
+#------------------------------------------------------------------------------
+# $File: lua,v 1.8 2020/10/08 23:23:56 christos Exp $
+# lua:  file(1) magic for Lua scripting language
+# URL:  https://www.lua.org/
+# From: Reuben Thomas <rrt@sc3d.org>, Seo Sanghyeon <tinuviel@sparcs.kaist.ac.kr>
+
+# Lua scripts
+0	search/1/w	#!\ /usr/bin/lua	Lua script text executable
+!:mime	text/x-lua
+0	search/1/w	#!\ /usr/local/bin/lua	Lua script text executable
+!:mime	text/x-lua
+0	search/1	#!/usr/bin/env\ lua	Lua script text executable
+!:mime	text/x-lua
+0	search/1	#!\ /usr/bin/env\ lua	Lua script text executable
+!:mime	text/x-lua
+
+# Lua bytecode
+0	string		\033Lua			Lua bytecode,
+# 2.4 uses 0x23 as its version byte because it shares the format
+# with 2.3 (which was never released publicly).
+>4	byte		0x23			version 2.4
+>4	byte		0x25			version 2.5/3.0
+>4	byte		0x31			version 3.1
+>4	byte		0x32			version 3.2
+>4	byte		0x40			version 4.0
+>4	byte		0x50			version 5.0
+>4	byte		0x51			version 5.1
+>4	byte		0x52			version 5.2
+>4	byte		0x53			version 5.3
+>4	byte		0x54			version 5.4
diff --git a/magic/Magdir/luks b/magic/Magdir/luks
new file mode 100644
index 0000000..1604251
--- /dev/null
+++ b/magic/Magdir/luks
@@ -0,0 +1,126 @@
+
+#------------------------------------------------------------------------------
+# $File: luks,v 1.5 2022/09/07 11:23:44 christos Exp $
+# luks:  file(1) magic for Linux Unified Key Setup
+# URL:		https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup
+#		http://fileformats.archiveteam.org/wiki/LUKS
+# From:	Anthon van der Neut <anthon@mnt.org>
+# Update:	Joerg Jenderek
+# Note:		verfied by command like `cryptsetup luksDump /dev/sda3`
+
+0	string		LUKS\xba\xbe	LUKS encrypted file,
+# https://reposcope.com/mimetype/application/x-raw-disk-image
+!:mime	application/x-raw-disk-image
+#!:mime	application/x-luks-volume
+# img is the generic extension; no suffix for partitions; luksVolumeHeaderBackUp via zuluCrypt
+!:ext	/luks/img/luksVolumeHeaderBackUp
+# version like: 1 2
+>6	beshort		x		ver %d
+# test for version 1 variant
+>6	beshort		1
+>>0			use		luks-v1
+# test for version 2 variant
+>6	beshort		>1
+>>0			use		luks-v2
+# Reference:	https://mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/LUKS_docs/on-disk-format.pdf
+#		http://mark0.net/download/triddefs_xml.7z/defs/l/luks.trid.xml
+# display information about LUKS version 1
+0	name		luks-v1
+# cipher-name like: aes twofish
+>8	string		x		[%s,
+# cipher-mode like: xts-plain64 cbc-essiv
+>40	string		x		%s,
+# hash specification like: sha256 sha1 ripemd160
+>72	string		x		%s]
+>168	string		x		UUID: %s
+# NEW PART!
+# payload-offset; start offset of the bulk data
+>104	 ubelong	x		\b, at %#x data
+# key-bytes; number of key bytes; key-bytes*8=MK-bits
+>108	 ubelong	x		\b, %u key bytes
+# mk-digest[20]; master key checksum from PBKDF2
+>112	ubequad		x		\b, MK digest %#16.16llx
+>>120	ubequad		x		\b%16.16llx
+>>128	ubelong		x		\b%8.8x
+# mk-digest-salt[32]; salt parameter for master key PBKDF2
+>132	ubequad		x		\b, MK salt %#16.16llx
+>>140	ubequad		x		\b%16.16llx
+>>148	ubequad		x		\b%16.16llx
+>>156	ubequad		x		\b%16.16llx
+# mk-digest-iter; iterations parameter for master key PBKDF2
+>164	ubelong		x		\b, %u MK iterations
+# key slot 1
+>208	ubelong		=0x00AC71F3	\b; slot #0
+>>208			use		luks-slot
+# key slot 2
+>256	ubelong		=0x00AC71F3	\b; slot #1
+>>256			use		luks-slot
+# key slot 3
+>304	ubelong		=0x00AC71F3	\b; slot #2
+>>304			use		luks-slot
+# key slot 4
+>352	ubelong		=0x00AC71F3	\b; slot #3
+>>352			use		luks-slot
+# key slot 5
+>400	ubelong		=0x00AC71F3	\b; slot #4
+>>400			use		luks-slot
+# key slot 6
+>448	ubelong		=0x00AC71F3	\b; slot #5
+>>448			use		luks-slot
+# key slot 7
+>496	ubelong		=0x00AC71F3	\b; slot #6
+>>496			use		luks-slot
+# key slot 8
+>544	ubelong		=0x00AC71F3	\b; slot #7
+>>544			use		luks-slot
+# Reference:	https://gitlab.com/cryptsetup/LUKS2-docs/-/raw/master/luks2_doc_wip.pdf
+#		http://mark0.net/download/triddefs_xml.7z/defs/l/luks2.trid.xml
+# display information about LUKS version 2
+0	name		luks-v2
+# hdr_size; size including JSON area called Metadata area by cryptsetup with value like: 16384
+>8	ubequad		x		\b, header size %llu
+# possible check for MAGIC_2ND after header 
+#>(8.Q) 	 string		SKUL\xba\xbe	\b, 2nd_HEADER_OK
+# seqid; sequence ID, increased on update; called Epoch by cryptsetup with value like: 3 4 8 10
+>16	ubequad		x		\b, ID %llu
+# label[48]; optional ASCII label or empty; called Label by cryptsetup with value like: "LUKS2_EXT4_ROOT"
+>24	string		>\0		\b, label %s
+# csum_alg[32]; checksum algorithm like: sha256 sha1 sha512 wirlpool ripemd160
+>72	string		x		\b, algo %s
+# salt[64]; salt , unique for every header
+>104	ubequad		x		\b, salt %#llx...
+# uuid[40]; UID of device as string like: 242256c6-396e-4a35-af5f-5b70cb7af9a7
+>168	string		x		\b, UUID: %-.40s
+# subsystem[48]; optional owner subsystem label or empty
+>208	string		>\0		\b, sub label %-.48s
+# hdr_offset; offset from device start [ bytes ] like: 0
+>256	ubequad		!0		\b, offset %llx
+# char _padding [184]; must be zeroed
+#>264	ubequad		x		\b, padding %#16.16llx
+#>440	ubequad		x		\b...%16.16llx
+# csum[64]; header checksum
+>448	ubequad		x		\b, crc %#llx...
+# char _padding4096 [7*512];  Padding , must be zeroed
+#>512	ubequad		x		\b, more padding %#16.16llx
+#>4088	ubequad		x		\b...%16.16llx
+# JSON text data terminated by the zero character; unused remainder empty and filled with zeroes like:
+# {"keyslots":{"0":{"type":"luks2","key_size":64,"af":{"type":"luks1","stripes":4000,"hash":"sha256"},"area":{"type":"raw","offse"
+>0x1000	string		x		\b, at 0x1000 %s
+#>0x1000	indirect	x
+# display information (like active) about LUKS1 slot
+0	name		luks-slot
+# state of keyslot; 0x00AC71F3~active 0x0000DEAD~inactive
+#>0	ubelong		x		\b, status %#8.8x
+>0	ubelong		=0x00AC71F3	active
+>0	ubelong		=0x0000DEAD	inactive
+# iteration parameter for PBKDF2
+#>4	ubelong		x		\b, %u iterations
+# salt parameter for PBKDF2
+#>8	ubequad		x		\b, salt %#16.16llx
+#>>16	ubequad		x		\b%16.16llx
+#>>24	ubequad		x		\b%16.16llx
+#>>32	ubequad		x		\b%16.16llx
+# start sector of key material like: 8 0x200 0x3f8 0x5f0 0xdd0
+>40	ubelong		x		\b, %#x material offset
+# number of anti-forensic stripes like: 4000
+>44	ubelong		!4000		\b, %u stripes
diff --git a/magic/Magdir/m4 b/magic/Magdir/m4
new file mode 100644
index 0000000..587ebe8
--- /dev/null
+++ b/magic/Magdir/m4
@@ -0,0 +1,11 @@
+#------------------------------------------------------------------------------
+# $File: m4,v 1.3 2019/02/27 16:46:23 christos Exp $
+# make:  file(1) magic for M4 scripts
+#
+0	search/8192	dnl
+>0	regex	\^dnl\ 		M4 macro processor script text
+!:mime	text/x-m4
+0	search/8192	AC_DEFUN
+>0	regex	\^AC_DEFUN\\(\\[	M4 macro processor script text
+!:strength + 15
+!:mime	text/x-m4
diff --git a/magic/Magdir/mach b/magic/Magdir/mach
new file mode 100644
index 0000000..7eb98ff
--- /dev/null
+++ b/magic/Magdir/mach
@@ -0,0 +1,303 @@
+
+#------------------------------------------------------------
+# $File: mach,v 1.29 2021/04/26 15:56:00 christos Exp $
+# Mach has two magic numbers, 0xcafebabe and 0xfeedface.
+# Unfortunately the first, cafebabe, is shared with
+# Java ByteCode, so they are both handled in the file "cafebabe".
+# The "feedface" ones are handled herein.
+#------------------------------------------------------------
+# if set, it's for the 64-bit version of the architecture
+# yes, this is separate from the low-order magic number bit
+# it's also separate from the "64-bit libraries" bit in the
+# upper 8 bits of the CPU subtype
+
+# Reference:	https://opensource.apple.com/source/cctools/cctools-949.0.1/
+#               include/mach-o/loader.h
+# display CPU type as string like: i386 x86_64 ... armv7 armv7k ...
+0	name	mach-o-cpu
+>0	belong&0xff000000	0
+#
+# 32-bit ABIs.
+#
+#				1	vax
+>>0	belong&0x00ffffff	1
+>>>4		belong&0x00ffffff	0	vax
+>>>4		belong&0x00ffffff	1	vax11/780
+>>>4		belong&0x00ffffff	2	vax11/785
+>>>4		belong&0x00ffffff	3	vax11/750
+>>>4		belong&0x00ffffff	4	vax11/730
+>>>4		belong&0x00ffffff	5	uvaxI
+>>>4		belong&0x00ffffff	6	uvaxII
+>>>4		belong&0x00ffffff	7	vax8200
+>>>4		belong&0x00ffffff	8	vax8500
+>>>4		belong&0x00ffffff	9	vax8600
+>>>4		belong&0x00ffffff	10	vax8650
+>>>4		belong&0x00ffffff	11	vax8800
+>>>4		belong&0x00ffffff	12	uvaxIII
+>>>4		belong&0x00ffffff	>12	vax subarchitecture=%d
+>>0	belong&0x00ffffff	2	romp
+>>0	belong&0x00ffffff	3	architecture=3
+>>0	belong&0x00ffffff	4	ns32032
+>>0	belong&0x00ffffff	5	ns32332
+>>0	belong&0x00ffffff	6	m68k
+#				7	x86
+>>0	belong&0x00ffffff	7
+>>>4	belong&0x0000000f	3		i386
+>>>4	belong&0x0000000f	4		i486
+>>>>4	belong&0x00fffff0	0
+>>>>4	belong&0x00fffff0	0x80		\bsx
+>>>4	belong&0x0000000f	5		i586
+>>>4	belong&0x0000000f	6
+>>>>4	belong&0x00fffff0	0		p6
+>>>>4	belong&0x00fffff0	0x10		pentium_pro
+>>>>4	belong&0x00fffff0	0x20		pentium_2_m0x20
+>>>>4	belong&0x00fffff0	0x30		pentium_2_m3
+>>>>4	belong&0x00fffff0	0x40		pentium_2_m0x40
+>>>>4	belong&0x00fffff0	0x50		pentium_2_m5
+>>>>4	belong&0x00fffff0	>0x50		pentium_2_m%#x
+>>>4	belong&0x0000000f	7		celeron
+>>>>4	belong&0x00fffff0	0x00		\b_m%#x
+>>>>4	belong&0x00fffff0	0x10		\b_m%#x
+>>>>4	belong&0x00fffff0	0x20		\b_m%#x
+>>>>4	belong&0x00fffff0	0x30		\b_m%#x
+>>>>4	belong&0x00fffff0	0x40		\b_m%#x
+>>>>4	belong&0x00fffff0	0x50		\b_m%#x
+>>>>4	belong&0x00fffff0	0x60
+>>>>4	belong&0x00fffff0	0x70		\b_mobile
+>>>>4	belong&0x00fffff0	>0x70		\b_m%#x
+>>>4	belong&0x0000000f	8		pentium_3
+>>>>4	belong&0x00fffff0	0x00
+>>>>4	belong&0x00fffff0	0x10		\b_m
+>>>>4	belong&0x00fffff0	0x20		\b_xeon
+>>>>4	belong&0x00fffff0	>0x20		\b_m%#x
+>>>4	belong&0x0000000f	9		pentiumM
+>>>>4	belong&0x00fffff0	0x00
+>>>>4	belong&0x00fffff0	>0x00		\b_m%#x
+>>>4	belong&0x0000000f	10		pentium_4
+>>>>4	belong&0x00fffff0	0x00
+>>>>4	belong&0x00fffff0	0x10		\b_m
+>>>>4	belong&0x00fffff0	>0x10		\b_m%#x
+>>>4	belong&0x0000000f	11		itanium
+>>>>4	belong&0x00fffff0	0x00
+>>>>4	belong&0x00fffff0	0x10		\b_2
+>>>>4	belong&0x00fffff0	>0x10		\b_m%#x
+>>>4	belong&0x0000000f	12		xeon
+>>>>4	belong&0x00fffff0	0x00
+>>>>4	belong&0x00fffff0	0x10		\b_mp
+>>>>4	belong&0x00fffff0	>0x10		\b_m%#x
+>>>4	belong&0x0000000f	>12		ia32 family=%d
+>>>>4	belong&0x00fffff0	0x00
+>>>>4	belong&0x00fffff0	>0x00		model=%x
+>>0	belong&0x00ffffff	8	mips
+>>>4		belong&0x00ffffff	1	R2300
+>>>4		belong&0x00ffffff	2	R2600
+>>>4		belong&0x00ffffff	3	R2800
+>>>4		belong&0x00ffffff	4	R2000a
+>>>4		belong&0x00ffffff	5	R2000
+>>>4		belong&0x00ffffff	6	R3000a
+>>>4		belong&0x00ffffff	7	R3000
+>>>4		belong&0x00ffffff	>7	subarchitecture=%d
+>>0	belong&0x00ffffff	9	ns32532
+>>0	belong&0x00ffffff	10	mc98000
+>>0	belong&0x00ffffff	11	hppa
+>>>4		belong&0x00ffffff	0	7100
+>>>4		belong&0x00ffffff	1	7100LC
+>>>4		belong&0x00ffffff	>1	subarchitecture=%d
+>>0	belong&0x00ffffff	12	arm
+>>>4		belong&0x00ffffff	0
+>>>4		belong&0x00ffffff	1	subarchitecture=%d
+>>>4		belong&0x00ffffff	2	subarchitecture=%d
+>>>4		belong&0x00ffffff	3	subarchitecture=%d
+>>>4		belong&0x00ffffff	4	subarchitecture=%d
+>>>4		belong&0x00ffffff	5	\bv4t
+>>>4		belong&0x00ffffff	6	\bv6
+>>>4		belong&0x00ffffff	7	\bv5tej
+>>>4		belong&0x00ffffff	8	\bxscale
+>>>4		belong&0x00ffffff	9	\bv7
+>>>4		belong&0x00ffffff	10	\bv7f
+>>>4		belong&0x00ffffff	11	\bv7s
+>>>4		belong&0x00ffffff	12	\bv7k
+>>>4		belong&0x00ffffff	13	\bv8
+>>>4		belong&0x00ffffff	14	\bv6m
+>>>4		belong&0x00ffffff	15	\bv7m
+>>>4		belong&0x00ffffff	16	\bv7em
+>>>4		belong&0x00ffffff	>16	subarchitecture=%d
+#				13	m88k
+>>0	belong&0x00ffffff	13
+>>>4		belong&0x00ffffff	0	mc88000
+>>>4		belong&0x00ffffff	1	mc88100
+>>>4		belong&0x00ffffff	2	mc88110
+>>>4		belong&0x00ffffff	>2	mc88000 subarchitecture=%d
+>>0	belong&0x00ffffff	14	SPARC
+>>0	belong&0x00ffffff	15	i860g
+>>0	belong&0x00ffffff	16	alpha
+>>0	belong&0x00ffffff	17	rs6000
+>>0	belong&0x00ffffff	18	ppc
+>>>4		belong&0x00ffffff	0
+>>>4		belong&0x00ffffff	1	\b_601
+>>>4		belong&0x00ffffff	2	\b_602
+>>>4		belong&0x00ffffff	3	\b_603
+>>>4		belong&0x00ffffff	4	\b_603e
+>>>4		belong&0x00ffffff	5	\b_603ev
+>>>4		belong&0x00ffffff	6	\b_604
+>>>4		belong&0x00ffffff	7	\b_604e
+>>>4		belong&0x00ffffff	8	\b_620
+>>>4		belong&0x00ffffff	9	\b_750
+>>>4		belong&0x00ffffff	10	\b_7400
+>>>4		belong&0x00ffffff	11	\b_7450
+>>>4		belong&0x00ffffff	100	\b_970
+>>>4		belong&0x00ffffff	>100	subarchitecture=%d
+>>0	belong&0x00ffffff	>18	architecture=%d
+>0	belong&0xff000000	0x01000000
+#
+# 64-bit ABIs.
+#
+>>0	belong&0x00ffffff	0	64-bit architecture=%d
+>>0	belong&0x00ffffff	1	64-bit architecture=%d
+>>0	belong&0x00ffffff	2	64-bit architecture=%d
+>>0	belong&0x00ffffff	3	64-bit architecture=%d
+>>0	belong&0x00ffffff	4	64-bit architecture=%d
+>>0	belong&0x00ffffff	5	64-bit architecture=%d
+>>0	belong&0x00ffffff	6	64-bit architecture=%d
+>>0	belong&0x00ffffff	7	x86_64
+>>>4		belong&0x00ffffff	0	subarchitecture=%d
+>>>4		belong&0x00ffffff	1	subarchitecture=%d
+>>>4		belong&0x00ffffff	2	subarchitecture=%d
+>>>4		belong&0x00ffffff	3
+>>>4		belong&0x00ffffff	4	\b_arch1
+>>>4		belong&0x00ffffff	8	\b_haswell
+>>>4		belong&0x00ffffff	>4	subarchitecture=%d
+>>0	belong&0x00ffffff	8	64-bit architecture=%d
+>>0	belong&0x00ffffff	9	64-bit architecture=%d
+>>0	belong&0x00ffffff	10	64-bit architecture=%d
+>>0	belong&0x00ffffff	11	64-bit architecture=%d
+>>0	belong&0x00ffffff	12	arm64
+>>>4		belong&0x00ffffff	0
+>>>4		belong&0x00ffffff	1	\bv8
+>>>4		belong&0x00ffffff	2	\be
+>>>>7		ubyte&0xff		>0	(caps:
+>>>>7		ubyte&0xff		<0x80	%#02x
+>>>>7		ubyte&0xc0		0x80	PAC
+>>>>>7		ubyte&0x3f		x	\b%02d
+>>>>7		ubyte&0xc0		0xc0	PAK
+>>>>>7		ubyte&0x3f		x	\b%02d
+>>>>7		ubyte&0xff		x	\b)
+>>>4		belong&0x00ffffff	>2	subarchitecture=%d
+>>0	belong&0x00ffffff	13	64-bit architecture=%d
+>>0	belong&0x00ffffff	14	64-bit architecture=%d
+>>0	belong&0x00ffffff	15	64-bit architecture=%d
+>>0	belong&0x00ffffff	16	64-bit architecture=%d
+>>0	belong&0x00ffffff	17	64-bit architecture=%d
+>>0	belong&0x00ffffff	18	ppc64
+>>>4		belong&0x00ffffff	0
+>>>4		belong&0x00ffffff	1		\b_601
+>>>4		belong&0x00ffffff	2		\b_602
+>>>4		belong&0x00ffffff	3		\b_603
+>>>4		belong&0x00ffffff	4		\b_603e
+>>>4		belong&0x00ffffff	5		\b_603ev
+>>>4		belong&0x00ffffff	6		\b_604
+>>>4		belong&0x00ffffff	7		\b_604e
+>>>4		belong&0x00ffffff	8		\b_620
+>>>4		belong&0x00ffffff	9		\b_650
+>>>4		belong&0x00ffffff	10		\b_7400
+>>>4		belong&0x00ffffff	11		\b_7450
+>>>4		belong&0x00ffffff	100		\b_970
+>>>4		belong&0x00ffffff	>100		subarchitecture=%d
+>>0	belong&0x00ffffff	>18	64-bit architecture=%d
+>0	belong&0xff000000	0x02000000
+#
+# 64_32-bit ABIs.
+#
+>>0	belong&0x00ffffff	0	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	1	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	2	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	3	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	4	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	5	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	6	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	7	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	8	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	9	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	10	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	11	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	12	64_32-bit arm
+>>>4		belong&0x00ffffff	0
+>>>4		belong&0x00ffffff	1	\bv8
+>>>4		belong&0x00ffffff	>1	subarchitecture=%d
+>>0	belong&0x00ffffff	13	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	14	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	15	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	16	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	17	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	18	64_32-bit architecture=%d
+>>0	belong&0x00ffffff	>18	64_32-bit architecture=%d
+
+0	name		mach-o-be
+>0	byte		0xcf		64-bit
+>4	use		mach-o-cpu
+>12	belong		1		object
+# GRR: Does not work for Mach-O with 2 architectures; instead display oo
+#!:ext	o
+!:ext	o/
+>12	belong		2		executable
+# the executables normally have no file extension like perl,
+# but exceptions like perl5.18 perl5.16
+!:ext	16/18/
+>12	belong		3		fixed virtual memory shared library
+>12	belong		4		core
+>12	belong		5		preload executable
+>12	belong		6		dynamically linked shared library
+# GRR: Does not work for Mach-O with 2 architectures; instead display dylibdylib
+#!:ext	dylib
+!:ext	dylib/
+>12	belong		7		dynamic linker
+>12	belong		8		bundle
+# normally name extension bundle; but exceptions like: AMDil_r700.dylib 
+!:ext	bundle/dylib/
+>12	belong		9		dynamically linked shared library stub
+>12	belong		10		dSYM companion file
+>12	belong		11		kext bundle
+>12	belong		>11
+>>12	belong		x		filetype=%d
+>24	belong		>0		\b, flags:<
+>>24	belong		&0x00000001	\bNOUNDEFS
+>>24	belong		&0x00000002	\b|INCRLINK
+>>24	belong		&0x00000004	\b|DYLDLINK
+>>24	belong		&0x00000008	\b|BINDATLOAD
+>>24	belong		&0x00000010	\b|PREBOUND
+>>24	belong		&0x00000020	\b|SPLIT_SEGS
+>>24	belong		&0x00000040	\b|LAZY_INIT
+>>24	belong		&0x00000080	\b|TWOLEVEL
+>>24	belong		&0x00000100	\b|FORCE_FLAT
+>>24	belong		&0x00000200	\b|NOMULTIDEFS
+>>24	belong		&0x00000400	\b|NOFIXPREBINDING
+>>24	belong		&0x00000800	\b|PREBINDABLE
+>>24	belong		&0x00001000	\b|ALLMODSBOUND
+>>24	belong		&0x00002000	\b|SUBSECTIONS_VIA_SYMBOLS
+>>24	belong		&0x00004000	\b|CANONICAL
+>>24	belong		&0x00008000	\b|WEAK_DEFINES
+>>24	belong		&0x00010000	\b|BINDS_TO_WEAK
+>>24	belong		&0x00020000	\b|ALLOW_STACK_EXECUTION
+>>24	belong		&0x00040000	\b|ROOT_SAFE
+>>24	belong		&0x00080000	\b|SETUID_SAFE
+>>24	belong		&0x00100000	\b|NO_REEXPORTED_DYLIBS
+>>24	belong		&0x00200000	\b|PIE
+>>24	belong		&0x00400000	\b|DEAD_STRIPPABLE_DYLIB
+>>24	belong		&0x00800000	\b|HAS_TLV_DESCRIPTORS
+>>24	belong		&0x01000000	\b|NO_HEAP_EXECUTION
+>>24	belong		&0x02000000	\b|APP_EXTENSION_SAFE
+>>24	belong		&0x04000000	\b|NLIST_OUTOFSYNC_WITH_DYLDINFO
+>>24	belong		&0x08000000	\b|SIM_SUPPORT
+>>24	belong		&0x80000000	\b|DYLIB_IN_CACHE
+>>24	belong		x		\b>
+
+#
+0	lelong&0xfffffffe	0xfeedface	Mach-O
+!:strength +1
+!:mime application/x-mach-binary
+>0	use	\^mach-o-be
+
+0	belong&0xfffffffe	0xfeedface	Mach-O
+!:strength +1
+!:mime application/x-mach-binary
+>0	use	mach-o-be
diff --git a/magic/Magdir/macintosh b/magic/Magdir/macintosh
new file mode 100644
index 0000000..a74aac4
--- /dev/null
+++ b/magic/Magdir/macintosh
@@ -0,0 +1,505 @@
+
+#------------------------------------------------------------------------------
+# $File: macintosh,v 1.36 2022/12/06 18:45:20 christos Exp $
+# macintosh description
+#
+# BinHex is the Macintosh ASCII-encoded file format (see also "apple")
+# Daniel Quinlan, quinlan@yggdrasil.com
+# Update:	Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/BinHex
+# Reference:	http://fileformats.archiveteam.org/wiki/BinHex
+# Note:		only tested with version 4.0 and hqx extension
+# Any text/binary before the characteristic comment sentence is to be ignored like in
+# http://ftp.vim.org/pub/ftp/ftp/infomac/disk/mac-update-40b7.hqx
+0	search/1602	(This\ file\ 
+>&0	use		binhex
+# http://ftp.vim.org/pub/ftp/ftp/infomac/_Disk_&_File/zap-res-forks-101.hqx
+0	search/2652/b	(This\ file\ 
+>&0	use		binhex
+0	name				binhex
+# keep split search string format similar like in version 5.37
+>0	string	must\ be\ converted\ with\ BinHex\ 	BinHex binary text, version
+# http://www.macdisk.com/binhexen.php3
+!:apple	BNHQTEXT
+# http://www.faqs.org/faqs/macintosh/comm-faq/part1/
+>>&0	string	1.0					1.0
+!:mime	application/mac-binhex
+!:ext	hex
+>>&0	string	2.0					2.0
+!:mime	application/mac-binhex
+!:ext	hcx
+# BinHex	3.0 never existed
+>>&0	string	4.0					4.0
+!:mime	application/mac-binhex40
+!:ext	hqx
+# BinHex	5.0 also MacBinary I
+>>&0	string	5.0					5.0
+!:mime	application/mac-binhex40
+!:ext	hqx
+# this should never happen
+>>&0	default	x					
+>>>&0	string	x					%.3s
+!:mime	application/mac-binhex
+!:ext	hqx
+
+# Stuffit archives are the de facto standard of compression for Macintosh
+# files obtained from most archives. (franklsm@tuns.ca)
+0	string		SIT!			StuffIt Archive (data)
+!:mime	application/x-stuffit
+!:apple	SIT!SIT!
+>2	string		x			: %s
+0	string		SITD			StuffIt Deluxe (data)
+>2	string		x			: %s
+0	string		Seg			StuffIt Deluxe Segment (data)
+>2	string		x			: %s
+
+# Newer StuffIt archives (grant@netbsd.org)
+0	string		StuffIt			StuffIt Archive
+!:mime	application/x-stuffit
+!:apple	SIT!SIT!
+#>162	string		>0			: %s
+
+# Macintosh Applications and Installation binaries (franklsm@tuns.ca)
+# GRR: Too weak
+#0	string		APPL			Macintosh Application (data)
+#>2	string		x			\b: %s
+
+# Macintosh System files (franklsm@tuns.ca)
+# GRR: Too weak
+#0	string		zsys			Macintosh System File (data)
+#0	string		FNDR			Macintosh Finder (data)
+#0	string		libr			Macintosh Library (data)
+#>2	string		x			: %s
+#0	string		shlb			Macintosh Shared Library (data)
+#>2	string		x			: %s
+#0	string		cdev			Macintosh Control Panel (data)
+#>2	string		x			: %s
+#0	string		INIT			Macintosh Extension (data)
+#>2	string		x			: %s
+#0	string		FFIL			Macintosh Truetype Font (data)
+#>2	string		x			: %s
+#0	string		LWFN			Macintosh Postscript Font (data)
+#>2	string		x			: %s
+
+# Additional Macintosh Files (franklsm@tuns.ca)
+# GRR: Too weak
+#0	string		PACT			Macintosh Compact Pro Archive (data)
+#>2	string		x			: %s
+#0	string		ttro			Macintosh TeachText File (data)
+#>2	string		x			: %s
+#0	string		TEXT			Macintosh TeachText File (data)
+#>2	string		x			: %s
+#0	string		PDF			Macintosh PDF File (data)
+#>2	string		x			: %s
+
+# MacBinary format (Eric Fischer, enf@pobox.com)
+# Update: Joerg Jenderek 
+# URL: https://en.wikipedia.org/wiki/MacBinary
+#	http://fileformats.archiveteam.org/wiki/MacBinary
+# Reference: https://files.stairways.com/other/macbinaryii-standard-info.txt
+# Note:	verified by macutils `macunpack -i -v BBEdit4.0.sit.bin` and
+#	`deark -l -d -m macbinary G3FirmwareUpdate1.1.smi.bin`
+#
+# Unfortunately MacBinary doesn't really have a magic number prior
+# to the MacBinary III format.
+#
+
+# old version number, must be kept at zero for compatibility
+0	byte	0
+# length of filename (must be in the range 1-63)
+>1	ubyte	>0
+# skip T.PIC.LZ INSTRUMENT.7T INVENTORY
+>>1	ubyte	<64
+# skip Docs.MWII ReadMe.MacWrite "Notes (MacWrite II)"
+# by looking for printable characters at beginning of file name
+>>>2	ubelong	>0x1F000000
+# zero fill, must be zero for compatibility
+>>>>74	byte	0
+# zero fill, must be zero for compatibility
+>>>>>82	byte	0
+# skip few DEGAS mid-res uncompressed bitmap (GEMINI03.PI2 CODE_RAM.PI2) with "too high" file names ffffff88 ffff4f00
+>>>>>>2	ubelong		<0xffff0000
+# MacBinary I		test for valid version numbers
+>>>>>>>122	ubeshort	0
+# additional check for undefined header fields in MacBinary I
+#>>>>>>>>101	ulong		0
+>>>>>>>>0	use	mac-bin
+# MacBinary II		the newer versions begins at 129
+>>>>>>>122	ubeshort	0x8181
+>>>>>>>>0	use	mac-bin
+# MacBinary III with MacBinary II to read
+>>>>>>122	ubeshort	0x8281
+>>>>>>>0	use	mac-bin
+
+#	display information of MacBinary file
+0	name		mac-bin
+>122	ubyte	x	MacBinary
+# versions for MacBinary II/III
+>122	ubyte	129		II
+>122	ubyte	130		III
+# only in MacBinary III
+>>102	string	!mBIN		with surprising version
+!:mime	application/x-macbinary
+!:apple	PSPTBINA
+!:ext	bin/macbin
+# THIS SHOULD NEVER HAPPEN! Maybe another file type is misidentified as MacBinary
+#>1	ubyte	>63		\b, name length %u too BIG!
+#>122	ubeshort	x	\b, version %#x
+# Finder flags if not 0
+# >73	byte		!0		\b, flags 0x
+# >73	byte		=0		
+# >>101	byte		!0		\b, flags 0x
+# # original Finder flags (Bits 8-15)
+# >73	byte		!0		\b%x
+# # finder flags, bits 0-7
+# >101	byte		!0		\b%x
+>73	byte		&0x01		\b, inited
+>73	byte		&0x02		\b, changed
+>73	byte		&0x04		\b, busy
+>73	byte		&0x08		\b, bozo
+>73	byte		&0x10		\b, system
+>73	byte		&0x20		\b, bundle
+>73	byte		&0x40		\b, invisible
+>73	byte		&0x80		\b, locked
+
+# 75	beshort				# vertical posn in window
+#>75	beshort		!0		\b, v.pos %u
+# 77	beshort				# horiz posn in window
+#>77	beshort		!0		\b, h.pos %u
+# 79	beshort				# window or folder ID
+>79	ubeshort	!0		\b, ID %#x
+# protected flag
+>81	byte		!0		\b, protected %#x
+# length of comment after resource
+>99	ubeshort	!0		\b, comment length %u
+# char. code of file name
+>106	ubyte		!0		\b, char. code %#x
+# still more Finder flags
+>107	ubyte		!0		\b, more flags %#x
+# length of total files when unpacked only used when pack and unpack on the fly
+>116	ubelong		!0		\b, total length %u
+# 120	beshort				# length of add'l header
+>120	ubeshort	!0		\b, 2nd header length %u
+# 124	beshort				# checksum
+#>124	ubeshort	!0		\b, CRC %#x
+# creation date in seconds since MacOS epoch start. So 1 Jan 1970 ~ 7C25B080
+# few (31/1247) examples (hinkC4.0.sitx.bin InternetExplorer5.1.smi.bin G3FirmwareUpdate1.1.smi.bin Firewire2.3.3.smi.bin LR2image.bin) contain zeroed date fields
+>91	long		!0
+>>91	beldate-0x7C25B080	x	\b, %s
+# THIS SHOULD NEVER HAPPEN! Maybe another file type is misidentified or time overflow
+>91	ubelong		<0x7c25b080	INVALID date
+# reported date seconds by deark
+#>91	ubelong		x		deark-DATE=%u
+# last modified date
+>95	long		!0
+>>95	beldate-0x7C25B080	x	\b, modified %s
+# Apple creator+typ if not null
+# file creator (normally expressed as four characters)
+>69	ulong			!0	\b, creator
+# instead 4 character code display full creator name
+>>69	use			apple-creator
+# file type (normally expressed as four characters)
+>65	ulong			!0	\b, type
+>>65	use			apple-type
+# length of data segment
+>83	ubelong			!0	\b, %u bytes
+# filename (in the range 1-63)
+# like "BBEdit4.0.sit" "Archive.sitx" "MacPGP 2.2  (.sea)"
+>1	pstring			x	"%s"
+# print 1 space and then at offset 128 inspect data fork content if it has one
+>83	ubelong			!0	\b 
+>>128	indirect		x
+# Afterwards resource fork if length of resource segment not zero
+>87	ubelong			!0
+# calculate resource fork offset
+>>83	ubelong+128		x	\b, at %#x
+# length of resource segment
+>>87	ubelong			!0	%u bytes
+>>(83.S+128)	ubequad		x	resource 
+# further resource fork content inspection 
+>>>&-8	indirect		x
+
+# Apple Type/Creator Database
+# URL: https://en.wikipedia.org/wiki/Type_code
+# Reference:	https://www.lacikam.co.il/tcdb/
+#		https://www.macdisk.com/macsigen.php
+# Note:	classic Mac OS files have two 4 character codes for type and creator.
+#	Thereby the Finder attach documents types to applications.
+
+#>65	string		x		\b, type "%4.4s"
+
+#	display information about apple type
+0	name		apple-type
+>0	string		8BIM		PhotoShop
+>0	string		ALB3		PageMaker 3
+>0	string		ALB4		PageMaker 4
+>0	string		ALT3		PageMaker 3
+>0	string		APPL		application
+>0	string		AWWP		AppleWorks word processor
+>0	string		CIRC		simulated circuit
+>0	string		DRWG		MacDraw
+>0	string		EPSF		Encapsulated PostScript
+>0	string		FFIL		font suitcase
+>0	string		FKEY		function key
+>0	string		FNDR		Macintosh Finder
+>0	string		GIFf		GIF image
+>0	string		Gzip		GNU gzip
+>0	string		INIT		system extension
+>0	string		LIB\ 		library
+>0	string		LWFN		PostScript font
+>0	string		MSBC		Microsoft BASIC
+>0	string		PACT		Compact Pro archive
+>0	string		PDF\ 		Portable Document Format
+>0	string		PICT		picture
+>0	string		PNTG		MacPaint picture
+>0	string		PREF		preferences
+>0	string		PROJ		Think C project
+>0	string		QPRJ		Think Pascal project
+>0	string		SCFL		Defender scores
+>0	string		SCRN		startup screen
+>0	string		SITD		StuffIt Deluxe
+>0	string		SPn3		SuperPaint
+>0	string		STAK		HyperCard stack
+>0	string		Seg\ 		StuffIt segment
+>0	string		TARF		Unix tar archive
+>0	string		TEXT		ASCII
+>0	string		TIFF		TIFF image
+>0	string		TOVF		Eudora table of contents
+>0	string		WDBN		Microsoft Word word processor
+>0	string		WORD		MacWrite word processor
+>0	string		XLS\ 		Microsoft Excel
+>0	string		ZIVM		compress (.Z)
+>0	string		ZSYS		Pre-System 7 system file
+>0	string		acf3		Aldus FreeHand
+>0	string		cdev		control panel
+>0	string		dfil		Desk Accessory suitcase
+>0	string		libr		library
+>0	string		nX^d		WriteNow word processor
+>0	string		nX^w		WriteNow dictionary
+>0	string		rsrc		resource
+>0	string		scbk		Scrapbook
+>0	string		shlb		shared library
+>0	string		ttro		SimpleText read-only
+>0	string		zsys		system file
+
+#	additional types added in Dec 2017
+>0	string		BINA		binary file
+>0	string		BMPp		BMP image
+>0	string		JPEG		JPEG image
+#>0	string		W4BN		Microsoft Word x.y word processor?
+# if type name is not known display 4 character identifier
+>0	default		x		
+>>0	string		x		'%4.4s'
+
+#>69	string		x		\b, creator "%4.4s"
+
+# Now Apple has no repository of registered Creator IDs any more. These are
+# just the ones that I happened to have files from and was able to identify.
+
+#	display information about apple creator
+0	name		apple-creator
+>0	string		8BIM		Adobe Photoshop
+>0	string		ALD3		PageMaker 3
+>0	string		ALD4		PageMaker 4
+>0	string		ALFA		Alpha editor
+>0	string		APLS		Apple Scanner
+>0	string		APSC		Apple Scanner
+>0	string		BRKL		Brickles
+>0	string		BTFT		BitFont
+>0	string		CCL2		Common Lisp 2
+>0	string		CCL\ 		Common Lisp
+>0	string		CDmo		The Talking Moose
+>0	string		CPCT		Compact Pro
+>0	string		CSOm		Eudora
+>0	string		DMOV		Font/DA Mover
+>0	string		DSIM		DigSim
+>0	string		EDIT		Macintosh Edit
+>0	string		ERIK		Macintosh Finder
+>0	string		EXTR		self-extracting archive
+>0	string		Gzip		GNU gzip
+>0	string		KAHL		Think C
+>0	string		LWFU		LaserWriter Utility
+>0	string		LZIV		compress
+>0	string		MACA		MacWrite
+>0	string		MACS		Macintosh operating system
+>0	string		MAcK		MacKnowledge terminal emulator
+>0	string		MLND		Defender
+>0	string		MPNT		MacPaint
+>0	string		MSBB		Microsoft BASIC (binary)
+>0	string		MSWD		Microsoft Word
+>0	string		NCSA		NCSA Telnet
+>0	string		PJMM		Think Pascal
+>0	string		PSAL		Hunt the Wumpus
+#>0	string		PSI2		Apple File Exchange
+>0	string		R*ch		BBEdit
+>0	string		RMKR		Resource Maker
+>0	string		RSED		Resource Editor
+>0	string		Rich		BBEdit
+>0	string		SIT!		StuffIt
+>0	string		SPNT		SuperPaint
+>0	string		Unix		NeXT Mac filesystem
+>0	string		VIM!		Vim editor
+>0	string		WILD		HyperCard
+>0	string		XCEL		Microsoft Excel
+>0	string		aCa2		Fontographer
+>0	string		aca3		Aldus FreeHand
+>0	string		dosa		Macintosh MS-DOS file system
+>0	string		movr		Font/DA Mover
+>0	string		nX^n		WriteNow
+>0	string		pdos		Apple ProDOS file system
+>0	string		scbk		Scrapbook
+>0	string		ttxt		SimpleText
+>0	string		ufox		Foreign File Access
+#	additional creators added in Dec 2017
+# Claris/Apple Works
+>0	string		BOBO		Apple Works
+# CU-SeeMe_0.87b3_(68K).bin
+#>0	string		CUce		bar
+>0	string		PSPT		Apple File Exchange
+# Disk_Copy_4.2.sea.bin
+#>0	string		NCse		foo
+# probably StuffIt/Aladdin by Smith Micro Software, Inc.
+>0	string		STi0		stuffit
+# MacGzip-1.1.3.sea.bin
+#>0	string		aust		bar
+# D-Disk_Copy_6.3.3.smi.bin 
+>0	string		oneb		Disk Copy Self Mounting
+# if creator name is not known display 4 character identifier
+>0	default		x		
+>>0	string		x		'%4.4s'
+
+# sas magic from Bruce Foster (bef@nwu.edu)
+#
+#0	string		SAS		SAS
+#>8	string		x		%s
+0	string		SAS		SAS
+>24	string		DATA		data file
+>24	string		CATALOG		catalog
+>24	string		INDEX		data file index
+>24	string		VIEW		data view
+# sas 7+ magic from Reinhold Koch (reinhold.koch@roche.com)
+#
+0x54    string          SAS             SAS 7+
+>0x9C   string          DATA            data file
+>0x9C   string          CATALOG         catalog
+>0x9C   string          INDEX           data file index
+>0x9C   string          VIEW            data view
+
+# spss magic for SPSS system and portable files,
+#	 from Bruce Foster (bef@nwu.edu).
+
+0	long		0xc1e2c3c9	SPSS Portable File
+>40	string 		x		%s
+
+0	string		$FL2		SPSS System File
+>24	string		x		%s
+
+0	string		$FL3		SPSS System File
+>24	string		x		%s
+
+# Macintosh filesystem data
+# From "Tom N Harris" <telliamed@mac.com>
+# Fixed HFS+ and Partition map magic: Ethan Benson <erbenson@alaska.net>
+# The MacOS epoch begins on 1 Jan 1904 instead of 1 Jan 1970, so these
+# entries depend on the data arithmetic added after v.35
+# There's also some Pascal strings in here, ditto...
+
+# The boot block signature, according to IM:Files, is
+# "for HFS volumes, this field always contains the value 0x4C4B."
+# But if this is true for MFS or HFS+ volumes, I don't know.
+# Alternatively, the boot block is supposed to be zeroed if it's
+# unused, so a simply >0 should suffice.
+
+0x400	beshort			0xD2D7		Macintosh MFS data
+>0	beshort			0x4C4B		(bootable)
+>0x40a	beshort			&0x8000		(locked)
+>0x402	beldate-0x7C25B080	x		created: %s,
+>0x406	beldate-0x7C25B080	>0		last backup: %s,
+>0x414	belong			x		block size: %d,
+>0x412	beshort			x		number of blocks: %d,
+>0x424	pstring			x		volume name: %s
+
+# *.hfs updated by Joerg Jenderek
+# https://en.wikipedia.org/wiki/Hierarchical_File_System
+# "BD" gives many false positives
+0x400	beshort			0x4244
+# ftp://ftp.mars.org/pub/hfs/hfsutils-3.2.6.tar.gz/hfsutils-3.2.6/libhfs/apple.h
+# first block of volume bit map (always 3)
+>0x40e	ubeshort		0x0003
+# maximal length of volume name is 27
+>>0x424		ubyte			<28	Macintosh HFS data
+!:mime	application/x-apple-diskimage
+#!:apple	hfsdINIT
+#!:apple	MACSdisk
+# https://www.macdisk.com/macsigen.php
+#!:apple	ddskdevi
+!:apple	????devi
+# https://en.wikipedia.org/wiki/Apple_Disk_Image
+!:ext hfs/dmg
+>>>0		beshort			0x4C4B	(bootable)
+#>>>0		beshort			0x0000	(not bootable)
+>>>0x40a	beshort			&0x8000	(locked)
+>>>0x40a	beshort			^0x0100	(mounted)
+>>>0x40a	beshort			&0x0200	(spared blocks)
+>>>0x40a	beshort			&0x0800	(unclean)
+>>>0x47C	beshort			0x482B	(Embedded HFS+ Volume)
+# https://www.epochconverter.com/
+# 0x7C245F00 seconds	~ 2082758400	~ 01 Jan 2036 00:00:00	~ 66 years to 1970
+# 0x7C25B080 seconds	~ 2082844800	~ 02 Jan 2036 00:00:00
+# construct not working
+#>>>0x402	beldate-0x7C25B080	x	created: %s,
+#>>>0x406	beldate-0x7C25B080	x	last modified: %s,
+#>>>0x440	beldate-0x7C25B080	>0	last backup: %s,
+# found block sizes 200h,1200h,2800h
+>>>0x414	belong			x	block size: %d,
+>>>0x412	beshort			x	number of blocks: %d,
+>>>0x424	pstring			x	volume name: %s
+
+0	name			hfsplus
+>&0	beshort			x		version %d data
+>0	beshort			0x4C4B		(bootable)
+>0x404	belong			^0x00000100	(mounted)
+>&2	belong			&0x00000200	(spared blocks)
+>&2	belong			&0x00000800	(unclean)
+>&2	belong			&0x00008000	(locked)
+>&6	string			x		last mounted by: '%.4s',
+# really, that should be treated as a belong and we print a string
+# based on the value. TN1150 only mentions '8.10' for "MacOS 8.1"
+>&14	beldate-0x7C25B080	x		created: %s,
+# only the creation date is local time, all other timestamps in HFS+ are UTC.
+>&18	bedate-0x7C25B080	x		last modified: %s,
+>&22	bedate-0x7C25B080	>0		last backup: %s,
+>&26	bedate-0x7C25B080	>0		last checked: %s,
+>&38	belong			x		block size: %d,
+>&42	belong			x		number of blocks: %d,
+>&46	belong			x		free blocks: %d
+
+0x400	beshort			0x482B		Apple HFS Plus
+>&0	use			hfsplus
+0x400	beshort			0x4858		Apple HFS Plus Extended
+>&0	use			hfsplus
+
+## AFAIK, only the signature is different
+# same as Apple Partition Map
+# GRR: This magic is too weak, it is just "TS"
+#0x200		beshort		0x5453		Apple Old Partition data
+#>0x2		beshort		x		block size: %d,
+#>0x230		string		x		first type: %s,
+#>0x210		string		x		name: %s,
+#>0x254		belong		x		number of blocks: %d,
+#>0x400		beshort		0x504D
+#>>0x430		string		x		second type: %s,
+#>>0x410		string		x		name: %s,
+#>>0x454		belong		x		number of blocks: %d,
+#>>0x800		beshort		0x504D
+#>>>0x830	string		x		third type: %s,
+#>>>0x810	string		x		name: %s,
+#>>>0x854	belong		x		number of blocks: %d,
+#>>>0xa00	beshort		0x504D
+#>>>>0xa30	string		x		fourth type: %s,
+#>>>>0xa10	string		x		name: %s,
+#>>>>0xa54	belong		x		number of blocks: %d
+
+# From: Remi Mommsen <mommsen@slac.stanford.edu>
+0		string		BOMStore	Mac OS X bill of materials (BOM) file
+
diff --git a/magic/Magdir/macos b/magic/Magdir/macos
new file mode 100644
index 0000000..0bacc13
--- /dev/null
+++ b/magic/Magdir/macos
@@ -0,0 +1,7 @@
+
+#------------------------------------------------------------------------------
+# $File: macos,v 1.1 2012/12/21 16:41:07 christos Exp $
+# MacOS files
+#
+
+0	string		book\0\0\0\0mark\0\0\0\0	MacOS Alias file
diff --git a/magic/Magdir/magic b/magic/Magdir/magic
new file mode 100644
index 0000000..c8aa054
--- /dev/null
+++ b/magic/Magdir/magic
@@ -0,0 +1,71 @@
+
+#------------------------------------------------------------------------------
+# $File: magic,v 1.11 2023/06/27 13:42:49 christos Exp $
+# magic:  file(1) magic for magic files
+#
+# Update:	Joerg Jenderek
+# skip Magicsee_R1.cfg found on retropie starting with # Magicsee R1 one-handed controller
+0	string/t		#\ Magic\ 	magic text file for file(1) cmd
+#!:mime	text/plain
+!:mime	text/x-file
+# no suffix in ../Header
+!:ext	/
+#
+# some samples start with a comment line
+0	ubyte		=0x23
+# many samples start with separator line
+>4	string		--------
+>>0	use		magic-fragment
+# few samples with 1st comment line and without seperator comment line
+>4	default		x
+# few sample with 1st comment line and without seperator comment line and regular expression like: sisu
+>>1	search/112	regex\x09
+>>>0	use		magic-fragment
+>>1	default		x
+# few samples with 1st comment line and without seperator comment line and string value like:
+# blcr bsi selinux ssh (file 3.34) digital gnu wordperfect
+>>>1	search/471	string\x09
+>>>>0	use		magic-fragment
+>>>1	default		x
+# few samples with 1st comment line and without seperator comment line and short value like:
+# (file 3.34) os9 osf1
+>>>>1	search/1716	short\x09
+>>>>>0	use		magic-fragment
+# but many samples start with an empty first line
+0	ubyte		=0x0A
+# many samples sttart with separator comment line
+>4	string		--------
+>>0	use		magic-fragment
+# few samples with 1st empty line and without seperator comment line like: biosig espressif
+>4	default		x
+>>1	search/581	\041:mime
+>>>0	use		magic-fragment
+#	display information (lines) about magic text fragment
+0	name		magic-fragment
+>0	string		x		magic text fragment for file(1) cmd
+!:mime	text/x-file
+# most without suffix but mail.news varied.out varied.script
+!:ext	/news/out/script
+# next lines are mainly for control reasons
+# some (34/339) samples start comment line
+>0	ubyte		!0x0A
+>>0	string		x		\b, 1st line "%s"
+>>>&1	string		x		\b, 2nd line "%s"
+# but most (305/339) samples start with an empty first line
+>0	ubyte		=0x0A
+>>1	string		x		\b, 2nd line "%s"
+>>>&1	string		x		\b, 3rd line "%s"
+#
+# URL:		http://en.wikipedia.org/wiki/File_(command)
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/m/mgc.trid.xml
+# Note:		called "magic compiled data (LE)" by TrID
+0	lelong		0xF11E041C	magic binary file for file(1) cmd
+#!:mime	application/octet-stream
+!:mime application/x-file
+!:ext	mgc
+>4	lelong		x		(version %d) (little endian)
+0	belong		0xF11E041C	magic binary file for file(1) cmd
+#!:mime	application/octet-stream
+!:mime application/x-file
+!:ext	mgc
+>4	belong		x		(version %d) (big endian)
diff --git a/magic/Magdir/mail.news b/magic/Magdir/mail.news
new file mode 100644
index 0000000..3ca3b40
--- /dev/null
+++ b/magic/Magdir/mail.news
@@ -0,0 +1,132 @@
+#------------------------------------------------------------------------------
+# $File: mail.news,v 1.30 2022/10/31 13:22:26 christos Exp $
+# mail.news:  file(1) magic for mail and news
+#
+# Unfortunately, saved netnews also has From line added in some news software.
+#0	string		From 		mail text
+0	string/t		Relay-Version: 	old news text
+!:mime	message/rfc822
+0	string/t		#!\ rnews	batched news text
+!:mime	message/rfc822
+0	string/t		N#!\ rnews	mailed, batched news text
+!:mime	message/rfc822
+0	string/t		Forward\ to 	mail forwarding text
+!:mime	message/rfc822
+0	string/t		Pipe\ to 	mail piping text
+!:mime	message/rfc822
+0	string/tc		delivered-to:	SMTP mail text
+!:mime	message/rfc822
+0	string/tc		return-path:	SMTP mail text
+!:mime	message/rfc822
+0	string/t		Path:		news text
+!:mime	message/news
+0	string/t		Xref:		news text
+!:mime	message/news
+0	string/t		From:		news or mail text
+!:mime	message/rfc822
+0	string/t		Date:		news or mail text
+!:mime	message/rfc822
+0	string/t		Article 	saved news text
+!:mime	message/news
+# Reference:	http://quimby.gnus.org/notes/BABYL
+# Update:	Joerg Jenderek
+# Note:		used by Rmail in Emacs version 22 and before
+#		is not text because of characters like Control-L Control-_
+0	string/b		BABYL\ OPTIONS:	Emacs RMAIL
+#0	string/t		BABYL		Emacs RMAIL text
+# https://reposcope.com/mimetype/message/x-gnu-rmail
+!:mime	message/x-gnu-rmail
+# ~/RMAIL
+!:ext	/
+0	string/t		Received:	RFC 822 mail text
+!:mime	message/rfc822
+0	string/t		MIME-Version:	MIME entity text
+#0	string/t		Content-	MIME entity text
+
+# TNEF files...
+# URL:		http://fileformats.archiveteam.org/wiki/Transport_Neutral_Encapsulation_Format
+#		https://en.wikipedia.org/wiki/Transport_Neutral_Encapsulation_Format
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/t/tnef.trid.xml
+#		https://interoperability.blob.core.windows.net/files/MS-OXTNEF/%5bMS-OXTNEF%5d-210817.pdf
+# Update:	Joerg Jenderek
+# Note:		moved and merged from ./msdos (version 1.154) there just called "TNEF"
+#		partly verified by `tnef --list -v -f voice.tnef` and `ytnef -v  triples.tnef`
+# TNEF magic From "Joomy" <joomy@se-ed.net>
+# TNEF_SIGNATURE 
+0	lelong		0x223E9F78	Transport Neutral Encapsulation Format (TNEF)
+!:mime	application/vnd.ms-tnef
+# winmail.dat or win.dat by Microsoft Outlook
+!:ext	tnef/dat
+# https://docs.microsoft.com/en-us/openspecs/exchange_server_protocols/ms-oxtnef/7fdb64ee-7f63-4d95-9af1-c672e7475c3a
+# LegacyKey
+#>4	uleshort	x		\b, key %#4.4x
+# attrLevelMessage; Level where attribute applies like: 1~attrLevelMessage 2~attrLevelAttachment
+>6	ubyte		!1		\b, 1st level %#2.2x
+# other ID (like 02900000h) or TnefVersion ID (idTnefVersion=06900800h)
+>7	ubelong		!0x06900800	\b, 1st id %#8.8x
+>7	ubelong		=0x06900800
+# TnefVersion length like: 4
+>>11	ulelong		!4		\b, TnefVersion length %x
+# TNEFVersionData; TnefVersion data like: 00010000h
+>>15	ulelong		!0x00010000h	\b, version %#8.8x
+# Checksum like: 1
+>>19	uleshort	!1		\b, checksum %#4.4x
+# attrLevelMessage; level of attOemCodepage like: 1
+>>21	ubyte		!1		\b, level %#2.2x
+# idOEMCodePage; OEMCodePage ID like: 07900600h
+>>22	ubelong		=0x07900600	\b, OEM codepage
+# OEMCodePage length like: 8
+>>>26	ulelong		=8		
+# OEMCodePageData; PrimaryCodePage like: 1251 1252
+>>>>30	ulelong		x		%u
+# OEMCodePageData; SecondaryCodePage; unused and SHOULD contain zero
+>>>>34	ulelong		!0		and %u
+# OEMCodePageData Checksum like: E7h E8h
+>>>>38	uleshort	x		(checksum %#x)
+# attrLevelMessage of attMessageClass like: 1
+>>40	ubyte		!1		\b, level %u
+# idMessageClass; ID of attMessageClass like: 08800700h
+>>41	ubelong		=0x08800700	\b, MessageAttribute
+# attMessageClass length like: 16 24 25
+#>>>45	ulelong		x		(length %u)
+# attMessageClass data like: "IPM.Microsoft Mail.Note" "IPM.Note.Portada Newseum"
+# "IPM.Appointment" "IPM.Note.Microsoft.Voicemail.UM.CA"
+>>>45	pstring/l	x		"%s"
+
+# From: Kevin Sullivan <ksulliva@psc.edu>
+0	string		*mbx*		MBX mail folder
+
+# From: Simon Matter <simon.matter@invoca.ch>
+0	string		\241\002\213\015skiplist\ file\0\0\0	Cyrus skiplist DB
+0	string		\241\002\213\015twoskip\ file\0\0\0\0	Cyrus twoskip DB
+
+# JAM(mbp) Fidonet message area databases
+# JHR file
+0	string	JAM\0			JAM message area header file
+>12	leshort >0			(%d messages)
+
+# Squish Fidonet message area databases
+# SQD file (requires at least one message in the area)
+# XXX: Weak magic
+#256	leshort	0xAFAE4453		Squish message area data file
+#>4	leshort	>0			(%d messages)
+
+#0	string		\<!--\ MHonArc		text/html; x-type=mhonarc
+
+# Cyrus: file(1) magic for compiled Cyrus sieve scripts
+# URL: https://www.cyrusimap.org/docs/cyrus-imapd/2.4.6/internal/bytecode.php
+# URL: http://git.cyrusimap.org/cyrus-imapd/tree/sieve/bytecode.h?h=master
+# From: Philipp Hahn <hahn@univention.de>
+
+# Compiled Cyrus sieve script
+0       string CyrSBytecode     Cyrus sieve bytecode data,
+>12     belong =1       version 1, big-endian
+>12     lelong =1       version 1, little-endian
+>12     belong x        version %d, network-endian
+
+# Dovecot mail server, version 2.2 and later.
+# Dovecot mailing list: dovecot@dovecot.org
+# File format spec: https://wiki.dovecot.org/Design/Dcrypt/#File_format
+# From: Stephen Gildea
+0	string	CRYPTED\003\007		Dovecot encrypted message
+>9	byte	x			\b, dcrypt version %d
diff --git a/magic/Magdir/make b/magic/Magdir/make
new file mode 100644
index 0000000..1abdf7a
--- /dev/null
+++ b/magic/Magdir/make
@@ -0,0 +1,21 @@
+#------------------------------------------------------------------------------
+# $File: make,v 1.5 2022/03/12 15:09:47 christos Exp $
+# make:  file(1) magic for makefiles
+#
+# URL: https://en.wikipedia.org/wiki/Make_(software)
+0	regex/100l	\^(CFLAGS|VPATH|LDFLAGS|all:|\\.PRECIOUS)	makefile script text
+!:mime	text/x-makefile
+!:strength -15
+# Update: Joerg Jenderek
+# Reference: https://www.freebsd.org/cgi/man.cgi?make(1)
+# exclude grub-core\lib\libgcrypt\mpi\Makefile.am with "#BEGIN_ASM_LIST"
+# by additional escaping point character
+# exclude MS Windows help file CoNtenT with ":include FOOBAR.CNT"
+# and NSIS script with "!include" by additional escaping point character
+0	regex/100l	\^\\.(BEGIN|endif|include)	BSD makefile script text
+!:mime	text/x-makefile
+!:ext	/mk
+!:strength -10
+0	regex/100l	\^SUBDIRS[[:space:]]+=	automake makefile script text
+!:mime	text/x-makefile
+!:strength -15
diff --git a/magic/Magdir/map b/magic/Magdir/map
new file mode 100644
index 0000000..2d56df0
--- /dev/null
+++ b/magic/Magdir/map
@@ -0,0 +1,413 @@
+
+
+#------------------------------------------------------------------------------
+# $File: map,v 1.10 2023/02/03 20:41:57 christos Exp $
+# map:  file(1) magic for Map data
+#
+
+# Garmin .FIT files https://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
+8	string	.FIT		FIT Map data
+>15	byte	0
+>>35	belong	x		\b, unit id %d
+>>39	lelong	x		\b, serial %u
+# https://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
+# 20 years after unix epoch
+# TZ=GMT date -d '1989-12-31 0:00' +%s
+>>43	leldate+631065600	x	\b, %s
+
+>>47	leshort x		\b, manufacturer %d
+>>47	leshort	1		\b (garmin)
+>>49	leshort x		\b, product %d
+>>53	byte	x		\b, type %d
+>>53	byte	1		\b (Device)
+>>53	byte	2		\b (Settings)
+>>53	byte	3		\b (Sports/Cycling)
+>>53	byte	4		\b (Activity)
+>>53	byte	8		\b (Elevations)
+>>53	byte	10		\b (Totals)
+
+# Summary: Garmin map
+# From:	Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Garmin_.img
+# Reference: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/IMG_File_Format
+# sourceforge.net/projects/garmin-img/files/IMG%20File%20Format/1.0/imgformat-1.0.pdf
+# GRR: similar to MBR boot sector handled by ./filesystems
+0x1FE	leshort		=0xAA55
+# look for valid map signature
+>0x13	string		=IMG\0
+>>0	use		garmin-map
+0	name				garmin-map
+>0	ubyte		x		Garmin
+!:mime	application/x-garmin-map
+# If non-zero, every byte of the entire .img file is to be XORed with this value
+>0	ubyte		!0		\b, %#x XORed
+# goto block before FAT
+>(0x40.b*512)	ubyte	x
+# 1st fat name "DLLINFO TXT" only found for vpm
+>>&512 		string	=DLLINFO\ TXT 	map (Voice Processing)
+# there exist 2 other Garmin VPM formats; see ./audio
+!:ext	vpm
+# Deutsch__Yannick_D4481-00_0210.vpm
+#>>>512	search/0x0116da60/s	RIFF	\b; with
+# determine type voice type by ./riff
+#>>>>&0	indirect	x	\b
+>>&512 		string	!DLLINFO\ TXT 	map
+!:ext	img
+# 9 zeros
+>1 	ubelong		!0 		\b, zeroes %#x
+# Map's version major
+>8	ubyte		x		v%u
+# Map's version minor
+>9	ubyte		x		\b.%.2u
+# Map description[20], 0x20 padded
+>0x49	string		x		%.20s
+# Map name, continued (0x20 padded, \0 terminated)
+>0x65	string		>\ 		\b%.31s
+# Update year (+1900 for val >= 0x63, +2000 for val <= 0x62)
+>0xB	ubyte		x		\b, updated
+>>0xB	ubyte		>0x62
+>>>0xB	ubyte-100	x		20%.2u
+>>0xB	ubyte		<0x63
+>>>0xB	ubyte		x		20%.2u
+# Update month (0-11)
+>0xA	ubyte		x		\b-%.2u
+# All zeroes
+>0xc 	uleshort	!0 		\b, zeroes %#x
+# Mapsource flag, 1 - file created by Mapsource, 0 - Garmin map visible in Basecamp and Homeport 
+#>0xE	ubyte		!0		\b, Mapsource flag %#x
+>0xE	ubyte		1		\b, Mapsource
+# Checksum, sum of all bytes modulo 256 should be 0
+#>0xF	ubyte		x		\b, Checksum %#x
+# Signature: DSKIMG 0x00 or DSDIMG 0x00 for demo map 
+>0x10	string		!DSKIMG		\b, signature "%.7s"
+>0x39	use		garmin-date
+# Map file identifier like GARMIN\0
+>0x41	string		!GARMIN		\b, id "%.7s"
+# Block size exponent, E1; appears to always be 0x09; minimum block size 512 bytes
+>0x61	ubyte		!0x09		\b, E1=%u
+# Block size exponent, E2 ; file blocksize=2**(E1+E2)
+>>0x62	ubyte		x		\b, E2=%u
+>0x61	ubyte		=0x09		\b, blocksize
+>>0x62	ubyte		0		512
+>>0x62	ubyte		1		1024
+>>0x62	ubyte		2		2048
+>>0x62	ubyte		3		4096
+>>0x62	ubyte		4		8192
+>>0x62	ubyte		5		16384
+>>0x62	default		x
+>>>0x62	ubyte		x		E2=%u
+# MBR signature
+>0x1FE	leshort		!0xAA55		\b, invalid MBR
+# 512 zeros
+>0x200 	uquad		!0		\b, zeroes %#llx
+# First sub-file offset (absolute); sometimes NO/UNKNOWN sub file!
+>0x40C	ulelong		>0		\b, at %#x
+# sub-file Header length
+#>>(0x40C.l)	uleshort	x	\b, header len %#x
+>>(0x40C.l)	uleshort	x	%u bytes
+# sub-file Type[10] like "GARMIN RGN" "GARMIN TRE", "GARMIN TYP", etc.
+>>(0x40C.l+2)	ubyte	>0x1F
+>>>(0x40C.l+2)	ubyte	<0xFF
+>>>>(0x40C.l+2)	string	x		"%.10s"
+# 0x00 for most maps, 0x80 for locked maps (City Nav, City Select, etc.) 
+>>>>(0x40C.l+13)	ubyte	>0		\b, locked %#x
+# Block sequence numbers like 0000 0100 0200 ... FFFF
+# >0x420	ubequad		>0	\b, seq. %#16.16llx
+# >>0x428	ubequad		>0	\b%16.16llx
+# >>>0x430	ubequad	>0	\b%16.16llx
+# >>>>0x438	ubequad	>0	\b%16.16llx
+# >>>>>0x440	ubequad	>0	\b%16.16llx
+# >>>>>>0x448	ubequad	>0	\b%16.16llx
+# >>>>>>>0x450	ubequad	>0	\b%16.16llx
+# >>>>>>>>0x458	ubequad	>0	\b%16.16llx
+# >>>>>>>>>0x460	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>0x468	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>0x470	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>0x478	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>0x480	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>0x488	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>0x490	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>>0x498	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>>>0x4A0	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>>>>0x4A8	ubequad	>0	\b%16.16llx
+# look for end of FAT
+#>>0x420	search/512/s	\xff\xff	FAT END
+# Physical block number of FAT header
+#>0x40	ubyte		x		\b, FAT at phy. block %u
+>0x40	ubyte		x
+>>(0x40.b*512)	ubyte	x
+# 1st FAT block
+>>>&511 	use	garmin-fat
+# 2nd FAT block
+>>>&1023 	use	garmin-fat
+# 3th FAT block
+>>>&1535 	use	garmin-fat
+# 4th FAT block
+>>>&2047 	use	garmin-fat
+# ... xth FAT block
+#
+# 314 zeros but not in vpm and also gmaptz.img
+>0x84 	uquad		!0		\b, at 0x84 %#llx
+# display FileAllocationTable block entry in garmin map
+0	name				garmin-fat
+>0	ubyte		x		\b;
+# sub file part; 0x0003 seems to be garbage
+>0x10	uleshort	!0		next %#4.4x
+>0x10	uleshort	=0
+# fat flag 0~dummy block 1~true sub file
+>>0	ubyte		!1		flag %u 
+>>0	ubyte		=1
+# sub-file name like MAKEGMAP 12345678
+>>>0x1	string		x		%.8s
+# sub-file typ like RGN TRE MDR LBL
+>>>0x9	string		x		\b.%.3s
+# size of sub file
+>>>0xC	ulelong		x		\b, %u bytes
+# 32-bit block sequence numbers
+#>>>0x20	ubequad		x		\b, seq. %#16.16llx
+
+#	display date stored inside Garmin maps like yyyy-mm-dd h:mm:ss
+0	name				garmin-date
+# year like 2018
+>0 	uleshort	x 		\b, created %u
+# month (0-11)
+>2	ubyte		x		\b-%.2u
+# day (1-31)
+>3	ubyte		x		\b-%.2u
+# hour (0-23)
+>4	ubyte		x		%u
+# minute (0-59)
+>5	ubyte		x		\b:%.2u
+# second (0-59)
+>6	ubyte		x		\b:%.2u
+
+# Summary: Garmin Map subfiles
+# From:	Joerg Jenderek
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/IMG_File_Format
+# Garmin Common Header
+2	string	GARMIN\ 
+# skip ASCII text by checking for low header length
+>0	uleshort <0x1000	Garmin map,
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/GMP_Subfile_Format
+>>9	string	GMP				subtile
+!:mime			application/x-garmin-gpm
+!:ext			gmp
+# copyright message
+>>>(0.s)		string		x	%s
+>>>0x0E 		use		garmin-date
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/MDR_Subfile_Format
+# This contains the searchable address table used for finding routing destinations
+>>9	string	MDR				address table
+!:mime			application/x-garmin-mdr
+!:ext			mdr
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/NOD_Subfile_Format
+# http://svn.parabola.me.uk/display/trunk/doc/nod.txt
+# This contains the routing information
+>>9	string	NOD				routing
+!:mime			application/x-garmin-nod
+!:ext			nod
+>>>0x0E 		use		garmin-date
+#>>>0x15			ulelong		x	\b, at %#x
+#>>>0x19			ulelong		x	%#x bytes NOD1
+#>>>0x25			ulelong		x	\b, at %#x
+#>>>0x29			ulelong		x	%#x bytes NOD2
+#>>>0x31			ulelong		x	\b, at %#x
+#>>>0x35			ulelong		x	%#x bytes NOD3
+# URL: http://www.pinns.co.uk/osm/net.html
+# routable highways (length, direction, allowed speed,house address information)
+>>9	string	NET				highways
+!:mime			application/x-garmin-net
+!:ext			net
+#>>>0x15			ulelong		x	\b, at %#x
+#>>>0x19			ulelong		x	%#x bytes NET1
+#>>>0x22			ulelong		>0
+#>>>>0x1E		ulelong		x	\b, at %#x
+#>>>>0x22		ulelong		x	%#x bytes NET2
+#>>>0x2B			ulelong		>0
+#>>>>0x27		ulelong		x	\b, at %#x
+#>>>>0x2B		ulelong		x	%#x bytes NET3
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/LBL_Subfile_Format
+>>9	string	LBL				labels
+!:mime			application/x-garmin-lbl
+!:ext			lbl
+>>>(0.s)		string	x	%s
+# Label coding type 6h 9h and ah
+>>>0x1E			ubyte		x	\b, coding type %#x
+#>>>0x15			ulelong		x	\b, at %#x
+#>>>0x19			ulelong		x	%#x bytes LBL1
+#>>>0x1F			ulelong		x	\b, at %#x
+#>>>0x23			ulelong		x	%#x bytes LBL2
+#>>>0x2D			ulelong		x	\b, at %#x
+#>>>0x31			ulelong		x	%#x bytes LBL3
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/SRT_Subfile_Format
+# A lookup table of the chars in the map's codepage, and their collating sequence
+>>9	string	SRT				sort table
+!:mime			application/x-garmin-srt
+!:ext			srt
+>>>0x0E 		use		garmin-date
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/TRE_Subfile_Format
+>>9	string	TRE				tree
+!:mime			application/x-garmin-tre
+!:ext			tre
+# title like City Nav Europe NTU 2019.2 Basemap
+# or OSM Street map
+>>>(0.s)		string		x	%s
+# 2nd title like Copyright 1995-2018 by GARMIN Corporation.
+# or http://www.openstreetmap.org/
+>>>>&1			string		x	%s
+>>>0x0E 		use		garmin-date
+#>>>0x21			ulelong		x	\b, at %#x
+#>>>0x25			ulelong		x	%#x bytes TRE1
+#>>>0x29			ulelong		x	\b, at %#x
+#>>>0x2D			ulelong		x	%#x bytes TRE2
+#>>>0x31			ulelong		x	\b, at %#x
+#>>>0x35			ulelong		x	%#x bytes TRE3
+# Copyright record size
+#>>>0x39			uleshort	x	\b, copyright record size %u
+# Map ID
+>>>0x74			ulelong		x	\b, ID %#x
+# URL: https://www.gpspower.net/garmin-tutorials/353310-basecamp-installing-free-desktop-map.html
+# For road traffic information service (RDS/TMS/TMC). Commonly seen in City Navigator maps
+>>9	string	TRF				traffic,
+!:mime			application/x-garmin-trf
+!:ext			trf
+# city/region like Preitenegg
+>>>(0.s+1) 		string		x	1st %s
+# highway part like L606/L148
+>>>>&1			string		x	%s
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/Format
+# Reference: http://www.pinns.co.uk/osm/typformat.html
+# customize the appearance of objects. For GPS and MapSource/Qlandkarte better looking maps
+>>9	string	TYP				types
+!:mime			application/x-garmin-typ
+!:ext			typ
+>>>0x0E 		use		garmin-date
+# character set 1252 65001~UTF8
+>>>0x15			uleshort	x	\b, code page %u
+# POIs
+#>>>0x17			ulelong		x	\b, at %#x
+#>>>0x1B			ulelong		x	%#x bytes TYP1
+# extra pois
+#>>>0x5B			ulelong		x	\b, at %#x
+#>>>0x5F			ulelong		x	%#x bytes TYP8
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/RGN_Subfile_Format
+# http://www.pinns.co.uk/osm/RGN.html
+# region data used by the Garmin software
+>>9	string	RGN				region
+!:mime			application/x-garmin-rgn
+!:ext			rgn
+# POIs,Indexed POIs,Polylines or Polygons or first map level
+#>>>0x15			ulelong	       x	\b, at %#x
+#>>>0x19			ulelong	       x	%#x bytes RGN1
+# polygons with extended types
+#>>>0x21			ulelong	       >0
+#>>>>0x1D		ulelong	       x	\b, at %#x
+#>>>>0x21		ulelong	       x	%#x bytes RGN2
+# polylines with extended types
+#>>>0x3D			ulelong	       >0
+#>>>>0x39		ulelong	       x	\b, at %#x
+#>>>>0x3D		ulelong	       x	%#x bytes RGN3
+# extended POIs
+#>>>0x59			ulelong	       >0
+#>>>>0x55		ulelong	       x	\b, at %#x
+#>>>>0x59		ulelong	       x	%#x bytes RGN3
+#>>9	default		x		unknown map type
+# Header length; GMP:31h 35h 3Dh,MDR:11Eh 238h 2C4h 310h,NOD:3Fh 7Fh,NET:64h,
+# LBL:2A9h,SRT:1Dh 25h 27h,TRE:CFh 135h,TRF:5Ah,TYP:5Bh 6Eh 7Ch AEh,RGN:7Dh
+>>0	uleshort	x		\b, header length %#x
+
+# URL:		https://www.memotech.franken.de/FileFormats/
+# Reference:	https://www.memotech.franken.de/FileFormats/Garmin_RGN_Format.pdf
+# From:		Joerg Jenderek
+0	string		KpGr		Garmin update
+# format version like: 0064h~1.0
+>0x4	uleshort	!0x0064
+>>4	uleshort/100	x		\b, version %u
+>>4	uleshort%100	x		\b.%u
+# 1st Garmin entry
+>6	use	garmin-entry
+# 2nd Garmin entry
+>(0x6.l+10)	ubyte		x
+>>&0		use		garmin-entry
+# 3rd entry
+>(0x6.l+10)	ubyte		x
+>>&(&0.l+4)	ubyte		x
+>>>&0		use		garmin-entry
+# look again at version to use default clause
+>0x4	uleshort	x
+# test for region content by looking for
+# Garmin *.srf by ./images with normal builder name "SQA" or longer "hales"
+# 1 space after equal sign
+>>0x3a	search/5/s	GARMIN\ BITMAP	\b= 
+!:mime	image/x-garmin-exe
+!:ext	exe
+>>>&0	indirect	x
+# if not bitmap *.srf then region; 1 space after equal sign
+>>0x3a	default		x		\b= 
+!:mime	application/x-garmin-rgn
+!:ext	rgn
+# recursiv embedded
+>>>0x3a	search/5/s	KpGrd
+>>>>&0	indirect	x
+# look for ZIP or JAR archive by ./archive and ./zip
+>>>0x3a	search/5/s	PK\003\004
+>>>>&0	indirect	x
+# TODO: other garmin RGN record content like foo
+#>>0x3a	search/5/s	bar		BAR
+#		display information of Garmin RGN record
+0	name	garmin-entry
+# record length: 2 for Data, for Application often 1Bh sometimes 1Dh, "big" for Region
+#>0	ulelong		x		\b, length %#x
+# data record (ID='D') with version content like 0064h~1.0
+>4	ubyte		=0x44
+>>5	uleshort	!0x0064		\b; Data
+>>>5	uleshort/100	x		\b, version %u
+>>>5	uleshort%100	x		\b.%u
+# Application Record (ID='A')
+>4	ubyte		=0x41		\b; App
+# version content like 00c8h~2.0
+>>5	uleshort	!0x00C8
+>>>5	uleshort/100	x		\b, version %u
+>>>5	uleshort%100	x		\b.%u
+# builder name like: SQA sqa build hales
+>>7	string		x		\b, build by %s
+# build date like: Oct 25 1999, Oct 1 2008, Feb 23 2009, Dec 15 2009
+>>>&1	string		x		%s
+# build time like: 11:26:12, 11:45:54, 14:16:13, 18:23:01
+>>>>&1	string		x		%s
+# region record (ID='R')
+>4	ubyte		=0x52		\b; Region
+# region ID:14~fw_all.bin: 78~ZIP, RGN or SRF bitmap; 148~ZIP or JAR; 249~display firmware; 251~WiFi or GCD firmware; 255~ZIP
+>>5	uleshort	x		ID=%u
+# delay in ms: like 0, 500
+>>7	ulelong		!0		\b, %u ms
+# region size (is record length - 10)
+#>>11	ulelong		x		\b, length %#x
+# region content like:
+# "KpGr"~recursiv embedded,"GARMIN BITMAP"~Garmin Bitmap *.srf, "PK"~ZIP archive
+#>>15	string		x		\b, content "%s"
+>>15	ubequad		x		\b, content %#llx...
+# This does NOT WORK!
+#>>15	indirect	x		\b; contains 
+>4	default		x		\b; other
+# garmin Record ID Identifies the record content like: D A R
+>>4	ubyte		x		ID '%c'
+
+# TOM TOM GPS watches ttbin files:
+# https://github.com/ryanbinns/ttwatch/tree/master/ttbin
+# From: Daniel Lenski
+0	byte	0x20
+>1	leshort	0x0007
+>>0x76	byte	0x20
+>>>0x77	leshort	0x0075		TomTom activity file, v7
+>>>>8	leldate	x		(%s,
+>>>>3	byte    x		device firmware %d.
+>>>>4	byte	x		\b%d.
+>>>>5	byte	x		\b%d,
+>>>>6	leshort	x		product ID %04d)
+
+# Garmin firmware:
+# https://www.memotech.franken.de/FileFormats/Garmin_GCD_Format.pdf
+# https://www.gpsrchive.com/GPSMAP/GPSMAP%2066sr/Firmware.html
+0	string		GARMIN
+>6	uleshort	100	GARMIN firmware (version 1.0)
diff --git a/magic/Magdir/maple b/magic/Magdir/maple
new file mode 100644
index 0000000..80cf9f2
--- /dev/null
+++ b/magic/Magdir/maple
@@ -0,0 +1,109 @@
+
+#------------------------------------------------------------------------------
+# $File: maple,v 1.10 2021/08/30 13:31:25 christos Exp $
+# maple:  file(1) magic for maple files
+# "H. Nanosecond" <aldomel@ix.netcom.com>
+# Maple V release 4, a multi-purpose math program
+#
+
+# maple library .lib
+# URL:		https://en.wikipedia.org/wiki/Maple_(software)
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/l/lib-maple-v-r4.trid.xml
+# Update:	Joerg Jenderek
+0	string	\000MVR4\nI	Maple Vr4 library
+#!:mime	application/octet-stream
+!:mime	application/x-maple-lib
+!:ext	lib
+
+# URL:		https://en.wikipedia.org/wiki/Maple_(software)
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/l/lib-maple-v-r5.trid.xml
+# From:		Joerg Jenderek
+0	string	\000MVR5\n	Maple Vr5 library
+#!:mime	application/octet-stream
+!:mime	application/x-maple-lib
+!:ext	lib
+
+# From:		Joerg Jenderek
+0x400	string	M7R0\nI		Maple Vr7 library
+#!:mime	application/octet-stream
+!:mime	application/x-maple-lib
+!:ext	lib
+# null terminated library name like: C:\Maple12/Cliffordlib\maple.lib ../Maplets/Tutors.lib
+>5	string	x		%s
+# probably library name padding with nil or points (0x2E)
+#>0xF8	uquad	x		\b, PADDING 0x%16.16llx
+# null terminated strings like: Exterior Clifford FunctionArithmetics
+# like: 1 20 40
+>0x115	ulelong	x		\b, %u string
+# plural s
+>0x115	ulelong	>1		\bs
+>0x119	string	x		1st '%s'
+# probably second name section padding with nil or points (0x2E)
+#>0x3F0	uquad	x		\b, 2nd PADDING 0x%16.16llx
+# line feed separated ASCII string with maximal 79 length
+#>0x407	string	x		\b, section "%s"
+>0x454	ubyte	!0x0a		\b, at 0x454 0x%x
+
+# .ind
+# no magic for these :-(
+# they are compiled indexes for maple files
+
+# .hdb
+# Update:	Joerg Jenderek
+# URL:		https://www.maplesoft.com/support/help/maple/view.aspx?path=Formats/HDB
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/h/hdb-maple.trid.xml
+# Note:		This format was replaced in Maple 18 by the Maple Help format (*.help)
+0	string	\000\004\000\000
+# skip xBASE Compound Index file *.CDX by looking for version
+>1028	string		version	Maple help database
+# length of string version
+#>>1024	ulelong		!7	\b, at 0x400 unexpected %u
+#!:mime application/octet-stream
+!:mime application/x-maple-hdb
+!:ext	hdb
+>1028	default		x
+# skip more xBASE Compound Index file *.CDX by looking for keyword Maple
+# like hsum.hdb
+>>4	search/0xCC41	Maple	Maple help database
+!:mime	application/x-maple-hdb
+!:ext	hdb
+
+# .mhp
+# this has the form <PACKAGE=name>
+0	string	\<PACKAGE=	Maple help file
+0	string	\<HELP\ NAME=	Maple help file
+0	string	\n\<HELP\ NAME=	Maple help file with extra carriage return at start (yuck)
+#0	string	#\ Newton	Maple help file, old style
+0	string	#\ daub	Maple help file, old style
+#0	string	#===========	Maple help file, old style
+
+# .mws
+0	string	\000\000\001\044\000\221	Maple worksheet
+#this is anomalous
+0	string	WriteNow\000\002\000\001\000\000\000\000\100\000\000\000\000\000	Maple worksheet, but weird
+# this has the form {VERSION 2 3 "IBM INTEL NT" "2.3" }\n
+# that is {VERSION major_version miunor_version computer_type version_string}
+0	string	{VERSION\ 	Maple worksheet
+>9	string	>\0	version %.1s.
+>>11	string	>\0	%.1s
+
+# .mps
+0	string	\0\0\001$	Maple something
+# from byte 4 it is either 'nul E' or 'soh R'
+# I think 'nul E' means a file that was saved as  a different name
+# a sort of revision marking
+# 'soh R' means new
+>4	string	\000\105	An old revision
+>4	string	\001\122	The latest save
+
+# .mpl
+# some of these are the same as .mps above
+#0000000 000 000 001 044 000 105 same as .mps
+#0000000 000 000 001 044 001 122 same as .mps
+
+0	string	#\n##\ <SHAREFILE=	Maple something
+0	string	\n#\n##\ <SHAREFILE=	Maple something
+0	string	##\ <SHAREFILE=	Maple something
+0	string	#\r##\ <SHAREFILE=	Maple something
+0	string	\r#\r##\ <SHAREFILE=	Maple something
+0	string	#\ \r##\ <DESCRIBE>	Maple something anomalous.
diff --git a/magic/Magdir/marc21 b/magic/Magdir/marc21
new file mode 100644
index 0000000..bb4998e
--- /dev/null
+++ b/magic/Magdir/marc21
@@ -0,0 +1,30 @@
+#--------------------------------------------
+# marc21: file(1) magic for MARC 21 Format
+#
+# Kevin Ford (kefo@loc.gov)
+#
+# MARC21 formats are for the representation and communication
+# of bibliographic and related information in machine-readable
+# form.  For more info, see https://www.loc.gov/marc/
+
+
+# leader position 20-21 must be 45
+# and 22-23 also 00 so far, but we check that later.
+20	string		45
+>0	search/2048	\x1e
+
+# leader starts with 5 digits, followed by codes specific to MARC format
+>>0	regex/1l	(^[0-9]{5})[acdnp][^bhlnqsu-z]	MARC21 Bibliographic
+!:mime	application/marc
+>>0	regex/1l	(^[0-9]{5})[acdnosx][z]	MARC21 Authority
+!:mime	application/marc
+>>0	regex/1l	(^[0-9]{5})[cdn][uvxy]	MARC21 Holdings
+!:mime	application/marc
+>>0	regex/1l	(^[0-9]{5})[acdn][w]	MARC21 Classification
+!:mime	application/marc
+>>0	regex/1l	(^[0-9]{5})[cdn][q]	MARC21 Community
+!:mime	application/marc
+
+# leader position 22-23, should be "00" but is it?
+>>0	regex/1l	(^.{21})([^0]{2})	(non-conforming)
+!:mime	application/marc
diff --git a/magic/Magdir/mathcad b/magic/Magdir/mathcad
new file mode 100644
index 0000000..b186641
--- /dev/null
+++ b/magic/Magdir/mathcad
@@ -0,0 +1,8 @@
+
+#------------------------------------------------------------------------------
+# $File: mathcad,v 1.5 2009/09/19 16:28:10 christos Exp $
+# mathcad:  file(1) magic for Mathcad documents
+# URL:	http://www.mathsoft.com/
+# From:	Josh Triplett <josh@freedesktop.org>
+
+0	string	.MCAD\t		Mathcad document
diff --git a/magic/Magdir/mathematica b/magic/Magdir/mathematica
new file mode 100644
index 0000000..dda71e8
--- /dev/null
+++ b/magic/Magdir/mathematica
@@ -0,0 +1,192 @@
+
+#------------------------------------------------------------------------------
+# $File: mathematica,v 1.17 2023/06/16 19:33:58 christos Exp $
+# mathematica:  file(1) magic for mathematica files
+# "H. Nanosecond" <aldomel@ix.netcom.com>
+# Mathematica a multi-purpose math program
+# versions 2.2 and 3.0
+
+0	name	wolfram
+>0	string	x	Mathematica notebook version 2.x
+!:ext mb
+!:mime application/vnd.wolfram.mathematica
+
+#mathematica .mb
+0	string	\064\024\012\000\035\000\000\000
+>0	use	wolfram
+0	string	\064\024\011\000\035\000\000\000
+>0	use	wolfram
+
+# 
+0	search/1000	Content-type:\040application/mathematica	Mathematica notebook version 2.x
+!:ext nb
+!:mime application/mathematica
+
+
+# .ma
+# multiple possibilities:
+
+0	string	(*^\n\n::[\011frontEndVersion\ =
+#>41	string	>\0	%s
+>0	use	wolfram
+
+#0	string	(*^\n\n::[\011palette
+
+#0	string	(*^\n\n::[\011Information
+#>675	string	>\0	%s #doesn't work well
+
+# there may be 'cr' instead of 'nl' in some does this matter?
+
+# generic:
+0	string	(*^\r\r::[\011
+>0	use	wolfram
+0	string	(*^\r\n\r\n::[\011
+>0	use	wolfram
+0	string	(*^\015
+>0	use	wolfram
+0	string	(*^\n\r\n\r::[\011
+>0	use	wolfram
+0	string	(*^\r::[\011
+>0	use	wolfram
+0	string	(*^\r\n::[\011
+>0	use	wolfram
+0	string	(*^\n\n::[\011
+>0	use	wolfram
+0	string	(*^\n::[\011
+>0	use	wolfram
+
+
+# Mathematica .mx files
+
+#0	string	(*This\ is\ a\ Mathematica\ binary\ dump\ file.\ It\ can\ be\ loaded\ with\ Get.*)	Mathematica binary file
+0	string	(*This\ is\ a\ Mathematica\ binary\ 	Mathematica binary file
+#>71	string \000\010\010\010\010\000\000\000\000\000\000\010\100\010\000\000\000
+# >71... is optional
+>88	string	>\0	from %s
+
+
+# Mathematica files PBF:
+# 115 115 101 120 102 106 000 001 000 000 000 203 000 001 000
+0	string	MMAPBF\000\001\000\000\000\203\000\001\000	Mathematica PBF (fonts I think)
+
+# .ml files  These are menu resources I think
+# these start with "[0-9][0-9][0-9]\ A~[0-9][0-9][0-9]\
+# how to put that into a magic rule?
+4	string	\ A~	MAthematica .ml file
+
+# .nb files
+#too long 0	string	(***********************************************************************\n\n\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ Mathematica-Compatible Notebook	Mathematica 3.0 notebook
+0	string	(***********************	Mathematica 3.0 notebook
+
+# other (* matches it is a comment start in these langs
+# GRR: Too weak; also matches other languages e.g. ML
+#0	string	(*	Mathematica, or Pascal, Modula-2 or 3 code text
+
+#########################
+# MatLab v5
+# URL:		http://fileformats.archiveteam.org/wiki/MAT
+# Reference:	https://www.mathworks.com/help/pdf_doc/matlab/matfile_format.pdf
+# first 116 bytes of header contain text in human-readable form
+0       string  MATLAB  Matlab v
+#>11	string/T	x	\b, at 11 "%.105s"
+#!:mime	application/octet-stream
+!:mime	application/x-matlab-data
+!:ext	mat
+#	https://de.mathworks.com/help/matlab/import_export/mat-file-versions.html
+# level of the MAT-file like: 5.0 7.0 or maybe 7.3
+#>7	string	x	LEVEL "%.3s"
+>7	ubyte	=0x35	\b5 mat-file
+>7	ubyte	!0x35
+>>7	string	x	\b%.3s mat-file
+>126    short   0x494d  (big endian)
+>>124   beshort x       version %#04x
+>126    short   0x4d49  (little endian)
+# 0x0100 for level 5.0 and 0x0200 for level 7.0
+>>124   leshort x       version %#04x
+# test again so that default clause works
+>126	short	x
+# created by MATLAB include Platform sometimes without leading comma (0x2C) or missing
+# like: GLNX86 PCWIN PCWIN64 SOL2 Windows\0407 nt posix
+>>20	search/2	Platform:\040	\b, platform
+>>>&0	string		x		%-0.2s
+>>>&2		ubyte	!0x2C		\b%c
+>>>>&0		ubyte	!0x2C		\b%c
+>>>>>&0		ubyte	!0x2C		\b%c
+>>>>>>&0	ubyte	!0x2C		\b%c
+>>>>>>>&0	ubyte	!0x2C		\b%c
+>>>>>>>>&0	ubyte	!0x2C		\b%c
+>>>>>>>>>&0	ubyte	!0x2C		\b%c
+# examples without Platform tag like one_by_zero_char.mat
+>>20	default		x
+>>>11	string		x	"%s"
+# created by MATLAB include time like: Fri Feb 20 15:26:59 2009
+>34	search/9/c	created\040on:\040	\b, created
+>>&0	string	x		%-.24s
+#	MatLab v4
+# From:	Joerg Jenderek
+# check for valid imaginary flag of Matlab matrix version 4
+13	ushort	0
+# check for valid ASCII matrix name
+>20	ubyte	>0x1F
+# skip PreviousEntries.dat with "invalid high" name \304P\344@\001
+>>20	ubyte	<0304
+# skip some Netwfw*.dat and $I3KREPH.dat by checking for non zero number of rows
+>>>4	ulong		!0
+# skip some CD-ROM filesystem like test-hfs.iso by looking for valid big endian type flag
+>>>>0	ubelong&0xFFffFF00	0x00000300
+>>>>>0	use	matlab4
+# no example for 8-bit and 16-bit integers matrix
+>>>>0	ubelong&0xFFffFF00	0x00000400
+>>>>>0	use	matlab4
+#	branch for Little-Endian variant of Matlab MATrix version 4
+# skip big endian variant by looking for valid low lttle endian type flag
+>>>>0	ulelong		<53
+# skip tokens.dat and some Netwfw*.dat by check for valid imaginary flag value of MAT version 4
+>>>>>12	ulelong		<2
+# no misidentified little endian MATrix example with "short" matrix name
+>>>>>>16	ulelong		<3
+# skip radeon firmware BONAIRE_sdma.bin HAWAII_sdma.bin KABINI_sdma.bin KAVERI_sdma.bin MULLINS_sdma.bin
+# by check for non zero matrix name length
+>>>>>>>16	ubelong		>0
+>>>>>>>>0	use	\^matlab4
+# little endian MATrix with "long" matrix name or some misidentified samples
+>>>>>>16	ulelong		>2
+# skip TileCacheLogo-*.dat with invalid 2nd character \001 of matrix name with length 96
+>>>>>>>21 ubyte	>0x1F
+>>>>>>>>0 use	\^matlab4
+# Note:		called 	"MATLAB Mat File" with version "Level 4" by DROID via PUID fmt/1550
+#	display information of Matlab v4 mat-file
+0	name	matlab4		Matlab v4 mat-file
+#!:mime	application/octet-stream
+!:mime	application/x-matlab-data
+!:ext	mat
+# 20-byte header with 5 long integers that contains information describing certain attributes of the Matrix
+# type flag decimal MOPT; maximal 4052=FD4h; maximal 52=34h for little endian
+#>0	ubelong		x	\b, type flag %u
+#>0	ubelong		x	(%#x)
+# M: 0~little endian 1~Big Endian 2~VAX D-float 3~VAX G-float 4~Cray
+#>0	ubelong/1000	x	\b, M=%u
+>0	ubelong/1000	0	(little endian)
+>0	ubelong/1000	1	(big endian)
+>0	ubelong/1000	2	(VAX D-float)
+>0	ubelong/1000	3	(VAX G-float)
+>0	ubelong/1000	4	(Cray)
+# namlen; the length of the matrix name
+#>16	ubelong		x	\b, name length %u
+#>(16.L+19)	ubyte	x	\b, TERMINATING NAME CHARACTER=%#x
+# nul terminated matrix name like: fit_params testmatrix testsparsecomplex teststringarray
+#>20	string		x	\b, MATRIX NAME="%s"
+#>21		ubyte	x	\b, MAYBE 2ND CHAR=%c
+>16	pstring/L	x	%s
+# T indicates the matrix type: 0~numeric 1~text 2~sparse
+#>0	ubelong%10	x	\b, T=%u
+>0	ubelong%10	0	\b, numeric
+>0	ubelong%10	1	\b, text
+>0	ubelong%10	2	\b, sparse
+# mrows; number of rows in the matrix like: 1 3 8
+>4	ubelong		x	\b, rows %u
+# ncols; number of columns in the matrix like: 1 3 4 5 9 43
+>8	ubelong		x	\b, columns %u
+# imagf; imaginary flag; 1~matrix has an imaginary part 0~only real data
+>12	ubelong		!0	\b, imaginary (%u)
+# real; Real part of the matrix consists of mrows * ncols numbers
diff --git a/magic/Magdir/matroska b/magic/Magdir/matroska
new file mode 100644
index 0000000..271af55
--- /dev/null
+++ b/magic/Magdir/matroska
@@ -0,0 +1,17 @@
+
+#------------------------------------------------------------------------------
+# $File: matroska,v 1.9 2019/04/19 00:42:27 christos Exp $
+# matroska:  file(1) magic for Matroska files
+#
+# See https://www.matroska.org/
+#
+
+# EBML id:
+0		belong		0x1a45dfa3
+# DocType id:
+>4		search/4096 	\x42\x82
+# DocType contents:
+>>&1		string		webm		WebM
+!:mime  video/webm
+>>&1		string		matroska	Matroska data
+!:mime  video/x-matroska
diff --git a/magic/Magdir/mcrypt b/magic/Magdir/mcrypt
new file mode 100644
index 0000000..f2edd08
--- /dev/null
+++ b/magic/Magdir/mcrypt
@@ -0,0 +1,52 @@
+
+#------------------------------------------------------------------------------
+# $File: mcrypt,v 1.6 2022/02/08 18:51:45 christos Exp $
+# Mavroyanopoulos Nikos <nmav@hellug.gr>
+# mcrypt:   file(1) magic for mcrypt 2.2.x;
+# URL: 		https://en.wikipedia.org/wiki/Mcrypt
+#		http://fileformats.archiveteam.org/wiki/MCrypt
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/n/nc-mcrypt.trid.xml
+# Update:	Joerg Jenderek
+# Note:		called by TrID "mcrypt encrypted (v2.5)"
+0	string		\0m\3		mcrypt 2.5 encrypted data,
+#!:mime	application/octet-stream
+!:mime	application/x-crypt-nc
+!:ext	nc
+>4	string		>\0		algorithm: %s,
+>>&1	leshort		>0		keysize: %d bytes,
+>>>&0	string		>\0		mode: %s,
+
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/n/nc-mcrypt-22.trid.xml
+# Note:		called by TrID "mcrypt encrypted (v2.2)"
+0	string		\0m\2		mcrypt 2.2 encrypted data,
+#!:mime	application/octet-stream
+!:mime	application/x-crypt-nc
+# no example
+!:ext	nc
+>3	byte		0		algorithm: blowfish-448,
+>3	byte		1		algorithm: DES,
+>3	byte		2		algorithm: 3DES,
+>3	byte		3		algorithm: 3-WAY,
+>3	byte		4		algorithm: GOST,
+>3	byte		6		algorithm: SAFER-SK64,
+>3	byte		7		algorithm: SAFER-SK128,
+>3	byte		8		algorithm: CAST-128,
+>3	byte		9		algorithm: xTEA,
+>3	byte		10		algorithm: TWOFISH-128,
+>3	byte		11		algorithm: RC2,
+>3	byte		12		algorithm: TWOFISH-192,
+>3	byte		13		algorithm: TWOFISH-256,
+>3	byte		14		algorithm: blowfish-128,
+>3	byte		15		algorithm: blowfish-192,
+>3	byte		16		algorithm: blowfish-256,
+>3	byte		100		algorithm: RC6,
+>3	byte		101		algorithm: IDEA,
+>4	byte		0		mode: CBC,
+>4	byte		1		mode: ECB,
+>4	byte		2		mode: CFB,
+>4	byte		3		mode: OFB,
+>4	byte		4		mode: nOFB,
+>5	byte		0		keymode: 8bit
+>5	byte		1		keymode: 4bit
+>5	byte		2		keymode: SHA-1 hash
+>5	byte		3		keymode: MD5 hash
diff --git a/magic/Magdir/measure b/magic/Magdir/measure
new file mode 100644
index 0000000..42e7186
--- /dev/null
+++ b/magic/Magdir/measure
@@ -0,0 +1,44 @@
+
+#------------------------------------------------------------------------------
+# $File: measure,v 1.3 2021/03/25 17:30:10 christos Exp $
+# measure: file(1) magic for measurement data
+
+# DIY-Thermocam raw data
+0	name	diy-thermocam-parser
+>0	beshort	x	scale %d-
+>2	beshort x	\b%d,
+>4	lefloat	x	spot sensor temperature %f,
+>9	ubyte	0	unit celsius,
+>9	ubyte	1	unit fahrenheit,
+>8	ubyte	x	color scheme %d
+>10	ubyte	1	\b, show spot sensor
+>11	ubyte	1	\b, show scale bar
+>12	ubyte	&1	\b, minimum point enabled
+>12	ubyte	&2	\b, maximum point enabled
+>13	lefloat	x	\b, calibration: offset %f,
+>17	lefloat x	slope %f
+
+0	name	diy-thermocam-checker
+>9	ubyte	<2
+>>10	ubyte	<2
+>>>11	ubyte	<2
+>>>>12	ubyte	<4
+>>>>>17	lefloat	>0.0001	DIY-Thermocam raw data
+
+# V2 and Leption 3.x:
+38408	ubyte	<19
+>38400	use	diy-thermocam-checker
+>>38400	default x	(Lepton 3.x),
+>>>38400	use	diy-thermocam-parser
+
+# V1 or Lepton 2.x
+9608	ubyte	<19
+>9600	use	diy-thermocam-checker
+>>9600	default	x	(Lepton 2.x),
+>>>9600	use	diy-thermocam-parser
+
+# Becker & Hickl Photon Counting (PMS) data file
+# format documentation: https://www.becker-hickl.com/wp-content/uploads/2018/11/opm-pms400-v01.pdf (page 57)
+(0x02.l)	string	*IDENTIFICATION		Becker & Hickl PMS Data File
+>0x12		short	x			(%d data blocks)
+!:ext sdt
diff --git a/magic/Magdir/mercurial b/magic/Magdir/mercurial
new file mode 100644
index 0000000..b8f3cdd
--- /dev/null
+++ b/magic/Magdir/mercurial
@@ -0,0 +1,13 @@
+
+#------------------------------------------------------------------------------
+# $File: mercurial,v 1.5 2019/04/19 00:42:27 christos Exp $
+# mercurial:  file(1) magic for Mercurial changeset bundles
+# https://www.selenic.com/mercurial/wiki/
+#
+# Jesse Glick (jesse.glick@sun.com)
+#
+
+0	string		HG10		Mercurial changeset bundle
+>4	string		UN		(uncompressed)
+>4	string		GZ		(gzip compressed)
+>4	string		BZ		(bzip2 compressed)
diff --git a/magic/Magdir/metastore b/magic/Magdir/metastore
new file mode 100644
index 0000000..e64e704
--- /dev/null
+++ b/magic/Magdir/metastore
@@ -0,0 +1,8 @@
+
+#------------------------------------------------------------------------------
+# $File: metastore,v 1.3 2019/04/19 00:42:27 christos Exp $
+# metastore:  file(1) magic for metastore files
+# From: Thomas Wissen
+# see https://david.hardeman.nu/software.php#metastore
+0	string		MeTaSt00r3	Metastore data file,
+>10	bequad		x		version %0llx
diff --git a/magic/Magdir/meteorological b/magic/Magdir/meteorological
new file mode 100644
index 0000000..725982f
--- /dev/null
+++ b/magic/Magdir/meteorological
@@ -0,0 +1,53 @@
+
+#------------------------------------------------------------------------------
+# $File: meteorological,v 1.4 2022/12/09 18:02:09 christos Exp $
+# rinex:  file(1) magic for RINEX files
+# http://igscb.jpl.nasa.gov/igscb/data/format/rinex210.txt
+# ftp://cddis.gsfc.nasa.gov/pub/reports/formats/rinex300.pdf
+# data for testing: ftp://cddis.gsfc.nasa.gov/pub/gps/data
+60	string		RINEX
+>80	search/256	XXRINEXB	RINEX Data, GEO SBAS Broadcast
+>>&32	string		x		\b, date %15.15s
+>>5	string		x		\b, version %6.6s
+!:mime	rinex/broadcast
+>80	search/256	XXRINEXD	RINEX Data, Observation (Hatanaka comp)
+>>&32	string		x		\b, date %15.15s
+>>5	string		x		\b, version %6.6s
+!:mime	rinex/observation
+>80	search/256	XXRINEXC	RINEX Data, Clock
+>>&32	string		x		\b, date %15.15s
+>>5	string		x		\b, version %6.6s
+!:mime	rinex/clock
+>80	search/256	XXRINEXH	RINEX Data, GEO SBAS Navigation
+>>&32	string		x		\b, date %15.15s
+>>5	string		x		\b, version %6.6s
+!:mime	rinex/navigation
+>80	search/256	XXRINEXG	RINEX Data, GLONASS Navigation
+>>&32	string		x		\b, date %15.15s
+>>5	string		x		\b, version %6.6s
+!:mime	rinex/navigation
+>80	search/256	XXRINEXL	RINEX Data, Galileo Navigation
+>>&32	string		x		\b, date %15.15s
+>>5	string		x		\b, version %6.6s
+!:mime	rinex/navigation
+>80	search/256	XXRINEXM	RINEX Data, Meteorological
+>>&32	string		x		\b, date %15.15s
+>>5	string		x		\b, version %6.6s
+!:mime	rinex/meteorological
+>80	search/256	XXRINEXN	RINEX Data, Navigation
+>>&32	string		x		\b, date %15.15s
+>>5	string		x		\b, version %6.6s
+!:mime	rinex/navigation
+>80	search/256	XXRINEXO	RINEX Data, Observation
+>>&32	string		x		\b, date %15.15s
+>>5	string		x		\b, version %6.6s
+!:mime	rinex/observation
+
+# https://en.wikipedia.org/wiki/GRIB
+0	string	GRIB
+>7	byte 	=1	Gridded binary (GRIB) version 1
+!:mime	application/x-grib
+!:ext	grb/grib
+>7	byte	=2	Gridded binary (GRIB) version 2
+!:mime	application/x-grib2
+!:ext	grb2/grib2
diff --git a/magic/Magdir/microfocus b/magic/Magdir/microfocus
new file mode 100644
index 0000000..93e39aa
--- /dev/null
+++ b/magic/Magdir/microfocus
@@ -0,0 +1,21 @@
+
+#------------------------------------------------------------------------------
+# $File: microfocus,v 1.3 2019/04/19 00:42:27 christos Exp $
+# Micro Focus COBOL data files.
+
+# https://documentation.microfocus.com/help/index.jsp?topic=\
+# %2FGUID-0E0191D8-C39A-44D1-BA4C-D67107BAF784%2FHRFLRHFILE05.html
+# http://www.cobolproducts.com/datafile/data-viewer.html
+# https://github.com/miracle2k/mfcobol-export
+
+0 string \x30\x00\x00\x7C
+>36 string \x00\x3E Micro Focus File with Header (DAT)
+!:mime application/octet-stream
+
+0 string \x30\x7E\x00\x00
+>36 string \x00\x3E Micro Focus File with Header (DAT)
+!:mime application/octet-stream
+
+39 string \x02
+>136 string \x02\x02\x04\x04 Micro Focus Index File (IDX)
+!:mime application/octet-stream
diff --git a/magic/Magdir/mime b/magic/Magdir/mime
new file mode 100644
index 0000000..57b2dd5
--- /dev/null
+++ b/magic/Magdir/mime
@@ -0,0 +1,9 @@
+
+#------------------------------------------------------------------------------
+# $File: mime,v 1.8 2017/03/17 22:20:22 christos Exp $
+# mime:  file(1) magic for MIME encoded files
+#
+0	string/t		Content-Type:\040
+>14	string		>\0		%s
+0	string/t		Content-Type:
+>13	string		>\0		%s
diff --git a/magic/Magdir/mips b/magic/Magdir/mips
new file mode 100644
index 0000000..fe83614
--- /dev/null
+++ b/magic/Magdir/mips
@@ -0,0 +1,120 @@
+
+#------------------------------------------------------------------------------
+# $File: mips,v 1.10 2014/04/30 21:41:02 christos Exp $
+# mips:  file(1) magic for MIPS ECOFF and Ucode, as used in SGI IRIX
+# and DEC Ultrix
+#
+0	beshort	0x0160		MIPSEB ECOFF executable
+>20	beshort	0407		(impure)
+>20	beshort	0410		(swapped)
+>20	beshort	0413		(paged)
+>8	belong	>0		not stripped
+>8	belong	0		stripped
+>22	byte	x		- version %d
+>23	byte	x		\b.%d
+#
+0	beshort	0x0162		MIPSEL-BE ECOFF executable
+>20	beshort	0407		(impure)
+>20	beshort	0410		(swapped)
+>20	beshort	0413		(paged)
+>8	belong	>0		not stripped
+>8	belong	0		stripped
+>23	byte	x		- version %d
+>22	byte	x		\b.%d
+#
+0	beshort	0x6001		MIPSEB-LE ECOFF executable
+>20	beshort	03401		(impure)
+>20	beshort	04001		(swapped)
+>20	beshort	05401		(paged)
+>8	belong	>0		not stripped
+>8	belong	0		stripped
+>23	byte	x		- version %d
+>22	byte	x		\b.%d
+#
+0	beshort	0x6201		MIPSEL ECOFF executable
+>20	beshort	03401		(impure)
+>20	beshort	04001		(swapped)
+>20	beshort	05401		(paged)
+>8	belong	>0		not stripped
+>8	belong	0		stripped
+>23	byte	x		- version %d
+>22	byte	x		\b.%d
+#
+# MIPS 2 additions
+#
+0	beshort	0x0163		MIPSEB MIPS-II ECOFF executable
+>20	beshort	0407		(impure)
+>20	beshort	0410		(swapped)
+>20	beshort	0413		(paged)
+>8	belong	>0		not stripped
+>8	belong	0		stripped
+>22	byte	x		- version %d
+>23	byte	x		\b.%d
+#
+0	beshort	0x0166		MIPSEL-BE MIPS-II ECOFF executable
+>20	beshort	0407		(impure)
+>20	beshort	0410		(swapped)
+>20	beshort	0413		(paged)
+>8	belong	>0		not stripped
+>8	belong	0		stripped
+>22	byte	x		- version %d
+>23	byte	x		\b.%d
+#
+0	beshort	0x6301		MIPSEB-LE MIPS-II ECOFF executable
+>20	beshort	03401		(impure)
+>20	beshort	04001		(swapped)
+>20	beshort	05401		(paged)
+>8	belong	>0		not stripped
+>8	belong	0		stripped
+>23	byte	x		- version %d
+>22	byte	x		\b.%d
+#
+0	beshort	0x6601		MIPSEL MIPS-II ECOFF executable
+>20	beshort	03401		(impure)
+>20	beshort	04001		(swapped)
+>20	beshort	05401		(paged)
+>8	belong	>0		not stripped
+>8	belong	0		stripped
+>23	byte	x		- version %d
+>22	byte	x		\b.%d
+#
+# MIPS 3 additions
+#
+0	beshort	0x0140		MIPSEB MIPS-III ECOFF executable
+>20	beshort	0407		(impure)
+>20	beshort	0410		(swapped)
+>20	beshort	0413		(paged)
+>8	belong	>0		not stripped
+>8	belong	0		stripped
+>22	byte	x		- version %d
+>23	byte	x		\b.%d
+#
+0	beshort	0x0142		MIPSEL-BE MIPS-III ECOFF executable
+>20	beshort	0407		(impure)
+>20	beshort	0410		(swapped)
+>20	beshort	0413		(paged)
+>8	belong	>0		not stripped
+>8	belong	0		stripped
+>22	byte	x		- version %d
+>23	byte	x		\b.%d
+#
+0	beshort	0x4001		MIPSEB-LE MIPS-III ECOFF executable
+>20	beshort	03401		(impure)
+>20	beshort	04001		(swapped)
+>20	beshort	05401		(paged)
+>8	belong	>0		not stripped
+>8	belong	0		stripped
+>23	byte	x		- version %d
+>22	byte	x		\b.%d
+#
+0	beshort	0x4201		MIPSEL MIPS-III ECOFF executable
+>20	beshort	03401		(impure)
+>20	beshort	04001		(swapped)
+>20	beshort	05401		(paged)
+>8	belong	>0		not stripped
+>8	belong	0		stripped
+>23	byte	x		- version %d
+>22	byte	x		\b.%d
+#
+0	beshort	0x180		MIPSEB Ucode
+0	beshort	0x182		MIPSEL-BE Ucode
diff --git a/magic/Magdir/mirage b/magic/Magdir/mirage
new file mode 100644
index 0000000..cdeb3fc
--- /dev/null
+++ b/magic/Magdir/mirage
@@ -0,0 +1,8 @@
+
+#------------------------------------------------------------------------------
+# $File: mirage,v 1.7 2009/09/19 16:28:10 christos Exp $
+# mirage:  file(1) magic for Mirage executables
+#
+# XXX - byte order?
+#
+0	long	31415		Mirage Assembler m.out executable
diff --git a/magic/Magdir/misctools b/magic/Magdir/misctools
new file mode 100644
index 0000000..dc1542a
--- /dev/null
+++ b/magic/Magdir/misctools
@@ -0,0 +1,140 @@
+
+#-----------------------------------------------------------------------------
+# $File: misctools,v 1.21 2023/02/03 20:43:48 christos Exp $
+# misctools:  file(1) magic for miscellaneous UNIX tools.
+#
+0	search/1	%%!!			X-Post-It-Note text
+# URL:		http://fileformats.archiveteam.org/wiki/ICalendar
+#		https://en.wikipedia.org/wiki/ICalendar
+# Update:	Joerg Jenderek
+# Reference:	https://www.rfc-editor.org/rfc/rfc5545
+#		http://mark0.net/download/triddefs_xml.7z/defs/v/vcs.trid.xml
+# Note:		called "iCalendar - vCalendar" by TrID
+0	string/c			BEGIN:vcalendar
+# skip DROID fmt-387-signature-id-572.vcs fmt-388-signature-id-573.ics
+# with invalid separator 0x0 or 0xAB instead of CarriageReturn (0x0D) or LineFeed (0x0A)
+>15	ubyte&0xF8			=0x08
+# look for VERSION keyword often on second line but sometimes later as in holidays_NRW_2014.ics
+>>0	search/188			VERSION
+# after VERSION keword :1.0 or often :2.0 but sometimes also ;VALUE=TEXT:2.0 like in Jewish religious Juish.ics
+# http://www.webcal.guru/de-DE/kalender_herunterladen?calendar_instance_id=217
+# \n\040:2.0 like in import-real-world-2004-11-19.ics found at
+# https://ftp.gnu.org/gnu/emacs/emacs-28.1.tar.xz
+# emacs-28.1/test/lisp/calendar/icalendar-resources/import-real-world-2004-11-19.ics
+#>>>&0		string			x		AFTER_VERSION=%.15s
+# Note:		called "Internet Calendar and Scheduling format" by DROID via PUID fmt/388
+# skip optional verparam=;other-param like ;VALUE=TEXT and look for version 2.0 that implies iCalendar variant
+>>>&0		search/81		:2.0		iCalendar calendar
+# look for Free/Busy component
+>>>>15			search/278	:VFREEBUSY	file, with Free/Busy component
+!:mime							text/calendar
+!:apple							????iFBf
+# no real examples found but only example on Wikipedia page
+!:ext							ifb
+# iCalendar calendar without Free/Busy component
+>>>>15			default		x
+# look for ALARM component
+>>>>>15				search/154 	:VALARM	file, with ALARM component
+!:mime							text/calendar
+!:apple							????iCal
+# found on macOS beneath /Users/$USER/Library/Calendars/ as EventAllDayAlarms.icsalarm or EventTimedAlarms.icsalarm
+# no isc examples found
+!:ext							icsalarm/ics
+# iCalendar calendar without Free/Busy component and ALARM component
+>>>>>15				default		x	file
+!:mime							text/calendar
+!:apple							????iCal
+# no examples found with .ical .icalender suffix
+!:ext							ics
+# if no VERSION 2.0 is found then assume it is VERSION 1.0, that is older vCalendar
+# URL:		http://fileformats.archiveteam.org/wiki/VCalendar
+# Note:		called "VCalendar format" by DROID via fmt/387
+>>>&0		default			x		vCalendar calendar file
+# deprecated
+!:mime							text/x-vcalendar
+!:ext							vcs
+# GRR: without VERSION keyword violates specification but accepted by Thunderbird like
+# https://ftp.gnu.org/gnu/emacs/emacs-28.1.tar.xz
+# emacs-28.1/test/lisp/calendar/icalendar-resources/import-with-timezone.ics
+>>0	default				x		vCalendar calendar file, without VERSION
+!:mime							text/x-vcalendar
+#!:mime							text/calendar
+# no vcs example found
+!:ext							ics/vcs
+# GRR: According to newest specification CarriageReturn (0xD) and LineFeed (0xA) should be used as separator but others accepted by Thunderbird
+# like CRLF,LF in Sport Today.vcs created by calendar plugin of TV-Browser https://enwiki.tvbrowser.org/index.php/Calendar_Export
+# or LF like https://www.schulferien.org/media/ical/deutschland/ferien_nordrhein-westfalen_2023.ics?k=foo
+>>15	ubeshort			!0x0D0A		\b, without CRLF
+
+# updated by Joerg Jenderek at Apr 2015, May 2021
+# https://en.wikipedia.org/wiki/VCard
+# URL: 	http://fileformats.archiveteam.org/wiki/VCard
+# https://datatracker.ietf.org/doc/html/rfc6350
+# the value is case-insensitive
+0	string/c	begin:vcard
+# skip DROID fmt-395-signature-id-634.vcf
+>13	string		!VERSION:END		vCard visiting card
+# deprecated
+#!:mime	text/x-vcard
+!:mime	text/vcard
+!:apple	????vCrd
+!:ext	vcf/vcard
+# VERSION must come right after BEGIN for 3.0 or 4.0 except in 2.1 , where it can be anywhere
+# Joerg_Jenderek_67.vcf
+>>12	search/0x113b4/c	version:
+# VERSION 2.1 , 3.0 or 4.0
+>>>&0	string		x			\b, version %-.3s
+>>>&0	string		!2.1
+>>>>13	string		!VERSION:		\b, 2nd line does not start with VERSION:
+# downcase violates RFC 6350, but some "bad" software produce such vcards
+>>0	string		!BEGIN			\b, not up case
+# http://ftp.mozilla.org/pub/thunderbird/candidates/
+# 78.10.1-candidates/build1/source/thunderbird-78.10.1.source.tar.xz
+# thunderbird-78.10.1/comm/mailnews/import/test/unit/resources/basic_vcard_addressbook.vcf
+>>11	beshort		!0x0D0A			\b, lines not separated by CRLF
+
+# Summary: Libtool library file
+# Extension: .la
+# Submitted by: Tomasz Trojanowski <tomek@uninet.com.pl>
+0	search/80	.la\ -\ a\ libtool\ library\ file	libtool library file
+
+# Summary: Libtool object file
+# Extension: .lo
+# Submitted by: Abel Cheung <abelcheung@gmail.com>
+0	search/80	.lo\ -\ a\ libtool\ object\ file	libtool object file
+
+# From: Daniel Novotny <dnovotny@redhat.com>
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Core_dump#User-mode_memory_dumps
+# Reference: https://msdn.microsoft.com/en-us/library/ms680378%28VS.85%29.aspx
+#
+# "Windows Minidump" by TrID
+# ./misctools (version 5.25) labeled the entry as "MDMP crash report data"
+0	string		MDMP					Mini DuMP crash report
+# https://filext.com/file-extension/DMP
+!:mime	application/x-dmp
+!:ext	dmp/mdmp
+# The high-order word is an internal value that is implementation specific.
+# The low-order word is MINIDUMP_VERSION 0xA793
+>4	ulelong&0x0000FFFF	!0xA793				\b, version %#4.4x
+# NumberOfStreams 8,9,10,13
+>8	ulelong			x				\b, %d streams
+# StreamDirectoryRva 0x20
+>12	ulelong			!0x20				\b, %#8.8x RVA
+# CheckSum 0
+>16	ulelong			!0				\b, CheckSum %#8.8x
+# Reserved or TimeDateStamp
+>20	ledate			x				\b, %s
+# https://msdn.microsoft.com/en-us/library/windows/desktop/ms680519%28v=vs.85%29.aspx
+# Flags MINIDUMP_TYPE enumeration type 0 0x121 0x800
+>24	ulelong			x				\b, %#x type
+# >24	ulelong			>0				\b; include
+# >>24	ulelong			&0x00000001			\b data sections,
+# >>24	ulelong			&0x00000020			\b list of unloaded modules,
+# >>24	ulelong			&0x00000100			\b process and thread information,
+# >>24	ulelong			&0x00000800			\b memory information,
+
+# Summary: abook addressbook file
+# Submitted by: Mark Schreiber <mark7@alumni.cmu.edu>
+0	string	#\x20abook\x20addressbook\x20file abook address book
+!:mime application/x-abook-addressbook
diff --git a/magic/Magdir/mkid b/magic/Magdir/mkid
new file mode 100644
index 0000000..faad396
--- /dev/null
+++ b/magic/Magdir/mkid
@@ -0,0 +1,11 @@
+
+#------------------------------------------------------------------------------
+# $File: mkid,v 1.6 2009/09/19 16:28:10 christos Exp $
+# mkid:  file(1) magic for mkid(1) databases
+#
+# ID is the binary tags database produced by mkid(1).
+#
+# XXX - byte order?
+#
+0	string		\311\304	ID tags data
+>2	short		>0		version %d
diff --git a/magic/Magdir/mlssa b/magic/Magdir/mlssa
new file mode 100644
index 0000000..3c8875e
--- /dev/null
+++ b/magic/Magdir/mlssa
@@ -0,0 +1,8 @@
+
+#------------------------------------------------------------------------------
+# $File: mlssa,v 1.4 2009/09/19 16:28:10 christos Exp $
+# mlssa: file(1) magic for MLSSA datafiles
+#
+0		lelong		0xffffabcd	MLSSA datafile,
+>4		leshort		x		algorithm %d,
+>10		lelong		x		%d samples
diff --git a/magic/Magdir/mmdf b/magic/Magdir/mmdf
new file mode 100644
index 0000000..5576a66
--- /dev/null
+++ b/magic/Magdir/mmdf
@@ -0,0 +1,6 @@
+
+#------------------------------------------------------------------------------
+# $File: mmdf,v 1.6 2009/09/19 16:28:10 christos Exp $
+# mmdf:  file(1) magic for MMDF mail files
+#
+0	string	\001\001\001\001	MMDF mailbox
diff --git a/magic/Magdir/modem b/magic/Magdir/modem
new file mode 100644
index 0000000..5d59401
--- /dev/null
+++ b/magic/Magdir/modem
@@ -0,0 +1,92 @@
+
+#------------------------------------------------------------------------------
+# $File: modem,v 1.11 2022/10/19 20:15:16 christos Exp $
+# modem:  file(1) magic for modem programs
+#
+# From: Florian La Roche <florian@knorke.saar.de>
+1	string		PC\ Research,\ Inc	Digifax-G3-File
+>29	byte		1			\b, fine resolution
+>29	byte		0			\b, normal resolution
+
+# Summary: CCITT Group 3 Facsimile in "raw" form (i.e. no header).
+# Modified by: Joerg Jenderek
+# URL: https://de.wikipedia.org/wiki/Fax
+#	http://fileformats.archiveteam.org/wiki/CCITT_Group_3
+# Reference: https://web.archive.org/web/20020628195336/http://www.netnam.vn/unescocourse/computervision/104.htm
+# GRR: EOL of G3 is too general as it catches also TrueType fonts, Postscript PrinterFontMetric, others
+0	short		0x0100
+# 16 0-bits near beginning like True Type fonts *.ttf, Postscript PrinterFontMetric *.pfm, FTYPE.HYPERCARD, XFER
+>2	search/9	\0\0
+# maximal 7 0-bits for pixel sequences or 11 0-bits for EOL in G3
+>2	default		x
+# skip IRCAM file (VAX big-endian)	./audio
+>>0	belong		!0x0001a364
+# skip GEM Image data			./images
+>>>2	beshort		!0x0008
+# look for first keyword of Panorama database *.pan
+>>>>11	search/262	\x06DESIGN
+# skip Panorama database
+>>>>11	default		x
+# old Apple DreamWorld DreamGrafix *.3200 with keyword at end of g3 looking files
+>>>>>27118	search/1864	DreamWorld
+>>>>>27118	default		x
+# skip MouseTrap/Mt.Defaults with file size 16 found on Golden Orchard Apple II CD Rom
+>>>>>>8		ubequad		!0x2e01010454010203
+# skip PICTUREH.SML found on Golden Orchard Apple II CD Rom
+>>>>>>>8	ubequad		!0x5dee74ad1aa56394
+# skip few (5/41) DEGAS mid-res bitmap (GEMINI01.PI2 GEMINI02.PI2 GEMINI03.PI2 CODE_RAM.PI2 TBX_DEMO.PI2)
+# with file size 32034
+>>>>>>>>-0	offset		!32034	raw G3 (Group 3) FAX, byte-padded
+# version 5.25 labeled the entry above "raw G3 data, byte-padded"
+!:mime	image/g3fax
+#!:apple	????TIFF
+!:ext	g3
+# unusual image starting with black pixel
+#0	short		0x1300		raw G3 (Group 3) FAX
+0	short		0x1400
+# 16 0-bits near beginning like PicturePuzzler found on Golden Orchard Apple CD Rom
+>2	search/9	\0\0
+# maximal 7 0-bits for pixel sequences or 11 0-bits for EOL in G3
+>2	default		x
+# skip some (84/1246) MacBinary II/III (Cyberdog2.068k.smi.bin FileMakerPro4.img.bin Hypercard1.25.image.bin UsbStorage1.3.5.smi.bin) with "non random" numbers by versions values 81h/82h + 81h
+>>122	ubeshort&0xFcFf	!0x8081		raw G3 (Group 3) FAX
+# version 5.25 labeled the above entry as "raw G3 data"
+!:mime	image/g3fax
+!:ext	g3
+# unusual image with black pixel near beginning
+#0	short		0x1900		raw G3 (Group 3) FAX
+
+#
+# Magic data for vgetty voice formats
+# (Martin Seine & Marc Eberhard)
+
+#
+# raw modem data version 1
+#
+0    string    RMD1      raw modem data
+>4   string    >\0       (%s /
+>20  short     >0        compression type %#04x)
+
+#
+# portable voice format 1
+#
+0    string    PVF1\n         portable voice format
+>5   string    >\0       (binary %s)
+
+#
+# portable voice format 2
+#
+0    string    PVF2\n         portable voice format
+>5   string >\0          (ascii %s)
+
+# From: Bernd Nuernberger <bernd.nuernberger@web.de>
+# Brooktrout G3 fax data incl. 128 byte header
+# Common suffixes: 3??, BRK, BRT, BTR
+0	leshort		0x01bb
+>2	leshort		0x0100		Brooktrout 301 fax image,
+>>9	leshort		x		%d x
+>>0x2d	leshort		x		%d
+>>6	leshort		200		\b, fine resolution
+>>6	leshort		100		\b, normal resolution
+>>11	byte		1		\b, G3 compression
+>>11	byte		2		\b, G32D compression
diff --git a/magic/Magdir/modulefile b/magic/Magdir/modulefile
new file mode 100644
index 0000000..46c3baf
--- /dev/null
+++ b/magic/Magdir/modulefile
@@ -0,0 +1,9 @@
+
+#------------------------------------------------------------------------------
+# $File: modulefile,v 1.1 2019/10/15 18:04:40 christos Exp $
+# modulefile:  file(1) magic for user's environment modulefile
+# URL: http://modules.sourceforge.net/
+# Reference: https://modules.readthedocs.io/en/stable/modulefile.html
+# From: Xavier Delaruelle <xavier.delaruelle@cea.fr>
+0	string	#%Module	modulefile
+!:mime	text/x-modulefile
diff --git a/magic/Magdir/motorola b/magic/Magdir/motorola
new file mode 100644
index 0000000..af93720
--- /dev/null
+++ b/magic/Magdir/motorola
@@ -0,0 +1,71 @@
+
+#------------------------------------------------------------------------------
+# $File: motorola,v 1.12 2021/04/26 15:56:00 christos Exp $
+# motorola:  file(1) magic for Motorola 68K and 88K binaries
+#
+# 68K
+#
+0	beshort		0520		mc68k COFF
+>18	beshort		^00000020	object
+>18	beshort		&00000020	executable
+>12	belong		>0		not stripped
+>168	string		.lowmem		Apple toolbox
+>20	beshort		0407		(impure)
+>20	beshort		0410		(pure)
+>20	beshort		0413		(demand paged)
+>20	beshort		0421		(standalone)
+0	beshort		0521		mc68k executable (shared)
+>12	belong		>0		not stripped
+0	beshort		0522		mc68k executable (shared demand paged)
+>12	belong		>0		not stripped
+#
+# Motorola/UniSoft 68K Binary Compatibility Standard (BCS)
+#
+0	beshort		0554		68K BCS executable
+#
+# 88K
+#
+# Motorola/88Open BCS
+#
+0	beshort		0555		88K BCS executable
+#
+# Motorola S-Records, from Gerd Truschinski <gt@freebsd.first.gmd.de>
+0   string      S0          Motorola S-Record; binary data in text format
+
+# ATARI ST relocatable PRG
+#
+# from Oskar Schirmer <schirmer@scara.com> Feb 3, 2001
+# (according to Roland Waldi, Oct 21, 1987)
+# besides the magic 0x601a, the text segment size is checked to be
+# not larger than 1 MB (which is a lot on ST).
+# The additional 0x601b distinction I took from Doug Lee's magic.
+0	belong&0xFFFFFFF0	0x601A0000	Atari ST M68K contiguous executable
+>2	belong			x		(txt=%d,
+>6	belong			x		dat=%d,
+>10	belong			x		bss=%d,
+>14	belong			x		sym=%d)
+0	belong&0xFFFFFFF0	0x601B0000	Atari ST M68K non-contig executable
+>2	belong			x		(txt=%d,
+>6	belong			x		dat=%d,
+>10	belong			x		bss=%d,
+>14	belong			x		sym=%d)
+
+# Atari ST/TT... program format (sent by Wolfram Kleff <kleff@cs.uni-bonn.de>)
+0       beshort         0x601A          Atari 68xxx executable,
+>2      belong          x               text len %u,
+>6      belong          x               data len %u,
+>10     belong          x               BSS len %u,
+>14     belong          x               symboltab len %u,
+>18     belong          0
+>22     belong          &0x01           fastload flag,
+>22     belong          &0x02           may be loaded to alternate RAM,
+>22     belong          &0x04           malloc may be from alternate RAM,
+>22     belong          x               flags: %#X,
+>26     beshort         0               no relocation tab
+>26     beshort         !0              + relocation tab
+>30     string          SFX             [Self-Extracting LZH SFX archive]
+>38     string          SFX             [Self-Extracting LZH SFX archive]
+>44     string          ZIP!            [Self-Extracting ZIP SFX archive]
+
+0       beshort         0x0064          Atari 68xxx CPX file
+>8      beshort         x               (version %04x)
diff --git a/magic/Magdir/mozilla b/magic/Magdir/mozilla
new file mode 100644
index 0000000..32f3bb7
--- /dev/null
+++ b/magic/Magdir/mozilla
@@ -0,0 +1,37 @@
+
+#------------------------------------------------------------------------------
+# $File: mozilla,v 1.12 2021/04/26 15:56:00 christos Exp $
+# mozilla:  file(1) magic for Mozilla XUL fastload files
+# (XUL.mfasl and XPC.mfasl)
+# URL:	https://www.mozilla.org/
+# From:	Josh Triplett <josh@freedesktop.org>
+
+0	string	XPCOM\nMozFASL\r\n\x1A		Mozilla XUL fastload data
+# Probably the next magic line contains misspelled "mozLz40\0"
+0	string	mozLz4a				Mozilla lz4 compressed bookmark data
+# From: Joerg Jenderek
+# URL: https://lz4.github.io/lz4/
+# Reference: https://github.com/avih/dejsonlz4/archive/master.zip/
+# dejsonlz4-master\src\dejsonlz4.c 
+# Note: mostly JSON compressed with a non-standard LZ4 header
+# can be unpacked by dejsonlz4 but not lz4 program.
+0	string	mozLz40\0			Mozilla lz4 compressed data
+!:mime	application/x-lz4+json
+# mozlz4 extension seems to be used for search/store, while jsonlz4 for bookmarks
+!:ext	jsonlz4/mozlz4
+# decomp_size
+>8	ulelong	x				\b, originally %u bytes
+# lz4 data
+#>12	ubequad	x				\b, lz4 data %#16.16llx
+
+# From: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Firefox_4
+# Reference: https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT
+# Note:	Most ZIP utilities are able to extract such archives
+#	maybe only partly or after some warnings. Example:
+#	zip -FF omni.ja --out omni.zip
+4	string	PK\001\002	Mozilla archive omni.ja
+!:mime	application/x-zip
+!:ext	ja
+# TODO:
+#>4	use	zip-dir-entry
diff --git a/magic/Magdir/msdos b/magic/Magdir/msdos
new file mode 100644
index 0000000..aacf859
--- /dev/null
+++ b/magic/Magdir/msdos
@@ -0,0 +1,2304 @@
+
+#------------------------------------------------------------------------------
+# $File: msdos,v 1.169 2023/04/17 16:39:19 christos Exp $
+# msdos:  file(1) magic for MS-DOS files
+#
+
+# .BAT files (Daniel Quinlan, quinlan@yggdrasil.com)
+# updated by Joerg Jenderek at Oct 2008,Apr 2011
+0	string/t	@
+>1	string/cW	\ echo\ off	DOS batch file text
+!:mime	text/x-msdos-batch
+!:ext	bat
+>1	string/cW	echo\ off	DOS batch file text
+!:mime	text/x-msdos-batch
+!:ext	bat
+>1	string/cW	rem		DOS batch file text
+!:mime	text/x-msdos-batch
+!:ext	bat
+>1	string/cW	set\ 		DOS batch file text
+!:mime	text/x-msdos-batch
+!:ext	bat
+
+
+# OS/2 batch files are REXX. the second regex is a bit generic, oh well
+# the matched commands seem to be common in REXX and uncommon elsewhere
+100	search/0xffff   rxfuncadd
+>100	regex/c =^[\ \t]{0,10}call[\ \t]{1,10}rxfunc	OS/2 REXX batch file text
+100	search/0xffff   say
+>100	regex/c =^[\ \t]{0,10}say\ ['"]			OS/2 REXX batch file text
+
+# updated by Joerg Jenderek at Oct 2015
+# https://de.wikipedia.org/wiki/Common_Object_File_Format
+# http://www.delorie.com/djgpp/doc/coff/filhdr.html
+# ./intel already labeled COFF type 0x14c=0514 as "80386 COFF executable"
+#0	leshort		0x14c	MS Windows COFF Intel 80386 object file
+#>4	ledate		x	stamp %s
+0	leshort		0x166	MS Windows COFF MIPS R4000 object file
+#>4	ledate		x	stamp %s
+0	leshort		0x184	MS Windows COFF Alpha object file
+#>4	ledate		x	stamp %s
+0	leshort		0x268	MS Windows COFF Motorola 68000 object file
+#>4	ledate		x	stamp %s
+0	leshort		0x1f0	MS Windows COFF PowerPC object file
+#>4	ledate		x	stamp %s
+0	leshort		0x290	MS Windows COFF PA-RISC object file
+#>4	ledate		x	stamp %s
+
+# Tests for various EXE types.
+#
+# Many of the compressed formats were extracted from IDARC 1.23 source code.
+#
+# e_magic
+0	string/b	MZ
+#	TODO
+# FLT:	Syntrillium CoolEdit Filter		https://en.wikipedia.org/wiki/Adobe_Audition
+# FMX64:FileMaker Pro 64-bit plug-in		https://en.wikipedia.org/wiki/FileMaker
+# FMX:	FileMaker Pro 32-bit plug-in		https://en.wikipedia.org/wiki/FileMaker
+# FOD:	WIFE Font Driver
+# GAU:	MS Flight Simulator Gauge
+# IFS:	OS/2 Installable File System		https://en.wikipedia.org/wiki/OS/2
+# MEXW32:MATLAB Windows 32bit compiled function	https://en.wikipedia.org/wiki/MATLAB
+# MEXW64:MATLAB Windows 64bit compiled function	https://en.wikipedia.org/wiki/MATLAB
+# MLL:	Maya plug-in (generic)	       		http://en.wikipedia.org/wiki/Autodesk_Maya
+# PFL:	PhotoFilter plugin			http://photofiltre.free.fr
+# 8*:	PhotoShop plug-in (generic)		http://www.adobe.com/products/photoshop/main.html
+# PLG:	Aston Shell plugin			http://www.astonshell.com/
+# QLB:	Microsoft Basic Quick library		https://en.wikipedia.org/wiki/QuickBASIC
+# SKL:	WinLIFT skin				http://www.zapsolution.com/winlift/index.htm
+# TBK:	Asymetrix ToolBook application		http://www.toolbook.com
+# TBP:	The Bat! plugin	   			http://www.ritlabs.com
+# UPC:	Ultimate Paint Graphics Editor plugin	http://ultimatepaint.j-t-l.com
+# XFM:	Syntrillium Cool Edit Transform Effect	bad http://www.cooledit.com
+# XPL:	X-Plane plugin	      			http://www.xsquawkbox.net/xpsdk/
+# ZAP:	ZoneLabs Zone Alarm data		http://www.zonelabs.com
+#
+# NEXT LINES FOR DEBUGGING!
+# e_cblp; bytes on last page of file
+# e_cp; pages in file
+#>4		uleshort	x	\b, e_cp 0x%x
+# e_lfanew; file address of new exe header
+#>0x3c		ulelong		x	\b, e_lfanew 0x%x
+# e_lfarlc; address of relocation table
+#>0x18		uleshort	x	\b, e_lfarlc=0x%x
+# e_ovno; overlay number. If zero, this is the main executable foo
+#>0x1a		uleshort	!0	\b, e_ovno 0x%x
+#>0x1C		ubequad		!0	\b, e_res 0x%16.16llx
+# e_oemid; often 0
+#>0x24		uleshort	!0	\b, e_oemid 0x%x
+# e_oeminfo; typically zeroes, but 13Dh (WORDSTAR.CNV WPFT5.CNV) 143h (WRITWIN.CNV)
+# 1A3h (DBASE.CNV LOTUS123.CNV RFTDCA.CNV WORDDOS.CNV WORDMAC.CNV WORDWIN1.CNVXLBIFF.CNV)
+#>0x26		uleshort	!0	\b, e_oeminfo 0x%x
+#  e_res2; typically zeroes, but 000006006F082D2Ah SCSICFG.EXE 00009A0300007C03h de.exe
+# 0000CA0000000002h country.exe dosxmgr.exe 421E0A00421EA823h QMC.EXE
+#>0x28		ubequad		!0	\b, e_res2 0x%16.16llx
+# https://web.archive.org/web/20171116024937/http://www.ctyme.com/intr/rb-2939.htm#table1593
+# https://github.com/uxmal/reko/blob/master/src/ImageLoaders/MzExe/ExeImageLoader.cs
+# new exe header magic like: PE NE LE LX W3 W4
+# no examples found for ZM DL MP P2 P3
+#>(0x3c.l)	string		x	\b, at [0x3c] %.2s
+#>(0x3c.l)	ubelong		x	\b, at [0x3c] %#8.8x
+#>(0x3c.l+4)	ubelong		x	\b, at [0x3c+4] %#8.8x
+#
+# Most non-DOS MZ-executable extensions have the relocation table more than 0x40 bytes into the file.
+# http://www.mitec.cz/Downloads/EXE.zip/EXE64.exe	e_lfarlc=0x8ead
+# OS/2 ECS\INSTALL\DETECTEI\PCISCAN.EXE			e_lfarlc=0x1c
+# some EFI apps Shell_Full.efi ext4_x64_signed.efi	e_lfarlc=0
+# Icon library WORD60.ICL				e_lfarlc=0
+# Microsoft compiled help format 2.0 WINWORD.DEV.HXS	e_lfarlc=0
+>0x18	uleshort <0x40
+# check magic of new second header
+# NE executable with low e_lfarlc like: WORD60.ICL
+# ICL:	Icons Library 16-bit			http://fileformats.archiveteam.org/wiki/Icon_library
+>>(0x3c.l)	string	NE	Windows Icons Library 16-bit
+!:mime		image/x-ms-icl
+!:ext		icl
+# handle LX executable with low e_lfarlc like: PCISCAN.EXE
+>>(0x3c.l)	string	LX
+>>>(0x3c.l)	use		lx-executable
+# skip Portable Executable (PE) with low e_lfarlc here, because handled later
+# like: ext4_x64_signed.efi Shell_Full.efi WINWORD.DEV.HXS
+>>(0x3c.l)	string	PE
+# not New Executable (NE) and not PE with low e_lfarlc like:
+# MACCNV55.EXE WORK_RTF.EXE TELE200.EXE NDD.EXE iflash.exe
+>>(0x3c.l)	default	x	MS-DOS executable, MZ for MS-DOS
+!:mime	application/x-dosexec
+# Windows and later versions of DOS will allow .EXEs to be named with a .COM
+# extension, mostly for compatibility's sake.
+# like: EDIT.COM 4DOS.COM CMD8086.COM CMD-FR.COM SYSLINUX.COM
+# URL:		https://en.wikipedia.org/wiki/Personal_NetWare#VLM
+# Reference:	https://mark0.net/download/triddefs_xml.7z/defs/e/exe-vlm-msg.trid.xml
+# also like: BGISRV.DRV
+!:ext	exe/com/vlm/drv
+# These traditional tests usually work but not always.  When test quality support is
+# implemented these can be turned on.
+#>>0x18	leshort	0x1c	(Borland compiler)
+#>>0x18	leshort	0x1e	(MS compiler)
+
+# Maybe it's a PE?
+# URL:		http://fileformats.archiveteam.org/wiki/Portable_Executable
+# Reference:	https://docs.microsoft.com/de-de/windows/win32/debug/pe-format
+>(0x3c.l)	string		PE\0\0	PE
+!:mime	application/vnd.microsoft.portable-executable
+# https://docs.microsoft.com/de-de/windows/win32/debug/pe-format#characteristics
+# DLL Characteristics
+#>>(0x3c.l+22)	uleshort	x	\b, CHARACTERISTICS %#4.4x,
+# 0x0200~IMAGE_FILE_DEBUG_STRIPPED Debugging information is removed from the image file
+# 0x1000~IMAGE_FILE_SYSTEM The image file is a system file, not a user program. 
+# 0x2000~IMAGE_FILE_DLL The image file is a dynamic-link library (DLL)
+>>(0x3c.l+24)	leshort		0x010b	\b32 executable
+# https://learn.microsoft.com/en-us/windows/win32/debug/pe-format#windows-subsystem
+#>>>(0x3c.l+92)	leshort		x	\b, SUBSYSTEM %u
+>>(0x3c.l+24)	leshort		0x020b	\b32+ executable
+#>>>(0x3c.l+92)	leshort		x	\b, SUBSYSTEM %u
+>>(0x3c.l+24)	leshort		0x0107	ROM image
+>>(0x3c.l+24)	default		x	Unknown PE signature
+>>>&0 		leshort		x	%#x
+>>(0x3c.l+22)	leshort&0x2000	>0	(DLL)
+# 0~IMAGE_SUBSYSTEM_UNKNOWN An unknown subsystem
+>>(0x3c.l+92)	leshort		0	(
+# Summary:	Microsoft compiled help *.HXS format 2.0
+# URL:		https://en.wikipedia.org/wiki/Microsoft_Help_2
+# Reference:	http://www.russotto.net/chm/itolitlsformat.html
+#		https://mark0.net/download/triddefs_xml.7z/defs/h/hxs.trid.xml
+# Note:		2 PE sections (.rsrc, .its) implies Microsoft compiled help format; the .its section contains the help content ITOLITLS
+#		verified by command like `pelook.exe -d WINWORD.HXS & pelook.exe -h WINWORD.HXS`
+>>>(0x3c.l+6)	uleshort	=2	\bMicrosoft compiled help format 2.0)
+!:ext	hxs
+# 3 PE sections (.text, .reloc, .rsrc) implies some Control Panel Item like: 
+# CPL:	Control Panel item for WINE 1.7.28	https://www.winehq.org/
+>>>(0x3c.l+6)	uleshort	!2	\bControl Panel Item)
+!:ext	cpl
+# 1~IMAGE_SUBSYSTEM_NATIVE device drivers and native Windows processes 
+>>(0x3c.l+92)	leshort		1
+# Native PEs include ntoskrnl.exe, hal.dll, smss.exe, autochk.exe, and all the
+# drivers in Windows/System32/drivers/*.sys.
+>>>(0x3c.l+22)	leshort&0x2000	>0	(native)
+!:ext	dll/sys
+>>>(0x3c.l+22)	leshort&0x2000	0	(native)
+!:ext	exe/sys
+# 2~IMAGE_SUBSYSTEM_WINDOWS_GUI	The Windows graphical user interface (GUI) subsystem 
+>>(0x3c.l+92)	leshort		2
+>>>(0x3c.l+22)	leshort&0x2000	>0	(GUI)
+# These could probably be at least partially distinguished from one another by
+# looking for specific exported functions.
+# CPL: Control Panel item
+# TLB: Type library
+# OCX: OLE/ActiveX control
+# ACM: Audio compression manager codec
+# AX: DirectShow source filter
+# IME: Input method editor
+!:ext	dll/cpl/tlb/ocx/acm/ax/ime
+>>>(0x3c.l+22)	leshort&0x2000	0	(GUI)
+# Screen savers typically include code from the scrnsave.lib static library, but
+# that's not guaranteed.
+!:ext	exe/scr
+# 3~IMAGE_SUBSYSTEM_WINDOWS_CUI	The Windows character subsystem 
+>>(0x3c.l+92)	leshort		3
+>>>(0x3c.l+22)	leshort&0x2000	>0	(console)
+!:ext	dll/cpl/tlb/ocx/acm/ax/ime
+>>>(0x3c.l+22)	leshort&0x2000	0	(console)
+!:ext	exe/com
+# NO Windows Subsystem number 4!
+>>(0x3c.l+92)	leshort		4	(Unknown subsystem 4)
+# 5~IMAGE_SUBSYSTEM_OS2_CUI The OS/2 character subsystem 
+>>(0x3c.l+92)	leshort		5	(OS/2)
+# GRR: No examples found by Joerg Jenderek
+#!:ext	foo-exe-os2
+# NO Windows Subsystem number 6!
+>>(0x3c.l+92)	leshort		6	(Unknown subsystem 6)
+# 7~IMAGE_SUBSYSTEM_POSIX_CUI The Posix character subsystem 
+>>(0x3c.l+92)	leshort		7	(POSIX
+>>>(0x3c.l+22)	leshort&0x2000	>0	\b)
+# like: PSXDLL.DLL
+!:ext	dll
+>>>(0x3c.l+22)	leshort&0x2000	0	\b)
+# like: PAX.EXE
+!:ext	exe
+# 8~IMAGE_SUBSYSTEM_NATIVE_WINDOWS Native Win9x driver 
+>>(0x3c.l+92)	leshort		8	(Win9x)
+# GRR: No examples found by Joerg Jenderek
+#!:ext	foo-exe-win98
+# 9~IMAGE_SUBSYSTEM_WINDOWS_CE_GUI Windows CE
+>>(0x3c.l+92)	leshort		9	(Windows CE
+>>>(0x3c.l+22)	leshort&0x2000	>0	\b)
+# like: MCS9900Ce50.dll Mosiisr99x.dll TMCGPS.DLL
+!:ext	dll
+>>>(0x3c.l+22)	leshort&0x2000	0	\b)
+# like: NNGStart.exe navigator.exe
+!:ext	exe
+# 10~IMAGE_SUBSYSTEM_EFI_APPLICATION An Extensible Firmware Interface (EFI) application 
+>>(0x3c.l+92)	leshort		10	(EFI application)
+# like: bootmgfw.efi grub.efi gdisk_x64.efi Shell_Full.efi shim.efi syslinux.efi
+!:ext	efi
+# 11~IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER An EFI driver with boot services 
+>>(0x3c.l+92)	leshort		11	(EFI boot service driver)
+# like: ext2_x64_signed.efi Fat_x64.efi iso9660_x64_signed.efi
+!:ext	efi
+>>(0x3c.l+92)	leshort		12	(EFI runtime driver)
+# no sample found
+!:ext	efi
+# 13~IMAGE_SUBSYSTEM_EFI_ROM An EFI ROM image
+>>(0x3c.l+92)	leshort		13	(EFI ROM)
+# no sample found
+!:ext	efi
+# 14~IMAGE_SUBSYSTEM_XBOX XBOX 
+>>(0x3c.l+92)	leshort		14	(XBOX)
+#!:ext	foo-xbox
+# NO Windows Subsystem number 15!
+>>(0x3c.l+92)	leshort		15	(Unknown subsystem 15)
+# 16~IMAGE_SUBSYSTEM_WINDOWS_BOOT_APPLICATION Windows boot application
+>>(0x3c.l+92)	leshort		16	(Windows boot application
+>>>(0x3c.l+22)	leshort&0x2000	>0	\b)
+# like: bootvhd.dll bootuwf.dll hvloader.dll tcbloader.dll bootspaces.dll
+!:ext	dll
+>>>(0x3c.l+22)	leshort&0x2000	0	\b)
+# like: bootmgr.efi memtest.efi shellx64.efi memtest.exe winload.exe winresume.exe bootvhd.dll hvloader.dll
+!:ext	efi/exe
+# GRR: the next 2 lines are not executed!
+#>>(0x3c.l+92)	default		x	(Unknown subsystem
+#>>>&0		leshort		x	%#x)
+>>(0x3c.l+92)	leshort		>16	(Unknown subsystem
+>>>&0		leshort		x	%#x)
+>>(0x3c.l+4)	leshort		0x14c	Intel 80386
+>>(0x3c.l+4)	leshort		0x166	MIPS R4000
+>>(0x3c.l+4)	leshort		0x168	MIPS R10000
+>>(0x3c.l+4)	leshort		0x184	Alpha
+>>(0x3c.l+4)	leshort		0x1a2	Hitachi SH3
+>>(0x3c.l+4)	leshort		0x1a3	Hitachi SH3 DSP
+>>(0x3c.l+4)	leshort		0x1a8	Hitachi SH5
+>>(0x3c.l+4)	leshort		0x169	MIPS WCE v2
+>>(0x3c.l+4)	leshort		0x1a6	Hitachi SH4
+>>(0x3c.l+4)	leshort		0x1c0	ARM
+>>(0x3c.l+4)	leshort		0x1c2	ARM Thumb
+>>(0x3c.l+4)	leshort		0x1c4	ARMv7 Thumb
+>>(0x3c.l+4)	leshort		0x1d3	Matsushita AM33
+>>(0x3c.l+4)	leshort		0x1f0	PowerPC
+>>(0x3c.l+4)	leshort		0x1f1	PowerPC with FPU
+>>(0x3c.l+4)	leshort		0x1f2	PowerPC (big-endian)
+>>(0x3c.l+4)	leshort		0x200	Intel Itanium
+>>(0x3c.l+4)	leshort		0x266	MIPS16
+>>(0x3c.l+4)	leshort		0x268	Motorola 68000
+>>(0x3c.l+4)	leshort		0x290	PA-RISC
+>>(0x3c.l+4)	leshort		0x366	MIPSIV
+>>(0x3c.l+4)	leshort		0x466	MIPS16 with FPU
+>>(0x3c.l+4)	leshort		0xebc	EFI byte code
+>>(0x3c.l+4)	leshort		0x5032	RISC-V 32-bit
+>>(0x3c.l+4)	leshort		0x5064	RISC-V 64-bit
+>>(0x3c.l+4)	leshort		0x5128	RISC-V 128-bit
+>>(0x3c.l+4)	leshort		0x6232	LoongArch 32-bit
+>>(0x3c.l+4)	leshort		0x6264	LoongArch 64-bit
+>>(0x3c.l+4)	leshort		0x9041	Mitsubishi M32R
+>>(0x3c.l+4)	leshort		0x8664	x86-64
+>>(0x3c.l+4)	leshort		0xaa64	Aarch64
+>>(0x3c.l+4)	leshort		0xc0ee	MSIL
+# GRR: the next 2 lines are not executed!
+>>(0x3c.l+4)	default		x	Unknown processor type
+>>>&0		leshort		x	%#x
+>>(0x3c.l+22)	leshort&0x0200	>0	(stripped to external PDB)
+>>(0x3c.l+22)	leshort&0x1000	>0	system file
+>>(0x3c.l+24)	leshort		0x010b
+>>>(0x3c.l+232) lelong	>0	Mono/.Net assembly
+>>(0x3c.l+24)	leshort		0x020b
+>>>(0x3c.l+248) lelong	>0	Mono/.Net assembly
+
+# hooray, there's a DOS extender using the PE format, with a valid PE
+# executable inside (which just prints a message and exits if run in win)
+>>(8.s*16)		string		32STUB	\b, 32rtm DOS extender
+>>(8.s*16)		string		!32STUB	\b, for MS Windows
+>>(0x3c.l+0xf8)		string		UPX0 \b, UPX compressed
+>>(0x3c.l+0xf8)		search/0x140	PEC2 \b, PECompact2 compressed
+>>(0x3c.l+0xf8)		search/0x140	UPX2
+>>>(&0x10.l+(-4))	string		PK\3\4 \b, ZIP self-extracting archive (Info-Zip)
+>>(0x3c.l+0xf8)		search/0x140	.idata
+>>>(&0xe.l+(-4))	string		PK\3\4 \b, ZIP self-extracting archive (Info-Zip)
+>>>(&0xe.l+(-4))	string		ZZ0 \b, ZZip self-extracting archive
+>>>(&0xe.l+(-4))	string		ZZ1 \b, ZZip self-extracting archive
+>>(0x3c.l+0xf8)		search/0x140	.rsrc
+>>>(&0x0f.l+(-4))	string		a\\\4\5 \b, WinHKI self-extracting archive
+>>>(&0x0f.l+(-4))	string		Rar! \b, RAR self-extracting archive
+>>>(&0x0f.l+(-4))	search/0x3000	MSCF \b, InstallShield self-extracting archive
+>>>(&0x0f.l+(-4))	search/32	Nullsoft \b, Nullsoft Installer self-extracting archive
+>>(0x3c.l+0xf8)		search/0x140	.data
+>>>(&0x0f.l)		string		WEXTRACT \b, MS CAB-Installer self-extracting archive
+>>(0x3c.l+0xf8)		search/0x140	.petite\0 \b, Petite compressed
+>>>(0x3c.l+0xf7)	byte		x
+>>>>(&0x104.l+(-4))	string		=!sfx! \b, ACE self-extracting archive
+>>(0x3c.l+0xf8)		search/0x140	.WISE \b, WISE installer self-extracting archive
+>>(0x3c.l+0xf8)		search/0x140	.dz\0\0\0 \b, Dzip self-extracting archive
+>>&(0x3c.l+0xf8)	search/0x100	_winzip_ \b, ZIP self-extracting archive (WinZip)
+>>&(0x3c.l+0xf8)	search/0x100	SharedD \b, Microsoft Installer self-extracting archive
+>>0x30			string		Inno \b, InnoSetup self-extracting archive
+# NumberOfSections; Normal Dynamic Link libraries have a few sections for code, data and resource etc.
+# PE used as container have less sections
+>>(0x3c.l+6)	leshort			>1	\b, %u sections
+# do not display for 1 section to get output like in version 5.43 and to keep output columns low
+#>>(0x3c.l+6)	leshort			=1	\b, %u section
+
+# If the relocation table is 0x40 or more bytes into the file, it's definitely
+# not a DOS EXE.
+>0x18	uleshort	>0x3f
+
+# Hmm, not a PE but the relocation table is too high for a traditional DOS exe,
+# must be one of the unusual subformats.
+>>(0x3c.l) string !PE\0\0 MS-DOS executable
+#!:mime	application/x-dosexec
+
+>>(0x3c.l)		string		NE \b, NE
+#!:mime	application/x-dosexec
+!:mime	application/x-ms-ne-executable
+# FOR DEBUGGING!
+# Reference:	https://wiki.osdev.org/NE
+# ProgFlags; Program flags, bitmapped
+#>>>(0x3c.l+0x0C)	ubyte		x	\b, ProgFlags 0x%2.2x
+# >>>(0x3c.l+0x0c)	ubyte&0x03	=0	\b, none
+# >>>(0x3c.l+0x0c)	ubyte&0x03	=1	\b, single shared
+# >>>(0x3c.l+0x0c)	ubyte&0x03	=2	\b, multiple
+# >>>(0x3c.l+0x0c)	ubyte&0x03	=3	\b, (null)
+# >>>(0x3c.l+0x0c)	ubyte		&0x04	\b, Global initialization
+# >>>(0x3c.l+0x0c)	ubyte		&0x08	\b, Protected mode only
+# >>>(0x3c.l+0x0c)	ubyte		&0x10	\b, 8086 instructions
+# >>>(0x3c.l+0x0c)	ubyte		&0x20	\b, 80286 instructions
+# >>>(0x3c.l+0x0c)	ubyte		&0x40	\b, 80386 instructions
+# >>>(0x3c.l+0x0c)	ubyte		&0x80	\b, 80x87 instructions
+# ApplFlags; Application flags, bitmapped
+# https://www.fileformat.info/format/exe/corion-ne.htm
+#>>>(0x3c.l+0x0D)	ubyte		x	\b, ApplFlags 0x%2.2x
+# Application type (bits 0-2); 1~Full screen (not aware of Windows/P.M. API)
+# 2~Compatible with Windows/P.M. API 3~Uses Windows/P.M. API
+#>>>(0x3c.l+0x0D)	ubyte&0x07	=1	\b, Full screen
+#>>>(0x3c.l+0x0D)	ubyte&0x07	=2	\b, Compatible with Windows/P.M. API
+#>>>(0x3c.l+0x0D)	ubyte&0x07	=3	\b, use Windows/P.M. API
+# bit 7; DLL or driver (SS:SP info invalid, CS:IP points at FAR init routine called with AX handle
+#>>>(0x3c.l+0x0D)	ubyte		&0x80	\b, DLL or driver
+# AutoDataSegIndex; automatic data segment index like: 0 2 3 22
+# zero if the SINGLEDATA and MULTIPLEDATA bits are cleared
+#>>>(0x3c.l+0x0e)	uleshort	x	\b, AutoDataSegIndex %u
+# InitHeapSize; intial local heap size like; 0 400h 1400h
+# zero if there is no local allocation
+#>>>(0x3c.l+0x10)	uleshort	!0	\b, InitHeapSize 0x%x
+# InitStackSize; inital stack size like: 0 10h A00h 7D0h A8Ch FA0h 1000h 1388h
+# 1400h (CBT) 1800h 2000h 2800h 2EE0h 2F3Ch 3258h 3E80h 4000h 4E20h 5000h 6000h
+# 6D60h 8000h 40000h
+# zero if the SS register value does not equal the DS register value
+#>>>(0x3c.l+0x12)	uleshort	!0	\b, InitStackSize 0x%x
+# EntryPoint; segment offset value of CS:IP like: 0 10000h 18A84h 11C1Ah 307F1h 
+#>>>(0x3c.l+0x14)	ulelong		!0 	\b, EntryPoint 0x%x
+# InitStack; specifies the segment offset value of stack pointer SS:SP
+# like: 0 20000h 160000h
+#>>>(0x3c.l+0x18)	ulelong		!0	\b, InitStack 0x%x
+# SegCount; number of segments in segment table like: 0 1 2 3 16h
+#>>>(0x3c.l+0x1C)	uleshort	x	\b, SegCount 0x%x
+# ModRefs; number of module references (DLLs) like; 0 1 3
+#>>>(0x3c.l+0x1E)	uleshort	!0	\b, ModRefs %u
+# NoResNamesTabSiz; size in bytes of non-resident names table
+# like: Bh 16h B4h B9h 2Ch 18Fh 16AAh
+#>>>(0x3c.l+0x20)	uleshort	x	\b, NoResNamesTabSiz 0x%x
+# SegTableOffset; offset of Segment table like: 40h
+#>>>(0x3c.l+0x22)	uleshort	!0x40	\b, SegTableOffset 0x%x
+# ResTableOffset; offset of resources table like: 40h 50h 58h F0h
+# 40h for most fonts likedos737.fon FMFONT.FOT but 60h for L1WBASE.FON
+#>>>(0x3c.l+0x24)	uleshort	x 	\b, ResTableOffset 0x%x
+# ResidNamTable; offset of resident names table
+# like: 58h 5Ch 60h 68h 74h 98h 2E3h 2E7h 2F0h
+#>>>(0x3c.l+0x26)	uleshort		x \b, ResidNamTable 0x%x
+# ImportNameTable; offset of imported names table (array of counted strings, terminated with string of length 00h)
+# like: 77h 7Eh 80h C6h A7h ACh 2F8h 3FFh
+#>>>(0x3c.l+0x2a)	uleshort	x	\b, ImportNameTable 0x%x
+# OffStartNonResTab; offset from start of file to non-resident names table
+# like: 110h 11Dh 19Bh 1A5h 3F5h 4C8h 4EEh D93h
+#>>>(0x3c.l+0x2c)	ulelong		x	\b, OffStartNonResTab 0x%x
+# MovEntryCount; number of movable entry points like: 0 4 5 6 16 17 24 312 355 446
+#>>>(0x3c.l+0x30)	uleshort	!0	\b, MovEntryCount %u
+# FileAlnSzShftCnt; log2 of the segment sector size; 4~16 0~9~512 (default)
+#>>>(0x3c.l+0x32)	uleshort	!9 	\b, FileAlnSzShftCnt %u
+# nResTabEntries; number of resource table entries like: 0 2
+#>>>(0x3c.l+0x34)	uleshort	!0	\b, nResTabEntries %u
+# targOS; Target OS; 0~unknown~OS/2 1.0 or MS Windows 1-2
+# OS/2 1.0 like: DTM.DLL SHELL11F.EXE HELPMSG.EXE CREATEDD.EXE
+# or Windows 1.03 - 2.1 like: MSDOSD.EXE KARTEI.EXE KALENDER.EXE
+#>>>(0x3c.l+0x36)	byte		x TARGOS %x
+>>>(0x3c.l+0x36)	byte		0 for OS/2 1.0 or MS Windows 1-2
+>>>(0x3c.l+0x36)	byte		1 for OS/2 1.x
+>>>(0x3c.l+0x36)	byte		2 for MS Windows 3.x
+>>>(0x3c.l+0x36)	byte		3 for MS-DOS
+>>>(0x3c.l+0x36)	byte		4 for Windows 386
+>>>(0x3c.l+0x36)	byte		5 for Borland Operating System Services
+# http://downloads.sourceforge.net/dfendreloaded/D-Fend-Reloaded-1.4.4.zip
+# D-Fend Reloaded/VirtualHD/FREEDOS/DPMILD32.EXE
+# GRR: WHAT OS is this?
+#>>>(0x3c.l+0x36)	byte		6 for TARGET SIX
+# https://en.wikipedia.org/wiki/Phar_Lap_(company)
+>>>(0x3c.l+0x36)	byte		0x81 for MS-DOS, Phar Lap DOS extender, OS/2
+# like: CVP7.EXE
+>>>(0x3c.l+0x36)	byte		0x82 for MS-DOS, Phar Lap DOS extender, Windows
+>>>(0x3c.l+0x36)	default		x
+>>>>(0x3c.l+0x36)	ubyte		x (unknown OS %#x)
+# expctwinver; expected Windows version (minor first) like:
+# 0.0~DTM.DLL 203.4~Windows 1.03 GDI.EXE 2.1~TTY.DRV 3.0~dos737.fon FMFONT.FOT THREED.VBX 3.10~GDI.EXE 4.0~(ME) VGAFULL.3GR
+>>>(0x3c.l+0x3F)	ubyte		x	(%u
+>>>(0x3c.l+0x3E)	ubyte		x	\b.%u)
+# OS2EXEFlags; other EXE flags
+# 0~Long filename support 1~2.x protected mode 4~2.x proportional fonts 8~Executable has gangload area
+#>>>(0x3c.l+0x37)	byte		!0	\b, OS2EXEFlags 0x%x
+# retThunkOffset; offset to return thunks or start of gangload area like: 0 34h 58h 246h 
+#>>>(0x3c.l+0x38)	uleshort	!0	\b, retThunkOffset 0x%x
+# segrefthunksoff; offset to segment reference thunks or size of gangload area
+# like: 0 33Eh 39Ah AEEh
+#>>>(0x3c.l+0x3A)	uleshort	!0	\b, segrefthunksoff 0x%x
+# mincodeswap; minimum code swap area size like 0 620Ch
+#>>>(0x3c.l+0x3C)	uleshort	!0 \b, mincodeswap 0x%x
+>>>(0x3c.l+0x0c)	leshort&0x8000	0x8000 (DLL or font)
+# DRV: Driver
+# 3GR: Grabber device driver
+# CPL: Control Panel Item
+# VBX: Visual Basic Extension		https://en.wikipedia.org/wiki/Visual_Basic
+# FON: Bitmap font			http://fileformats.archiveteam.org/wiki/FON
+# FOT: Font resource file
+# EXE: WINSPOOL.EXE USER.EXE krnl386.exe GDI.EXE
+# CNV: Microsoft Word text conversion	https://www.file-extensions.org/cnv-file-extension-microsoft-word-text-conversion-data
+!:ext	dll/drv/3gr/cpl/vbx/fon/fot
+>>>(0x3c.l+0x0c)	leshort&0x8000	0 (EXE)
+!:ext	exe/scr
+>>>&(&0x24.s-1)		string		ARJSFX \b, ARJ self-extracting archive
+>>>(0x3c.l+0x70)	search/0x80	WinZip(R)\ Self-Extractor \b, ZIP self-extracting archive (WinZip)
+
+>>(0x3c.l)		string		LX\0\0 \b, LX
+!:mime	application/x-dosexec
+>>>(0x3c.l+0x0a)	leshort		<1 (unknown OS)
+>>>(0x3c.l+0x0a)	leshort		1 for OS/2
+>>>(0x3c.l+0x0a)	leshort		2 for MS Windows
+>>>(0x3c.l+0x0a)	leshort		3 for DOS
+>>>(0x3c.l+0x0a)	leshort		>3 (unknown OS)
+>>>(0x3c.l+0x10)	lelong&0x28000	=0x8000 (DLL)
+>>>(0x3c.l+0x10)	lelong&0x20000	>0 (device driver)
+>>>(0x3c.l+0x10)	lelong&0x300	0x300 (GUI)
+>>>(0x3c.l+0x10)	lelong&0x28300	<0x300 (console)
+>>>(0x3c.l+0x08)	leshort		1 i80286
+>>>(0x3c.l+0x08)	leshort		2 i80386
+>>>(0x3c.l+0x08)	leshort		3 i80486
+>>>(8.s*16)		string		emx \b, emx
+>>>>&1			string		x %s
+>>>&(&0x54.l-3)		string		arjsfx \b, ARJ self-extracting archive
+
+# MS Windows system file, supposedly a collection of LE executables
+# like vmm32.vxd WIN386.EXE
+>>(0x3c.l)		string		W3 \b, W3 for MS Windows
+#!:mime	application/x-dosexec
+!:mime	application/x-ms-w3-executable
+!:ext	vxd/exe
+# W4 executable
+>>(0x3c.l)		string		W4 \b, W4 for MS Windows
+#!:mime	application/x-dosexec
+!:mime	application/x-ms-w4-executable
+# windows 98 VMM32.VXD
+!:ext	vxd
+
+>>(0x3c.l)		string		LE\0\0 \b, LE executable
+!:mime	application/x-dosexec
+>>>(0x3c.l+0x0a)	leshort		1
+# some DOS extenders use LE files with OS/2 header
+>>>>0x240		search/0x100	DOS/4G for MS-DOS, DOS4GW DOS extender
+>>>>0x240		search/0x200	WATCOM\ C/C++ for MS-DOS, DOS4GW DOS extender
+>>>>0x440		search/0x100	CauseWay\ DOS\ Extender for MS-DOS, CauseWay DOS extender
+>>>>0x40		search/0x40	PMODE/W for MS-DOS, PMODE/W DOS extender
+>>>>0x40		search/0x40	STUB/32A for MS-DOS, DOS/32A DOS extender (stub)
+>>>>0x40		search/0x80	STUB/32C for MS-DOS, DOS/32A DOS extender (configurable stub)
+>>>>0x40		search/0x80	DOS/32A for MS-DOS, DOS/32A DOS extender (embedded)
+# this is a wild guess; hopefully it is a specific signature
+>>>>&0x24		lelong		<0x50
+>>>>>(&0x4c.l)		string		\xfc\xb8WATCOM
+>>>>>>&0		search/8	3\xdbf\xb9 \b, 32Lite compressed
+# another wild guess: if real OS/2 LE executables exist, they probably have higher start EIP
+#>>>>(0x3c.l+0x1c)	lelong		>0x10000 for OS/2
+# fails with DOS-Extenders.
+>>>(0x3c.l+0x0a)	leshort		2 for MS Windows
+>>>(0x3c.l+0x0a)	leshort		3 for DOS
+>>>(0x3c.l+0x0a)	leshort		4 for MS Windows (VxD)
+# VXD: VxD for Windows 95/98/Me
+# 386: VxD for Windows 2.10, 3.0, 3.1x
+# PDR: Port driver
+# MPD: Miniport driver (?)
+!:ext	vxd/386/pdr/mpd
+>>>(&0x7c.l+0x26)	string		UPX \b, UPX compressed
+>>>&(&0x54.l-3)		string		UNACE \b, ACE self-extracting archive
+
+# looks like ASCII, probably some embedded copyright message.
+# and definitely not NE/LE/LX/PE
+>>0x3c		lelong	>0x20000000
+>>>(4.s*512)	leshort !0x014c \b, MZ for MS-DOS
+!:mime	application/x-dosexec
+!:ext	exe/com
+# header data too small for extended executable
+>2		long	!0
+>>0x18		uleshort <0x40
+>>>(4.s*512)	leshort !0x014c
+
+>>>>&(2.s-514)	string	!LE
+>>>>>&-2	string	!BW
+#>>>>>>(0x3c.l)	string		x	\b, 2ND MAGIC %.2s
+# but some LX executable appear here also like: PCISCAN.EXE
+>>>>>>(0x3c.l)	string	!LX
+# because Portable Executable (PE) already done skip many here like:
+# xcopy32.exe stinger64.exe WimUtil.exe
+# NO such DOS examples found and
+# DOS examples seems to be already handled by e_lfarlc <0x40 like: CMD8086.COM CMD-FR.COM
+>>>>>>>(0x3c.l)	string	!PE	\b, MZ for MS-DOS
+!:mime	application/x-dosexec
+>>>>&(2.s-514)	string	LE \b, LE
+>>>>>0x240	search/0x100	DOS/4G for MS-DOS, DOS4GW DOS extender
+# educated guess since indirection is still not capable enough for complex offset
+# calculations (next embedded executable would be at &(&2*512+&0-2)
+# I suspect there are only LE executables in these multi-exe files
+>>>>&(2.s-514)	string	BW
+>>>>>0x240	search/0x100	DOS/4G	\b, LE for MS-DOS, DOS4GW DOS extender (embedded)
+>>>>>0x240	search/0x100	!DOS/4G	\b, BW collection for MS-DOS
+
+# This sequence skips to the first COFF segment, usually .text
+>(4.s*512)	leshort		0x014c \b, COFF
+!:mime	application/x-dosexec
+>>(8.s*16)	string		go32stub for MS-DOS, DJGPP go32 DOS extender
+>>(8.s*16)	string		emx
+>>>&1		string		x for DOS, Win or OS/2, emx %s
+>>&(&0x42.l-3)	byte		x
+>>>&0x26	string		UPX \b, UPX compressed
+# and yet another guess: small .text, and after large .data is unusual, could be 32lite
+>>&0x2c		search/0xa0	.text
+>>>&0x0b	lelong		<0x2000
+>>>>&0		lelong		>0x6000 \b, 32lite compressed
+
+>(8.s*16) string $WdX \b, WDos/X DOS extender
+
+# By now an executable type should have been printed out.  The executable
+# may be a self-uncompressing archive, so look for evidence of that and
+# print it out.
+#
+# Some signatures below from Greg Roelofs, newt@uchicago.edu.
+#
+>0x35	string	\x8e\xc0\xb9\x08\x00\xf3\xa5\x4a\x75\xeb\x8e\xc3\x8e\xd8\x33\xff\xbe\x30\x00\x05 \b, aPack compressed
+>0xe7	string	LH/2\ 	Self-Extract \b, %s
+>0x1c	string	UC2X	\b, UCEXE compressed
+>0x1c	string	WWP\ 	\b, WWPACK compressed
+>0x1c	string	RJSX 	\b, ARJ self-extracting archive
+>0x1c	string	diet 	\b, diet compressed
+>0x1c	string	LZ09 	\b, LZEXE v0.90 compressed
+>0x1c	string	LZ91 	\b, LZEXE v0.91 compressed
+>0x1c	string	tz 	\b, TinyProg compressed
+>0x1e	string	Copyright\ 1989-1990\ PKWARE\ Inc.	Self-extracting PKZIP archive
+!:mime	application/zip
+# Yes, this really is "Copr", not "Corp."
+>0x1e	string	PKLITE\ Copr.	Self-extracting PKZIP archive
+!:mime	application/zip
+# winarj stores a message in the stub instead of the sig in the MZ header
+>0x20	search/0xe0	aRJsfX \b, ARJ self-extracting archive
+>0x20	string AIN
+>>0x23	string 2	\b, AIN 2.x compressed
+>>0x23	string <2	\b, AIN 1.x compressed
+>>0x23	string >2	\b, AIN 1.x compressed
+>0x24	string	LHa's\ SFX \b, LHa self-extracting archive
+!:mime	application/x-lha
+>0x24	string	LHA's\ SFX \b, LHa self-extracting archive
+!:mime	application/x-lha
+>0x24	string	\ $ARX \b, ARX self-extracting archive
+>0x24	string	\ $LHarc \b, LHarc self-extracting archive
+>0x20	string	SFX\ by\ LARC \b, LARC self-extracting archive
+>0x40	string aPKG \b, aPackage self-extracting archive
+>0x64	string	W\ Collis\0\0 \b, Compack compressed
+>0x7a	string		Windows\ self-extracting\ ZIP	\b, ZIP self-extracting archive
+>>&0xf4 search/0x140 \x0\x40\x1\x0
+>>>(&0.l+(4)) string MSCF \b, WinHKI CAB self-extracting archive
+>1638	string	-lh5- \b, LHa self-extracting archive v2.13S
+>0x17888 string Rar! \b, RAR self-extracting archive
+
+# Skip to the end of the EXE.  This will usually work fine in the PE case
+# because the MZ image is hardcoded into the toolchain and almost certainly
+# won't match any of these signatures.
+>(4.s*512)	long	x
+>>&(2.s-517)	byte	x
+>>>&0	string		PK\3\4 \b, ZIP self-extracting archive
+>>>&0	string		Rar! \b, RAR self-extracting archive
+>>>&0	string		=!\x11 \b, AIN 2.x self-extracting archive
+>>>&0	string		=!\x12 \b, AIN 2.x self-extracting archive
+>>>&0	string		=!\x17 \b, AIN 1.x self-extracting archive
+>>>&0	string		=!\x18 \b, AIN 1.x self-extracting archive
+>>>&7	search/400	**ACE** \b, ACE self-extracting archive
+>>>&0	search/0x480	UC2SFX\ Header \b, UC2 self-extracting archive
+
+# a few unknown ZIP sfxes, no idea if they are needed or if they are
+# already captured by the generic patterns above
+>(8.s*16)	search/0x20	PKSFX \b, ZIP self-extracting archive (PKZIP)
+# TODO: how to add this? >FileSize-34 string Windows\ Self-Installing\ Executable \b, ZIP self-extracting archive
+#
+
+# TELVOX Teleinformatica CODEC self-extractor for OS/2:
+>49801	string	\x79\xff\x80\xff\x76\xff	\b, CODEC archive v3.21
+>>49824 leshort		=1			\b, 1 file
+>>49824 leshort		>1			\b, %u files
+
+# Summary:	OS/2 LX Library and device driver (no DOS stub)
+# From:		Joerg Jenderek
+# URL:		http://en.wikipedia.org/wiki/EXE
+# Reference:	http://www.textfiles.com/programming/FORMATS/lxexe.txt
+#		https://github.com/open-watcom/open-watcom-v2/blob/master/bld/watcom/h/exeflat.h
+# Note:		by dll-os2-no-dos-stub.trid.xml called "OS/2 Dynamic Link Library (no DOS stub)"
+# TODO:		unify with DOS stub variant (MZ magic)
+0	string/b	LX
+>2	ushort		=0
+>>0	use			lx-executable
+# no examples found for big endian variant
+>2	ushort		=0x0101
+>>0	use			\^lx-executable
+0       name    	lx-executable
+# similar looking like variant with MS-DOS stub (MZ magic): "MS-DOS executable, LX"
+#>0x00	uleshort		x	executable,
+# signature OSF_FLAT_LX_SIGNATURE~0x584C~LX OSF_FLAT_SIGNATURE~0x454C~LE
+>0x00	uleshort		=0x584c	LX
+>0x00	uleshort		=0x454C	LE
+>0x00	uleshort		x	executable
+#!:mime	application/x-msdownload
+!:mime	application/x-lx-executable
+!:ext	exe
+# byte order: 00h~little-endian non-zero=1~big-endian
+#>0x02	ubyte			=0		(little-endian)
+>0x02	ubyte			!0		(big-endian)
+# FOR DEBUGGING!
+# word order: 00h~little-endian non-zero=1~big-endian
+#>0x03	ubyte			=0		\b, little-endian word order
+#>0x03	ubyte			!0		\b, big-endian word order
+# cpu_type; CPU type like: 1~286 2~386 3~486 4 20h~i860 21h~Intel N11 40h~MIPS R2000,R3000 41h~MIPS R6000 42h~MIPS R4000
+#>0x08	uleshort		x		\b, CPU %u
+# os_type; target operating system like: 0~unknown 1~OS/2 2~Windows 3~DOS 4.x 4~Windows 386
+#>0x0A	leshort			x		\b, OS %u
+# flags; module type flags
+#>0x10	ulelong			x		\b, FLAGS %#8.8x
+# 00000002h				~Reserved for system use
+#>0x10	ulelong			&0x00000002	\b, 2h reserved
+# OSF_INIT_INSTANCE=00000004h		~Per-Process Library Initialization; setting this bit for EXE file is invalid
+#>0x10	ulelong			&0x00000004	\b, per-process library Initialization
+# OSF_INTERNAL_FIXUPS_DONE=00000010h	~Internal fixups for the module have been applied
+#>0x10	ulelong			&0x00000010	\b, int. fixup
+# OSF_EXTERNAL_FIXUPS_DONE=00000020h	~External fixups for the module have been applied
+#>0x10	ulelong			&0x00000020	\b, ext. fixup
+# OSF_NOT_PM_COMPATIBLE=00000100h	~Incompatible with PM windowing 
+#>0x10	ulelong&0x00000100	=0x00000100	\b, incompatible with PM windowing
+# OSF_PM_COMPATIBLE=00000200h		~Compatible with PM windowing
+#>0x10	ulelong&0x00000200	=0x00000200	\b, compatible with PM windowing
+# bit 17; device driver
+#>0x10	ulelong&0x00020000	>0		\b, device driver
+# Per-process Library Termination; setting this bit for EXE file is invalid
+#>0x10	ulelong&0x40000000	=0x40000000	\b, per-process library termination
+>0x0a	leshort			1		for OS/2
+# no example found
+>0x0a	leshort			3		for DOS
+# http://www.ctyme.com/intr/rb-2939.htm#Table1610
+# library by module type mask 00038000h (bits 15-17); 
+# 0h ~executable Program module 
+>0x10	ulelong&0x00038000	=0x00000000	(program)
+#!:ext	exe
+# OSF_IS_DLL=8000h			~Library module (DLL)
+>0x10	ulelong&0x00038000	>0x00000000
+# OSF_PHYS_DEVICE=00020000h		~device driver
+>>0x10	ulelong&0x00020000	>0		(device driver)
+!:ext	sys
+# if not device driver it is library (DLL)
+>>0x10	ulelong&0x00020000	=0		(library)
+!:ext	dll
+# bits 8-10; OSF_PM_APP=300h in flags	~Uses PM windowing API; either it is GUI or console
+>0x10  	ulelong&0x00000300	=0x00000300	(GUI)
+>0x10	ulelong&0x00000300	!0x00000300	(console)
+# CPU type
+>0x08	uleshort		1		i80286
+# all inspected examples
+>0x08	uleshort		2		i80386
+>0x08	uleshort		3		i80486
+>0x08	uleshort		4		i80586
+# 21h 	Intel "N11" or compatible
+# 40h 	MIPS Mark I ( R2000, R3000) or compatible
+# 41h 	MIPS Mark II ( R6000 ) or compatible
+# 42h 	MIPS Mark III ( R4000 ) or compatible
+
+# added by Joerg Jenderek of https://www.freedos.org/software/?prog=kc
+# and https://www.freedos.org/software/?prog=kpdos
+# for FreeDOS files like KEYBOARD.SYS, KEYBRD2.SYS, KEYBRD3.SYS, *.KBD
+0	string/b	KCF		FreeDOS KEYBoard Layout collection
+# only version=0x100 found
+>3	uleshort	x		\b, version %#x
+# length of string containing author,info and special characters
+>6	ubyte		>0
+#>>6	pstring		x		\b, name=%s
+>>7	string		>\0		\b, author=%-.14s
+>>7	search/254	\xff		\b, info=
+#>>>&0	string		x		\b%-s
+>>>&0	string		x		\b%-.15s
+# for FreeDOS *.KL files
+0	string/b	KLF		FreeDOS KEYBoard Layout file
+# only version=0x100 or 0x101 found
+>3	uleshort	x		\b, version %#x
+# stringlength
+>5	ubyte		>0
+>>8	string		x		\b, name=%-.2s
+0	string	\xffKEYB\ \ \ \0\0\0\0
+>12	string	\0\0\0\0`\004\360	MS-DOS KEYBoard Layout file
+
+# DOS device driver updated by Joerg Jenderek at May 2011,Mar 2017,Aug 2020,Mar 2023
+# URL:		http://fileformats.archiveteam.org/wiki/DOS_device_driver
+# Reference:	http://www.delorie.com/djgpp/doc/rbinter/it/46/16.html
+# http://www.o3one.org/hwdocs/bios_doc/dosref22.html
+0	ulequad&0x07a0ffffffff		0xffffffff
+# skip OS/2 INI ./os2
+>4  ubelong   !0x14000000
+#>>10  ubequad   x		MAYBE_DRIVER_NAME=%16.16llx
+# https://bugs.astron.com/view.php?id=434
+# skip OOXML document fragment 0000.dat where driver name is "empty" instead of "ASCII like"
+>>10  ubequad   !0
+>>>0	use				msdos-driver
+0       name    			msdos-driver		DOS executable (
+#!:mime	application/octet-stream
+!:mime	application/x-dosdriver
+# also found FreeDOS print driver SPOOL.DEV and disc compression driver STACLOAD.BIN
+# and IBM Token-Ring adapter IBMTOK.DOS. Why and when DOS instead SYS is used?
+# PROTMAN.DOS ELNKPL.DOS
+!:ext	sys/dev/bin/dos
+# 1 space char after "UPX compressed" to get phrase like "UPX compressed character device"
+>40	search/7			UPX!			\bUPX compressed 
+# DOS device driver attributes
+>4	uleshort&0x8000			0x0000			\bblock device driver
+# character device
+>4	uleshort&0x8000			0x8000			\b
+# 1 space char after "clock" to get phrase like "clock character device driver CLOCK$"
+>>4	uleshort&0x0008			0x0008			\bclock 
+# fast video output by int 29h
+# 1 space char after "fast" to get phrase like "fast standard input/output character device driver"
+>>4	uleshort&0x0010			0x0010			\bfast 
+# standard input/output device
+# 1 space char after "standard" to get phrase like "standard input/output character device driver"
+>>4	uleshort&0x0003			>0			\bstandard 
+>>>4	uleshort&0x0001			0x0001			\binput
+>>>4	uleshort&0x0003			0x0003			\b/
+# 1 space char after "output" to get phrase like "input/output character device driver"
+>>>4	uleshort&0x0002			0x0002			\boutput 
+>>4	uleshort&0x8000			0x8000			\bcharacter device driver
+>0	ubyte				x
+# upx compressed device driver has garbage instead of real in name field of header
+>>40	search/7			UPX!
+>>40	default				x
+# leading/trailing nulls, zeros or non ASCII characters in 8-byte name field at offset 10 are skipped
+# 1 space char before device driver name to get phrase like "device driver PROTMAN$" "device driver HP-150II" "device driver PC$MOUSE"
+>>>12		ubyte			>0x23			\b 
+>>>>10		ubyte			>0x20
+>>>>>10		ubyte			!0x2E
+>>>>>>10	ubyte			!0x2A			\b%c
+>>>>11		ubyte			>0x20
+>>>>>11		ubyte			!0x2E			\b%c
+>>>>12		ubyte			>0x20
+>>>>>12		ubyte			!0x39
+>>>>>>12	ubyte			!0x2E			\b%c
+>>>13		ubyte			>0x20
+>>>>13		ubyte			!0x2E			\b%c
+>>>>14		ubyte			>0x20
+>>>>>14		ubyte			!0x2E			\b%c
+>>>>15		ubyte			>0x20
+>>>>>15		ubyte			!0x2E			\b%c
+>>>>16		ubyte			>0x20
+>>>>>16		ubyte			!0x2E
+>>>>>>16	ubyte			<0xCB			\b%c
+>>>>17		ubyte			>0x20
+>>>>>17		ubyte			!0x2E
+>>>>>>17	ubyte			<0x90			\b%c
+# some character device drivers like ASPICD.SYS, btcdrom.sys and Cr_atapi.sys contain only spaces or points in name field
+>>>12		ubyte			<0x2F
+# they have their real name at offset 22
+# also block device drivers like DUMBDRV.SYS
+>>>>22		string			>\056			%-.6s
+>4	uleshort&0x8000			0x0000
+# 32 bit sector addressing ( > 32 MB) for block devices
+>>4	uleshort&0x0002			0x0002			\b,32-bit sector-
+# support by driver functions 13h, 17h, 18h
+>4	uleshort&0x0040			0x0040			\b,IOCTL-
+# open, close, removable media support by driver functions 0Dh, 0Eh, 0Fh
+>4	uleshort&0x0800			0x0800			\b,close media-
+# output until busy support by int 10h for character device driver
+>4	uleshort&0x8000			0x8000
+>>4	uleshort&0x2000			0x2000			\b,until busy-
+# direct read/write support by driver functions 03h,0Ch
+>4	uleshort&0x4000			0x4000			\b,control strings-
+>4	uleshort&0x8000			0x8000
+>>4	uleshort&0x6840			>0			\bsupport
+>4	uleshort&0x8000			0x0000
+>>4	uleshort&0x4842			>0			\bsupport
+>0	ubyte				x			\b)
+>0	ulelong				!0xffffffff		with pointer %#x
+# DOS driver cmd640x.sys has 0x12 instead of 0xffffffff for pointer field to next device header
+0	ulequad				0x0513c00000000012
+>0	use				msdos-driver
+# DOS drivers DC2975.SYS, DUMBDRV.SYS, ECHO.SYS has also none 0xffffffff for pointer field
+0	ulequad				0x32f28000ffff0016
+>0	use				msdos-driver
+0	ulequad				0x007f00000000ffff
+>0	use				msdos-driver
+# https://www.uwe-sieber.de/files/cfg_echo.zip
+0	ulequad				0x001600000000ffff
+>0	use				msdos-driver
+# DOS drivers LS120.SYS, MKELS120.SYS use reserved bits of attribute field
+0	ulequad				0x0bf708c2ffffffff
+>0	use				msdos-driver
+0	ulequad				0x07bd08c2ffffffff
+>0	use				msdos-driver
+# 3Com EtherLink 3C501 CID\SERVER\IBMLS\IBM500D1\DLSNETDR.ZIP\ELNK.DOS 
+0	ulequad				0x027ac0c0ffffffff
+>0	use				msdos-driver
+# IBM Streamer CID\SERVER\IBMLS\IBM500D1\DLSNETDR.ZIP\IBMMPC.DOS 
+0	ulequad				0x00228880ffffffff
+>0	use				msdos-driver
+
+# updated by Joerg Jenderek
+# GRR: line below too general as it catches also
+# rt.lib DYADISKS.PIC and many more
+# start with assembler instruction MOV
+0	ubyte		0x8c
+# skip "AppleWorks word processor data" like ARTICLE.1 ./apple
+>4	string			!O====
+# skip some unknown basic binaries like RocketRnger.SHR
+>>5	string			!MAIN
+# skip "GPG symmetrically encrypted data" ./gnu
+# skip "PGP symmetric key encrypted data" ./pgp
+# openpgpdefs.h: fourth byte < 14 indicate cipher algorithm type
+>>>4	ubyte			>13
+>>>>0		use	msdos-com
+# the remaining files should be DOS *.COM executables
+# dosshell.COM	8cc0 2ea35f07 e85211 e88a11 b80058 cd
+# hmload.COM	8cc8 8ec0 bbc02b 89dc 83c30f c1eb04 b4
+# UNDELETE.COM	8cca 2e8916 6503 b430 cd21 8b 2e0200 8b
+# BOOTFIX.COM	8cca 2e8916 9603 b430 cd21 8b 2e0200 8b
+# RAWRITE3.COM	8cca 2e8916 d602 b430 cd21 8b 2e0200 8b
+# SHARE.COM	8cca 2e8916 d602 b430 cd21 8b 2e0200 8b
+# validchr.COM	8cca 2e8916 9603 b430 cd21 8b 2e028b1e
+# devload.COM	8cca 8916ad01 b430 cd21 8b2e0200 892e
+
+0       name    msdos-com
+# URL:		http://fileformats.archiveteam.org/wiki/DOS_executable_(.com)
+>0  byte        x               DOS executable (
+# DOS executable with JuMP 16-bit instruction
+>0	byte			=0xE9
+# check for probably nil padding til offset 64 of Lotus driver name
+>>56		quad		=0
+# check for "long" alphabetic Lotus driver name like:
+# Diablo "COMPAQ Text Display" "IBM Monochrome Display" "Plantronics ColorPlus"
+>>>24			regex	=^[A-Z][A-Za-z\040]{5,21}	\bLotus driver) %s
+!:mime				application/x-dosexec
+# like: CPQ0TD.DRV IBM0MONO.DRV (Lotus 123 10a) SDIAB4.DRV SPL0CPLS.DRV (Lotus Symphony 2)
+!:ext				drv
+# COM with nils like MODE.COM IBMDOS.COM (pcdos 3.31 ru Compaq) RSSTUB.COM (PC-DOS 2000 de) ACCESS.COM (Lotus Symphony 1)
+>>>24			default	x				\bCOM)
+!:mime				application/x-dosexec
+!:ext				com
+# DOS executable with JuMP 16-bit and without nil padding
+>>56		quad		!0
+# https://wiki.syslinux.org/wiki/index.php?title=Doc/comboot
+# TODO: HOWTO distinguish COMboot from pure DOS executables?
+# look for unreliable Syslinux specific api call INTerrupt 22h for 16-bit COMBOOT program
+>>>1			search/0xc088	\xcd\x22		\bCOM or COMBOOT 16-bit)
+!:mime				application/x-dosexec
+# like: sbm.cbt command.com (Windows XP) UNI2ASCI.COM (FreeDOS 1.2)
+!:ext				com/cbt
+>>>1			default		x			\bCOM)
+!:mime				application/x-dosexec
+!:ext				com
+# DOS executable without JuMP 16-bit instruction
+>0	byte			!0xE9
+# SCREATE.SYS	https://en.wikipedia.org/wiki/Stac_Electronics
+>>10		string		=?STACVOL			\bSCREATE.SYS)
+!:mime			application/x-dosexec
+!:ext			sys
+# COM executable without JuMP 16-bit instruction and not SCREATE.SYS
+>>10		string		!?STACVOL			\bCOM)
+!:mime			application/x-dosexec
+!:ext			com
+>6	string		SFX\ of\ LHarc	\b, %s
+>0x1FE leshort	0xAA55		    \b, boot code
+>85	string		UPX		        \b, UPX compressed
+>4	string		\ $ARX		    \b, ARX self-extracting archive
+>4	string		\ $LHarc	    \b, LHarc self-extracting archive
+>0x20e string	SFX\ by\ LARC	\b, LARC self-extracting archive
+# like: E30ODI.COM MADGEODI.COM UNI2ASCI.COM RECOVER.COM (DOS 2) COMMAND.COM (DOS 2)
+>1	search/0xc088	\xcd\x22	\b, maybe with interrupt 22h
+>0	ubelong		x		\b, start instruction %#8.8x
+# show more instructions but not in samples like: rem.com (DJGPP)
+>4	ubelong		x		%8.8x
+
+# JMP 8bit
+0	        byte	0xeb
+# byte 0xeb conflicts with magic leshort 0xn2eb of "SYMMETRY i386" handled by ./sequent
+# allow forward jumps only
+>1          byte    >-1
+# that offset must be accessible
+# with hexadecimal values like: 0e 2e 50 8c 8d ba bc bd be e8 fb fc
+>>(1.b+2)   byte    x
+# if look like COM executable with x86 boot signature then this
+# implies FAT volume with x86 real mode code already handled by ./filesystems
+#
+# No x86 boot signature implies often DOS executable
+# check for unrealistic high number of FATs. Then it is an unusual disk image or often a DOS executable
+# like: FIXBIOS.COM (50 bytes)
+>>>16		ubyte		>3
+# https://www.drivedroid.io/
+# skip MBR disk image drivedroid.img version 12 July 2013 by start message
+>>>>2		string		!DriveDroid
+# ftp://old-dos.ru/OSCollect/OS/MS-DOS/Final Releases/
+# skip unusual floppy image disk1.img of MS-DOS 1.25 (Corona Data Systems OEM)
+# by check for characteristic message text near the beginning
+>>>>>15		string		!Non\040System\040disk
+# "ftp://old-dos.ru/OSCollect/OS/BeOS/BeOS 4.0.rar"
+# skip BeOS 4 bootfloppy.img done as "Linux kernel x86 boot executable" by ./linux
+# by check for characteristic message text near the beginning
+>>>>>>6		string		!read\040error\015
+# https://github.com/ventoy/Ventoy/releases/download/v1.0.78/ventoy-1.0.78-windows.zip
+# skip ventoy 1.0.78 boot_hybrid.img
+>>>>>>>24	string		!\220\220\353I$\022\017
+# "ftp://old-dos.ru/OSCollect/OS/MS-DOS/Final Releases/PC-DOS 1.0 (5.25).rar"
+# skip unusual floppy image PCDOS100.IMG of DOS 1.0
+# by check for characteristic message text near the beginning
+>>>>>>>>9	string		!7-May-81
+# "ftp://old-dos.ru/OSCollect/OS/BeOS/BeOS 5.0 Personal (BA).rar"
+# skip BeOS 5 floppy_1.44.00.ima done as "DOS/MBR boot sector" by ./filesystems
+# by check for characteristic message near the beginning
+>>>>>>>>>3	string		!\370sdfS\270
+# like: FIXBIOS.COM (50 bytes)
+>>>>>>>>>>0		use		msdos-com
+# check for unrealistic low number of FATs. Then it is an unusual FAT disk image or often a DOS executable
+# like: DEVICE.COM INSTALL.COM (GAG 4.10) WORD.COM (Word 1.15)
+>>>16		ubyte		=0
+# if low FATs with x86 boot signature it can be unusual disk image like: boot.img (Ventoy 1.0.27) geodspms.img (Syslinux)
+>>>>0x1FE	leshort		=0xAA55
+>>>>0x1FE	default		x
+# https://thestarman.pcministry.com/tool/hxd/dimtut.htm
+# skip unusual floppy image TK-DOS11.img IBMDOS11.img of IBM DOS 1.10
+# by check for characteristic bootloader names near end of boot sector
+>>>>>395	string		!ibmbio\040\040com
+>>>>>>0			use		msdos-com
+# 8-bit jump with valid number of FAT implies FAT volume already handled by ./filesystems
+# like: balder.img
+>>>16		default		x
+# skip disk images with boot signature at end of 1st sector
+# like: TDSK-64b.img
+>>>>(11.s-2)	uleshort	!0xAA55
+# skip unusual floppy image without boot signature like 360k-256.img (mtools 4.0.18)
+# by check for characteristic file system type text for FAT (12 bit or 16 bit)
+>>>>>54		string		!FAT
+# "ftp://old-dos.ru/OSCollect/OS/MS-DOS/Final Releases/Microsoft MS-DOS 3.31 (Compaq OEM) (3.5).rar" 
+# skip unusual floppy image Disk4.img without boot signature and file system type text
+# by check for characteristic OEM-ID text
+>>>>>>3		string		!COMPAQ\040\040
+# no such DOS COM executables found
+>>>>>>>0		use		msdos-com
+# JMP 16bit
+0           byte    0xe9
+# 16-bit offset; for DEBUGGING!; can be negative like: USBDRIVE.COM
+#>1		leshort		x	\b, OFFSET %d
+# forward jumps
+>1		leshort	>-1
+# that offset must be accessible
+# with hexadecimal values like: 06 1e 0e 2e 60 8c 8d b4 ba be e8 fc
+>>(1.s+3)   byte    x
+# check for unrealistic high number of FATs. Then it is not a disk image and it is a DOS executable
+# like: CALLVER.COM CPUCACHE.COM K437_EUR.COM SHSUCDX.COM UMBFILL.COM (183 bytes)
+>>>16		ubyte		>3
+>>>>0			use		msdos-com
+# check for unrealistic low number of FATs. Then it is not a disk image and it is a DOS executable
+# like: GAG.COM DRMOUSE.COM NDN.COM CPQ0TD.DRV
+>>>16		ubyte		=0
+>>>>0			use		msdos-com
+# maybe disc image with valid number of FATs or DOS executable
+# like: IPXODI.COM PERUSE.COM TASKID.COM
+>>>16		default	x
+# invalid low media descriptor. Then it is not a disk image and it is a DOS executable
+>>>>21		ubyte		<0xE5
+>>>>>0			use		msdos-com
+# valid media descriptor. Then it is maybe disk image or DOS executable
+>>>>21		ubyte		>0xE4
+# invalid sectorsize not a power of 2 from 32-32768. Then it is not a disk image and it must be DOS executable
+# like: LEARN.COM (Word 1.15)
+>>>>>11		uleshort&0x001f	!0
+>>>>>>0			use		msdos-com
+# negative offset, must not lead into PSP
+# like: BASICA.COM (PC dos 3.20) FORMAT.COM SMC8100.COM WORD.COM (word4)
+# HIDSUPT1.COM USBDRIVE.COM USBSUPT1.COM USBUHCI.COM (FreeDOS USBDOS)
+>1		leshort	<-259
+# that offset must be accessible
+# add 10000h to jump at end of 64 KiB segment, add 1 for jump instruction and 2 for 16-bit offset
+>>(1,s+65539)   byte    x
+# after jump next instruction for DEBUGGING!
+#>>>&-1		ubelong	x	\b, NEXT instruction %#8.8x
+>>>0        use msdos-com
+
+# updated by Joerg Jenderek at Oct 2008,2015,2022
+# following line is too general
+0	ubyte		0xb8
+# skip 2 linux kernels like memtest.bin with "\xb8\xc0\x07\x8e" in ./linux
+>0	string		!\xb8\xc0\x07\x8e
+# modified by Joerg Jenderek
+# syslinux COM32 or COM32R executable
+>>1	lelong&0xFFFFFFFe 0x21CD4CFe	COM executable (32-bit COMBOOT
+# https://www.syslinux.org/wiki/index.php/Comboot_API
+# Since version 5.00 c32 modules switched from the COM32 object format to ELF
+!:mime	application/x-c32-comboot-syslinux-exec
+!:ext c32
+# https://syslinux.zytor.com/comboot.php
+# older syslinux version ( <4 )
+# (32-bit COMBOOT) programs *.C32 contain 32-bit code and run in flat-memory 32-bit protected mode
+# start with assembler instructions mov eax,21cd4cffh
+>>>1	lelong		0x21CD4CFf	\b)
+# syslinux:doc/comboot.txt
+# A COM32R program must start with the byte sequence B8 FE 4C CD 21 (mov
+# eax,21cd4cfeh) as a magic number.
+# syslinux version (4.x)
+# "COM executable (COM32R)" or "Syslinux COM32 module" by TrID
+>>>1	lelong		0x21CD4CFe	\b, relocatable)
+>>1	default	x
+# look for interrupt instruction like in rem.com (DJGPP) LOADER.COM (DR-DOS 7.x)
+>>>3	search/118	\xCD
+# FOR DEBUGGING; possible hexadecimal interrupt number like: 10~BANNER.COM 13~bcdw_cl.com 15~poweroff.com (Syslinux)
+# 1A~BERNDPCI.COM 20~SETENHKB.COM 21~mostly 22~gfxboot.com (Syslinux) 2F~SHUTDOWN.COM (GEMSYS)
+#>>>>&0	ubyte	x			\b, INTERUPT %#x
+# few examples with interrupt 0x13 instruction
+>>>>&0	ubyte	=0x13
+# FOR DEBUGGING!
+#>>>>>3	ubequad	x			\b, 2nd INSTRUCTION %#16.16llx
+# skip Gpt.com Mbr.com (edk2-UDK2018 bootsector) described as "DOS/MBR boot sector" by ./filesystems
+# by check for assembler instructions: mov  es,ax ; mov  ax,07c0h ; mov ds,ax 
+>>>>>3	ubequad	!0x8ec0b8c0078ed88d
+# few COM executables with interrupt 0x13 instruction like: Bootable CD Wizard executables bcdw_cl.com fdemuoff.com
+# http://bootcd.narod.ru/bcdw150z_en.zip
+>>>>>>0		use		msdos-com
+# few examples with interrupt 0x16 instruction like flashimg.img
+>>>>&0	ubyte	=0x16
+# skip Syslinux 3.71 flashimg.img done as "DOS/MBR boot sector" by ./filesystems
+# by check for assembler instructions: cmp ax 0xE4E4 (magic); jnz
+>>>>>8	ubelong	!0x3DE4E475
+# no DOS executable with interrupt 0x16 found
+>>>>>>0		use		msdos-com
+# most examples with interrupt instruction unequal 0x13 and 0x16
+>>>>&0	default	x
+#>>>>>&-1 ubyte	x			\b, INTERUPT %#x
+# like: LOADER.COM SETENHKB.COM banner.com copybs.com gif2raw.com poweroff.com rem.com
+>>>>>0		use		msdos-com
+# few COM executables without interrupt instruction like RESTART.COM (DOS 7.10) REBOOT.COM
+# or some EUC-KR text files or one Ulead Imaginfo thumbnail
+>>>3	default	x
+# FOR DEBUGGING; 2nd instruction like 0x50 (RESTART.COM) 0x8e (REBOOT.COM)
+# or random like: 0x0 (IMAGINFO.PE3 sky_snow) 0xb1 (euckr_.txt)
+#>>>>3	ubyte	x			\b, 2nd INSTRUCTION %#x
+# skip 1 Ulead Imaginfo thumbnail (IMAGINFO.PE3 sky_snow) 
+# inside SAMPLES/TEXTURES/SKY_SNOW
+# from https://archive.org/download/PI3CANON/PI3CANON.iso
+>>>>3	ubyte	!0x0
+# skip some EUC-KR text files like: euckr_falsepositive.txt
+# https://bugs.astron.com/view.php?id=186
+>>>>>3	ubyte	!0xb1
+# like: RESTART.COM (DOS 7.10) REBOOT.COM
+>>>>>>0	use		msdos-com
+
+# URL:		https://en.wikipedia.org/wiki/UPX
+# Reference:	https://github.com/upx/upx/archive/v3.96.zip/upx-3.96/
+#		src/stub/src/i086-dos16.com.S
+# Update:	Joerg Jenderek
+# assembler instructions: cmp sp, offset sp_limit
+0	string/b	\x81\xfc
+#>2	uleshort	x		\b, sp_limit=%#x
+# assembler instructions: jump above +2; int 0x20; mov cx, offset bytes_to_copy
+>4	string	\x77\x02\xcd\x20\xb9
+#>9	uleshort	x		\b, [bytes_to_copy]=%#x
+# at different offsets assembler instructions: push di; jump decomp_start_n2b
+>0x1e	search/3	\x57\xe9
+#>>&0	uleshort	x		\b, decomp_start_n2b=%#x
+# src/stub/src/include/header.S; UPX_MAGIC_LE32
+>>&2	string		UPX!		FREE-DOS executable (COM), UPX
+!:mime	application/x-dosexec
+# UPX compressed *.CPI; See ./fonts
+>>>&21	string		=FONT		compressed DOS code page font
+!:ext	cpx
+>>>&21	string		!FONT		compressed
+!:ext	com
+# compressed size?
+#>>>&14	uleshort+152	x		\b, %u bytes
+# uncompressed len
+>>>&12	uleshort	x		\b, uncompressed %u bytes
+252	string Must\ have\ DOS\ version DR-DOS executable (COM)
+!:mime	application/x-dosexec
+!:ext	com
+# GRR search is not working
+#2	search/28	\xcd\x21	COM executable for MS-DOS
+#WHICHFAT.cOM
+2	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
+#DELTREE.cOM DELTREE2.cOM
+4	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
+#IFMEMDSK.cOM ASSIGN.cOM COMP.cOM
+5	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
+#DELTMP.COm HASFAT32.cOM
+7	string	\xcd\x21
+>0	byte	!0xb8			COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
+#COMP.cOM MORE.COm
+10	string	\xcd\x21
+>5	string	!\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
+#comecho.com
+13	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
+#HELP.COm EDIT.coM
+18	string	\xcd\x21	
+# not printable before it?
+>17	byte	>32
+>>17	byte	<126		
+>>17	default	x			COM executable for MS-DOS	
+!:mime	application/x-dosexec
+!:ext	com
+#NWRPLTRM.COm
+23	string	\xcd\x21		COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
+#LOADFIX.cOm LOADFIX.cOm
+30	string	\xcd\x21		COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
+#syslinux.com 3.11
+70	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
+# many compressed/converted COMs start with a copy loop instead of a jump
+0x6	search/0xa	\xfc\x57\xf3\xa5\xc3	COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
+0x6	search/0xa	\xfc\x57\xf3\xa4\xc3	COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
+>0x18	search/0x10	\x50\xa4\xff\xd5\x73	\b, aPack compressed
+0x3c	string		W\ Collis\0\0		COM executable for MS-DOS, Compack compressed
+!:mime	application/x-dosexec
+!:ext	com
+# FIXME: missing diet .com compression
+
+# miscellaneous formats
+0	string/b	LZ		MS-DOS executable (built-in)
+#0	byte		0xf0		MS-DOS program library data
+#
+
+# AAF files:
+# <stuartc@rd.bbc.co.uk> Stuart Cunningham
+0	string/b	\320\317\021\340\241\261\032\341AAFB\015\000OM\006\016\053\064\001\001\001\377			AAF legacy file using MS Structured Storage
+>30	byte	9		(512B sectors)
+>30	byte	12		(4kB sectors)
+0	string/b	\320\317\021\340\241\261\032\341\001\002\001\015\000\002\000\000\006\016\053\064\003\002\001\001			AAF file using MS Structured Storage
+>30	byte	9		(512B sectors)
+>30	byte	12		(4kB sectors)
+
+# Popular applications
+#
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/DOC
+# Reference:	https://web.archive.org/web/20170206041048/
+#		http://www.msxnet.org/word2rtf/formats/ffh-dosword5
+# wIdent+dty
+0	belong	0x31be0000
+# skip droid skeleton like x-fmt-274-signature-id-488.doc
+>128	ubyte		>0  			Microsoft
+>>96	uleshort	=0			Word
+!:mime	application/msword
+!:apple	MSWDWDBN
+# DCX is used in the Unix version.
+!:ext	doc/dcx
+>>>0x6E	ulequad		=0			1.0-4.0
+>>>0x6E	ulequad		!0			5.0-6.0
+>>>0x6E	ulequad		x			(DOS) Document
+# https://web.archive.org/web/20130831064118/http://msxnet.org/word2rtf/formats/write.txt
+>>96	uleshort	!0			Write 3.0 (Windows) Document
+!:mime	application/x-mswrite
+!:apple	MSWDWDBN
+# sometimes also doc like in splitter.doc srchtest.doc
+!:ext	wri/doc
+# wTool must be 0125400 octal
+#>>4	uleshort	!0xAB00			\b, wTool %o
+# reserved; must be zero
+#>>6	ulelong		!0			\b, reserved %u
+# block pointer to the block containing optional file manager information
+#>>0x1C	uleshort	x			\b, at %#x info block
+# jump to File manager information block
+>>(0x1C.s*128)	uleshort x
+# test for valid information start; maybe also 0012h
+>>>&-2		uleshort	=0x0014
+# Document ASCIIZ name
+>>>>&0x12	string		x		%s
+# author name
+>>>>>&1		string		x		\b, author %s
+# reviser name
+>>>>>>&1	string		x		\b, reviser %s
+# keywords
+>>>>>>>&1	string		x		\b, keywords %s
+# comment
+>>>>>>>>&1	string		x		\b, comment %s
+# version number
+>>>>>>>>>&1	string		x		\b, version %s
+# date of last change MM/DD/YY
+>>>>>>>>>>&1	string		x		\b, %-.8s
+# creation date MM/DD/YY
+>>>>>>>>>>&9	string		x		created %-.8s
+# file name of print format like NORMAL.STY
+>>0x1E	string		>0			\b, formatted by %-.66s
+# count of pages in whole file for write variant; maybe some times wrong
+>>96	uleshort	>0			\b, %u pages
+# name of the printer driver like HPLASMS
+>>0x62	string		>0			\b, %-.8s printer
+# number of blocks used in the file; seems to be 0 for Word 4.0 and Write 3.0
+>>0x6A	uleshort	>0			\b, %u blocks
+# bit field for corrected text areas
+#>>0x6C	uleshort	x			\b, %#x bit field
+# text of document; some times start with 4 non printable characters like CR LF
+>>128	ubyte		x			\b,
+>>>128		ubyte	>0x1F
+>>>>128		string	x			%s
+>>>128		ubyte	<0x20
+>>>>129		ubyte	>0x1F
+>>>>>129	string	x			%s
+>>>>129		ubyte	<0x20
+>>>>>130	ubyte	>0x1F
+>>>>>>130	string	x			%s
+>>>>>130	ubyte	<0x20
+>>>>>>131	ubyte	>0x1F
+>>>>>>>131	string	x			%s
+>>>>>>131	ubyte	<0x20
+>>>>>>>132	ubyte	>0x1F
+>>>>>>>>132	string	x			%s
+>>>>>>>132	ubyte	<0x20
+>>>>>>>>133	ubyte	>0x1F
+>>>>>>>>>133	string	x			%s
+#
+0	string/b	PO^Q`				Microsoft Word 6.0 Document
+!:mime	application/msword
+#
+4   long        0
+>0  belong      0xfe320000      Microsoft Word for Macintosh 1.0
+!:mime	application/msword
+!:ext   mcw
+>0  belong      0xfe340000      Microsoft Word for Macintosh 3.0
+!:mime	application/msword
+!:ext   mcw
+>0  belong      0xfe37001c      Microsoft Word for Macintosh 4.0
+!:mime	application/msword
+!:ext   mcw
+>0  belong      0xfe370023      Microsoft Word for Macintosh 5.0
+!:mime	application/msword
+!:ext   mcw
+
+0	string/b	\333\245-\0\0\0			Microsoft Word 2.0 Document
+!:mime	application/msword
+!:ext   doc
+# Note: seems already recognized as "OLE 2 Compound Document" in ./ole2compounddocs
+#512	string/b	\354\245\301			Microsoft Word Document
+#!:mime	application/msword
+
+#
+0	string/b	\xDB\xA5\x2D\x00		Microsoft WinWord 2.0 Document
+!:mime application/msword
+#
+0	string/b	\xDB\xA5\x2D\x00		Microsoft WinWord 2.0 Document
+!:mime application/msword
+
+#
+0	string/b	\x09\x04\x06\x00\x00\x00\x10\x00	Microsoft Excel Worksheet
+!:mime	application/vnd.ms-excel
+# https://www.macdisk.com/macsigen.php
+!:apple	XCELXLS4
+!:ext	xls
+#
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Lotus_1-2-3
+# Reference: http://www.aboutvb.de/bas/formate/pdf/wk3.pdf
+# Note: newer Lotus versions >2 use longer BOF record
+# record type (BeginningOfFile=0000h) + length (001Ah)
+0	belong	0x00001a00
+# reserved should be 0h but 8c0dh for TUTMAC.WK3, 5h for SAMPADNS.WK3, 1h for a_readme.wk3, 1eh for K&G86.WK3
+#>18	uleshort&0x73E0	0
+# Lotus Multi Byte Character Set (LMBCS=1-31)
+>20	ubyte		>0
+>>20	ubyte		<32	Lotus 1-2-3
+#!:mime	application/x-123
+!:mime	application/vnd.lotus-1-2-3
+!:apple	????L123
+# (version 5.26) labeled the entry as "Lotus 1-2-3 wk3 document data"
+>>>4	uleshort	0x1000	WorKsheet, version 3
+!:ext	wk3
+# (version 5.26) labeled the entry as "Lotus 1-2-3 wk4 document data"
+>>>4	uleshort	0x1002	WorKsheet, version 4
+# also worksheet template 4 (.wt4)
+!:ext	wk4/wt4
+# no example or documentation for wk5
+#>>4	uleshort	0x????	WorKsheet, version 4
+#!:ext	wk5
+# only MacrotoScript.123 example
+>>>4	uleshort	0x1003	WorKsheet, version 97
+# also worksheet template Smartmaster (.12M)?
+!:ext	123
+# only Set_Y2K.123 example
+>>>4	uleshort	0x1005	WorKsheet, version 9.8 Millennium
+!:ext	123
+# no example for this version
+>>>4	uleshort	0x8001	FoRMatting data
+!:ext	frm
+# (version 5.26) labeled the entry as "Lotus 1-2-3 fm3 or fmb document data"
+# TrID labeles the entry as "Formatting Data for Lotus 1-2-3 worksheet"
+>>>4	uleshort	0x8007	ForMatting data, version 3
+!:ext	fm3
+>>>4	default		x	unknown
+# file revision sub code 0004h for worksheets
+>>>>6	uleshort	=0x0004	worksheet
+!:ext	wXX
+>>>>6	uleshort	!0x0004	formatting data
+!:ext	fXX
+# main revision number
+>>>>4	uleshort	x	\b, revision %#x
+>>>6	uleshort	=0x0004	\b, cell range
+# active cellcoord range (start row, page,column ; end row, page, column)
+# start values normally 0~1st sheet A1
+>>>>8	ulelong		!0
+>>>>>10	ubyte		>0	\b%d*
+>>>>>8	uleshort	x	\b%d,
+>>>>>11	ubyte		x	\b%d-
+# end page mostly 0
+>>>>14	ubyte		>0	\b%d*
+# end raw, column normally not 0
+>>>>12	uleshort	x	\b%d,
+>>>>15	ubyte		x	\b%d
+# Lotus Multi Byte Character Set (1~cp850,2~cp851,...,16~japan,...,31~??)
+>>>>20	ubyte		>1	\b, character set %#x
+# flags
+>>>>21	ubyte		x	\b, flags %#x
+>>>6	uleshort	!0x0004
+# record type (FONTNAME=00AEh)
+>>>>30	search/29	\0\xAE
+# variable length m (2) + entries (1) + ?? (1) + LCMBS string (n)
+>>>>>&4	string		>\0	\b, 1st font "%s"
+#
+# Update: Joerg Jenderek
+# URL: http://fileformats.archiveteam.org/wiki/Lotus_1-2-3
+# Reference: http://www.schnarff.com/file-formats/lotus-1-2-3/WSFF2.TXT
+# Note: Used by both old Lotus 1-2-3 and Lotus Symphony (DOS) til version 2.x
+# record type (BeginningOfFile=0000h) + length (0002h)
+0	belong	0x00000200
+# GRR: line above is too general as it catches also MS Windows CURsor
+# to display MS Windows cursor (strength=70) before Lotus 1-2-3 (strength=70-1)
+!:strength -1
+# skip Windows cursors with image height <256 and keep Lotus with low opcode 0001-0083h
+>7	ubyte		0
+# skip Windows cursors with image width 256 and keep Lotus with positive opcode
+>>6	ubyte		>0	Lotus
+# !:mime	application/x-123
+!:mime	application/vnd.lotus-1-2-3
+!:apple	????L123
+# revision number (0404h = 123 1A, 0405h = Lotus Symphony , 0406h = 123 2.x wk1 , 8006h = fmt , ...)
+# undocumented; (version 5.26) labeled the configurations as "Lotus 1-2-3"
+>>>4	uleshort	0x0007	1-2-3 CoNFiguration, version 2.x (PGRAPH.CNF)
+!:ext	cnf
+>>>4	uleshort	0x0C05	1-2-3 CoNFiguration, version 2.4J
+!:ext	cnf
+>>>4	uleshort	0x0801	1-2-3 CoNFiguration, version 1-2.1
+!:ext	cnf
+>>>4	uleshort	0x0802	Symphony CoNFiguration
+!:ext	cnf
+>>>4	uleshort	0x0804	1-2-3 CoNFiguration, version 2.2
+!:ext	cnf
+>>>4	uleshort	0x080A	1-2-3 CoNFiguration, version 2.3-2.4
+!:ext	cnf
+>>>4	uleshort	0x1402	1-2-3 CoNFiguration, version 3.x
+!:ext	cnf
+>>>4	uleshort	0x1450	1-2-3 CoNFiguration, version 4.x
+!:ext	cnf
+# (version 5.26) labeled the entry as "Lotus 123"
+# TrID labeles the entry as "Lotus 123 Worksheet (generic)"
+>>>4	uleshort	0x0404	1-2-3 WorKSheet, version 1
+# extension "wks" also for Microsoft Works document
+!:ext	wks
+# (version 5.26) labeled the entry as "Lotus 123"
+# TrID labeles the entry as "Lotus 123 Worksheet (generic)"
+>>>4	uleshort	0x0405	Symphony WoRksheet, version 1.0
+!:ext	wrk/wr1
+# (version 5.26) labeled the entry as "Lotus 1-2-3 wk1 document data"
+# TrID labeles the entry as "Lotus 123 Worksheet (V2)"
+>>>4	uleshort	0x0406	1-2-3/Symphony worksheet, version 2
+# Symphony (.wr1)
+!:ext	wk1/wr1
+# no example for this japan version
+>>>4	uleshort	0x0600	1-2-3 WorKsheet, version 1.xJ
+!:ext	wj1
+# no example or documentation for wk2
+#>>>4	uleshort	0x????	1-2-3 WorKsheet, version 2
+#!:ext	wk2
+# undocumented japan version
+>>>4	uleshort	0x0602	1-2-3 worksheet, version 2.4J
+!:ext	wj3
+# (version 5.26) labeled the entry as "Lotus 1-2-3 fmt document data"
+>>>4	uleshort	0x8006	1-2-3 ForMaTting data, version 2.x
+# japan version 2.4J (fj3)
+!:ext	fmt/fj3
+# no example for this version
+>>>4	uleshort	0x8007	1-2-3 FoRMatting data, version 2.0
+!:ext	frm
+# (version 5.26) labeled the entry as "Lotus 1-2-3"
+>>>4	default		x	unknown worksheet or configuration
+!:ext	cnf
+>>>>4	uleshort	x	\b, revision %#x
+# 2nd record for most worksheets describes cells range
+>>>6		use	lotus-cells
+# 3rd record for most japan worksheets describes cells range
+>>>(8.s+10)	use	lotus-cells
+#	check and then display Lotus worksheet cells range
+0	name		lotus-cells
+# look for type (RANGE=0006h) + length (0008h) at record begin
+>0	ubelong	0x06000800	\b, cell range
+# cell range (start column, row, end column, row) start values normally 0,0~A1 cell
+>>4	ulong		!0
+>>>4	uleshort	x	\b%d,
+>>>6	uleshort	x	\b%d-
+# end of cell range
+>>8	uleshort	x	\b%d,
+>>10	uleshort	x	\b%d
+# EndOfLotus123
+0	string/b		WordPro\0	Lotus WordPro
+!:mime	application/vnd.lotus-wordpro
+0	string/b		WordPro\r\373	Lotus WordPro
+!:mime	application/vnd.lotus-wordpro
+
+
+# Summary: Script used by InstallScield to uninstall applications
+# Extension: .isu
+# Submitted by: unknown
+# Modified by (1): Abel Cheung <abelcheung@gmail.com> (replace useless entry)
+0		string		\x71\xa8\x00\x00\x01\x02
+>12		string		Stirling\ Technologies,		InstallShield Uninstall Script
+
+# Winamp .avs
+#0	string	Nullsoft\ AVS\ Preset\ \060\056\061\032 A plug in for Winamp ms-windows Freeware media player
+0	string/b	Nullsoft\ AVS\ Preset\ 	Winamp plug in
+
+# Windows Metafile .WMF
+# URL: 		http://fileformats.archiveteam.org/wiki/Windows_Metafile
+#		http://en.wikipedia.org/wiki/Windows_Metafile
+# Reference:	https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-WMF/%5bMS-WMF%5d.pdf
+#		http://mark0.net/download/triddefs_xml.7z/defs/w/wmf.trid.xml
+# Note:		called "Windows Metafile" by TrID and
+#		verified by ImageMagick `identify -verbose *.wmf` as WMF (Windows Meta File)
+# META_PLACEABLE Record (Aldus Placeable Metafile signature)
+0	string/b	\327\315\306\232
+# Note:		called "Windows Metafile Image with Placeable File Header" by DROID via PUID x-fmt/119
+#		and verified by XnView `nconvert -info abydos.wmf SPA_FLAG.wmf hardcopy-windows-meta.wmf` as "Windows Placeable metafile"
+# skip failed libreoffice-7.3.2.2 ofz35149-1.wmf with invalid version 2020h and exttextout-2.wmf with invalid version 3a02h
+# and x-fmt-119-signature-id-609.wmf without version instead of 0100h=METAVERSION100 or 0300h=METAVERSION300
+>26	uleshort&0xFDff	=0x0100			Windows metafile
+# HWmf; resource handle to the metafile; When the metafile is on disk, this field MUST contain 0
+# seems to be always true but in failed samples 2020h ofz35149-1.wmf 56f8h exttextout-2.wmf
+>>4	uleshort	!0			\b, resource handle %#x
+# BoundingBox; the rectangle in the playback context measured in logical units for displaying
+# sometimes useful like: hardcopy-windows-meta.wmf (0,0 / 1280,1024)
+# but garbage in x-fmt-119-signature-id-609.wmf (-21589,-21589 / -21589,-21589)
+#>>6	ubequad		x			\b, bounding box %#16.16llx
+# Left; x-coordinate of the upper-left corner of the rectangle
+>>6	leshort		x			\b, bounding box (%d
+# Top; y-coordinate upper-left corner
+>>8	leshort		x			\b,%d
+# Right; x-coordinate lower-right corner
+>>10	leshort		x			/ %d
+# Bottom; y-coordinate lower-right corner
+>>12	leshort		x			\b,%d)
+# Inch; number of logical units per inch like: 72 96 575 576 1000 1200 1439 1440 2540
+>>14	uleshort	x			\b, dpi %u
+# Reserved; field is not used and MUST be set to 0; but ababababh in x-fmt-119-signature-id-609.wmf
+>>16	ulelong		!0			\b, reserved %#x
+# Checksum; checksum for the previous 10 words
+>>20	uleshort	x			\b, checksum %#x
+# META_HEADER Record after META_PLACEABLE Record
+>>22	use		wmf-head
+# GRR:		no example for type 2 (DISKMETAFILE) variant found under few thousands WMF
+0	string/b	\002\000\011\000	Windows metafile
+>0	use		wmf-head
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/w/wmf-16.trid.xml
+# Note:		called "Windows Metafile (old Win 3.x format)" by TrID and
+#		"Windows Metafile Image without Placeable File Header" by DROID via PUID x-fmt/119
+#		verified by XnView `nconvert -info *.wmf` as Windows metafile
+# variant with type=1=MEMORYMETAFILE and valid HeaderSize 9
+0	string/b	\001\000\011\000
+# skip DROID x-fmt-119-signature-id-1228.wmf by looking for content after header (18 bytes=2*011)
+>18	ulelong		>0			Windows metafile
+# GRR: in version 5.44 unequal and not endian variant not working!
+#>18	ulelong		!0			THIS_SHOULD_NOT_HAPPEN
+#>18	long		!0			THIS_SHOULD_NOT_HAPPEN
+>>0	use		wmf-head
+#	display information of Windows metafile header (type, size, objects)
+0	name		wmf-head
+# MetafileType: 0001h=MEMORYMETAFILE~Metafile is stored in memory 0002h=DISKMETAFILE~Metafile is stored on disk
+>0	uleshort	!0x0001			\b, type %#x
+# HeaderSize; the number of WORDs in header record; seems to be always 9 (18 bytes)
+>2	uleshort*2	!18			\b, header size %u
+# MetafileVersion: 0100h=METAVERSION100~DIBs (device-independent bitmaps) not supported 0300h=METAVERSION300~DIBs are supported
+# but in failed samples 2020h ofz35149-1.wmf 3a02h exttextout-2.wmf
+>4	uleshort	=0x0100			\b, DIBs not supported 
+>4	uleshort	=0x0300
+#>4	uleshort	=0x0300			\b, DIBs supported
+# this should not happen!
+>4	default		x			\b, version
+>>4	uleshort	x			%#x
+# Size; the number of WORDs in the entire metafile
+>6	ulelong	x				\b, size %u words
+#>6	ulelong*2	x			\b, size %u bytes
+!:mime	image/wmf
+!:ext	wmf
+# NumberOfObjects: the number of graphics objects like: 0 hardcopy-windows-meta.wmf 1 2 3 4 5 6 7 8 9 12 13 14 16 17 20 27 110 PERSGRID.WMF
+>10	uleshort	x			\b, %u objects
+# MaxRecord: the size of the largest record in the metafile in WORDs like: 78h b0h 1f4h 310h 63fh 1e0022h 3fcc21h
+>12	ulelong		x			\b, largest record size %#x
+# NumberOfMembers: It SHOULD be 0x0000, but 5 TestBitBltStretchBlt.wmf 13 TestPalette.wmf and in failed samples 4254 bitcount-1.wmf 8224 ofz5942-1.wmf 56832 exttextout-2.wmf
+>16	uleshort	!0			\b, %u members
+
+#tz3 files whatever that is (MS Works files)
+0	string/b	\003\001\001\004\070\001\000\000	tz3 ms-works file
+0	string/b	\003\002\001\004\070\001\000\000	tz3 ms-works file
+0	string/b	\003\003\001\004\070\001\000\000	tz3 ms-works file
+
+# PGP sig files .sig
+#0 string \211\000\077\003\005\000\063\237\127 065 to  \027\266\151\064\005\045\101\233\021\002 PGP sig
+0 string \211\000\077\003\005\000\063\237\127\065\027\266\151\064\005\045\101\233\021\002 PGP sig
+0 string \211\000\077\003\005\000\063\237\127\066\027\266\151\064\005\045\101\233\021\002 PGP sig
+0 string \211\000\077\003\005\000\063\237\127\067\027\266\151\064\005\045\101\233\021\002 PGP sig
+0 string \211\000\077\003\005\000\063\237\127\070\027\266\151\064\005\045\101\233\021\002 PGP sig
+0 string \211\000\077\003\005\000\063\237\127\071\027\266\151\064\005\045\101\233\021\002 PGP sig
+0 string \211\000\225\003\005\000\062\122\207\304\100\345\042 PGP sig
+
+# windows zips files .dmf
+0	string/b	MDIF\032\000\010\000\000\000\372\046\100\175\001\000\001\036\001\000 MS Windows special zipped file
+
+# Windows icons
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/CUR_(file_format)
+# Note: similar to Windows CURsor. container for BMP (only DIB part) or PNG
+0   belong  0x00000100
+>9  byte    0
+>>0 byte    x
+>>0 use     cur-ico-dir
+>9  ubyte   0xff
+>>0 byte    x
+>>0 use     cur-ico-dir
+#	displays number of icons and information for icon or cursor
+0	name		cur-ico-dir
+# skip some Lotus 1-2-3 worksheets, CYCLE.PIC and keep Windows cursors with
+# 1st data offset = dir header size + n * dir entry size = 6 + n * 10h = ?6h
+>18		ulelong		&0x00000006
+# skip remaining worksheets, because valid only for DIB image (40) or PNG image (\x89PNG)
+>>(18.l)	ulelong		x		MS Windows
+>>>0		ubelong		0x00000100	icon resource
+# https://www.iana.org/assignments/media-types/image/vnd.microsoft.icon
+!:mime		image/vnd.microsoft.icon
+#!:mime		image/x-icon
+!:ext		ico
+>>>>4 		uleshort	x		- %d icon
+# plural s
+>>>>4 		uleshort	>1		\bs
+# 1st icon
+>>>>0x06	use		ico-entry
+# 2nd icon
+>>>>4 		uleshort	>1
+>>>>>0x16	use		ico-entry
+>>>0		ubelong		0x00000200	cursor resource
+#!:mime		image/x-cur
+!:mime		image/x-win-bitmap
+!:ext		cur
+>>>>4 		uleshort	x		- %d icon
+>>>>4 		uleshort	>1		\bs
+# 1st cursor
+>>>>0x06	use		cur-entry
+#>>>>0x16	use		cur-entry
+#	display information of one cursor entry
+0	name		cur-entry
+>0	use		cur-ico-entry
+>4	uleshort	x	\b, hotspot @%dx
+>6	uleshort	x	\b%d
+#	display information of one icon entry
+0	name		ico-entry
+>0			use	cur-ico-entry
+# normally 0 1 but also found 14
+>4	uleshort	>1	\b, %d planes
+# normally 0 1 but also found some 3, 4, some 6, 8, 24, many 32, two 256
+>6	uleshort	>1	\b, %d bits/pixel
+#	display shared information of cursor or icon entry
+0		name		cur-ico-entry
+>0		byte		=0		\b, 256x
+>0		byte		!0		\b, %dx
+>1		byte        	=0		\b256
+>1		byte        	!0		\b%d
+# number of colors in palette
+>2		ubyte		!0		\b, %d colors
+# reserved 0 FFh
+#>3		ubyte        	x		\b, reserved %x
+#>8		ulelong		x		\b, image size %d
+# offset of PNG or DIB image
+#>12		ulelong		x		\b, offset %#x
+# PNG header (\x89PNG)
+>(12.l)		ubelong		=0x89504e47
+# 1 space char after "with" to get phrase "with PNG image" by magic in ./images
+>>&-4		indirect	x	\b with 
+# DIB image
+>(12.l)		ubelong		!0x89504e47
+#>>&-4		use     	dib-image
+
+# Windows non-animated cursors
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/CUR_(file_format)
+# Note: similar to Windows ICOn. container for BMP ( only DIB part)
+# GRR: line below is too general as it catches also Lotus 1-2-3 files
+0   belong  0x00000200
+>9  byte    0
+>>0 use     cur-ico-dir
+>9  ubyte   0xff
+>>0 use     cur-ico-dir
+
+# .chr files
+0	string/b	PK\010\010BGI	Borland font
+>4	string	>\0	%s
+# then there is a copyright notice
+
+
+# .bgi files
+0	string/b	pk\010\010BGI	Borland device
+>4	string	>\0	%s
+# then there is a copyright notice
+
+
+# Windows Recycle Bin record file (named INFO2)
+# By Abel Cheung (abelcheung AT gmail dot com)
+# Version 4 always has 280 bytes (0x118) per record, version 5 has 800 bytes
+# Since Vista uses another structure, INFO2 structure probably won't change
+# anymore. Detailed analysis in:
+# http://www.cybersecurityinstitute.biz/downloads/INFO2.pdf
+0	lelong		0x00000004
+>12	lelong		0x00000118	Windows Recycle Bin INFO2 file (Win98 or below)
+
+0	lelong		0x00000005
+>12	lelong		0x00000320	Windows Recycle Bin INFO2 file (Win2k - WinXP)
+
+# From Doug Lee via a FreeBSD pr
+9	string		GERBILDOC	First Choice document
+9	string		GERBILDB	First Choice database
+9	string		GERBILCLIP	First Choice database
+0	string		GERBIL		First Choice device file
+9	string		RABBITGRAPH	RabbitGraph file
+0	string		DCU1		Borland Delphi .DCU file
+0	string		=!<spell>	MKS Spell hash list (old format)
+0	string		=!<spell2>	MKS Spell hash list
+# Too simple - MPi
+#0	string		AH		Halo(TM) bitmapped font file
+0	lelong		0x08086b70	TurboC BGI file
+0	lelong		0x08084b50	TurboC Font file
+
+# Debian#712046: The magic below identifies "Delphi compiled form data".
+# An additional source of information is available at:
+# http://www.woodmann.com/fravia/dafix_t1.htm
+0	string		TPF0
+>4	pstring		>\0		Delphi compiled form '%s'
+
+# tests for DBase files moved, updated and merged to database
+
+0	string		PMCC		Windows 3.x .GRP file
+1	string		RDC-meg		MegaDots
+>8	byte		>0x2F		version %c
+>9	byte		>0x2F		\b.%c file
+
+# .PIF files added by Joerg Jenderek from https://smsoft.ru/en/pifdoc.htm
+# only for windows versions equal or greater 3.0
+0x171	string	MICROSOFT\ PIFEX\0	Windows Program Information File
+!:mime	application/x-dosexec
+!:ext	pif
+#>2	string	 	>\0		\b, Title:%.30s
+>0x24	string		>\0		\b for %.63s
+>0x65	string		>\0		\b, directory=%.64s
+>0xA5	string		>\0		\b, parameters=%.64s
+#>0x181	leshort	x	\b, offset %x
+#>0x183	leshort	x	\b, offsetdata %x
+#>0x185	leshort	x	\b, section length %x
+>0x187	search/0xB55	WINDOWS\ VMM\ 4.0\0
+>>&0x5e		ubyte	>0
+>>>&-1		string	<PIFMGR.DLL		\b, icon=%s
+#>>>&-1		string	PIFMGR.DLL		\b, icon=%s
+>>>&-1		string	>PIFMGR.DLL		\b, icon=%s
+>>&0xF0		ubyte	>0
+>>>&-1		string	<Terminal		\b, font=%.32s
+#>>>&-1		string	=Terminal		\b, font=%.32s
+>>>&-1		string	>Terminal		\b, font=%.32s
+>>&0x110	ubyte	>0
+>>>&-1		string	<Lucida\ Console	\b, TrueTypeFont=%.32s
+#>>>&-1		string	=Lucida\ Console	\b, TrueTypeFont=%.32s
+>>>&-1		string	>Lucida\ Console	\b, TrueTypeFont=%.32s
+#>0x187	search/0xB55	WINDOWS\ 286\ 3.0\0	\b, Windows 3.X standard mode-style
+#>0x187	search/0xB55	WINDOWS\ 386\ 3.0\0	\b, Windows 3.X enhanced mode-style
+>0x187	search/0xB55	WINDOWS\ NT\ \ 3.1\0	\b, Windows NT-style
+#>0x187	search/0xB55	WINDOWS\ NT\ \ 4.0\0	\b, Windows NT-style
+>0x187	search/0xB55	CONFIG\ \ SYS\ 4.0\0	\b +CONFIG.SYS
+#>>&06		string	x			\b:%s
+>0x187	search/0xB55	AUTOEXECBAT\ 4.0\0	\b +AUTOEXEC.BAT
+#>>&06		string	x			\b:%s
+
+# Norton Guide (.NG , .HLP) files added by Joerg Jenderek from source NG2HTML.C
+# of http://www.davep.org/norton-guides/ng2h-105.tgz
+# https://en.wikipedia.org/wiki/Norton_Guides
+0	string		NG\0\001
+# only value 0x100 found at offset 2
+>2	ulelong		0x00000100	Norton Guide
+!:mime	application/x-norton-guide
+# often like NORTON.NG but some times like NC.HLP
+!:ext	ng/hlp
+# Title[40]
+>>8	string		>\0		"%-.40s"
+#>>6	uleshort	x		\b, MenuCount=%u
+# szCredits[5][66]
+>>48	string		>\0		\b, %-.66s
+>>114	string		>\0		%-.66s
+
+# URL:		https://en.wikipedia.org/wiki/Norton_Commander
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/m/msg-nc-eng.trid.xml
+# From:		Joerg Jenderek
+# Note:		Message file is used by executable with same main name.
+#		Only tested with version 5.50 (english) and 2.01 (Windows)
+0	string		Abort
+# \0 or i
+#>5	ubyte		x		%x
+# skip ASCII Abort text by looking for error message like in NCVIEW.MSG
+>6	search/7089	Non-DOS\ disk	Norton Commander module message
+!:mime	application/x-norton-msg
+!:ext	msg
+
+# URL:		http://www.antonis.de/dos/dos-tuts/mpdostip/html/nwdostip.htm
+# Reference:	https://mark0.net/download/triddefs_xml.7z/defs/m/msg-netware-dos.trid.xml
+# From:		Joerg Jenderek
+0	string	DOS\ Client\ Message\ File:	Novell DOS client message
+#!:mime	application/octet-stream
+#!:mime	application/x-novell-msg
+!:ext	msg
+# look for second letter instead space character
+>26	ubyte		>0x20
+# digit 1 or often main or program name like: IPXODI.COM TASKID pnwtrap DOSRqstr
+>>25		ubyte	!0x20			%c
+>>>26		ubyte	!0x20			\b%c
+>>>>27		ubyte	!0x20			\b%c
+>>>>>28		ubyte	!0x20			\b%c
+>>>>>>29	ubyte	!0x20			\b%c
+>>>>>>>30	ubyte	!0x20			\b%c
+>>>>>>>>31	ubyte	!0x20			\b%c
+>>>>>>>>>32	ubyte	!0x20			\b%c
+>>>>>>>>>>33	ubyte	!0x20			\b%c
+>>>>>>>>>>>34	ubyte	!0x20			\b%c
+>>>>>>>>>>>>35	ubyte	!0x20			\b%c
+>>>>>>>>>>>>>36	ubyte	!0x20			\b%c
+# followed by string like: 0 v.10 V1.20
+#
+# followed by ,\040Tran 
+>28	search/14	,\040Tran 
+# probably translated version string like: 0 v1.00
+>>&0	string	x				\b, tran version %s
+# followed by Ctrl-J Ctrl-Z
+>>>&0	ubyte		!0xa			\b, terminated by %#2.2x
+>>>>&0	ubyte		x			\b%2.2x
+# Ctrl-Z
+>0x65	ubyte		!0x1A			\b, at 0x65 %#x
+# one
+>0x66	ubyte		!0x01			\b, at 0x66 %#x
+# URL:		https://en.wikipedia.org/wiki/NetWare
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/d/dat-novell-msg.trid.xml
+# ftp://ftp.iitb.ac.in/LDP/en/NLM-HOWTO/NLM-HOWTO-single.html
+# From:		Joerg Jenderek
+0	string	Novell\ Message\ Librarian\ Data\ File	Novell message librarian data
+#>35	string	Version\ 1.00
+#>49	string	COPYRIGHT\ (c)\ 1985\ by\ Novell,\ Inc.
+#>83	string	\ \ All\ Rights\ Reserved
+#!:mime	application/octet-stream
+#!:mime	application/x-novell-msg
+!:ext	msg
+#!:ext	msg/dat
+# 4DOS help (.HLP) files added by Joerg Jenderek from source TPHELP.PAS
+# of https://www.4dos.info/
+# pointer,HelpID[8]=4DHnnnmm
+0	ulelong	0x48443408		4DOS help file
+>4	string	x			\b, version %-4.4s
+
+# old binary Microsoft (.HLP) files added by Joerg Jenderek from http://file-extension.net/seeker/file_extension_hlp
+0	ulequad	0x3a000000024e4c	MS Advisor help file
+
+# HtmlHelp files (.chm)
+0	string/b	ITSF\003\000\000\000\x60\000\000\000	MS Windows HtmlHelp Data
+!:mime	application/vnd.ms-htmlhelp
+!:ext	chm
+
+# GFA-BASIC (Wolfram Kleff)
+2	string/b	GFA-BASIC3	GFA-BASIC 3 data
+
+#------------------------------------------------------------------------------
+# From Stuart Caie <kyzer@4u.net> (developer of cabextract)
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Cabinet_(file_format)
+# Reference: https://msdn.microsoft.com/en-us/library/bb267310.aspx
+# Note: verified by `7z l *.cab`
+# Microsoft Cabinet files
+0	string/b	MSCF\0\0\0\0	Microsoft Cabinet archive data
+#
+# https://support.microsoft.com/en-us/help/973559/frequently-asked-questions-about-the-microsoft-support-diagnostic-tool
+# CAB with *.{diagcfg,diagpkg} is used by Microsoft Support Diagnostic Tool MSDT.EXE
+# because some archive does not have *.diag* as 1st or 2nd archive member like
+# O15CTRRemove.diagcab or AzureStorageAnalyticsLogs_global.DiagCab
+# brute looking after header for filenames with diagcfg or diagpkg extension in CFFILE section
+>0x2c	search/980/c	.diag		\b, Diagnostic
+!:mime	application/vnd.ms-cab-compressed
+!:ext	diagcab
+# http://fileformats.archiveteam.org/wiki/PUZ
+# Microsoft Publisher version about 2003 has a "Pack and Go" feature that
+# bundles a Publisher document *PNG.pub with all links into a CAB
+>0x2c	search/300/c	png.pub\0		\b, Publisher Packed and Go
+!:mime	application/vnd.ms-cab-compressed
+!:ext	puz
+# ppz variant with Microsoft PowerPoint Viewer ppview32.exe to play PowerPoint presentation
+>0x2c	search/17/c	ppview32.exe\0		\b, PowerPoint Viewer Packed and Go
+!:mime	application/vnd.ms-powerpoint
+#!:mime	application/mspowerpoint
+!:ext	ppz
+# URL:		https://en.wikipedia.org/wiki/Windows_Desktop_Gadgets
+# Reference:	https://docs.microsoft.com/en-us/previous-versions/windows/desktop/sidebar/
+# http://win10gadgets.com/download/273/ All_CPU_Meter1.zip/All_CPU_Meter_V4.7.3.gadget
+>0x2c	search/968/c	gadget.xml		\b, Windows Desktop Gadget
+#!:mime	application/vnd.ms-cab-compressed
+# http://extension.nirsoft.net/gadget
+!:mime	application/x-windows-gadget
+!:ext	gadget
+# http://www.incredimail.com/
+# IncrediMail CAB contains an initialisation file "content.ini" like in im2.ims
+>0x2c	search/3369/c	content.ini\0	\b, IncrediMail
+!:mime	application/x-incredimail
+# member Flavor.htm implies IncrediMail ecard like in tell_a_friend.imf
+>>0x2c	search/83/c	Flavor.htm\0	ecard
+!:ext	imf
+# member Macromedia Flash data *.swf implies IncrediMail skin like in im2.ims
+>>0x2c	search/211/c	.swf\0		skin
+!:ext	ims
+# member anim.im3 implies IncrediMail animation like in letter_fold.ima
+>>0x2c	search/92/c	anim.im3\0	animation
+!:ext	ima
+# other IncrediMail cab archive
+>>0x2c	default		x
+>>>0x2c	search/116/c	thumb		ecard, image, notifier or skin
+!:ext	imf/imi/imn/ims
+# http://file-extension.net/seeker/file_extension_ime
+>>>0x2c	default		x		emoticons or sound
+!:ext	ime/imw
+# no Diagnostic, Packed and Go, Windows Desktop Gadget, IncrediMail
+>0x2c	default		x
+# look for 1st member name
+>>(16.l+16)	ubyte	x
+# From:		Joerg Jenderek
+# URL:		https://docs.microsoft.com/en-us/windows-hardware/drivers/install/building-device-metadata-packages
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/d/devicemetadata-ms.trid.xml
+>>>&-1	string 		PackageInfo.xml	\b, Device Metadata Package
+!:mime	application/vnd.ms-cab-compressed
+!:ext	devicemetadata-ms
+# https://en.wikipedia.org/wiki/SNP_file_format
+>>>&-1	string/c 	_accrpt_.snp	\b, Access report snapshot
+!:mime	application/msaccess
+!:ext	snp
+# https://en.wikipedia.org/wiki/Microsoft_InfoPath
+>>>&-1	string 		manifest.xsf	\b, InfoPath Form Template
+!:mime	application/vnd.ms-cab-compressed
+#!:mime	application/vnd.ms-infopath
+!:ext	xsn
+# https://www.cabextract.org.uk/wince_cab_format/
+# extension of DOS 8+3 name with ".000" of 1st archive member name implies Windows CE installer
+>>>&7	string 		=.000		\b, WinCE install
+!:mime	application/vnd.ms-cab-compressed
+!:ext	cab
+
+# https://support.microsoft.com/kb/934307/en-US
+# All inspected MSU contain a file with name WSUSSCAN.cab
+# that is called "Windows Update meta data" by Microsoft
+>>>&-1	string/c 	wsusscan.cab	\b, Microsoft Standalone Update
+!:mime	application/vnd.ms-cab-compressed
+!:ext	msu
+>>>&-1	default		x
+# look at point character of 1st archive member name for file name extension
+# GRR: search range is maybe too large and match point else where like in EN600x64.cab!
+>>>>&-1	search/255 	.
+# http://www.pptfaq.com/FAQ00164_What_is_a_PPZ_file-.htm
+# PPZ were created using Pack & Go feature of PowerPoint versions 97 - 2002
+# packs optional files, a PowerPoint presentation *.ppt with optional PLAYLIST.LST to CAB
+>>>>>&0	string/c	ppt\0
+>>>>>>28 uleshort	>1		\b, PowerPoint Packed and Go
+!:mime	application/vnd.ms-powerpoint
+#!:mime	application/mspowerpoint
+!:ext	ppz
+# or POWERPNT.PPT packed as POWERPNT.PP_ found on Windows 2000,XP setup CD in directory i386
+>>>>>>28 uleshort	=1		\b, one packed PowerPoint
+!:mime	application/vnd.ms-cab-compressed
+!:ext	pp_
+# https://msdn.microsoft.com/en-us/library/windows/desktop/bb773190(v=vs.85).aspx
+# first member *.theme implies Windows 7 Theme Pack like in CommunityShowcaseAqua3.themepack
+# or Windows 8 Desktop Theme Pack like in PanoramicGlaciers.deskthemepack
+>>>>>&0	string/c	theme		\b, Windows
+!:mime	application/x-windows-themepack
+# https://www.drewkeller.com/content/using-theme-both-windows-7-and-windows-8
+# 1st member Panoramic.theme or Panoramas.theme implies Windows 8-10 Theme Pack
+# with MTSM=RJSPBS in [MasterThemeSelector] inside *.theme
+>>>>>>(16.l+16)	string	=Panoram	8
+!:ext	deskthemepack
+>>>>>>(16.l+16)	string	!Panoram	7 or 8
+!:ext	themepack/deskthemepack
+>>>>>>(16.l+16)	ubyte	x		Theme Pack
+# URL:		https://en.wikipedia.org/wiki/Microsoft_OneNote#File_format
+#		http://fileformats.archiveteam.org/wiki/OneNote
+# Reference:	https://mark0.net/download/triddefs_xml.7z/defs/o/onepkg.trid.xml
+# 1st member name like: "Class Notes.one" "test-onenote.one" "Open Notebook.onetoc2" "Editor �ffnen.onetoc2"
+>>>>>&0	string/c	one		\b, OneNote Package
+!:mime	application/msonenote
+!:ext	onepkg
+>>>>>&0	default		x
+# look for null terminator of 1st member name
+>>>>>>&0	search/255 	\0
+# 2nd member name WSUSSCAN.cab like in Microsoft-Windows-MediaFeaturePack-OOB-Package.msu
+>>>>>>>&16	string/c 	wsusscan.cab	\b, Microsoft Standalone Update
+!:mime	application/vnd.ms-cab-compressed
+!:ext	msu
+>>>>>>>&16	default	x
+# archive with more then one file need some output in version 5.32 to avoid error message like
+# Magdir/msdos, 1138: Warning: Current entry does not yet have a description for adding a MIME type
+# Magdir/msdos, 1139: Warning: Current entry does not yet have a description for adding a EXTENSION type
+# file: could not find any valid magic files!
+>>>>>>>>28	uleshort	>1	\b, many
+!:mime	application/vnd.ms-cab-compressed
+!:ext	cab
+# remaining archives with just one file
+>>>>>>>>28	uleshort	=1
+# neither extra bytes nor cab chain implies Windows 2000,XP setup files in directory i386
+>>>>>>>>>30	uleshort	=0x0000	\b, Windows 2000/XP setup
+# cut of last char of source extension and add underscore to generate extension
+# TERMCAP._ ... FXSCOUNT.H_ ... L3CODECA.AC_ ... NPDRMV2.ZI_
+!:mime	application/vnd.ms-cab-compressed
+!:ext	_/?_/??_
+# archive need some output like "single" in version 5.32 to avoid error messages
+>>>>>>>>>30	uleshort	!0x0000	\b, single
+!:mime	application/vnd.ms-cab-compressed
+!:ext	cab
+# first archive name without point character
+>>>>&-1	default		x
+>>>>>28	uleshort	=1	\b, single
+!:mime	application/vnd.ms-cab-compressed
+# on XP_CD\I386\ like: NETWORKS._ PROTOCOL._ QUOTES._ SERVICES._
+!:ext	_
+>>>>>28	uleshort	>1	\b, many
+!:mime	application/vnd.ms-cab-compressed
+# like: HP Envy 6000 printer driver packages Full_x86.cab Full_x64.cab
+!:ext	cab
+# TODO: additional extensions like
+# .xtp	InfoPath Template Part
+# .lvf	Logitech Video Effects Face Accessory
+>8	ulelong		x		\b, %u bytes
+>28	uleshort		1		\b, 1 file
+>28	uleshort		>1		\b, %u files
+# Reserved fields, set to zero
+#>4	belong		!0		\b, reserved1 %x
+#>12	belong		!0		\b, reserved2 %x
+# offset of the first CFFILE entry coffFiles: minimal 2Ch
+>16	ulelong		x		\b, at %#x
+>(16.l)	use		cab-file
+# at least also 2nd member
+>28	uleshort		>1
+>>(16.l+16)	ubyte	x
+>>>&0	search/255 	\0
+# second member info
+>>>>&0	use		cab-file
+#>20	belong		!0		\b, reserved %x
+# Cabinet file format version. Currently, versionMajor = 1 and versionMinor = 3
+>24	ubeshort	!0x0301		\b version %#x
+# number of CFFOLDER entries
+>26	uleshort	>1		\b, %u cffolders
+# cabinet file option indicators 1~PREVIOUS, 2~NEXT, 4~reserved fields
+# only found for flags 0 1 2 3 4 not 7
+>30	uleshort	>0		\b, flags %#x
+# Cabinet files have a 16-bit cabinet setID field that is designed for application use.
+# default is zero, however, the -i option of cabarc can be used to set this field
+>32	uleshort	>0		\b, ID %u
+# iCabinet is number of this cabinet file in a set, where 0 for the first cabinet
+#>34	uleshort	x		\b, iCabinet %u
+# add one for display because humans start numbering by 1 and also fit to name of disk szDisk*
+>34	uleshort+1	x		\b, number %u
+>30	uleshort	&0x0004		\b, extra bytes
+# cbCFHeader optional size of per-cabinet reserved area 14h 1800h
+>>36	uleshort	>0		%u in head
+# cbCFFolder is optional size of per-folder reserved area
+>>38	ubyte		>0		%u in folder
+# cbCFData is optional size of per-datablock reserved area
+>>39	ubyte		>0		%u in data block
+# optional per-cabinet reserved area abReserve[cbCFHeader]
+>>36	uleshort	>0
+# 1st CFFOLDER after reserved area in header
+>>>(36.s+40)	use			cab-folder
+# no reserved area in header
+>30	uleshort	^0x0004
+# no previous and next cab archive
+>>30	uleshort		=0x0000
+>>>36	use				cab-folder
+# only previous cab archive
+>>30	uleshort		=0x0001	\b, previous
+>>>36	use				cab-anchor
+# only next cab archive
+>>30	uleshort		=0x0002	\b, next
+>>>36	use				cab-anchor
+# previous+next cab archive
+# can not use sub routine cab-anchor to display previous and next cabinet together
+#>>>36	use				cab-anchor
+#>>>>&0	use				cab-anchor
+>>30	uleshort		=0x0003	\b, previous
+>>>36	string		x		%s
+# optional name of previous disk szDisk*
+>>>>&1	string		x		disk %s
+>>>>>&1	string		x		\b, next %s
+# optional name of previous disk szDisk*
+>>>>>>&1	string		x	disk %s
+>>>>>>>&1	use			cab-folder
+#	display filename and disk name of previous or next cabinet
+0       name    			cab-anchor
+# optional name of previous/next cabinet file szCabinet*[255]
+>&0	string		x		%s
+# optional name of previous/next disk szDisk*[255]
+>>&1	string		x		disk %s
+#	display folder structure CFFOLDER information like compression of cabinet
+0       name    			cab-folder
+# offset of the CFDATA block in this folder
+#>0	ulelong		x		\b, coffCabStart %#x
+# number of CFDATA blocks in folder
+>4	uleshort	x		\b, %u datablock
+# plural s
+>4	uleshort	>1		\bs
+# compression typeCompress: 0~None 1~MSZIP 0x1503~LZX:21 0x1003~LZX:16 0x0f03~LZX:15
+>6	uleshort	x		\b, %#x compression
+# optional per-folder reserved area
+#>8	ubequad		x		\b, abReserve %#llx
+#	display member structure CFFILE information like member name of cabinet
+0       name    			cab-file
+# cbFile is uncompressed size of file in bytes
+#>0	ulelong		x		\b, cbFile %u
+# uoffFolderStart is uncompressed offset of file in folder
+#>4	ulelong		>0		\b, uoffFolderStart %#x
+# iFolder is index into the CFFOLDER area. 0 indicates first folder in cabinet
+# define ifoldCONTINUED_FROM_PREV      (0xFFFD)
+# define ifoldCONTINUED_TO_NEXT        (0xFFFE)
+# define ifoldCONTINUED_PREV_AND_NEXT  (0xFFFF)
+>8	uleshort	>0		\b, iFolder %#x
+# date stamp for file
+>10	lemsdosdate	x		last modified %s
+# time stamp for file
+>12	lemsdostime	x		%s
+# attribs is attribute flags for file
+# define  _A_RDONLY       (0x01)  file is read-only
+# define  _A_HIDDEN       (0x02)  file is hidden
+# define  _A_SYSTEM       (0x04)  file is a system file
+# define  _A_ARCH         (0x20)  file modified since last backup
+# example http://sebastien.kirche.free.fr/pebuilder_plugins/depends.cab
+# define  _A_EXEC         (0x40)  run after extraction
+# define  _A_NAME_IS_UTF  (0x80)  szName[] contains UTF
+# define  UNKNOWN       (0x0100)  undocumented or accident
+#>14	uleshort	x		\b, attribs %#x
+>14	uleshort	>0		+
+>>14	uleshort	&0x0001		\bR
+>>14	uleshort	&0x0002		\bH
+>>14	uleshort	&0x0004		\bS
+>>14	uleshort	&0x0020		\bA
+>>14	uleshort	&0x0040		\bX
+>>14	uleshort	&0x0080		\bUtf
+# unknown 0x0100 flag found on one XP_CD:\I386\DRIVER.CAB
+>>14	uleshort	&0x0100		\b?
+# szName is name of archive member
+>16	string		x		"%s"
+# next archive member name if more files
+#>>&17	string		>\0		\b, NEXT NAME %-.50s
+
+# InstallShield Cabinet files
+0	string/b	ISc(		InstallShield Cabinet archive data
+>5	byte&0xf0	=0x60		version 6,
+>5	byte&0xf0	!0x60		version 4/5,
+>(12.l+40)	lelong	x		%u files
+
+# Windows CE package files
+0	string/b	MSCE\0\0\0\0	Microsoft WinCE install header
+>20	lelong		0		\b, architecture-independent
+>20	lelong		103		\b, Hitachi SH3
+>20	lelong		104		\b, Hitachi SH4
+>20	lelong		0xA11		\b, StrongARM
+>20	lelong		4000		\b, MIPS R4000
+>20	lelong		10003		\b, Hitachi SH3
+>20	lelong		10004		\b, Hitachi SH3E
+>20	lelong		10005		\b, Hitachi SH4
+>20	lelong		70001		\b, ARM 7TDMI
+>52	leshort		1		\b, 1 file
+>52	leshort		>1		\b, %u files
+>56	leshort		1		\b, 1 registry entry
+>56	leshort		>1		\b, %u registry entries
+
+
+# Windows Enhanced Metafile (EMF)
+# See msdn.microsoft.com/archive/en-us/dnargdi/html/msdn_enhmeta.asp
+# for further information.
+0	ulelong 1
+>40	string	\ EMF		Windows Enhanced Metafile (EMF) image data
+>>44	ulelong x		version %#x
+
+
+0	string/b	\224\246\056		Microsoft Word Document
+!:mime	application/msword
+
+# From: "Nelson A. de Oliveira" <naoliv@gmail.com>
+# Magic type for Dell's BIOS .hdr files
+# Dell's .hdr
+0	string/b $RBU
+>23	string Dell			%s system BIOS
+>5	byte   2
+>>48	byte   x			version %d.
+>>49	byte   x			\b%d.
+>>50	byte   x			\b%d
+>5	byte   <2
+>>48	string x			version %.3s
+
+# Type: Microsoft Document Imaging Format (.mdi)
+# URL:	https://en.wikipedia.org/wiki/Microsoft_Document_Imaging_Format
+# From: Daniele Sempione <scrows@oziosi.org>
+# Too weak (EP)
+#0	short	0x5045			Microsoft Document Imaging Format
+
+# MS eBook format (.lit)
+0	string/b	ITOLITLS		Microsoft Reader eBook Data
+>8	lelong	x			\b, version %u
+!:mime					application/x-ms-reader
+
+# Windows CE Binary Image Data Format
+# From: Dr. Jesus <j@hug.gs>
+0	string/b	B000FF\n	Windows Embedded CE binary image
+
+# The second byte of these signatures is a file version; I don't know what,
+# if anything, produced files with version numbers 0-2.
+# From: John Elliott <johne@seasip.demon.co.uk>
+0	string	\xfc\x03\x00	Mallard BASIC program data (v1.11)
+0	string	\xfc\x04\x00	Mallard BASIC program data (v1.29+)
+0	string	\xfc\x03\x01	Mallard BASIC protected program data (v1.11)
+0	string	\xfc\x04\x01	Mallard BASIC protected program data (v1.29+)
+
+0	string	MIOPEN		Mallard BASIC Jetsam data
+0	string	Jetsam0		Mallard BASIC Jetsam index data
+
+# DOS backup 2.0 to 3.2
+# URL:		http://fileformats.archiveteam.org/wiki/BACKUP_(MS-DOS)
+# Reference:	http://www.ibiblio.org/pub/micro/pc-stuff/freedos/files/dos/restore/brtecdoc.htm
+# backupid.@@@
+
+# plausibility check for date
+0x3	ushort	>1979
+>0x5	ubyte-1 <31
+>>0x6	ubyte-1 <12
+# actually 121 nul bytes
+>>>0x7	string	\0\0\0\0\0\0\0\0
+>>>>0x1 ubyte	x	DOS 2.0 backup id file, sequence %d
+#!:mime	application/octet-stream
+!:ext @@@
+>>>>0x0 ubyte	0xff	\b, last disk
+
+# backed up file
+
+# skip some AppleWorks word like Tomahawk.Awp, WIN98SE-DE.vhd
+# by looking for trailing nul of maximal file name string
+0x52	ubyte	0	
+# test for flag byte: FFh~complete file, 00h~split file
+# FFh -127 =	-1 -127 =	-128
+# 00h -127 =	 0 -127 =	-127
+>0	byte-127	<-126
+# plausibility check for file name length
+>>0x53	ubyte-1	<78	
+# looking for terminating nul of file name string
+>>>(0x53.b+4)	ubyte	0	
+# looking if last char of string is valid DOS file name
+>>>>(0x53.b+3)	ubyte	>0x1F	
+# actually 44 nul bytes
+# but sometimes garbage according to Ralf Quint. So can not be used as test
+#>0x54	string	\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+# first char of full file name is DOS (5Ch) or UNIX (2Fh) path separator
+# only DOS variant found. UNIX variant according to V32SLASH.TXT in archive PD0315.EXE
+>>>>>5	ubyte&0x8C	0x0C	
+# ./msdos (version 5.30) labeled the entry as
+# "DOS 2.0 backed up file %s, split file, sequence %d" or
+# "DOS 2.0 backed up file %s, complete file"
+>>>>>>0	ubyte	x	DOS 2.0-3.2 backed up
+#>>>>>>0	ubyte	0xff	complete
+>>>>>>0	ubyte	0
+>>>>>>>1 uleshort	x	sequence %d of
+# full file name with path but without drive letter and colon stored from 0x05 til 0x52
+>>>>>>0x5	string	x	file %s
+#!:mime	application/octet-stream
+# backup name is original filename
+#!:ext	doc/exe/rar/zip
+#!:ext	*
+# magic/Magdir/msdos, 1169: Warning: EXTENSION type `     *' has bad char '*'
+# file: line 1169: Bad magic entry '  *'
+# after header original file content
+>>>>>>128	indirect x	\b; 
+
+
+# DOS backup 3.3 to 5.x
+
+# CONTROL.nnn files
+0	string	\x8bBACKUP\x20
+# actually 128 nul bytes
+>0xa	string	\0\0\0\0\0\0\0\0
+>>0x9	ubyte	x	DOS 3.3 backup control file, sequence %d
+>>0x8a	ubyte	0xff	\b, last disk
+
+# NB: The BACKUP.nnn files consist of the files backed up,
+# concatenated.
+
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/MS-DOS_date/time
+# Reference:	https://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-dosdatetimetofiletime
+# Note:		DOS date+time format is different from formats such as Unix epoch
+#		bit encoded; uses year values relative to 1980 and 2 second precision
+0	name		dos-date
+# HHHHHMMMMMMSSSSS bit encoded Hour (0-23) Minute (0-59) SecondPart (*2)
+#>0	uleshort	x	RAW TIME [%#4.4x]
+# hour part
+#>0	uleshort/2048	x	hour [%u]
+# YYYYYMMMMDDDDD bit encoded YearPart (+1980) Month (1-12) Day (1-31)
+#>2	uleshort	x	RAW DATE [%#4.4x]
+# day part
+>2	uleshort&0x001F	x	%u
+#>2	uleshort/16	x	MONTH PART [%#x]
+# GRR: not working
+#>2	uleshort/16	&0x000F	MONTH [%u]
+#>2	uleshort&0x01E0	x	MONTH PART [%#4.4x]
+>2	uleshort&0x01E0	=0x0020	jan
+>2	uleshort&0x01E0	=0x0040	feb
+>2	uleshort&0x01E0	=0x0060	mar
+>2	uleshort&0x01E0	=0x0080	apr
+>2	uleshort&0x01E0	=0x00A0	may
+>2	uleshort&0x01E0	=0x00C0	jun
+>2	uleshort&0x01E0	=0x00E0	jul
+>2	uleshort&0x01E0	=0x0100	aug
+>2	uleshort&0x01E0	=0x0120	sep
+>2	uleshort&0x01E0	=0x0140	oct
+>2	uleshort&0x01E0	=0x0160	nov
+>2	uleshort&0x01E0	=0x0180	dec
+# year part
+>2	uleshort/512	x	1980+%u
+#
diff --git a/magic/Magdir/msooxml b/magic/Magdir/msooxml
new file mode 100644
index 0000000..905017e
--- /dev/null
+++ b/magic/Magdir/msooxml
@@ -0,0 +1,68 @@
+
+#------------------------------------------------------------------------------
+# $File: msooxml,v 1.19 2023/03/14 19:46:15 christos Exp $
+# msooxml:  file(1) magic for Microsoft Office XML
+# From: Ralf Brown <ralf.brown@gmail.com>
+
+# .docx, .pptx, and .xlsx are XML plus other files inside a ZIP
+#   archive.  The first member file is normally "[Content_Types].xml".
+#   but some libreoffice generated files put this later. Perhaps skip
+#   the "[Content_Types].xml" test?
+# Since MSOOXML doesn't have anything like the uncompressed "mimetype"
+#   file of ePub or OpenDocument, we'll have to scan for a filename
+#   which can distinguish between the three types
+
+0		name		msooxml
+>0		string		word/		Microsoft Word 2007+
+!:mime application/vnd.openxmlformats-officedocument.wordprocessingml.document
+!:ext	docx
+>0		string		ppt/		Microsoft PowerPoint 2007+
+!:mime application/vnd.openxmlformats-officedocument.presentationml.presentation
+!:ext	pptx
+>0		string		xl/		Microsoft Excel 2007+
+!:mime application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
+!:ext	xlsx
+>0		string		visio/		Microsoft Visio 2013+
+!:mime application/vnd.ms-visio.drawing.main+xml
+>0		string		AppManifest.xaml	Microsoft Silverlight Application
+!:mime application/x-silverlight-app
+
+# start by checking for ZIP local file header signature
+0		string		PK\003\004
+!:strength +10
+# make sure the first file is correct
+>0x1E		use		msooxml
+>0x1E		default		x
+>>0x1E		regex		\\[Content_Types\\]\\.xml|_rels/\\.rels|docProps|customXml
+# skip to the second local file header
+# since some documents include a 520-byte extra field following the file
+# header, we need to scan for the next header
+>>>(18.l+49)	search/6000	PK\003\004
+# now skip to the *third* local file header; again, we need to scan due to a
+# 520-byte extra field following the file header
+>>>>&26		search/6000	PK\003\004
+# and check the subdirectory name to determine which type of OOXML
+# file we have.  Correct the mimetype with the registered ones:
+# https://technet.microsoft.com/en-us/library/cc179224.aspx
+>>>>>&26		use		msooxml	
+>>>>>&26		default		x
+# OpenOffice/Libreoffice orders ZIP entry differently, so check the 4th file
+>>>>>>&26	search/6000	PK\003\004
+>>>>>>>&26	use		msooxml	
+# Some OOXML generators add an extra customXml directory. Check another file.
+>>>>>>>&26	default		x
+>>>>>>>>&26	search/6000	PK\003\004
+>>>>>>>>>&26	use		msooxml	
+>>>>>>>>>&26	default		x		Microsoft OOXML
+>>>>>>>&26	default		x		Microsoft OOXML
+>>>>>&26	default		x		Microsoft OOXML
+>>0x1E		regex		\\[trash\\]
+>>>&26		search/6000	PK\003\004
+>>>>&26		search/6000	PK\003\004
+>>>>>&26	use		msooxml	
+>>>>>&26	default		x	
+>>>>>>&26	search/6000	PK\003\004
+>>>>>>>&26	use		msooxml	
+>>>>>>>&26	default		x		Microsoft OOXML
+>>>>>>&26	default		x		Microsoft OOXML
+>>>>>&26	default		x		Microsoft OOXML
diff --git a/magic/Magdir/msvc b/magic/Magdir/msvc
new file mode 100644
index 0000000..fbfa4f2
--- /dev/null
+++ b/magic/Magdir/msvc
@@ -0,0 +1,222 @@
+
+#------------------------------------------------------------------------------
+# $File: msvc,v 1.11 2022/01/17 17:17:30 christos Exp $
+# msvc:  file(1) magic for msvc
+# "H. Nanosecond" <aldomel@ix.netcom.com>
+# Microsoft visual C
+#
+# I have version 1.0
+
+# .aps
+0	string	HWB\000\377\001\000\000\000	Microsoft Visual C .APS file
+
+# .ide
+#too long 0	string	\102\157\162\154\141\156\144\040\103\053\053\040\120\162\157\152\145\143\164\040\106\151\154\145\012\000\032\000\002\000\262\000\272\276\372\316	MSVC .ide
+0	string	\102\157\162\154\141\156\144\040\103\053\053\040\120\162\157	MSVC .ide
+
+# .res
+0	string	\000\000\000\000\040\000\000\000\377	MSVC .res
+0	string	\377\003\000\377\001\000\020\020\350	MSVC .res
+0	string	\377\003\000\377\001\000\060\020\350	MSVC .res
+
+#.lib
+# URL: 		https://en.wikipedia.org/wiki/Microsoft_Visual_C%2B%2B
+#		http://fileformats.archiveteam.org/wiki/Microsoft_Library
+#		http://fileformats.archiveteam.org/wiki/OMF
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/l/lib-msvc.trid.xml
+#		https://pierrelib.pagesperso-orange.fr/exec_formats/OMF_v1.1.pdf
+# Update:	Joerg Jenderek
+#0	string	\360\015\000\000	Microsoft Visual C library
+#0	string	\360\075\000\000	Microsoft Visual C library
+#0	string	\360\175\000\000	Microsoft Visual C library
+# test for RecordType~LibraryHeaderRecord=0xF0 + RecordLength=???Dh + dictionary offset is multiple of 0x200
+0	ubelong&0xFF0f80ff	=0xF00d0000
+# Microsoft Visual C library (strength=70) before MIDI SysEx messages (strength=50) handled by ./sysex
+#!:strength +0
+# test for valid 2nd RecordType~Translator Header Record=THEADR=80h or LHEADR=82h
+>(1.s+3)	ubyte&0xFD	=0x80
+>>0		use		omf-lib
+#	display information about Microsoft Visual C/OMF library
+0	name			omf-lib
+# RecordType~LibraryHeaderRecord=0xF0
+#>0	byte			0xF0		Microsoft Visual C library
+# the above description was used in file version 5.41
+>0	byte			0xF0		Microsoft Visual C/OMF library
+#>0	byte			0xF0		relocatable Object Module Format (OMF) libray
+#!:mime	application/octet-stream
+!:mime	application/x-omf-lib
+!:ext	lib
+# 1st record data length like 13=0Dh 29=1Dh 61=3Dh 125=7Dh 509=01FDh ... 32765=7FFDh
+#>1	uleshort		x		\b, 1st record data length %u
+#>1	uleshort		x		\b, 1st record data length %#x
+# 2**4=16 <= RecordLength+3 = PageSize = 2**n {16 32 512 no examples 64 128 256 1024 2048 ...32768} <= 2**15=32768
+>1	uleshort+3		x		\b, page size %u
+# dictionary offset like: 400h 600h a00h c00h 1200h 1800h 2400h 5600h 12800h 19200h 28a00h
+>3		ulelong		x		\b, at %#x dictionary
+# dictionary block a 512 bytes; the first 37 bytes correspond to the 37 buckets
+#>(3.l)	ubequad			x		(%#16.16llx...)
+# dictionary size; length in 512-byte blocks; a prime number? like:
+# 1 2 3 4 5 6 7 9 11 13 15 16 18 21 22 23 24 25 31 50 53 89 101 117 277
+>7		uleshort	x		with %u block
+# plurals s
+>7		uleshort	>1		\bs
+# If dictionary byte 38 (FFLAG) has the value 255, there is no space left
+>(3.l+37)	ubyte		<0xFF		(FFLAG=%#x)
+>(3.l+37)	ubyte		=0xFF		(FFLAG=full)
+# dictionary entry; length byte of following symbol, the following text bytes of symbol, two bytes specifies the page number
+# like: dbfntx1! DBFNTX.LIB zlibCompileFlags_ ZLIB.LIB atoi! mwlibc.lib
+>(3.l+38)	pstring		x		1st entry %s
+# like: 1 33 41 47 458 8783
+>>&0		uleshort	x		in page %u
+# library flags; 0 or 1, but WHAT IS 0x4d in MOUSE.LIB ?
+>9	ubyte			>1		\b, flags %#x
+>9	ubyte			=1		case sensitive
+# In the library after header comes first object module with a Library Module Header Record (LHEADR=82h)
+# but in examples Translator Header Record (THEADR=80h) which is handled identically
+>(1.s+3)	ubyte		x		\b, 2nd record
+>(1.s+3)	ubyte		!0x80		(type %#x)
+#>(1.s+4)	uleshort	x		\b, 2nd record data length %u
+# Module name often source name like "dos\crt0.asm" in mlibce.lib or "QB4UTIL.ASM" in QB4UTIL.LIB
+# or "C:\Documents and Settings\Allan Campbell\My Documents\FDOSBoot\zlib\zutil.c" in ZLIB.LIB
+# or title like "87INIT" in FP87.LIB or "ACOSASIN" in MATHC.LIB or "Copyright" in calc-bcc.lib
+>(1.s+6)	pstring		x		"%s"
+# 2nd record checksum
+#>>&0		ubyte		x		checksum %#x
+# 3rd RecordType: 96h~LNAMES 88h~COMENT
+>>&1		ubyte		x		\b, 3rd record
+>>&1		ubyte		!0x88
+>>>&-1		ubyte		!0x96
+# 3rd unusual record type
+>>>>&-1		ubyte		x		(type %#x)
+# 3rd record is a List of Names Record (LNAMES=96h)
+>>&1		ubyte		=0x96		LNAMES
+# LNAMES record length like: 2 15 19
+#>>>&0			uleshort	x	\b, LNAMES record length %u
+>>>&0			uleshort	>2
+# 1st LNAME string length; null is valid; maximal 255
+#>>>>&0			ubyte		x	1st LNAME length %u
+>>>>&0			ubyte		=0
+# 2nd LNAME length like: 4 7 8 17 31
+#>>>>>&0			ubyte		x	2nd LNAME length %u
+# name used for segment, class, group, overlay, etc like:
+# CODE (mwlibc.lib) _TEXT32 (JMPPM32.LIB) _OVLCODE (WOVL.LIB)
+>>>>>&0			pstring		x	%s
+# 3rd LNAME length like: 4 5
+#>>>>>>&0		ubyte		x	3rd LNAME length %u
+# like: DATA (mwlibc.lib) CODE (JMPPM32.LIB) _TEXT (EMU87.LIB)
+>>>>>>&0		pstring		x	%s
+# maybe 4th LNAME length like: 4 6
+>>>>>>>&0		ubyte		<44
+# like: DATA (DEBUG.LIB) DGROUP (mwlibc.lib MOUSE.LIB)
+>>>>>>>>&-1		pstring		x	%s
+# 3rd record is a COMMENT (Including all comment class extensions)
+>>&1		ubyte		=0x88		COMMENT
+# comment record length like: 3 FLIB7M.LIB 1Bh 1Eh 23h 27h 2Bh 30h freetype-bcc.lib
+#>>>&0		uleshort	x		\b, record length %#x
+# real comment length = record length - 1 (comment type) - 1 (comment Class) - 1 (checksum) -1 (char count)
+# like: 2 LIBFL.LIB 4 "UUID" 5 "dscap" 6 "int386" 7 "qb4util" 8 "AMSGEXIT" 16 REXX.LIB 20 27 35 44 freetype-bcc.lib
+#>>>>&-2		uleshort-4	>0		\b, comment length %u
+# check that record contain at least comment type (1 byte), comment class (1 byte), checksum (1 byte)
+# probably always true
+>>>&0		uleshort	>2
+# comment type: 80h~NP~no purge bit 40h~NL~no list bit
+#>>>>&0		ubyte		!0		Type %#x
+>>>>&0		ubyte		&0x80		Preserved
+# no example
+>>>>&0		ubyte		&0x40		NoList
+# comment class like: 0~Translator A0~OMF extensions A3~LIBMOD A1~New OMF extensions AA~UNKNOWN
+>>>>&1		ubyte		x		class=%#x
+# check that comment record contains at least real content
+>>>>&-2		uleshort	>3
+# Translator comment record (0); it may name the source language or translator
+>>>>>&1		ubyte		=0		Translator
+#>>>>>>&0		ubyte	x		Translator length %u
+# like: "TC86 Borland Turbo C 2.01 " (GEMS.LIB) "TC86 Borland Turbo C++ 3.00" (CATDB.LIB)
+>>>>>>&0		pstring	x		"%s"
+# OMF extensions comment record (A0); first byte of commentary string identifies subtype
+>>>>>&1		ubyte		=0xA0		OMF extensions
+# A0 subtype like: 1~IMPDEF
+>>>>>>&0		ubyte	!1		subtype %#x
+# Import Definition Record (Comment Class A0, Subtype 01~IMPDEF)
+>>>>>>&0		ubyte	1		IMPDEF
+# ordinal flag; determines form of Entry Ident field. If nonzero (seems to be 1) Entry is ordinal
+>>>>>>>&0		ubyte	!0		ordinal
+# like: IMPORT.LIB DOSCALLS.LIB mlibw.lib mwinlibc.lib REXX.LIB
+>>>>>>>>&-1		ubyte	>1		%u
+# Internal Name in count, char string format; module name for the imported symbol
+# like: 7 "REXXSAA" 9 11 13 14 15 16 20 21 26 "_Z10_clip_linePdS_S_S_dddd"
+#>>>>>>>&1		ubyte	x		internal name length %u
+# internal module name like: _DllGetVersion DllGetVersion BezierTerminationTest Copyright
+>>>>>>>&1		pstring	x		%s
+# module name in count, char string format; DLL name that supplies a matching export symbol
+# like: jpeg62.dll (jpeg-bcc.lib) unrar3.dll (unrar-bcc.lib) REXX (REXX.LIB)
+>>>>>>>>&0		pstring	x		exported by %s
+# Entry Ident; 16-bit if ordinal flag != 0 or imported name in count, char string format if ordinal flag = 0 
+# like: \0 (calc-bcc.lib) DllGetVersion (libtiff-bcc.lib) UTF8ToHtml (libxml2-bcc.lib) xslAddCall (libxslt-bcc.lib)
+#>>>>>>>>>&0		pstring	>\0		entry ident %s
+# "New OMF" extensions comment (A1); indicate version of symbolic debug information
+# like: LIBFL.LIB
+>>>>>&1		ubyte		=0xA1		New OMF extensions
+# symbolic debug information version n
+>>>>>>&0		ubyte	x		n=%u
+# symbolic debug information style like: HL~IBM PM Debugger style (LIBFL.LIB) DX~AIX style CV~Microsoft symbol and type style
+>>>>>>>&0		string	HL		IBM style
+>>>>>>>&0		string	DX		AIX style
+>>>>>>>&0		string	CV		Microsoft style
+# LIBMOD comment record (A3) used only by the librarian
+# Microsoft extension added for LIB version 3.07 in macro assembler (MASM 5.0)
+>>>>>&1		ubyte		=0xA3		LIBMOD
+# The A3 LIBMOD record contains only the ASCII string of the module name in count char format
+#>>>>>>&0		ubyte	x		LIBMOD length %u
+# LIBMOD comment record module name without path and extension like:
+# qb4util (QB4UTIL.LIB) affaldiv (libh.lib) crt0 (slibc.lib) clipper (DDDRAWS.LIB) dinpdev (DINPUTS.LIB) UUID (UUID.LIB)
+>>>>>>&0		pstring	x		%s
+# GRR: WHAT iS THAT? AA foo comment record
+#>>>>>&1		ubyte		=0xAA		AA-comment
+# like: OS220
+#>>>>>>&0		string	x		what=%-5.5s
+#
+
+#.pch
+0	string	DTJPCH0\000\022\103\006\200	Microsoft Visual C .pch
+
+# Summary: Symbol Table / Debug info used by Microsoft compilers
+# URL: https://en.wikipedia.org/wiki/Program_database
+# Reference: https://code.google.com/p/pdbparser/wiki/MSF_Format
+# Update: Joerg Jenderek
+# Note:	test only for Windows XP+SP3 x86 , 8.1 x64 arm and 10.1 x86
+#	info does only applies partly for older files like msvbvm50.pdb about year 2001
+0	string	Microsoft\ C/C++\040
+# "Microsoft Program DataBase" by TrID
+>24	search/14	\r\n\x1A	MSVC program database
+!:mime	application/x-ms-pdb
+!:ext	pdb
+# "MSF 7.00" "program database 2.00" for msvbvm50.pdb
+>>16	regex	\([0-9.]+\)	ver %s
+#>>>0x38	search/128123456	/LinkInfo	\b with linkinfo
+# "MSF 7.00" variant
+>>0x1e	leshort	0
+# PageSize 400h 1000h
+>>>0x20	lelong	x	\b, %d
+# Page Count
+>>>0x28	lelong	x	\b*%d bytes
+# "program database 2.00"  variant
+>>0x1e	leshort	!0
+# PageSize 400h
+>>>0x2c	lelong	x	\b, %d
+# Page Count for msoo-dll.pdb 4379h
+>>>0x32	leshort	x	\b*%d bytes
+
+# Reference: https://github.com/Microsoft/vstest/pull/856/commits/fdc7a9f074ca5a8dfeec83b1be9162bf0cf4000d
+0       string/c bsjb\001\000\001\000\000\000\000\000\f\000\000\000pdb\ v1.0     Microsoft Roslyn C# debugging symbols version 1.0
+
+#.sbr
+0	string	\000\002\000\007\000	MSVC .sbr
+>5	string 	>\0	%s
+
+#.bsc
+0	string	\002\000\002\001	MSVC .bsc
+
+#.wsp
+0	string	1.00\ .0000.0000\000\003	MSVC .wsp version 1.0000.0000
+# these seem to start with the version and contain menus
diff --git a/magic/Magdir/msx b/magic/Magdir/msx
new file mode 100644
index 0000000..60e1656
--- /dev/null
+++ b/magic/Magdir/msx
@@ -0,0 +1,309 @@
+
+#------------------------------------------------------------------------------
+# msx:  file(1) magic for the MSX Home Computer
+# v1.3
+# Fabio R. Schmidlin <sd-snatcher@users.sourceforge.net>
+
+############## MSX Music file formats ##############
+
+# Gigamix MGSDRV music file
+0	string/b		MGS	MSX Gigamix MGSDRV3 music file,
+>6	ubeshort	0x0D0A
+>>3	byte		x	\bv%c
+>>4	byte		x	\b.%c
+>>5	byte		x	\b%c
+>>8	string		>\0	\b, title: %s
+
+1	string/b		mgs2\ 	MSX Gigamix MGSDRV2 music file
+>6	uleshort	0x80
+>>0x2E	uleshort	0
+>>>0x30	string		>\0	\b, title: %s
+
+# KSS music file
+0	string/b		KSCC	KSS music file v1.03
+>0xE	byte		0
+>>0xF	byte&0x02	0	\b, soundchips: AY-3-8910, SCC(+)
+>>0xF	byte&0x02	2	\b, soundchip(s): SN76489
+>>>0xF	byte&0x04	4	stereo
+>>0xF	byte&0x01	1	\b, YM2413
+>>0xF	byte&0x08	8	\b, Y8950
+
+0	string/b		KSSX	KSS music file v1.20
+>0xE	byte&0xEF	0
+>>0xF	byte&0x40	0x00	\b, 60Hz
+>>0xF	byte&0x40	0x40	\b, 50Hz
+>>0xF	byte&0x02	0	\b, soundchips: AY-3-8910, SCC(+)
+>>0xF	byte&0x02	0x02	\b, soundchips: SN76489
+>>>0xF	byte&0x04	0x04	stereo
+>>0xF	byte&0x01	0x01	\b,
+>>>0xF	byte&0x18	0x00	\bYM2413
+>>>0xF	byte&0x18	0x08	\bYM2413, Y8950
+>>>0xF	byte&0x18	0x18	\bYM2413+Y8950 pseudostereo
+>>0xF	byte&0x18	0x10	\b, Majyutsushi DAC
+
+# Moonblaster for Moonsound
+0	string/b		MBMS
+>4	byte		0x10	MSX Moonblaster for MoonSound music
+
+# Music Player K-kaz
+0	string/b		MPK	MSX Music Player K-kaz song
+>6	ubeshort	0x0D0A
+>>3	byte		x	v%c
+>>4	byte		x	\b.%c
+>>5	byte		x	\b%c
+
+# I don't know why these don't work
+#0	search/0xFFFF	\r\n.FM9
+#>0	search/0xFFFF	\r\n#FORMAT	MSX Music Player K-kaz source MML file
+#0	search/0xFFFF	\r\nFM1\ \=
+#>0	search/0xFFFF	\r\nPSG1\=
+#>>0	search/0xFFFF	\r\nSCC1\=		MSX MuSiCa MML source file
+
+# OPX Music file
+0x35	beshort		0x0d0a
+>0x7B	beshort		0x0d0a
+>>0x7D	byte		0x1a
+>>>0x87	uleshort	0		MSX OPX Music file
+>>>>0x86	byte		0		v1.5
+>>>>>0	string		>\32		\b, title: %s
+>>>>0x86	byte		1		v2.4
+>>>>>0	string		>\32		\b, title: %s
+
+# SCMD music file
+0x8B	string/b		SCMD
+>0xCE	uleshort	0	MSX SCMD Music file
+#>>-2	uleshort	0x6a71	; The file must end with this value. How to code this here?
+>>0x8F	string		>\0		\b, title: %s
+
+0	search/0xFFFF	\r\n@title
+>&0	search/0xFFFF	\r\n@m=[	MSX SCMD source MML file
+
+
+############## MSX image file formats ##############
+
+# MSX raw VRAM dump
+0	ubyte		0xFE
+>1	uleshort	0
+>>5	uleshort	0
+>>>3	uleshort	0x37FF		MSX SC2/GRP raw image
+>>>3	uleshort	0x6A00		MSX Graph Saurus SR5 raw image
+>>>3	uleshort	>0x769E
+>>>>3	uleshort	<0x8000		MSX GE5/GE6 raw image
+>>>>>3	uleshort	0x7FFF		\b, with sprite patterns
+>>>3	uleshort	0xD3FF		MSX screen 7-12 raw image
+>>>3	uleshort	0xD400		MSX Graph Saurus SR7/SR8/SRS raw image
+
+# Graph Saurus compressed images
+0	ubyte		0xFD
+>1	uleshort	0
+>>5	uleshort	0
+>>>3	uleshort	>0x013D		MSX Graph Saurus compressed image
+
+# MSX G9B image file
+0	string/b		G9B
+>1	uleshort	11
+>>3	uleshort	>10
+>>>5	ubyte		>0		MSX G9B image, depth=%d
+>>>>8	uleshort	x		\b, %dx
+>>>>10	uleshort	x		\b%d
+>>>>5	ubyte		<9
+>>>>>6	ubyte		0
+>>>>>>7	ubyte		x		\b, codec=%d RGB color palettes
+>>>>>6	ubyte		64		\b, codec=RGB fixed color
+>>>>>6	ubyte		128		\b, codec=YJK
+>>>>>6	ubyte		192		\b, codec=YUV
+>>>>5	ubyte		>8		codec=RGB fixed color
+>>>>12	ubyte		0		\b, raw
+>>>>12	ubyte		1		\b, bitbuster compression
+
+############## Other MSX file formats ##############
+
+# MSX internal ROMs
+0		ubeshort	0xF3C3
+>2		uleshort	<0x4000
+>>8		ubyte		0xC3
+>>>9		uleshort	<0x4000
+>>>>0x0B	ubeshort	0x00C3
+>>>>>0x0D	uleshort	<0x4000
+>>>>>>0x0F	ubeshort	0x00C3
+>>>>>>>0x11	uleshort	<0x4000
+>>>>>>>>0x13	ubeshort	0x00C3
+>>>>>>>>>0x15	uleshort	<0x4000
+>>>>>>>>>>0x50	ubyte		0xC3
+>>>>>>>>>>>0x51	uleshort	<0x4000
+>>>>>>>>>>>>(9.s)	ubyte	0xC3
+>>>>>>>>>>>>>&0	uleshort	>0x4000
+>>>>>>>>>>>>>>&0	ubyte	0xC3		MSX BIOS+BASIC
+>>>>>>>>>>>>>>>0x002D	ubyte+1	<3		\b. version=MSX%d
+>>>>>>>>>>>>>>>0x002D	ubyte	2		\b, version=MSX2+
+>>>>>>>>>>>>>>>0x002D	ubyte	3		\b, version=MSX Turbo-R
+>>>>>>>>>>>>>>>0x002D	ubyte	>3		\b, version=Unknown MSX %d version
+>>>>>>>>>>>>>>>0x0006	ubyte	x		\b, VDP.DR=%#2x
+>>>>>>>>>>>>>>>0x0007	ubyte	x		\b, VDP.DW=%#2x
+>>>>>>>>>>>>>>>0x002B	ubyte&0xF	0		\b, charset=Japanese
+>>>>>>>>>>>>>>>0x002B	ubyte&0xF	1		\b, charset=International
+>>>>>>>>>>>>>>>0x002B	ubyte&0xF	2		\b, charset=Korean
+>>>>>>>>>>>>>>>0x002B	ubyte&0xF	>2		\b, charset=Unknown id:%d
+>>>>>>>>>>>>>>>0x002B	ubyte&0x70	0x00		\b, date format=Y-M-D
+>>>>>>>>>>>>>>>0x002B	ubyte&0x70	0x10		\b, date format=M-D-Y
+>>>>>>>>>>>>>>>0x002B	ubyte&0x70	0x20		\b, date format=D-M-Y
+>>>>>>>>>>>>>>>0x002B	ubyte&0x80	0x00		\b, vfreq=60Hz
+>>>>>>>>>>>>>>>0x002B	ubyte&0x80	0x80		\b, vfreq=50Hz
+>>>>>>>>>>>>>>>0x002C	ubyte&0x0F	0		\b, keyboard=Japanese
+>>>>>>>>>>>>>>>0x002C	ubyte&0x0F	1		\b, keyboard=International
+>>>>>>>>>>>>>>>0x002C	ubyte&0x0F	2		\b, keyboard=French
+>>>>>>>>>>>>>>>0x002C	ubyte&0x0F	3		\b, keyboard=UK
+>>>>>>>>>>>>>>>0x002C	ubyte&0x0F	4		\b, keyboard=German
+>>>>>>>>>>>>>>>0x002C	ubyte&0x0F	5		\b, keyboard=Unknown id:%d
+>>>>>>>>>>>>>>>0x002C	ubyte&0x0F	6		\b, keyboard=Spanish
+>>>>>>>>>>>>>>>0x002C	ubyte&0x0F	>6		\b, keyboard=Unknown id:%d
+>>>>>>>>>>>>>>>0x002C	ubyte&0xF0	0x00		\b, basic=Japanese
+>>>>>>>>>>>>>>>0x002C	ubyte&0xF0	0x10		\b, basic=International
+>>>>>>>>>>>>>>>0x002C	ubyte&0xF0	>0x10		\b, basic=Unknown id:%d
+>>>>>>>>>>>>>>>0x002E	ubyte&1		1		\b, built-in MIDI
+
+
+0		string/b		CD
+>2		uleshort	>0x10
+>>2		uleshort	<0x4000
+>>>4		uleshort	<0x4000
+>>>>6		uleshort	<0x4000
+>>>>>8		ubyte		0xC3
+>>>>>>9		uleshort	<0x4000
+>>>>>>>0x10	ubyte		0xC3
+>>>>>>>>0x11	uleshort	<0x4000
+>>>>>>>>>0x14	ubyte		0xC3
+>>>>>>>>>>0x15	uleshort	<0x4000		MSX2/2+/TR SubROM
+
+0		string		\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+>0x5F0		ubequad		0x8282828244380000
+>>0x150		ubyte		0x38
+>>>0x170	string		\20\20\20
+>>>>0x1E32	string		())
+>>>>>0x2130	ubequad		0xA5A5594924231807
+>>>>>0x2138	ubequad		0x4A4A3424488830C0	MSX Kanji Font
+
+
+
+# MSX extension ROMs
+0	string/b		AB
+>2	uleshort	0x0010			MSX ROM
+>>2	uleshort	x			\b, init=%#4x
+>>4	uleshort	>0			\b, stahdl=%#4x
+>>6	uleshort	>0			\b, devhdl=%#4x
+>>8	uleshort	>0			\b, bas=%#4x
+>2	uleshort	0x4010			MSX ROM
+>>2	uleshort	x			\b, init=%#04x
+>>4	uleshort	>0			\b, stahdl=%#04x
+>>6	uleshort	>0			\b, devhdl=%#04x
+>>8	uleshort	>0			\b, bas=%#04x
+>2	uleshort	0x8010			MSX ROM
+>>2	uleshort	x			\b, init=%#04x
+>>4	uleshort	>0			\b, stahdl=%#04x
+>>6	uleshort	>0			\b, devhdl=%#04x
+>>8	uleshort	>0			\b, bas=%#04x
+0	string/b		AB\0\0
+>6	uleshort	0
+>>4	uleshort	>0x400F			MSX-BASIC extension ROM
+>>>4	uleshort	>0			\b, stahdl=%#04x
+>>>6	uleshort	>0			\b, devhdl=%#04x
+>>>0x1C		string		OPLL			\b, MSX-Music
+>>>>0x18	string		PAC2			\b (external)
+>>>>0x18	string		APRL			\b (internal)
+
+0	string/b		AB\0\0\0\0
+>6	uleshort	>0x400F			MSX device BIOS
+>>6	uleshort	>0			\b, devhdl=%#04x
+
+
+0	string/b		AB
+#>2	string		5JSuperLAYDOCK		MSX Super Laydock ROM
+#>3	string		@HYDLIDE3MSX		MSX Hydlide-3 ROM
+#>3	string		@3\x80IA862		Golvellius MSX1 ROM
+>2	uleshort	>15
+>>2	uleshort	<0xC000
+>>>8	string		\0\0\0\0\0\0\0\0
+>>>>(2.s&0x3FFF)	uleshort	>0		MSX ROM
+>>>>>0x10	string		YZ\0\0\0\0		Konami Game Master 2 MSX ROM
+>>>>>0x10	string		CD			\b, Konami RC-
+>>>>>>0x12	ubyte		x			\b%d
+>>>>>>0x13	ubyte/16	x			\b%d
+>>>>>>0x13	ubyte&0xF	x			\b%d
+>>>>>0x10	string		EF			\b, Konami RC-
+>>>>>>0x12	ubyte		x			\b%d
+>>>>>>0x13	ubyte/16	x			\b%d
+>>>>>>0x13	ubyte&0xF	x			\b%d
+>>>>>2	uleshort	x			\b, init=%#04x
+>>>>>4	uleshort	>0			\b, stahdl=%#04x
+>>>>>6	uleshort	>0			\b, devhdl=%#04x
+>>>>>8	uleshort	>0			\b, bas=%#04x
+>>>2	uleshort	0
+>>>>4	uleshort	0
+>>>>>6	uleshort	0
+>>>>>>8	uleshort	>0			MSX BASIC program in ROM, bas=%#04x
+
+0x4000	string/b		AB
+>0x4002	uleshort	>0x400F
+>>0x400A	string		\0\0\0\0\0\0	MSX ROM with nonstandard page order
+>>>0x4002	uleshort	x			\b, init=%#04x
+>>>0x4004	uleshort	>0			\b, stahdl=%#04x
+>>>0x4006	uleshort	>0			\b, devhdl=%#04x
+>>>0x4008	uleshort	>0			\b, bas=%#04x
+
+0x8000	string/b		AB
+>0x8002	uleshort	>0x400F
+>>0x800A	string		\0\0\0\0\0\0	MSX ROM with nonstandard page order
+>>>0x8002	uleshort	x			\b, init=%#04x
+>>>0x8004	uleshort	>0			\b, stahdl=%#04x
+>>>0x8006	uleshort	>0			\b, devhdl=%#04x
+>>>0x8008	uleshort	>0			\b, bas=%#04x
+
+
+0x3C000	string/b		AB
+>0x3C008	string		\0\0\0\0\0\0\0\0	MSX MegaROM with nonstandard page order
+>>0x3C002	uleshort	x			\b, init=%#04x
+>>0x3C004	uleshort	>0			\b, stahdl=%#04x
+>>0x3C006	uleshort	>0			\b, devhdl=%#04x
+>>0x3C008	uleshort	>0			\b, bas=%#04x
+
+# MSX BIN file
+#0	byte		0xFE
+#>1	uleshort	>0x8000
+#>>3	uleshort	>0x8004
+#>>>5	uleshort	>0x8000			MSX BIN file
+
+# MSX-BASIC file
+0	byte		0xFF
+>3	uleshort	0x000A
+>>1	uleshort	>0x8000			MSX-BASIC program
+
+# MSX .CAS file
+0	string/b	\x1F\xA6\xDE\xBA\xCC\x13\x7D\x74	MSX cassette archive
+
+# Mega-Assembler file
+0	byte		0xFE
+>1	uleshort	0x0001
+>>5	uleshort	0xffff
+>>>6	byte		0x0A		MSX Mega-Assembler source
+
+# Execrom Patchfile
+0	string		ExecROM\ patchfile\x1A	MSX ExecROM patchfile
+>0x12	ubyte/16	x		v%d
+>0x12	ubyte&0xF	x		\b.%d
+>0x13	ubyte		x		\b, contains %d patches
+
+# Konami's King's Valley-2 custom stage (ELG file)
+4	uleshort	0x0900
+>0xF	byte		1
+>>0x14	byte		0
+>>>0x1E	string		\040\040\040
+>>>>0x23	byte	1
+>>>>>0x25	byte	0
+>>>>>>0x15	string	>\x30
+>>>>>>>0x15	string	<\x5A		Konami King's Valley-2 custom stage, title: "%-8.8s"
+>>>>>>>>0x1D	byte	<32	\b, theme: %d
+
+# Metal Gear 1 savegame
+#0x4F	string	\x00\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF
+#>>0x60	string	\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF
+#>>>0x7B	string	\0x00\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\x00	Metal Gear 1 savegame
diff --git a/magic/Magdir/mup b/magic/Magdir/mup
new file mode 100644
index 0000000..05b9471
--- /dev/null
+++ b/magic/Magdir/mup
@@ -0,0 +1,24 @@
+
+# ------------------------------------------------------------------------
+# $File: mup,v 1.5 2017/03/17 21:35:28 christos Exp $
+# mup: file(1) magic for Mup (Music Publisher) input file.
+#
+# From: Abel Cheung <abel (@) oaka.org>
+#
+# NOTE: This header is mainly proposed in the Arkkra mailing list,
+# and is not a mandatory header because of old mup input file
+# compatibility. Noteedit also use mup format, but is not forcing
+# user to use any header as well.
+#
+0		search/1	//!Mup		Mup music publication program input text
+>6		string		-Arkkra		(Arkkra)
+>>13		string		-
+>>>16		string		.
+>>>>14		string		x		\b, need V%.4s
+>>>15		string		.
+>>>>14		string		x		\b, need V%.3s
+>6		string		-
+>>9		string		.
+>>>7		string		x		\b, need V%.4s
+>>8		string		.
+>>>7		string		x		\b, need V%.3s
diff --git a/magic/Magdir/music b/magic/Magdir/music
new file mode 100644
index 0000000..ad8da65
--- /dev/null
+++ b/magic/Magdir/music
@@ -0,0 +1,17 @@
+#------------------------------------------------------------------------------
+# $File: music,v 1.1 2011/11/25 03:28:17 christos Exp $
+# music:  file (1) magic for music formats
+
+# BWW format used by Bagpipe Music Writer Gold by Robert MacNeil Musicworks
+# and Bagpipe Writer by Doug Wickstrom
+#
+0	string		Bagpipe		Bagpipe
+>8	string		Reader		Reader
+>>15	string		>\0		(version %.3s)
+>8	string		Music\ Writer	Music Writer
+>>20	string		:
+>>>21	string		>\0		(version %.3s)
+>>21	string		Gold		Gold
+>>>25	string		:
+>>>>26	string		>\0		(version %.3s)
+
diff --git a/magic/Magdir/nasa b/magic/Magdir/nasa
new file mode 100644
index 0000000..de3545f
--- /dev/null
+++ b/magic/Magdir/nasa
@@ -0,0 +1,7 @@
+
+#------------------------------------------------------------------------------
+# nasa:	file(1) magic
+
+# From: Barry Carter <carter.barry@gmail.com>
+0	string	DAF/SPK				NASA SPICE file (binary format)
+0	string	DAFETF\ NAIF\ DAF\ ENCODED	NASA SPICE file (transfer format)
diff --git a/magic/Magdir/natinst b/magic/Magdir/natinst
new file mode 100644
index 0000000..7a55dde
--- /dev/null
+++ b/magic/Magdir/natinst
@@ -0,0 +1,24 @@
+
+#-----------------------------------------------------------------------------
+# $File: natinst,v 1.6 2014/06/03 19:17:27 christos Exp $
+# natinst:  file(1) magic for National Instruments Code Files
+
+#
+# From <egamez@fcfm.buap.mx> Enrique Gamez-Flores
+# version 1
+# Many formats still missing, we use, for the moment LabVIEW
+# We guess VXI format file. VISA, LabWindowsCVI, BridgeVIEW, etc, are missing
+#
+0       string          RSRC            National Instruments,
+# Check if it's a LabVIEW File
+>8      string          LV              LabVIEW File,
+# Check which kind of file it is
+>>10    string          SB              Code Resource File, data
+>>10    string          IN              Virtual Instrument Program, data
+>>10    string          AR              VI Library, data
+# This is for Menu Libraries
+>8      string          LMNULBVW        Portable File Names, data
+# This is for General Resources
+>8      string          rsc             Resources File, data
+# This is for VXI Package
+0       string          VMAP            National Instruments, VXI File, data
diff --git a/magic/Magdir/ncr b/magic/Magdir/ncr
new file mode 100644
index 0000000..21b09ab
--- /dev/null
+++ b/magic/Magdir/ncr
@@ -0,0 +1,49 @@
+
+#------------------------------------------------------------------------------
+# $File: ncr,v 1.8 2014/04/30 21:41:02 christos Exp $
+# ncr:  file(1) magic for NCR Tower objects
+#
+# contributed by
+# Michael R. Wayne  ***  TMC & Associates  ***  INTERNET: wayne@ford-vax.arpa
+# uucp: {philabs | pyramid} !fmsrl7!wayne   OR   wayne@fmsrl7.UUCP
+#
+0	beshort		000610	Tower/XP rel 2 object
+>12	   belong		>0	not stripped
+>20	   beshort		0407	executable
+>20	   beshort		0410	pure executable
+>22	   beshort		>0	- version %d
+0	beshort		000615	Tower/XP rel 2 object
+>12	   belong		>0	not stripped
+>20	   beshort		0407	executable
+>20	   beshort		0410	pure executable
+>22	   beshort		>0	- version %d
+0	beshort		000620	Tower/XP rel 3 object
+>12	   belong		>0	not stripped
+>20	   beshort		0407	executable
+>20	   beshort		0410	pure executable
+>22	   beshort		>0	- version %d
+0	beshort		000625	Tower/XP rel 3 object
+>12	   belong		>0	not stripped
+>20	   beshort		0407	executable
+>20	   beshort		0410	pure executable
+>22	   beshort		>0	- version %d
+0	beshort		000630	Tower32/600/400 68020 object
+>12	   belong		>0	not stripped
+>20	   beshort		0407	executable
+>20	   beshort		0410	pure executable
+>22	   beshort		>0	- version %d
+0	beshort		000640	Tower32/800 68020
+>18	   beshort		&020000	w/68881 object
+>18	   beshort		&040000	compatible object
+>18	   beshort		&060000	object
+>20	   beshort		0407	executable
+>20	   beshort		0413	pure executable
+>12	   belong		>0	not stripped
+>22	   beshort		>0	- version %d
+0	beshort		000645	Tower32/800 68010
+>18	   beshort		&040000	compatible object
+>18	   beshort		&060000 object
+>20	   beshort		0407	executable
+>20	   beshort		0413	pure executable
+>12	   belong		>0	not stripped
+>22	   beshort		>0	- version %d
diff --git a/magic/Magdir/netbsd b/magic/Magdir/netbsd
new file mode 100644
index 0000000..77e64f0
--- /dev/null
+++ b/magic/Magdir/netbsd
@@ -0,0 +1,251 @@
+
+#------------------------------------------------------------------------------
+# $File: netbsd,v 1.26 2019/01/01 03:11:23 christos Exp $
+# netbsd:  file(1) magic for NetBSD objects
+#
+# All new-style magic numbers are in network byte order.
+# The old-style magic numbers are indistinguishable from the same magic
+# numbers used in other systems, and are handled, for all those systems,
+# in aout.
+#
+
+0	name	netbsd-detail
+>20	lelong	x		@%#x
+>4	lelong	>0		\b+T=%d
+>8	lelong	>0		\b+D=%d
+>12	lelong	>0		\b+B=%d
+>16	lelong	>0		\b+S=%d
+>24	lelong	>0		\b+TR=%d
+>28	lelong	>0		\b+TD=%d
+
+0	name			netbsd-4096
+>0	byte			&0x80
+>>20	lelong			<4096		shared library
+>>20	lelong			=4096		dynamically linked executable
+>>20	lelong			>4096		dynamically linked executable
+>0	byte			^0x80		executable
+>16	lelong			>0		not stripped
+
+0	name			netbsd-8192
+>0	byte			&0x80
+>>20	lelong			<8192		shared library
+>>20	lelong			=8192		dynamically linked executable
+>>20	lelong			>8192		dynamically linked executable
+>0	byte			^0x80		executable
+>16	lelong			>0		not stripped
+>0	use			netbsd-detail
+
+0	name			netbsd-normal
+>0	byte			&0x80		dynamically linked executable
+>0	byte			^0x80
+>>0	byte			&0x40		position independent
+>>20	lelong			!0		executable
+>>20	lelong			=0		object file
+>16	lelong			>0		not stripped
+>0	use			netbsd-detail
+
+0	name			netbsd-pure
+>0	byte			&0x80		dynamically linked executable
+>0	byte			^0x80		executable
+>16	lelong			>0		not stripped
+>0	use			netbsd-detail
+
+0	name			netbsd-core
+>12	string			>\0		from '%s'
+>32	lelong			!0		(signal %d)
+
+0	belong&0377777777	041400413	a.out NetBSD/i386 demand paged
+>0	use			netbsd-4096
+
+0	belong&0377777777	041400410	a.out NetBSD/i386 pure
+>0	use			netbsd-pure
+
+0	belong&0377777777	041400407	a.out NetBSD/i386
+>0	use			netbsd-normal
+
+0	belong&0377777777	041400507	a.out NetBSD/i386 core
+>0	use			netbsd-core
+
+0	belong&0377777777	041600413	a.out NetBSD/m68k demand paged
+>0	use			\^netbsd-8192
+
+0	belong&0377777777	041600410	a.out NetBSD/m68k pure
+>0	use			\^netbsd-pure
+
+0	belong&0377777777	041600407	a.out NetBSD/m68k
+>0	use			\^netbsd-normal
+
+0	belong&0377777777	041600507	a.out NetBSD/m68k core
+>0	use			\^netbsd-core
+
+0	belong&0377777777	042000413	a.out NetBSD/m68k4k demand paged
+>0	use			\^netbsd-4096
+
+0	belong&0377777777	042000410	a.out NetBSD/m68k4k pure
+>0	use			\^netbsd-pure
+
+0	belong&0377777777	042000407	a.out NetBSD/m68k4k
+>0	use			\^netbsd-normal
+
+0	belong&0377777777	042000507	a.out NetBSD/m68k4k core
+>0	use			\^netbsd-core
+
+0	belong&0377777777	042200413	a.out NetBSD/ns32532 demand paged
+>0	use			netbsd-4096
+
+0	belong&0377777777	042200410	a.out NetBSD/ns32532 pure
+>0	use			netbsd-pure
+
+0	belong&0377777777	042200407	a.out NetBSD/ns32532
+>0	use			netbsd-normal
+
+0	belong&0377777777	042200507	a.out NetBSD/ns32532 core
+>0	use			netbsd-core
+
+0	belong&0377777777	045200507	a.out NetBSD/powerpc core
+>0	use			netbsd-core
+
+0	belong&0377777777	042400413	a.out NetBSD/SPARC demand paged
+>0	use			\^netbsd-8192
+
+0	belong&0377777777	042400410	a.out NetBSD/SPARC pure
+>0	use			\^netbsd-pure
+
+0	belong&0377777777	042400407	a.out NetBSD/SPARC
+>0	use			\^netbsd-normal
+
+0	belong&0377777777	042400507	a.out NetBSD/SPARC core
+>0	use			\^netbsd-core
+
+0	belong&0377777777	042600413	a.out NetBSD/pmax demand paged
+>0	use			netbsd-4096
+
+0	belong&0377777777	042600410	a.out NetBSD/pmax pure
+>0	use			\^netbsd-pure
+
+0	belong&0377777777	042600407	a.out NetBSD/pmax
+>0	use			netbsd-normal
+
+0	belong&0377777777	042600507	a.out NetBSD/pmax core
+>0	use			netbsd-core
+
+0	belong&0377777777	043000413	a.out NetBSD/vax 1k demand paged
+>0	use			netbsd-4096
+
+0	belong&0377777777	043000410	a.out NetBSD/vax 1k pure
+>0	use			netbsd-pure
+
+0	belong&0377777777	043000407	a.out NetBSD/vax 1k
+>0	use			netbsd-normal
+
+0	belong&0377777777	043000507	a.out NetBSD/vax 1k core
+>0	use			netbsd-core
+
+0	belong&0377777777	045400413	a.out NetBSD/vax 4k demand paged
+>0	use			netbsd-4096
+
+0	belong&0377777777	045400410	a.out NetBSD/vax 4k pure
+>0	use			netbsd-pure
+
+0	belong&0377777777	045400407	a.out NetBSD/vax 4k
+>0	use			netbsd-normal
+
+0	belong&0377777777	045400507	a.out NetBSD/vax 4k core
+>0	use			netbsd-core
+
+# NetBSD/alpha does not support (and has never supported) a.out objects,
+# so no rules are provided for them.  NetBSD/alpha ELF objects are
+# dealt with in "elf".
+0	lelong		0x00070185		ECOFF NetBSD/alpha binary
+>10	leshort		0x0001			not stripped
+>10	leshort		0x0000			stripped
+0	belong&0377777777	043200507	a.out NetBSD/alpha core
+>12	string			>\0		from '%s'
+>32	lelong			!0		(signal %d)
+
+0	belong&0377777777	043400413	a.out NetBSD/mips demand paged
+>0	use			\^netbsd-8192
+
+>16	belong			>0		not stripped
+0	belong&0377777777	043400410	a.out NetBSD/mips pure
+>0	use			netbsd-pure
+
+0	belong&0377777777	043400407	a.out NetBSD/mips
+>0	use			netbsd-normal
+
+0	belong&0377777777	043400507	a.out NetBSD/mips core
+>0	use			netbsd-core
+
+0	belong&0377777777	043600413	a.out NetBSD/arm32 demand paged
+>0	use			netbsd-4096
+
+0	belong&0377777777	043600410	a.out NetBSD/arm32 pure
+>0	use			netbsd-pure
+
+0	belong&0377777777	043600407	a.out NetBSD/arm32
+>0	use			netbsd-normal
+
+# NetBSD/arm26 has always used ELF objects, but it shares a core file
+# format with NetBSD/arm32.
+0	belong&0377777777	043600507	a.out NetBSD/arm core
+>0	use			netbsd-core
+
+# Kernel core dump format
+0	belong&0x0000ffff 0x00008fca	NetBSD kernel core file
+>0	belong&0x03ff0000 0x00000000	\b, Unknown
+>0	belong&0x03ff0000 0x00010000	\b, sun 68010/68020
+>0	belong&0x03ff0000 0x00020000	\b, sun 68020
+>0	belong&0x03ff0000 0x00640000	\b, 386 PC
+>0	belong&0x03ff0000 0x00860000	\b, i386 BSD
+>0	belong&0x03ff0000 0x00870000	\b, m68k BSD (8K pages)
+>0	belong&0x03ff0000 0x00880000	\b, m68k BSD (4K pages)
+>0	belong&0x03ff0000 0x00890000	\b, ns32532 BSD
+>0	belong&0x03ff0000 0x008a0000	\b, SPARC/32 BSD
+>0	belong&0x03ff0000 0x008b0000	\b, pmax BSD
+>0	belong&0x03ff0000 0x008c0000	\b, vax BSD (1K pages)
+>0	belong&0x03ff0000 0x008d0000	\b, alpha BSD
+>0	belong&0x03ff0000 0x008e0000	\b, mips BSD (Big Endian)
+>0	belong&0x03ff0000 0x008f0000	\b, arm6 BSD
+>0	belong&0x03ff0000 0x00900000	\b, m68k BSD (2K pages)
+>0	belong&0x03ff0000 0x00910000	\b, sh3 BSD
+>0	belong&0x03ff0000 0x00950000	\b, ppc BSD (Big Endian)
+>0	belong&0x03ff0000 0x00960000	\b, vax BSD (4K pages)
+>0	belong&0x03ff0000 0x00970000	\b, mips1 BSD
+>0	belong&0x03ff0000 0x00980000	\b, mips2 BSD
+>0	belong&0x03ff0000 0x00990000	\b, m88k BSD
+>0	belong&0x03ff0000 0x00920000	\b, parisc BSD
+>0	belong&0x03ff0000 0x009b0000	\b, sh5/64 BSD
+>0	belong&0x03ff0000 0x009c0000	\b, SPARC/64 BSD
+>0	belong&0x03ff0000 0x009d0000	\b, amd64 BSD
+>0	belong&0x03ff0000 0x009e0000	\b, sh5/32 BSD
+>0	belong&0x03ff0000 0x009f0000	\b, ia64 BSD
+>0	belong&0x03ff0000 0x00b70000	\b, aarch64 BSD
+>0	belong&0x03ff0000 0x00b80000	\b, or1k BSD
+>0	belong&0x03ff0000 0x00b90000	\b, Risk-V BSD
+>0	belong&0x03ff0000 0x00c80000	\b, hp200 BSD
+>0	belong&0x03ff0000 0x012c0000	\b, hp300 BSD
+>0	belong&0x03ff0000 0x020b0000	\b, hp800 HP-UX
+>0	belong&0x03ff0000 0x020c0000	\b, hp200/hp300 HP-UX
+>0	belong&0xfc000000 0x04000000	\b, CPU
+>0	belong&0xfc000000 0x08000000	\b, DATA
+>0	belong&0xfc000000 0x10000000	\b, STACK
+>4	leshort	x			\b, (headersize = %d
+>6	leshort	x			\b, segmentsize = %d
+>8	lelong	x			\b, segments = %d)
+
+# little endian only for now.
+0	name		ktrace
+>4	leshort		7
+>>6	leshort		<3		NetBSD ktrace file version %d
+>>>12	string		x		from %s
+>>>56	string		x		\b, emulation %s
+>>>8	lelong		<65536		\b, pid=%d
+
+56	string		netbsd
+>0	use		ktrace
+56	string		linux
+>0	use		ktrace
+56	string		sunos
+>0	use		ktrace
+56	string		hpux
+>0	use		ktrace
diff --git a/magic/Magdir/netscape b/magic/Magdir/netscape
new file mode 100644
index 0000000..0e1ca61
--- /dev/null
+++ b/magic/Magdir/netscape
@@ -0,0 +1,26 @@
+
+#------------------------------------------------------------------------------
+# $File: netscape,v 1.8 2017/03/17 21:35:28 christos Exp $
+# netscape:  file(1) magic for Netscape files
+# "H. Nanosecond" <aldomel@ix.netcom.com>
+# version 3 and 4 I think
+#
+
+# Netscape Address book  .nab
+0	string \000\017\102\104\000\000\000\000\000\000\001\000\000\000\000\002\000\000\000\002\000\000\004\000 Netscape Address book
+
+# Netscape Communicator address book
+0   string   \000\017\102\111 Netscape Communicator address book
+
+# .snm Caches
+0	string		#\ Netscape\ folder\ cache	Netscape folder cache
+0	string	\000\036\204\220\000	Netscape folder cache
+# .n2p
+# Net 2 Phone
+#0	string	123\130\071\066\061\071\071\071\060\070\061\060\061\063\060
+0	string	SX961999	Net2phone
+
+#
+#This is files ending in .art, FIXME add more rules
+0	string	JG\004\016\0\0\0\0	AOL ART image
+0	string	JG\003\016\0\0\0\0	AOL ART image
diff --git a/magic/Magdir/netware b/magic/Magdir/netware
new file mode 100644
index 0000000..089a243
--- /dev/null
+++ b/magic/Magdir/netware
@@ -0,0 +1,11 @@
+
+#------------------------------------------------------------------------------
+# $File: netware,v 1.5 2020/09/04 16:30:51 christos Exp $
+# netware:  file(1) magic for NetWare Loadable Modules (NLMs)
+# From: Mads Martin Joergensen <mmj@suse.de>
+# URL:		https://en.wikipedia.org/wiki/NetWare_Loadable_Module
+
+0	string	NetWare\ Loadable\ Module	NetWare Loadable Module
+#!:mime	application/octet-stream
+!:ext	nlm
+
diff --git a/magic/Magdir/news b/magic/Magdir/news
new file mode 100644
index 0000000..eea8aed
--- /dev/null
+++ b/magic/Magdir/news
@@ -0,0 +1,13 @@
+
+#------------------------------------------------------------------------------
+# $File: news,v 1.6 2009/09/19 16:28:11 christos Exp $
+# news:  file(1) magic for SunOS NeWS fonts (not "news" as in "netnews")
+#
+0	string		StartFontMetrics	ASCII font metrics
+0	string		StartFont	ASCII font bits
+0	belong		0x137A2944	NeWS bitmap font
+0	belong		0x137A2947	NeWS font family
+0	belong		0x137A2950	scalable OpenFont binary
+0	belong		0x137A2951	encrypted scalable OpenFont binary
+8	belong		0x137A2B45	X11/NeWS bitmap font
+8	belong		0x137A2B48	X11/NeWS font family
diff --git a/magic/Magdir/nifty b/magic/Magdir/nifty
new file mode 100644
index 0000000..151d869
--- /dev/null
+++ b/magic/Magdir/nifty
@@ -0,0 +1,202 @@
+
+#------------------------------------------------------------------------------
+# $File: nifty,v 1.1 2022/02/14 16:51:15 christos Exp $
+# file(1) magic for the NIfTI file format
+
+# Type: NIfTI, Neuroimaging file format
+# URL:  https://nifti.nimh.nih.gov/
+# From: Yann Leprince <yann.leprince@cea.fr>, 2022
+
+344	string		n+1\0		NIfTI-1 neuroimaging data,
+!:mime	image/x.nifti
+!:ext	nii
+>0	use		nifti1
+344	string		ni1\0		NIfTI-1 neuroimaging data header,
+!:mime	image/x.nifti
+!:ext	hdr
+>0	use		nifti1
+
+4	string		n+2\0\r\n\032\n	NIfTI-2 neuroimaging data,
+!:mime	image/x.nifti
+!:ext	nii
+>0	use		nifti2
+4	string		ni2\0\r\n\032\n	NIfTI-2 neuroimaging data header,
+!:mime	image/x.nifti
+!:ext	hdr
+>0	use		nifti2
+
+# Main subroutine for NIfTI-1
+0	name		nifti1
+>0	clear		x
+>0	lelong		=348		little endian
+>>70	use		nifti-datatype-le
+>>112	lefloat	!0		with scaling
+>>0	use		nifti1-dim-le
+>>252	leshort	>0		\b, with qform
+>>>252	use		xform-code-nifti1-le
+>>254	leshort	>0		\b, with sform
+>>>254	use		xform-code-nifti1-le
+>>136	string		>\0		\b, description: %s
+>0	belong		=348		big endian
+>>70	use		\^nifti-datatype-le
+>>112	befloat	!0		with scaling
+>>0	use		\^nifti1-dim-le
+>>252	beshort	>0		\b, with qform
+>>>252	use		\^xform-code-nifti1-le
+>>254	beshort	>0		\b, with sform
+>>>254	use		\^xform-code-nifti1-le
+>>136	string		>\0		\b, description: %s
+>0	default	x
+>>0	long		x		invalid sizeof_hdr=%d
+
+# Main subroutine for NIfTI-2
+0	name		nifti2
+>0	clear		x
+>0	lelong		=540		little endian
+>>12	use		nifti-datatype-le
+>>176	lefloat	!0		with scaling
+>>0	use		nifti2-dim-le
+>>344	lelong		>0		\b, with qform
+>>>344	use		xform-code-nifti2-le
+>>348	lelong		>0		\b, with sform
+>>>348	use		xform-code-nifti2-le
+>>240	string		>\0		\b, description: %s
+>0	belong		=540		big endian
+>>12	use		\^nifti-datatype-le
+>>176	befloat	!0		with scaling
+>>0	use		\^nifti2-dim-le
+>>344	lelong		>0		\b, with qform
+>>>344	use		\^xform-code-nifti2-le
+>>348	lelong		>0		\b, with sform
+>>>348	use		\^xform-code-nifti2-le
+>>240	string		>\0		\b, description: %s
+>0	default	x
+>>0	long		x		invalid sizeof_hdr=%d
+
+
+# Other subroutines for details of NIfTI files
+
+0	name		nifti-datatype-le
+>0	clear		x
+>0	leshort	=1		\b, binary datatype
+>0	leshort	=2		\b, uint8 datatype
+>0	leshort	=4		\b, int16 datatype
+>0	leshort	=8		\b, int32 datatype
+>0	leshort	=16		\b, float32 datatype
+>0	leshort	=32		\b, complex64 datatype
+>0	leshort	=64		\b, float64 datatype
+>0	leshort	=128		\b, RGB24 datatype
+>0	leshort	=256		\b, int8 datatype
+>0	leshort	=512		\b, uint16 datatype
+>0	leshort	=768		\b, uint32 datatype
+>0	leshort	=1024		\b, int64 datatype
+>0	leshort	=1280		\b, uint64 datatype
+>0	leshort	=1536		\b, float128 datatype
+>0	leshort	=1792		\b, complex128 datatype
+>0	leshort	=2048		\b, complex256 datatype
+>0	leshort	=2304		\b, RGBA32 datatype
+>0	default	x
+>>0	leshort	x		\b, unknown datatype 0x%x
+>>2	leshort	x		(%d bits/pixel)
+
+0	name		nifti1-dim-le
+>0	clear		x
+>40	leshort	<0		\b, INVALID dim[0]=%d
+>40	leshort	>7		\b, INVALID dim[0]=%d
+>0	default	x
+>>40	leshort	x		\b, %d-dimensional (size
+>>42	leshort	x		%d
+>>40	leshort	>1
+>>>44	leshort	x		\bx%d
+>>40	leshort	>2
+>>>46	leshort	x		\bx%d
+>>40	leshort	>3
+>>>48	leshort	x		\bx%d
+>>40	leshort	>4
+>>>50	leshort	x		\bx%d
+>>40	leshort	>5
+>>>52	leshort	x		\bx%d
+>>40	leshort	>6
+>>>54	leshort	x		\bx%d
+>>80	lefloat	x		\b, voxel size %f
+>>40	leshort	>1
+>>>84	lefloat	x		x %f
+>>40	leshort	>2
+>>>88	lefloat	x		x %f
+>>123	use		nifti1-xyz-unit
+>>40	leshort	>3
+>>>92	lefloat	x		x %f
+>>>123	use		nifti1-t-unit
+>>40	leshort	x		\b)
+
+0	name		nifti2-dim-le
+>0	clear		x
+>16	lequad		<0		\b, INVALID dim[0]=%lld
+>16	lequad		>7		\b, INVALID dim[0]=%lld
+>0	default	x
+>>16	lequad		x		\b, %lld-dimensional (size
+>>24	lequad		x		%lld
+>>16	lequad		>1
+>>>32	lequad		x		\bx%lld
+>>16	lequad		>2
+>>>40	lequad		x		\bx%lld
+>>16	lequad		>3
+>>>48	lequad		x		\bx%lld
+>>16	lequad		>4
+>>>56	lequad		x		\bx%lld
+>>16	lequad		>5
+>>>64	lequad		x		\bx%lld
+>>16	lequad		>6
+>>>72	lequad		x		\bx%lld,
+>>112	ledouble	x		\b, voxel size %f
+>>16	lequad		>1
+>>>120	ledouble	x		x %f
+>>16	lequad		>2
+>>>128	ledouble	x		x %f
+>>500	use		nifti2-xyz-unit
+>>16	lequad		>3
+>>>136	ledouble	x		x %f
+>>>500	use		nifti2-t-unit
+>>16	lequad		x		\b)
+
+0	name		xform-code-nifti1-le
+>0	leshort	=1		to scanner-based coordinates
+>0	leshort	=2		to aligned coordinates
+>0	leshort	=3		to Talairach coordinates
+>0	leshort	=4		to MNI152 coordinates
+>0	leshort	=5		to template coordinates
+
+0	name		xform-code-nifti2-le
+>0	lelong		=1		to scanner-based coordinates
+>0	lelong		=2		to aligned coordinates
+>0	lelong		=3		to Talairach coordinates
+>0	lelong		=4		to MNI152 coordinates
+>0	lelong		=5		to template coordinates
+
+0	name		nifti1-xyz-unit
+>0	byte		&0x01
+>>0	byte		^0x02		m
+>>0	byte		&0x02		micron
+>0	byte		^0x01
+>>0	byte		&0x02		mm
+
+0	name		nifti1-t-unit
+>0	byte		&0x08
+>>0	byte		^0x10		s
+>>0	byte		&0x10		ms
+>0	byte		^0x08
+>>0	byte		&0x10		microsecond
+
+0	name		nifti2-xyz-unit
+>0	lelong		&0x01
+>>0	lelong		^0x02		m
+>>0	lelong		&0x02		micron
+>0	lelong		^0x01
+>>0	lelong		&0x02		mm
+
+0	name		nifti2-t-unit
+>0	lelong		&0x08
+>>0	lelong		^0x10		s
+>>0	lelong		&0x10		ms
+>0	lelong		^0x08
+>>0	lelong		&0x10		microsecond
diff --git a/magic/Magdir/nim-lang b/magic/Magdir/nim-lang
new file mode 100644
index 0000000..bc2cf98
--- /dev/null
+++ b/magic/Magdir/nim-lang
@@ -0,0 +1,29 @@
+
+#------------------------------------------------------------------------------
+# $File: nim-lang,v 1.3 2021/07/06 12:34:06 christos Exp $
+# nim-lang:  file(1) magic for nim
+# URL:  https://nim-lang.org/
+
+0	search/8192	import
+>&0	search/64	os
+>>&0	use		nim1
+>&0	default		x
+>>&0	search/64	osproc
+>>>&0	use		nim1
+>>&0	default		x
+>>>&0	search/64	strutils
+>>>>&0	use		nim1
+
+0	name		nim1
+>&0	search/8192	proc
+>>&0	use		nim2
+>&0	default		x
+>>&0	search/8192	template
+>>>&0	use		nim2
+>>&0	default		x
+>>>&0	search/8192	let
+>>>>&0	use		nim2
+
+0	name		nim2
+>&0	search/8192	when	Nim source code
+!:ext	nim
diff --git a/magic/Magdir/nitpicker b/magic/Magdir/nitpicker
new file mode 100644
index 0000000..bea96c3
--- /dev/null
+++ b/magic/Magdir/nitpicker
@@ -0,0 +1,14 @@
+
+#------------------------------------------------------------------------------
+# $File: nitpicker,v 1.8 2019/04/19 00:42:27 christos Exp $
+# nitpicker:  file(1) magic for Flowfiles.
+# From: Christian Jachmann <C.Jachmann@gmx.net> https://www.nitpicker.de
+0	string	NPFF	NItpicker Flow File
+>4	byte	x	V%d.
+>5	byte	x	%d
+>6	bedate	x	started: %s
+>10	bedate	x	stopped: %s
+>14	belong	x	Bytes: %u
+>18	belong	x	Bytes1: %u
+>22	belong	x	Flows: %u
+>26	belong	x	Pkts: %u
diff --git a/magic/Magdir/numpy b/magic/Magdir/numpy
new file mode 100644
index 0000000..c1520dd
--- /dev/null
+++ b/magic/Magdir/numpy
@@ -0,0 +1,9 @@
+
+#------------------------------------------------------------------------------
+# $File: numpy,v 1.1 2019/05/09 16:24:36 christos Exp $
+# numpy: file(1) magic for NumPy array binary serialization format
+# Reference: https://docs.scipy.org/doc/numpy/reference/generated/numpy.lib.format.html
+0	string		\x93NUMPY	NumPy array,
+>6	ubyte		x		version %d
+>7	ubyte		x		\b.%d,
+>8	uleshort	x		header length %d
diff --git a/magic/Magdir/oasis b/magic/Magdir/oasis
new file mode 100644
index 0000000..45ad6d1
--- /dev/null
+++ b/magic/Magdir/oasis
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: oasis,v 1.2 2014/06/03 19:17:27 christos Exp $
+# OASIS
+# Summary: OASIS stream file
+# Long description: Open Artwork System Interchange Standard
+# File extension: .oas
+# Full name:	Ben Cowley (bcowley@broadcom.com)
+#		Philip Dixon (pdixon@broadcom.com)
+# Reference: http://www.wrcad.com/oasis/oasis-3626-042303-draft.pdf
+#		(see page 3)
+0	string	%SEMI-OASIS\r\n		OASIS Stream file
diff --git a/magic/Magdir/ocaml b/magic/Magdir/ocaml
new file mode 100644
index 0000000..3ec3100
--- /dev/null
+++ b/magic/Magdir/ocaml
@@ -0,0 +1,14 @@
+
+#------------------------------------------------------------------------------
+# $File: ocaml,v 1.5 2010/09/20 18:55:20 rrt Exp $
+# ocaml: file(1) magic for Objective Caml files.
+0	string	Caml1999	OCaml
+>8	string	X		exec file
+>8	string	I		interface file (.cmi)
+>8	string	O		object file (.cmo)
+>8	string	A		library file (.cma)
+>8	string	Y		native object file (.cmx)
+>8	string	Z		native library file (.cmxa)
+>8	string	M		abstract syntax tree implementation file
+>8	string	N		abstract syntax tree interface file
+>9	string	>\0		(Version %3.3s)
diff --git a/magic/Magdir/octave b/magic/Magdir/octave
new file mode 100644
index 0000000..49ea3e7
--- /dev/null
+++ b/magic/Magdir/octave
@@ -0,0 +1,6 @@
+
+#------------------------------------------------------------------------------
+# $File: octave,v 1.4 2009/09/19 16:28:11 christos Exp $
+# octave binary data file(1) magic, from Dirk Eddelbuettel <edd@debian.org>
+0	string		Octave-1-L	Octave binary data (little endian)
+0	string		Octave-1-B	Octave binary data (big endian)
diff --git a/magic/Magdir/ole2compounddocs b/magic/Magdir/ole2compounddocs
new file mode 100644
index 0000000..2c451a9
--- /dev/null
+++ b/magic/Magdir/ole2compounddocs
@@ -0,0 +1,760 @@
+
+#------------------------------------------------------------------------------
+# $File: ole2compounddocs,v 1.26 2023/05/15 16:46:12 christos Exp $
+# Microsoft OLE 2 Compound Documents : file(1) magic for Microsoft Structured
+# storage (https://en.wikipedia.org/wiki/Compound_File_Binary_Format)
+# Additional tests for OLE 2 Compound Documents should be under this recipe.
+# reference:	https://www.openoffice.org/sc/compdocfileformat.pdf
+
+0   string  \320\317\021\340\241\261\032\341
+# https://digital-preservation.github.io/droid/
+# skip droid skeleton like fmt-39-signature-id-128.doc by valid version
+>0x1A	ushort		!0xABAB		OLE 2 Compound Document
+#>0x1C	uleshort		x			\b, endnian %#4.4x
+# big endian not tested
+>>0x1C	ubeshort		=0xfffe			\b, big-endian
+>>>546	string	jbjb			: Microsoft Word Document
+!:mime	application/msword
+!:apple	MSWDWDBN
+!:ext	doc
+# Byte Order 0xFFFE means little-endian found in real world applications
+#>>0x1C	uleshort		=0xfffe			\b, little-endian
+>>0x1C	uleshort		=0xfffe
+# From:		Joerg Jenderek
+# Major Version 3 or 4
+>>>0x1A	uleshort		x			\b, v%u
+# Minor Version 32h=50 3Bh=59 3Eh=62
+>>>0x18	uleshort		x			\b.%u
+# SecID of first sector of the directory stream is often 1 but high like 3144h
+>>>48	ulelong			x			\b, SecID %#x
+# Sector Shift Exponent in short-stream container stream: 6~64 bytes
+>>>32	uleshort		!6			\b, exponent of short stream %u
+# total number of sectors used for the FAT
+>>>44	ulelong			>1			\b, %u FAT sectors
+# SecID of first sector of the short-sector allocation table (Mini FAT)
+# or -2 (End Of ChainSecID) if not extant
+>>>60	ulelong			!0xffFFffFE		\b, Mini FAT start sector %#x
+# total number of sectors used for the short-sector allocation table
+>>>64	ulelong			!1			\b, %u Mini FAT sector
+# plural s
+>>>>64	ulelong			>1			\bs
+# SecID of first sector of the master sector allocation table (DIFAT)
+# or -2 (End Of Chain SecID) if no additional sectors used
+>>>68	ulelong			!0xffFFffFE		\b, DIFAT start sector %#x
+# total number of sectors used for the master sector allocation table (DIFAT)
+>>>72	ulelong			>0			\b, %u DIFAT sectors
+# First part of the master sector allocation table (DIFAT) containing 109 SecIDs
+#>>>76 	ubequad			x			\b, DIFAT=%#16.16llx
+#>>>84 	ubequad			x			\b%16.16llx...
+# pointer to root entry only works with standard configuration for SecID ~< 800h
+# Red-Carpet-presentation-1.0-1.sdd sg10.sdv 2000_GA_Annual_Review_Data.xls
+# "ORLEN Factbook 2017.xls" XnView_metadata.doc
+# "Barham, Lisa - Die Shopping-Prinzessinnen.doc" then not recognized
+>>>48	ulelong			>0x800			too big for FILE_BYTES_MAX = 1 MiB
+# Sector Shift Exponent 9~512 for major version 3 or C~4096 for major version 4
+>>>0x1E	uleshort		0xc			\b, blocksize 4096
+# jump to one block (4096 bytes per block) before root storage block
+>>>>(48.l*4096)	ubyte	x
+>>>>>&4095 	use		ole2-directory
+#>>>0x1E	uleshort		9			\b, blocksize 512
+>>>0x1E	uleshort		9
+# jump to one block (512 bytes per block) before root storage block
+# in 5.37 only true for offset ~< FILE_BYTES_MAX=7 MiB defined in ../../src/file.h 
+>>>>(48.l*512)	ubyte		x
+>>>>>&511 	use		ole2-directory
+# check directory entry structure and display types by GUID
+0	name			ole2-directory
+# directory entry name like "Root Entry"
+#>0 	lestring16	x 			\b, 1st %.10s
+# type of the entry; 5~Root storage
+#>66 	ubyte		x			\b, type %x
+# node colour of the entry: 00H ~ Red 01H ~ Black
+#>67 	ubyte		x			\b, color %x
+# the DirIDs of the child nodes. Should both be -1 in the root storage entry
+#>68 	bequad		!0xffffffffffffffff	\b, DirIDs %llx
+# NEXT lines for DEBUGGING
+# second directory entry name like VisioDocument Control000 
+#>128	lestring16	x \b, 2nd %.20s
+# third directory entry like WordDocument
+#>256	lestring16	x \b, 3rd %.20s
+# forth
+#>384	lestring16	x \b, 4th %.10s
+# 5th
+#>512	lestring16	x \b, 5th %.10s
+# 6th
+#>640	lestring16	x \b, 6th %.10s
+# 7th
+#>768	lestring16	x \b, 7th %.10s
+#	https://wikileaks.org/ciav7p1/cms/page_13762814.html
+#	https://m.blog.naver.com/superman4u/40047693679
+#	https://misc.daniel-marschall.de/projects/guid_analysis/guid.txt
+#	https://toolslick.com/conversion/data/guid
+#>80 	ubequad		!0			\b, clsid %#16.16llx
+#>>88 	ubequad		x			\b%16.16llx
+# test for "Root Entry" inside directory by type 5 value
+>66 	ubyte		5
+# look for CLSID GUID 0
+>>88 	ubequad		0x0
+>>>80 	ubequad		0x0
+# - Microstation V8 DGN files (www.bentley.com)
+# URL:	https://en.wikipedia.org/wiki/MicroStation
+#   Last update on 10/23/2006 by Lester Hightower
+#   07/24/2019 by Joerg Jenderek
+# Second directory entry name like Dgn~H Dgn~S 
+>>>>128 	lestring16	Dgn~			: Microstation V8 CAD
+#!:mime	application/x-ole-storage
+!:mime	application/x-bentley-dgn
+# http://www.q-cad.com/files/samples_cad_files/1344468165.dgn
+!:ext	dgn
+#
+# URL:	http://fileformats.archiveteam.org/wiki/WordPerfect
+# Second directory entry name PerfectOffice_
+>>>>128 	lestring16	PerfectOffice_		: WordPerfect 7-X3 presentations Master, Document or Graphic
+!:mime	application/vnd.wordperfect
+# https://www.macdisk.com/macsigen.php "WPC2" for Wordperfect 2 *.wpd
+!:apple	????WPC7
+!:ext	mst/wpd/wpg
+#
+# URL:	http://fileformats.archiveteam.org/wiki/Microsoft_Works_Word_Processor
+# Second directory entry name MatOST_
+>>>>128 	lestring16	MatOST			: Microsoft Works 3.0 document
+!:mime	application/vnd.ms-works
+!:apple	????AWWP
+!:ext	wps
+#
+# URL:	http://fileformats.archiveteam.org/wiki/Microsoft_Works_Spreadsheet
+# 3rd directory entry name WksSSWorkBook
+>>>>256 	lestring16	WksSSWorkBook		: Microsoft Works 6-9 spreadsheet
+!:mime	application/vnd.ms-works
+!:apple	????AWSS
+!:ext	xlr
+#
+# URL:	http://fileformats.archiveteam.org/wiki/XLS
+# what is the difference to {00020820-0000-0000-c000-000000000046} ?
+# Second directory entry name Workbook
+>>>>128 	lestring16	Workbook
+>>>>>256 	lestring16	!WksSSWorkBook		: Microsoft Excel 97-2003 worksheet 0 clsid
+!:mime	application/vnd.ms-excel
+# https://www.macdisk.com/macsigen.php	XLS5 for Excel 5
+!:apple	????XLS9
+!:ext	xls
+#
+# URL:	http://fileformats.archiveteam.org/wiki/PPT
+# Second directory entry name Object1 Object12 Object35
+>>>>128 	lestring16	Object			: Microsoft PowerPoint 4 presentation
+!:mime	application/vnd.ms-powerpoint
+# https://www.macdisk.com/macsigen.php
+!:apple	????PPT3
+!:ext	ppt
+#
+# URL:	https://www.msoutlook.info/question/164
+# Second directory entry name __CollDataStm
+>>>>128 	lestring16	__CollDataStm		: Microsoft Outlook Send Receive Settings
+#!:mime	application/vnd.ms-outlook
+!:mime	application/x-ms-srs
+# %APPDATA%\Microsoft\Outlook\Outlook.srs
+!:ext	srs
+#
+# URL:	https://www.file-extensions.org/cag-file-extension
+# Second directory entry name Category
+>>>>128 	lestring16	Category		: Microsoft Clip Art Gallery
+#!:mime	application/x-ole-storage
+!:mime	application/x-ms-cag
+!:apple	MScgCGdb
+!:ext	cag/
+#
+# URL:	https://www.filesuffix.com/de/extension/rra
+# 3rd directory entry name StrIndex_StringTable
+>>>>256 	lestring16	StrIndex_StringTable	: Windows temporarily installer
+#!:mime	application/x-ole-storage
+!:mime	application/x-ms-rra
+!:ext	rra
+#
+# URL:	https://www.forensicswiki.org/wiki/Jump_Lists
+# 3rd directory entry name DestList	
+>>>>256 	lestring16	DestList		: Windows jump list
+#!:mime	application/x-ole-storage
+!:mime	application/x-ms-jumplist
+# %APPDATA%\Microsoft\Windows\Recent\AutomaticDestinations\*.automaticDestinations-ms
+!:ext	automaticDestinations-ms
+#
+# URL:	https://en.wikipedia.org/wiki/Windows_thumbnail_cache
+# Second directory entry name 256_
+>>>>128 	lestring16	256_			: Windows thumbnail database 256
+#!:mime	application/x-ole-storage
+!:mime	application/x-ms-thumbnail
+# Thumbs.db
+!:ext	db
+>>>>128 	lestring16	96_			: Windows thumbnail database 96
+!:mime	application/x-ms-thumbnail
+!:ext	db
+# 3rd directory entry name Catalog_
+>>>>256 	lestring16	Catalog			: Windows thumbnail database
+!:mime	application/x-ms-thumbnail
+!:ext	db
+#
+# URL:	https://support.microsoft.com/en-us/help/300887/how-to-use-system-information-msinfo32-command-line-tool-switches
+# Note:	older Microsoft Systeminfo (MSInfo Configuration File of msinfo32); newer use xml based
+# Second directory entry name Control000
+>>>>128 	lestring16	Control000		: Microsoft old Systeminfo
+#!:mime	application/x-ole-storage
+!:mime	application/x-ms-info
+!:ext	nfo
+#
+# From:		Joerg Jenderek
+# URL:		https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/a/arn-autoruns-v14.trid.xml
+# Note:		older versions til 13 about middle 2021 handled by ./windows
+#		called "Sysinternals Autoruns data (v14)" by TrID
+# second, third and fourth directory entry name like Header Items 0
+>>>>128 	lestring16	Header		: Microsoft sysinternals AutoRuns data, version 14
+#!:mime	application/x-ole-storage
+!:mime		application/x-ms-arn
+# like: MyHOSTNAME.arn
+!:ext		arn
+#
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Microsoft_Access
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/m/mdz.trid.xml
+#		http://fileformats.archiveteam.org/wiki/Microsoft_Compound_File
+# Note:		only version foo tested and called "Microsoft Access Wizard template" by TrID
+# Fourth directory entry name TemplateID
+>>>>384 	lestring16	TemplateID		: Microsoft Access wizard template
+# Second directory entry name like \005SummaryInformation and 3rd name like \005DocumentSummaryInformation
+#!:mime	application/x-ole-storage
+#!:mime	application/vnd.ms-office
+#!:mime	application/vnd.ms-access
+#!:mime	application/msaccess
+!:mime	application/x-ms-mdz
+# http://extension.nirsoft.net/mdz
+!:ext	mdz
+#
+# URL:	http://fileformats.archiveteam.org/wiki/Corel_Print_House
+# Second directory entry name Thumbnail
+>>>>128 	lestring16	Thumbnail		: Corel PrintHouse image
+#!:mime	application/x-ole-storage
+!:mime	application/x-corel-cph
+!:ext	cph
+# 3rd directory entry name Thumbnail
+>>>>256 	lestring16	Thumbnail		: Corel PrintHouse image
+!:mime	application/x-corel-cph
+!:ext	cph
+# URL:	http://fileformats.archiveteam.org/wiki/Corel_Gallery
+# Note:	format since Gallery 2; sometimes called Corel Multimedia Manager Album
+# third directory entry name _INFO_
+>>>>256 	lestring16	_INFO_			: Corel Gallery
+# second directory entry name _ITEM_ or _DATA_
+# later directory entry names: _ALBUM_ _THUMBNAIL_
+#!:mime	application/x-ole-storage
+!:mime	application/x-corel-gal
+!:ext	gal
+#
+# From:		Joerg Jenderek
+# URL:		https://archive.org/details/iPhoto-Plus-4
+#		https://filext.com/file-extension/TPL
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/t/tpl-ulead.trid.xml
+# Note:		found in Template sub directory in program directory of software iPhoto Plus version 4
+# second, third and fourth directory entry name like TplHeader TplMainImage TplPreview
+>>>>128 	lestring16	TplHeader		: Ulead iPhoto Template
+#!:mime	application/x-ole-storage
+!:mime	image/x-ulead-tpl
+# https://www.file-extensions.org/tpl-file-extension-ulead-photo-express-template
+!:ext	tpl
+#
+# URL:	https://en.wikipedia.org/wiki/Hangul_(word_processor)
+#       https://www.hancom.com/etc/hwpDownload.do
+# Note:	"HWP Document File" signature found in FileHeader
+# Hangul Word Processor WORDIAN, 2002 and later is using HWP 5.0 format.
+# Second directory entry name FileHeader hint for Thinkfree Office document
+>>>>128 	lestring16	FileHeader		: Hancom HWP (Hangul Word Processor) file, version 5.0
+#!:mime	application/haansofthwp
+!:mime	application/x-hwp
+# https://example-files.online-convert.com/document/hwp/example.hwp
+!:ext	hwp
+#
+# URL:	https://ask.libreoffice.org/en/question/26303/creating-new-themes-for-the-gallery-not-functioning/
+# Second directory entry name like dd2000 dd2001 dd2036 dd2060 dd2083
+>>>>128 	lestring16	dd2			: StarOffice Gallery view
+#!:mime	application/x-ole-storage
+!:mime	application/x-star-sdv
+!:ext	sdv
+# URL:	https://en.wikipedia.org/wiki/SoftMaker_Office
+# second directory entry name Current User
+>>>>128 	lestring16	Current\ User		: SoftMaker
+# third directory entry name SMNativeObjData
+>>>>>256	lestring16	SMNativeObjData		
+# 5th directory entry name PowerPoint
+>>>>>>512	lestring16	PowerPoint		PowerPoint presentation or template
+!:mime	application/vnd.ms-powerpoint
+!:ext	ppt/pps/pot
+# 4th directory entry name PowerPoint
+>>>>>384	lestring16	PowerPoint		Presentations or template
+# http://extension.nirsoft.net/prv
+!:mime	application/vnd.softmaker.presentations
+!:ext	prd/prv
+# third directory entry name like Current User
+>>>>256 	lestring16	Current\ User		: SoftMaker
+# 5th directory entry name PowerPoint
+>>>>>512	lestring16	PowerPoint		Presentations or template
+# http://extension.nirsoft.net/prd
+!:mime	application/vnd.softmaker.presentations
+!:ext	prd/prv
+# 2nd directory entry name Pictures
+>>>>>>128 	lestring16	Pictures		with pictures
+#
+# URL:		http://fileformats.archiveteam.org/wiki/PageMaker
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p
+#		pagemaker-generic.trid.xml
+#		pagemaker-pm6.trid.xml
+#		pagemaker-pm65.trid.xml
+#		pmd-pm7.trid.xml
+# From:		Joerg Jenderek
+# Note:		since version 6 embedd as stream with PageMaker name the "old" format handled by ./wordprocessors
+#		verified by Michal Mutl Structured Storage Viewer `SSView.exe brochus.pt6`
+# Second directory entry name PageMaker
+>>>>128 	lestring16	PageMaker		:
+# look for magic of "old" PageMaker like in 02TEMPLT.T65
+>>>>>0	search/0xa900/s	\0\0\0\0\0\0\xff\x99
+# GRR: jump to PageMaker stream and inspect it by sub routine PageMaker of ./wordprocessors failed with wrong version!
+#>>>>>>&0	use		PageMaker
+# THIS WORKS PARTLY!
+>>>>>>&0	indirect	x
+#	remaining null clsid
+>>>>128 	default		x
+>>>>>0 	use		ole2-unknown
+# look for CLSID where "second" part is 0
+>>>80 	ubequad		!0x0
+#
+# Summary:	Family Tree Maker
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Family_Tree_Maker
+#		https://en.wikipedia.org/wiki/Family_Tree_Maker
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/f/ftw.trid.xml
+# Note		called "Family Tree Maker Family Tree" by TrID and
+#		"FamilyTree Maker Database" with version "1-4" by DROID via PUID fmt/1352
+#		tested only with version 2.0
+#		verified by Michal Mutl Structured Storage Viewer `SSView.exe my.ftw`
+#		newer versions are SQLite based and handled by ./sql
+# directory names like: IND.DB AUX.DB GENERAL.DB NAME.NDX BIRTH.NDX EXTRA.DB
+>>>>80 	ubequad		0x5702000000000000	: Family Tree Maker Windows database, version 1-4
+# look for "File Format (C) Copyright 1993 Banner Blue Software Inc. - All Rights Reserved" in GENERAL.DB
+#>>>>>0	search/0x5460c/s	F\0i\0l\0e\0\040\0F\0o\0r\0m\0a\0t\0\040\0(\0C\0)\0	\b, VERSION
+# GRR: jump to version value like 2 does not work!
+#>>>>>>&-8	ubyte		x							%u
+#!:mime	application/x-ole-storage
+!:mime	application/x-fmt
+# FBK is used for backup of FTW
+!:ext	ftw/fbk
+#
+>>>>80 	default		x
+>>>>>0 	use		ole2-unknown
+#	look for known clsid GUID
+# - Visio documents
+# URL:	http://fileformats.archiveteam.org/wiki/Visio
+#   Last update on 10/23/2006 by Lester Hightower, 07/20/2019 by Joerg Jenderek
+>>88 	ubequad		0xc000000000000046
+>>>80 	ubequad		0x131a020000000000	: Microsoft Visio 2000-2002 Document, stencil or template
+!:mime	application/vnd.visio
+# VSD~Drawing VSS~Stencil VST~Template 
+!:ext	vsd/vss/vst
+>>>80 	ubequad		0x141a020000000000	: Microsoft Visio 2003-2010 Document, stencil or template
+!:mime	application/vnd.visio
+!:ext	vsd/vss/vst
+#
+# URL:	http://fileformats.archiveteam.org/wiki/Windows_Installer
+#	https://en.wikipedia.org/wiki/Windows_Installer#ICE_validation
+# Update: Joerg Jenderek
+# Windows Installer Package *.MSI or validation module *.CUB
+>>>80 	ubequad		0x84100c0000000000	: Microsoft Windows Installer Package or validation module
+!:mime	application/x-msi
+#!:mime	application/x-ms-win-installer
+#	https://learn.microsoft.com/en-us/windows/win32/msi/internal-consistency-evaluators-ices
+# cub is used for validation module like: Vstalogo.cub XPlogo.cub darice.cub logo.cub mergemod.cub
+#!:mime	application/x-ms-cub
+!:ext	msi/cub
+# From:		Joerg Jenderek
+# URL:		http://en.wikipedia.org/wiki/Windows_Installer
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/m/mst.trid.xml
+#		called "Windows SDK Setup Transform script" by TrID
+>>>80 	ubequad		0x82100c0000000000	: Microsoft Windows Installer transform script
+#!:mime	application/x-ole-storage
+!:mime	application/x-ms-mst
+!:ext	mst
+>>>80 	ubequad		0x86100c0000000000	: Microsoft Windows Installer Patch
+# ??
+!:mime	application/x-wine-extension-msp
+#!:mime	application/x-ms-msp
+!:ext	msp
+#
+# URL:	http://fileformats.archiveteam.org/wiki/DOC
+>>>80 	ubequad		0x0009020000000000	: Microsoft Word 6-95 document or template
+!:mime	application/msword
+# for template MSWDW8TN
+!:apple	MSWDWDBN
+!:ext	doc/dot
+>>>80 	ubequad		0x0609020000000000	: Microsoft Word 97-2003 document or template
+!:mime	application/msword
+!:apple	MSWDWDBN
+# dot for template; no extension on Macintosh
+!:ext	doc/dot/
+#
+# URL:	http://fileformats.archiveteam.org/wiki/Microsoft_Works_Word_Processor
+>>>80 	ubequad		0x0213020000000000	: Microsoft Works 3-4 document or template
+!:mime	application/vnd.ms-works
+!:apple	????AWWP
+# ps for template	https://filext.com/file-extension/PS	bps for backup
+!:ext	wps/ps/bps
+#
+# URL:	http://fileformats.archiveteam.org/wiki/Microsoft_Works_Database
+>>>80 	ubequad		0x0313020000000000	: Microsoft Works 3-4 database or template
+!:mime	application/vnd.ms-works-db
+# https://www.macdisk.com/macsigen.php
+!:apple	????AWDB
+# db for template www.file-extensions.org/db-file-extension-microsoft-works-data bdb for backup
+!:ext	wdb/db/bdb
+#
+# URL:	https://en.wikipedia.org/wiki/Microsoft_Excel
+>>>80 	ubequad		0x1008020000000000	: Microsoft Excel 5-95 worksheet, addin or template
+!:mime	application/vnd.ms-excel
+# https://www.macdisk.com/macsigen.php
+!:apple	????XLS5
+# worksheet/addin/template/no extension on Macintosh
+!:ext	xls/xla/xlt/
+#
+>>>80 	ubequad		0x2008020000000000	: Microsoft Excel 97-2003
+!:mime	application/vnd.ms-excel
+# https://www.macdisk.com/macsigen.php	XLS5 for Excel 5
+!:apple	????XLS9
+# 3rd directory entry name
+>>>>256 	lestring16	_VBA_PROJECT_CUR	addin
+!:ext	xla/
+# 4th directory entry name
+>>>>384 	lestring16	_VBA_PROJECT_CUR	addin
+!:ext	xla
+#!:ext	xla/
+>>>>256 	default		x			worksheet or template
+!:ext	xls/xlt
+#!:ext	xls/xlt/
+#
+# URL:	http://fileformats.archiveteam.org/wiki/OLE2
+>>>80 	ubequad		0x0b0d020000000000	: Microsoft Outlook 97-2003 item
+#>>>80 	ubequad		0x0b0d020000000000	: Microsoft Outlook 97-2003 Message
+#!:mime	application/vnd.ms-outlook
+!:mime	application/x-ms-msg
+!:ext	msg
+# URL:	https://wiki.fileformat.com/email/oft/
+>>>80 	ubequad		0x46f0060000000000	: Microsoft Outlook 97-2003 item template
+#!:mime	application/vnd.ms-outlook
+!:mime	application/x-ms-oft
+!:ext	oft
+#
+# URL:	http://fileformats.archiveteam.org/wiki/PPT
+>>>80 	ubequad		0x5148040000000000	: Microsoft PowerPoint 4.0 presentation
+!:mime	application/vnd.ms-powerpoint
+# https://www.macdisk.com/macsigen.php
+!:apple	????PPT3
+!:ext	ppt
+# Summary:	"newer" Greenstreet Art drawing
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/GST_ART
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/a/art-gst-docfile.trid.xml
+# Note:		called like "Greenstreet Art drawing" by TrID
+# Note:		CONTENT stream contains binary part of older versions with phrase GST:ART at offset 16
+#		verified by Michal Mutl Structured Storage Viewer `SSView.exe BCARD2.ART`
+>>>80 	ubequad		0x602c020000000000	: Greenstreet Art drawing
+#!:mime	application/x-ole-storage
+!:mime	image/x-greenstreet-art
+!:ext	art
+>>>80 	default		x
+>>>>0 	use		ole2-unknown
+#??
+# URL:	http://www.checkfilename.com/view-details/Microsoft-Works/RespageIndex/0/sTab/2/
+>>88 	ubequad		0xa29a00aa004a1a72	: Microsoft
+# URL:	http://fileformats.archiveteam.org/wiki/Microsoft_Works_Word_Processor
+>>>80 	ubequad		0xc2dbcd28e20ace11	Works 4 document
+!:mime	application/vnd.ms-works
+!:apple	????AWWP
+!:ext	wps
+#
+# URL:	http://fileformats.archiveteam.org/wiki/Microsoft_Works_Database
+>>>80 	ubequad		0xc3dbcd28e20ace11	Works 4 database
+!:mime	application/vnd.ms-works-db
+!:apple	????AWDB
+!:ext	wdb/bdb
+#??
+>>88 	ubequad		0xa40700c04fb932ba	: Microsoft
+# URL:	http://fileformats.archiveteam.org/wiki/Microsoft_Works_Word_Processor
+>>>80 	ubequad		0xb25aa40e0a9ed111	Works 5-6 document
+!:mime	application/vnd.ms-works
+!:apple	????AWWP
+!:ext	wps
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Microsoft_Works
+# Reference:	http://fileformats.archiveteam.org/wiki/Microsoft_Compound_File
+# Note:		probably version 6 and 7
+# organize pictures like JPFG images in streams __cf1 with names like
+# 001.JPG, 002.JPG ... in streams __fname
+>>88 	ubequad		0xa1c800c04f612452	: Microsoft
+>>>80 	ubequad		0xc0c7266eb98cd311	Works portfolio
+# 2nd directory entry name PfOrder, 3rd __LastID and 4th __SizeUsed
+#!:mime	application/x-ole-storage
+# https://www.iana.org/assignments/media-types/application/vnd.ms-works
+!:mime	application/vnd.ms-works
+# https://extension.nirsoft.net/wsb
+# like: wsbsamp.wsb WORKS2003_CD:\MSWorks\Common\Sammlung.wsb
+!:ext	wsb
+#??
+# URL:	http://fileformats.archiveteam.org/wiki/Microsoft_Publisher
+>>88 	ubequad		0x00c0000000000046	: Microsoft
+>>>80 	ubequad		0x0112020000000000	Publisher
+!:mime	application/vnd.ms-publisher
+!:ext	pub
+#
+# URL:	http://fileformats.archiveteam.org/wiki/PPT
+#??
+>>88 	ubequad		0xa90300aa00510ea3	: Microsoft
+>>>80 	ubequad		0x70ae7bea3bfbcd11	PowerPoint 95 presentation
+!:mime	application/vnd.ms-powerpoint
+# https://www.macdisk.com/macsigen.php
+!:apple	????PPT3
+!:ext	ppt/pot
+#??
+>>88 	ubequad		0x86ea00aa00b929e8	: Microsoft
+>>>80 	ubequad		0x108d81649b4fcf11	PowerPoint 97-2003 presentation or template
+!:mime	application/vnd.ms-powerpoint
+!:apple	????PPT3
+# /autostart/template
+!:ext	ppt/pps/pot
+# From:		Joerg Jenderek
+# URL:		https://www.file-extensions.org/ppa-file-extension
+#		https://en.wikipedia.org/wiki/Microsoft_PowerPoint#cite_note-231
+# Reference:	http://fileformats.archiveteam.org/wiki/Microsoft_Compound_File
+>>88 	ubequad		0x871800aa0060263b	: Microsoft
+# only version 8 (97) tested; PowerPoint 4.0 to 11.0 (2004) (Wikipedia); 97 to 2003 (file-extensions.org)
+>>>80 	ubequad		0xf04672810a72cf11	PowerPoint Addin or Wizard
+# second, third and fourth directory entry name like VBA PROJECT PROJECTwm
+# http://extension.nirsoft.net/pwz
+!:mime	application/vnd.ms-powerpoint
+# like: BSHPPT97.PPA "AutoContent Wizard.pwz"
+!:ext	ppa/pwz
+#
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/AWD_(At_Work_Document)
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/a/awd-fax.trid.xml
+# Note:		called "Microsoft At Work Fax document" by TrID
+>>88 	ubequad		0xb29400dd010f2bf9	: Microsoft
+>>>80 	ubequad		0x801cb0023de01a10	At Work fax Document
+#!:mime	application/x-ole-storage
+!:mime	image/x-ms-awd
+!:ext	awd
+#
+# URL:	https://en.wikipedia.org/wiki/Microsoft_Project
+#??
+>>88 	ubequad		0xbe1100c04fb6faf1	: Microsoft
+>>>80 	ubequad		0x3a8fb774c8c8d111	Project
+!:mime	application/vnd.ms-project
+!:ext	mpp
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Microsoft_Office_shared_tools#Binder
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/o/obd.trid.xml
+#		http://fileformats.archiveteam.org/wiki/Microsoft_Compound_File
+# Note:		only version 8 tested and called "Office Binder Document" by TrID and
+#		"Microsoft Office Binder File for Windows" version 97-2000 by DROID fmt/240
+>>88 	ubequad		0xb21c00aa004ba90b	: Microsoft
+>>>80 	ubequad		0x0004855964661b10	Office Binder Document, Template or wizard
+# second directory entry name like Binder
+# https://www.file-extensions.org/obd-file-extension
+#!:mime	application/vnd.ms-binder
+!:mime	application/x-msbinder
+# obt for template; obz for Microsoft Office Binder wizard
+!:ext	obd/obt/obz
+#
+# URL:		http://fileformats.archiveteam.org/wiki/WordPerfect
+# Reference:	http://fileformats.archiveteam.org/wiki/Microsoft_Compound_File
+#		https://github.com/OneWingedShark/WordPerfect/
+#		blob/master/doc/SDK_Help/FileFormats/WPFF_DocumentStructure.htm
+# From:		Joerg Jenderek
+# Note:		internal version x.2 or 2.2 like in embedded ole6-PerfectOffice_MAIN.wpd
+# 3rd directory entry name PerfectOffice_OBJECT and 2nd PerfectOffice_MAIN,
+# which contains WordPerfect document \xffWPC signature handled by ./wordprocessors
+>>88 	ubequad		0x19370000929679cd	: WordPerfect 7
+>>>80 	ubequad		0xff739851ad2d2002	Document
+!:mime	application/vnd.wordperfect
+#!:apple	????WPC?
+# https://fossies.org/linux/wp2latex/test/ole6.wpd
+!:ext	wpd
+#>>>>0	search/0xc01/s	\xffWPC			\b, WPC SIGNATURE
+# inspect embedded WordPerfect document by ./wordprocessors with 1 space at end
+#>>>>>&0	indirect	x	\b; contains 
+# GRR: the above expression does not work correctly 
+#
+# URL:	http://fileformats.archiveteam.org/wiki/SHW_(Corel)
+#???
+>>88 	ubequad		0x99ae04021c007002	: WordPerfect
+>>>80 	ubequad		0x62fe2e4099191b10	7-X3 presentation
+!:mime	application/x-corelpresentations
+#!:mime	application/x-shw-viewer
+#!:mime	image/x-presentations
+!:ext	shw
+#
+# URL:	http://www.checkfilename.com/view-details/WordPerfect-Office-X3/RespageIndex/0/sTab/2/
+>>>80 	ubequad		0x60fe2e4099191b10	9 Graphic
+#!:mime	application/x-wpg
+#!:mime	image/x-wordperfect-graphics
+!:mime	image/x-wpg
+# https://www.macdisk.com/macsigen.php "WPC2" for Wordperfect 2 *.wpd
+!:apple	????WPC9
+!:ext	wpg
+#
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/CorelCAD
+#		https://en.wikipedia.org/wiki/CorelCAD
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/c/ccd-corelcad.trid.xml
+# Note:		called "CorelCAD Drawing" by TrID and CorelCAD
+# directory entry names like Contents ViewInfo CustomViewDescriptions LayerInfo
+>>88 	ubequad		0xbe26db67235e2689	: Corel
+>>>80 	ubequad		0x20f414de1cacce11	\bCAD Drawing or Template
+#!:mime	application/x-ole-storage
+!:mime	application/x-corel-cad
+# CCT for CorelCAD Template 
+!:ext	ccd/cct
+#
+# URL:	http://fileformats.archiveteam.org/wiki/StarOffice_binary_formats
+>>88 	ubequad		0x996104021c007002	: StarOffice
+>>>80 	ubequad		0x407e5cdc5cb31b10	StarWriter 3.0 document or template
+# https://www.openoffice.org/framework/documentation/mimetypes/mimetypes.html
+!:mime	application/x-starwriter
+!:ext	sdw/vor
+#
+>>>80 	ubequad		0xa03f543fa6b61b10	StarCalc 3.0 spreadsheet or template
+!:mime	application/x-starcalc
+!:ext	sdc/vor
+#
+>>>80 	ubequad		0xe0aa10af6db31b10	StarDraw 3.0 drawing or template
+!:mime	application/x-starimpress
+#!:mime	application/x-stardraw
+# sda ??
+!:ext	sdd/sda/vor
+#??
+>>88 	ubequad		0x89cb008029e4b0b1	: StarOffice
+>>>80 	ubequad		0x41d461633542d011	StarCalc 4.0 spreadsheet or template
+!:mime	application/x-starcalc
+!:ext	sdc/vor
+#
+>>>80 	ubequad		0x61b8a5c6d685d111	StarCalc 5.0 spreadsheet or template
+!:mime	application/vnd.stardivision.cal
+!:ext	sdc/vor
+#
+>>>80 	ubequad		0xc03c2d011642d011	StarImpress 4.0 presentation or template
+!:mime	application/x-starimpress
+!:ext	sdd/vor
+#??
+>>88 	ubequad		0xb12a04021c007002	: StarOffice
+>>>80 	ubequad		0x600459d4fd351c10	StarMath 3.0
+!:mime	application/x-starmath
+!:ext	smf
+#??
+>>88 	ubequad		0x8e2c00001b4cc711	: StarOffice
+>>>80 	ubequad		0xe0999cfb6d2c1c10	StarChart 3.0
+!:mime	application/x-starchart
+!:ext	sds
+#??
+>>88 	ubequad		0xa45e00a0249d57b1	: StarOffice
+>>>80 	ubequad		0xb0e9048b0e42d011	StarWriter 4.0 document or template
+!:mime	application/x-starwriter
+!:ext	sdw/vor
+#??
+>>88 	ubequad		0x89ca008029e4b0b1	: StarOffice
+>>>80 	ubequad		0xe1b7b3022542d011	StarMath 4.0
+!:mime	application/x-starmath
+!:ext	smf
+#
+>>>80 	ubequad		0xe0b7b3022542d011	StarChart 4.0
+!:mime	application/x-starchart
+!:ext	sds
+#??
+>>88 	ubequad		0xa53f00a0249d57b1	: StarOffice
+>>>80 	ubequad		0x70c90a340de3d011	Master 4.0 document
+!:mime	application/x-starwriter-global
+!:ext	sgl
+#??
+>>88 	ubequad		0x89d0008029e4b0b1	: StarOffice
+>>>80 	ubequad		0x40e6b5ffde85d111	StarMath 5.0
+!:mime	application/vnd.stardivision.math
+!:ext	smf
+#
+>>>80 	ubequad		0xa005892ebd85d111	StarDraw 5.0 drawing or template
+!:mime	application/vnd.stardivision.draw
+!:ext	sda/vor
+#
+>>>80 	ubequad		0x21725c56bc85d111	StarImpress 5.0 presentation or template
+!:mime	application/vnd.stardivision.impress
+# sda is used for what?
+!:ext	sdd/vor/sda
+#
+>>>80 	ubequad		0x214388bfdd85d111	StarChart 5.0
+!:mime	application/vnd.stardivision.chart
+!:ext	sds
+# ??
+>>88 	ubequad		0xaab4006097da561a	: StarOffice
+>>>80 	ubequad		0xd1f90cc2ae85d111	StarWriter 5.0 document or template
+!:mime	application/vnd.stardivision.writer
+!:ext	sdw/vor
+#
+>>>80 	ubequad		0xd3f90cc2ae85d111	Master 5.0 document
+!:mime	application/vnd.stardivision.writer-global
+!:ext	sgl
+#??
+# URL:	http://fileformats.archiveteam.org/wiki/FlashPix
+>>88 	ubequad		0x855300aa00a1f95b	: Kodak
+>>>80 	ubequad		0x0067615654c1ce11	FlashPIX Image
+!:mime	image/vnd.fpx
+!:apple	????FPix
+!:ext	fpx
+# URL:	https://en.wikipedia.org/wiki/SoftMaker_Office
+>>88 	ubequad		0x95f600a0cc3cca14	: PlanMaker
+>>>80 	ubequad		0x9174088a6452d411	document or template
+!:mime	application/vnd.softmaker.planmaker
+# pmv for template	https://www.file-extensions.org/pmv-file-extension
+!:ext	pmd/pmv
+# URL:		http://fileformats.archiveteam.org/wiki/MAX_(3ds_Max)
+#		https://en.wikipedia.org/wiki/Autodesk_3ds_Max
+# Reference:	http://fileformats.archiveteam.org/wiki/Microsoft_Compound_File
+# Note:		called "3D Studio Max Scene" by TrID and "3DS Max" by DROID and
+#		"3DSMax thumbnail" by XnView and verfied by `nconvert -info A380.max`
+#		applies only to "newer" versions (about 2008-2020)
+>>88 	ubequad		0x9fed04143144cc1e	: Autodesk
+>>>80 	ubequad		0x7b8cdd1cc081a045	3ds Max
+#!:mime	application/x-ole-storage
+!:mime	model/x-autodesk-max
+# like: https://static.free3d.com/models/dropbox/dropbox/sq/A380.7z/A380.max 
+!:ext	max
+# also chr for character file according to DROID https://www.nationalarchives.gov.uk/PRONOM/fmt/978
+#!:ext	max/chr
+# remaining non null clsid
+>>88 	default		x
+>>>0 	use		ole2-unknown
+# display information about directory for not detected CDF files
+0	name			ole2-unknown
+>80 	ubequad		x			: UNKNOWN
+# https://reposcope.com/mimetype/application/x-ole-storage
+!:mime	application/x-ole-storage
+# according to file version 5.41 with -e soft option
+#!:mime	application/CDFV2
+#!:ext	???
+>80 	ubequad		!0			\b, clsid %#16.16llx
+>>88 ubequad		x			\b%16.16llx
+# converted hexadecimal format to standard GUUID notation
+>>80	guid		x			{%s}
+# second directory entry name like VisioDocument Control000
+>128	lestring16	x with names %.20s
+# third directory entry like WordDocument Preview.dib
+>256	lestring16	x %.20s
+# forth like \005SummaryInformation
+>384	lestring16	x %.25s
+# 5th
+>512	lestring16	x %.10s
+# 6th
+>640	lestring16	x %.10s
+# 7th
+>768	lestring16	x %.10s
diff --git a/magic/Magdir/olf b/magic/Magdir/olf
new file mode 100644
index 0000000..6ae3fc0
--- /dev/null
+++ b/magic/Magdir/olf
@@ -0,0 +1,98 @@
+
+#------------------------------------------------------------------------------
+# $File: olf,v 1.4 2009/09/19 16:28:11 christos Exp $
+# olf:  file(1) magic for OLF executables
+#
+# We have to check the byte order flag to see what byte order all the
+# other stuff in the header is in.
+#
+# MIPS R3000 may also be for MIPS R2000.
+# What're the correct byte orders for the nCUBE and the Fujitsu VPP500?
+#
+# Created by Erik Theisen <etheisen@openbsd.org>
+# Based on elf from Daniel Quinlan <quinlan@yggdrasil.com>
+0	string		\177OLF		OLF
+>4	byte		0		invalid class
+>4	byte		1		32-bit
+>4	byte		2		64-bit
+>7	byte		0		invalid os
+>7	byte		1		OpenBSD
+>7	byte		2		NetBSD
+>7	byte		3		FreeBSD
+>7	byte		4		4.4BSD
+>7	byte		5		Linux
+>7	byte		6		SVR4
+>7	byte		7		esix
+>7	byte		8		Solaris
+>7	byte		9		Irix
+>7	byte		10		SCO
+>7	byte		11		Dell
+>7	byte		12		NCR
+>5	byte		0		invalid byte order
+>5	byte		1		LSB
+>>16	leshort		0		no file type,
+>>16	leshort		1		relocatable,
+>>16	leshort		2		executable,
+>>16	leshort		3		shared object,
+# Core handling from Peter Tobias <tobias@server.et-inf.fho-emden.de>
+# corrections by Christian 'Dr. Disk' Hechelmann <drdisk@ds9.au.s.shuttle.de>
+>>16	leshort		4		core file
+>>>(0x38+0xcc) string	>\0		of '%s'
+>>>(0x38+0x10) lelong	>0		(signal %d),
+>>16	leshort		&0xff00		processor-specific,
+>>18	leshort		0		no machine,
+>>18	leshort		1		AT&T WE32100 - invalid byte order,
+>>18	leshort		2		SPARC - invalid byte order,
+>>18	leshort		3		Intel 80386,
+>>18	leshort		4		Motorola 68000 - invalid byte order,
+>>18	leshort		5		Motorola 88000 - invalid byte order,
+>>18	leshort		6		Intel 80486,
+>>18	leshort		7		Intel 80860,
+>>18	leshort		8		MIPS R3000_BE - invalid byte order,
+>>18	leshort		9		Amdahl - invalid byte order,
+>>18	leshort		10		MIPS R3000_LE,
+>>18	leshort		11		RS6000 - invalid byte order,
+>>18	leshort		15		PA-RISC - invalid byte order,
+>>18	leshort		16		nCUBE,
+>>18	leshort		17		VPP500,
+>>18	leshort		18		SPARC32PLUS,
+>>18	leshort		20		PowerPC,
+>>18	leshort		0x9026		Alpha,
+>>20	lelong		0		invalid version
+>>20	lelong		1		version 1
+>>36	lelong		1		MathCoPro/FPU/MAU Required
+>8	string		>\0		(%s)
+>5	byte		2		MSB
+>>16	beshort		0		no file type,
+>>16	beshort		1		relocatable,
+>>16	beshort		2		executable,
+>>16	beshort		3		shared object,
+>>16	beshort		4		core file,
+>>>(0x38+0xcc) string	>\0		of '%s'
+>>>(0x38+0x10) belong	>0		(signal %d),
+>>16	beshort		&0xff00		processor-specific,
+>>18	beshort		0		no machine,
+>>18	beshort		1		AT&T WE32100,
+>>18	beshort		2		SPARC,
+>>18	beshort		3		Intel 80386 - invalid byte order,
+>>18	beshort		4		Motorola 68000,
+>>18	beshort		5		Motorola 88000,
+>>18	beshort		6		Intel 80486 - invalid byte order,
+>>18	beshort		7		Intel 80860,
+>>18	beshort		8		MIPS R3000_BE,
+>>18	beshort		9		Amdahl,
+>>18	beshort		10		MIPS R3000_LE - invalid byte order,
+>>18	beshort		11		RS6000,
+>>18	beshort		15		PA-RISC,
+>>18	beshort		16		nCUBE,
+>>18	beshort		17		VPP500,
+>>18	beshort		18		SPARC32PLUS,
+>>18	beshort		20		PowerPC or cisco 4500,
+>>18	beshort		21		cisco 7500,
+>>18	beshort		24		cisco SVIP,
+>>18	beshort		25		cisco 7200,
+>>18	beshort		36		cisco 12000,
+>>18	beshort		0x9026		Alpha,
+>>20	belong		0		invalid version
+>>20	belong		1		version 1
+>>36	belong		1		MathCoPro/FPU/MAU Required
diff --git a/magic/Magdir/openfst b/magic/Magdir/openfst
new file mode 100644
index 0000000..8df9b56
--- /dev/null
+++ b/magic/Magdir/openfst
@@ -0,0 +1,17 @@
+
+#------------------------------------------------------------------------------
+# $File: openfst,v 1.1 2019/09/30 15:58:24 christos Exp $
+# openfs:  file(1) magic for OpenFST (Weighted finite-state tranducer library)
+
+0	long		0x7eb2fdd6	OpenFst binary FST data
+>&0	pstring/l	x		\b, fst type: %s
+>>&0	pstring/l	x		\b, arc type: %s
+>>>&0	long		x		\b, version: %d
+>>>>&20	quad		x		\b, num states: %lld
+>>>>>&0	quad		>0		\b, num arcs: %lld
+
+0	long    0x56515c	OpenFst binary FAR data, far type: stlist
+>4	long 	x		\b, version: %d
+
+0	long	0x7eb2f35c	OpenFst binary FAR data, far type: sttable
+>4	long	x		\b, version: %d
diff --git a/magic/Magdir/opentimestamps b/magic/Magdir/opentimestamps
new file mode 100644
index 0000000..f2f0e3e
--- /dev/null
+++ b/magic/Magdir/opentimestamps
@@ -0,0 +1,16 @@
+
+#------------------------------------------------------------
+# $File: opentimestamps,v 1.1 2019/05/27 01:27:31 christos Exp $
+# OpenTimestamps related magic entries 
+# https://opentimestamps.org/
+# https://en.wikipedia.org/wiki/OpenTimestamps
+# "Emanuele Cisbani" <emanuele.cisbani@gmail.com>
+#------------------------------------------------------------
+
+# OpenTimestamps Proof .ots format. 
+# Magic is defined here:
+# https://github.com/opentimestamps/python-opentimestamps/\
+# blob/master/opentimestamps/core/timestamp.py#L273
+
+0	string	\x00\x4f\x70\x65\x6e\x54\x69\x6d\x65\x73\x74\x61\x6d\x70\x73\x00 OpenTimestamps
+>16	string	\x00\x50\x72\x6f\x6f\x66\x00\xbf\x89\xe2\xe8\x84\xe8\x92\x94\x01 Proof
diff --git a/magic/Magdir/oric b/magic/Magdir/oric
new file mode 100644
index 0000000..38c02c5
--- /dev/null
+++ b/magic/Magdir/oric
@@ -0,0 +1,16 @@
+
+#------------------------------------------------------------------------------
+# $File: oric,v 1.2 2022/04/25 17:28:20 christos Exp $
+# Oric tape files
+# From: Stefan A. Haubenthal <polluks@sdf.lonestar.org>
+# References:
+# http://fileformats.archiveteam.org/wiki/TAP_(Oric)
+# http://fileformats.archiveteam.org/wiki/DSK_(Oric)
+0	string		\x16\x16\x16\x24	Oric tape,
+>6	byte		=0x00			BASIC,
+>6	byte		=0x80			memory block,
+>7	byte		>0x00			autorun,
+>13	string		x			"%.15s"
+
+0	string		ORICDISK		Oric Image
+0	string		MFM_DISK		Oric Image
diff --git a/magic/Magdir/os2 b/magic/Magdir/os2
new file mode 100644
index 0000000..cb43e99
--- /dev/null
+++ b/magic/Magdir/os2
@@ -0,0 +1,186 @@
+
+#------------------------------------------------------------------------------
+# $File: os2,v 1.14 2022/03/21 21:25:50 christos Exp $
+# os2:  file(1) magic for OS/2 files
+#
+
+# Provided 1998/08/22 by
+# David Mediavilla <davidme.news@REMOVEIFNOTSPAMusa.net>
+1	search/100	InternetShortcut	MS Windows 95 Internet shortcut text
+!:mime	application/x-mswinurl
+!:ext	url
+>17	search/100	URL= 			(URL=<
+>>&0	string		x			\b%s>)
+
+# OS/2 URL objects
+# Provided 1998/08/22 by
+# David Mediavilla <davidme.news@REMOVEIFNOTSPAMusa.net>
+#0	string	http:			OS/2 URL object text
+#>5	string	>\			(WWW) <http:%s>
+#0	string	mailto:			OS/2 URL object text
+#>7	string	>\			(email) <%s>
+#0	string	news:			OS/2 URL object text
+#>5	string	>\			(Usenet) <%s>
+#0	string	ftp:			OS/2 URL object text
+#>4	string	>\			(FTP) <ftp:%s>
+#0	string	file:			OS/2 URL object text
+#>5	string	>\			(Local file) <%s>
+
+# >>>>> OS/2 INF/HLP <<<<<  (source: Daniel Dissett ddissett@netcom.com)
+# URL:		http://fileformats.archiveteam.org/wiki/INF/HLP_(OS/2)
+# Reference:	http://www.edm2.com/0308/inf.html
+# Carl Hauser (chauser.parc@xerox.com) and
+# Marcus Groeber (marcusg@ph-cip.uni-koeln.de)
+# list the following header format in inf02a.doc:
+#
+#  int16 ID;           // ID magic word (5348h = "HS")
+#  int8  unknown1;     // unknown purpose, could be third letter of ID
+#  int8  flags;        // probably a flag word...
+#                      //  bit 0: set if INF style file
+#                      //  bit 4: set if HLP style file
+#                      // patching this byte allows reading HLP files
+#                      // using the VIEW command, while help files
+#                      // seem to work with INF settings here as well.
+#  int16 hdrsize;      // total size of header
+#  int16 unknown2;     // unknown purpose
+#
+0   string  HSP\x01\x9b\x00 OS/2 INF
+!:mime	application/x-os2-inf
+!:ext	inf
+>107 string >0                      (%s)
+0   string  HSP\x10\x9b\x00     OS/2 HLP
+!:mime	application/x-os2-hlp
+!:ext	hlp
+>107 string >0                      (%s)
+
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/MSG_(OS/2)
+# Reference:	https://github.com/OS2World/UTIL-SYSTEM-MKMSGF/blob/master/mkmsgf.h
+# Note:		created by MKMSGF.EXE. Text source can be recreated by E_MSGF
+#		example like OS001H.MSG
+0	string			\xffMKMSGF\0	OS/2 help message
+!:mime	application/x-os2-msg
+!:ext	msg
+# identifier[3] like: DOS NET REX SYS ...
+>8	string				x	'%.3s'
+# msgnumber: number of messages
+>11	uleshort			x	\b, %u messages
+# firstmsgnumber; number of the first message like: some times 0 often 1 169 1000 3502
+>13	uleshort      			>1	\b, 1st number %u
+# offset16bit; 1~Index table has 16-bit offsets (files<64k) 0~Index table has 32-bit offsets
+>15	ubyte				=0	\b, 32-bit
+#>15	ubyte				=1	\b, 16-bit
+# version; file version: 2~new 0~old
+>16	uleshort      			!2	\b, version %u
+# indextaboffset; offset of index table: 1F~after header 0~no index table for version 0?
+>18	uleshort			>0
+>>18		uleshort		!0x1f	\b, at %#x index
+#	32-bit offset
+>>15		ubyte			=0
+# offset with message table
+>>>(18.s)		ulelong		x	\b, at %#x
+# 1st message
+# http://www.os2museum.com/files/docs/os210ptk/os2-1.0-ptk-tools-1988.pdf
+# message type: E~Error H~Help I~Information P~Prompt W~Warning ?
+>>>>(&-4.l)		ubyte		x	%c-type
+>>>>>&0			string		x	%s
+#	16-bit offset
+>>15		ubyte			=1
+# msgnum; message number
+>>>(18.s)		uleshort	x	\b, number %u
+# msgindex; offset of message from begin of file
+>>>(18.s+2)		uleshort	x	at %#x
+# message type E H I P W ?
+>>>>(&-2.s)		ubyte		x	%c-type
+# skip newline carriage return
+>>>>>&0			ubeshort	=0x0D0a
+>>>>>>&0		string		x	%s
+>>>>>&0			ubeshort	!0x0D0a
+>>>>>>&-2		string		x	%s
+#		for version 0 index table apparently at offset 1F
+>16	uleshort      			0
+>>15		ubyte			1
+# 1st message 16-bit
+>>>0x1F			uleshort	x	\b, at %#x
+# message type: E~Error H~Help I~Information P~Prompt W~Warning ?
+>>>>(0x1F.s)		ubyte		x	%c-type
+>>>>>&0			string		x	%s
+# 2nd message 16-bit
+>>>0x21			uleshort	x	\b, at %#x
+>>>>(0x21.s)		ubyte		x	%c-type
+>>>>>&0			string		x	%s
+# 3rd message 16-bit
+>>>0x23			uleshort	x	\b, at %#x
+>>>>(0x23.s)		ubyte		x	%c-type
+>>>>>&0			string		x	%s
+#		version 0 32-bit
+>>15		ubyte			0
+# 1st message 32-bit
+>>>0x1f			ulelong		x	\b, at %#x
+>>>>(0x1F.l)		ubyte		x	%c-type
+>>>>>&0			string		x	%s
+# 2nd message 32-bit
+>>>0x23			ulelong		x	\b, at %#x
+>>>>(0x23.l)		ubyte		x	%c-type
+>>>>>&0			string		x	%s
+# 3rd message 32-bit
+>>>0x27			ulelong		x	\b, AT %#x
+>>>>(0x27.l)		ubyte		x	 %c-type
+>>>>>&0			string		x	%s
+# countryinfo; offset of country info block: 0 for version 0
+>20	uleshort			!0	\b, at %#x countryinfo
+# nextcoutryinfo
+>>22		uleshort		>0	\b, at %#x next
+# reserved[5]; Must be 0
+>>25	ulelong		!0		\b, RESERVED %#x 
+>>(20.s) use				os2-msg-info
+#	display country info block of MKMSGF message file
+0	name		os2-msg-info
+# bytesperchar; bytes per char: 1~SBCS 2~DBCS
+>0	ubyte		>1		\b, %u bytes/char
+# reserved; Not known
+>1	uleshort	!0		\b, reserved %#x
+# langfamilyID; language family ID like: 0~? 1~Arabic ... 7~German ... 9~English  ... 34~Slovene
+>3	uleshort	>0		\b, language %u
+# langversionID; like: 7_1~German 7_2~Swiss German 12_1~French 12_3~Canadian French
+>>5	uleshort	x		\b_%u
+# langfamilyID too high. This should not happen
+>3	uleshort	>34		(invalid language)
+# codepagesnumber; number of codepages like: 1 2 ... 16
+>7	uleshort	x		\b, %u code page
+# plural s
+>7	uleshort	>1		\bs
+# too many number of codepages. This should not happen
+>7	uleshort	>16		(Too many)
+# codepages[16]; codepages list like 437 850 ...
+>7	uleshort	<17
+# 1st code page
+>>9	uleshort	>0		%u
+# possible 2nd code page number
+>>>7	uleshort	>1
+>>>>11	uleshort	x		%u
+# filename[260]; name of file like: dbaseos2.msg dde4c01e.msg os2ldr.mgr xdfh.msg ...
+>41	string		x	 	\b, %s
+
+# OS/2 INI (this is a guess)
+0  string   \xff\xff\xff\xff\x14\0\0\0  OS/2 INI
+!:mime	application/x-os2-ini
+!:ext	ini
+
+# From:		Joerg Jenderek
+# URL:		http://warpin.netlabs.org/
+# Reference:    http://mark0.net/download/triddefs_xml.7z/defs/a/ark-wpi.trid.xml
+# Note:		called by TrID "WarpIN Installer"
+# probably magic at the beginning
+0	ubelong		=0x770402BE	WarpIN Installer
+#>4	ubelong		=0x03000000
+#!:mime	application/octet-stream
+!:mime	application/x-os2-wpi
+!:ext	wpi
+# creator program name like: "reserved" or "WIC x.y.z"
+>0x106	string		x		\b, created by %s
+# name like: "reserved" or "OS/2 Netlabs"
+>0x146	string		x		\b, '%s'
+# name like: "N/A" "http://warpin.netlabs.org"
+>0x186	string		x		\b, URL %s
+
diff --git a/magic/Magdir/os400 b/magic/Magdir/os400
new file mode 100644
index 0000000..6a05f08
--- /dev/null
+++ b/magic/Magdir/os400
@@ -0,0 +1,39 @@
+
+#------------------------------------------------------------------------------
+# $File: os400,v 1.5 2009/09/19 16:28:11 christos Exp $
+# os400:  file(1) magic for IBM OS/400 files
+#
+# IBM OS/400 (i5/OS) Save file (SAVF) - gerardo.cacciari@gmail.com
+# In spite of its quite variable format (due to internal memory page
+# length differences between CISC and RISC versions of the OS) the
+# SAVF structure hasn't suitable offsets to identify the catalog
+# header in the first descriptor where there are some useful infos,
+# so we must search in a somewhat large area for a particular string
+# that represents the EBCDIC encoding of 'QSRDSSPC' (save/restore
+# descriptor space) preceded by a two byte constant.
+#
+1090	 search/7393	\x19\xDB\xD8\xE2\xD9\xC4\xE2\xE2\xD7\xC3 IBM OS/400 save file data
+>&212	 byte		0x01			 \b, created with SAVOBJ
+>&212	 byte		0x02			 \b, created with SAVLIB
+>&212	 byte		0x07			 \b, created with SAVCFG
+>&212	 byte		0x08			 \b, created with SAVSECDTA
+>&212	 byte		0x0A			 \b, created with SAVSECDTA
+>&212	 byte		0x0B			 \b, created with SAVDLO
+>&212	 byte		0x0D			 \b, created with SAVLICPGM
+>&212	 byte		0x11			 \b, created with SAVCHGOBJ
+>&213	 byte		0x44			 \b, at least V5R4 to open
+>&213	 byte		0x43			 \b, at least V5R3 to open
+>&213	 byte		0x42			 \b, at least V5R2 to open
+>&213	 byte		0x41			 \b, at least V5R1 to open
+>&213	 byte		0x40			 \b, at least V4R5 to open
+>&213	 byte		0x3F			 \b, at least V4R4 to open
+>&213	 byte		0x3E			 \b, at least V4R3 to open
+>&213	 byte		0x3C			 \b, at least V4R2 to open
+>&213	 byte		0x3D			 \b, at least V4R1M4 to open
+>&213	 byte		0x3B			 \b, at least V4R1 to open
+>&213	 byte		0x3A			 \b, at least V3R7 to open
+>&213	 byte		0x35			 \b, at least V3R6 to open
+>&213	 byte		0x36			 \b, at least V3R2 to open
+>&213	 byte		0x34			 \b, at least V3R1 to open
+>&213	 byte		0x31			 \b, at least V3R0M5 to open
+>&213	 byte		0x30			 \b, at least V2R3 to open
diff --git a/magic/Magdir/os9 b/magic/Magdir/os9
new file mode 100644
index 0000000..74b47f3
--- /dev/null
+++ b/magic/Magdir/os9
@@ -0,0 +1,80 @@
+
+#------------------------------------------------------------------------------
+# $File: os9,v 1.8 2017/03/17 21:35:28 christos Exp $
+#
+# Copyright (c) 1996 Ignatios Souvatzis. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+#
+#
+# OS9/6809 module descriptions:
+#
+0	beshort		0x87CD	OS9/6809 module:
+#
+>6	byte&0x0f	0x00	non-executable
+>6	byte&0x0f	0x01	machine language
+>6	byte&0x0f	0x02	BASIC I-code
+>6	byte&0x0f	0x03	Pascal P-code
+>6	byte&0x0f	0x04	C I-code
+>6	byte&0x0f	0x05	COBOL I-code
+>6	byte&0x0f	0x06	Fortran I-code
+#
+>6	byte&0xf0	0x10	program executable
+>6	byte&0xf0	0x20	subroutine
+>6	byte&0xf0	0x30	multi-module
+>6	byte&0xf0	0x40	data module
+#
+>6	byte&0xf0	0xC0	system module
+>6	byte&0xf0	0xD0	file manager
+>6	byte&0xf0	0xE0	device driver
+>6	byte&0xf0	0xF0	device descriptor
+#
+# OS9/m68k stuff (to be continued)
+#
+0	beshort		0x4AFC	OS9/68K module:
+#
+# attr
+>0x14	byte&0x80	0x80	re-entrant
+>0x14	byte&0x40	0x40	ghost
+>0x14	byte&0x20	0x20	system-state
+#
+# lang:
+#
+>0x13	byte		1	machine language
+>0x13	byte		2	BASIC I-code
+>0x13	byte		3	Pascal P-code
+>0x13	byte		4	C I-code
+>0x13	byte		5	COBOL I-code
+>0x13	byte		6	Fortran I-code
+#
+#
+# type:
+#
+>0x12	byte		1	program executable
+>0x12	byte		2	subroutine
+>0x12	byte		3	multi-module
+>0x12	byte		4	data module
+>0x12	byte		11	trap library
+>0x12	byte		12	system module
+>0x12	byte		13	file manager
+>0x12	byte		14	device driver
+>0x12	byte		15	device descriptor
diff --git a/magic/Magdir/osf1 b/magic/Magdir/osf1
new file mode 100644
index 0000000..4e91471
--- /dev/null
+++ b/magic/Magdir/osf1
@@ -0,0 +1,10 @@
+
+#------------------------------------------------------------------------------
+# $File: osf1,v 1.7 2009/09/19 16:28:11 christos Exp $
+#
+# Mach magic number info
+#
+0	long		0xefbe	OSF/Rose object
+# I386 magic number info
+#
+0	short		0565	i386 COFF object
diff --git a/magic/Magdir/palm b/magic/Magdir/palm
new file mode 100644
index 0000000..5d2b913
--- /dev/null
+++ b/magic/Magdir/palm
@@ -0,0 +1,156 @@
+
+#------------------------------------------------------------------------------
+# $File: palm,v 1.15 2021/12/16 21:50:06 christos Exp $
+# palm:	 file(1) magic for PalmOS {.prc,.pdb}: applications, docfiles, and hacks
+#
+# Brian Lalor <blalor@hcirisc.cs.binghamton.edu>
+
+# These are weak, byte 59 is not guaranteed to be 0 and there are
+# 8 character identifiers at byte 60, one I found for appl is BIGb.
+# What are the possibilities and where is this documented?
+
+# The common header format for PalmOS .pdb/.prc files is
+# {
+#         char            name[ 32 ];
+#         Word            attributes;
+#         Word            version;
+#         DWord           creationDate;
+#         DWord           modificationDate;
+#         DWord           lastBackupDate;
+#         DWord           modificationNumber;
+#         DWord           appInfoID;
+#         DWord           sortInfoID;
+#         char            type[4];
+#         char            creator[4];
+#         DWord           uniqueIDSeed;
+#         RecordListType  recordList;
+# };
+#
+# Datestamps are unsigned seconds since the MacOS epoch (Jan 1, 1904),
+# or Unix/POSIX time + 2082844800.
+
+0		name		aportisdoc
+# date is supposed to be big-endian seconds since 1 Jan 1904, but many
+# files contain the timestamp in little-endian or a completely
+# nonsensical value...
+#>36		bedate-2082844800	>0	\b, created %s
+# compression: 1=uncomp, 2=orig, 0x4448=HuffDic
+>(78.L)		beshort		=1		\b, uncompressed
+# compressed
+>(78.L)		beshort		>1
+>>(78.L+4)	belong		x		\b, %d bytes uncompressed
+
+# appl
+#60		string		appl		PalmOS application
+#>0		string		>\0		"%s"
+
+# HACK
+#60		string		HACK		HackMaster hack
+#>0		string		>\0		"%s"
+
+# iSiloX e-book
+60		string		SDocSilX	iSiloX E-book
+>0		string		>\0		"%s"
+
+# Mobipocket (www.mobipocket.com), donated by Carl Witty
+# expanded by Ralf Brown
+60		string	 	BOOKMOBI	Mobipocket E-book
+!:mime	application/x-mobipocket-ebook
+# MobiPocket stores a full title, pointed at by the belong at offset
+# 0x54 in its header at (78.L), with length given by the belong at
+# offset 0x58.
+# there's no guarantee that the title string is null-terminated, but
+# we currently can't specify a variable-length string where the length
+# field is not at the start of the string; in practice, the data
+# following the string always seems to start with a zero byte
+>(78.L)		belong		x
+>>&(&0x50.L-4)	string		>\0		"%s"
+>0		use		aportisdoc
+>>(78.L+0x68)	belong		>0		\b, version %d
+>>(78.L+0x1C)	belong		!0		\b, codepage %d
+>>(78.L+0x0C)	beshort	 	>0		\b, encrypted (type %d)
+
+# AportisDoc/PalmDOC
+60		string		TEXtREAd	AportisDoc/PalmDOC E-book
+>0		string		>\0		"%s"
+>0		use		aportisdoc
+
+# Variety of PalmOS document types
+# Michael-John Turner <mj@debian.org>
+# Thanks to Hasan Umit Ezerce <humit@tr-net.net.tr> for his DocType
+60	string			BVokBDIC	BDicty PalmOS document
+>0	string			>\0		"%s"
+60	string			DB99DBOS	DB PalmOS document
+>0	string			>\0		"%s"
+60	string			vIMGView	FireViewer/ImageViewer PalmOS document
+>0	string			>\0		"%s"
+60	string			PmDBPmDB	HanDBase PalmOS document
+>0	string			>\0		"%s"
+60	string			InfoINDB	InfoView PalmOS document
+>0	string			>\0		"%s"
+60	string			ToGoToGo	iSilo PalmOS document
+>0	string			>\0		"%s"
+60	string			JfDbJBas	JFile PalmOS document
+>0	string			>\0		"%s"
+60	string			JfDbJFil	JFile Pro PalmOS document
+>0	string			>\0		"%s"
+60	string			DATALSdb	List PalmOS document
+>0	string			>\0		"%s"
+60	string			Mdb1Mdb1	MobileDB PalmOS document
+>0	string			>\0		"%s"
+60	string			PNRdPPrs	PeanutPress PalmOS document
+>0	string			>\0		"%s"
+60	string			DataPlkr	Plucker PalmOS document
+>0	string			>\0		"%s"
+60	string			DataSprd	QuickSheet PalmOS document
+>0	string			>\0		"%s"
+60	string			SM01SMem	SuperMemo PalmOS document
+>0	string			>\0		"%s"
+60	string			TEXtTlDc	TealDoc PalmOS document
+>0	string			>\0		"%s"
+60	string			InfoTlIf	TealInfo PalmOS document
+>0	string			>\0		"%s"
+60	string			DataTlMl	TealMeal PalmOS document
+>0	string			>\0		"%s"
+60	string			DataTlPt	TealPaint PalmOS document
+>0	string			>\0		"%s"
+60	string			dataTDBP	ThinkDB PalmOS document
+>0	string			>\0		"%s"
+60	string			TdatTide	Tides PalmOS document
+>0	string			>\0		"%s"
+60	string			ToRaTRPW	TomeRaider PalmOS document
+>0	string			>\0		"%s"
+
+# A GutenPalm zTXT etext for use on Palm Pilots (http://gutenpalm.sf.net)
+# For version 1.xx zTXTs, outputs version and numbers of bookmarks and
+#   annotations.
+# For other versions, just outputs version.
+#
+60		string		zTXT		A GutenPalm zTXT e-book
+>0		string		>\0		"%s"
+>(0x4E.L)	byte		0
+>>(0x4E.L+1)	byte		x		(v0.%02d)
+>(0x4E.L)	byte		1
+>>(0x4E.L+1)	byte		x		(v1.%02d)
+>>>(0x4E.L+10)	beshort		>0
+>>>>(0x4E.L+10) beshort		<2		- 1 bookmark
+>>>>(0x4E.L+10) beshort		>1		- %d bookmarks
+>>>(0x4E.L+14)	beshort		>0
+>>>>(0x4E.L+14) beshort		<2		- 1 annotation
+>>>>(0x4E.L+14) beshort		>1		- %d annotations
+>(0x4E.L)	byte		>1		(v%d.
+>>(0x4E.L+1)	byte		x		%02d)
+
+# Palm OS .prc file types
+60		string		libr
+# flags, only bit 0 or bit 6
+# https://en.wikipedia.org/wiki/PRC_%28Palm_OS%29
+# https://web.mit.edu/tytso/www/pilot/prc-format.html
+>0x20		beshort&0xffbe	0
+>>0		string		>\0		Palm OS dynamic library data "%s"
+60		string		ptch		Palm OS operating system patch data
+>0		string		>\0		"%s"
+
+# Mobipocket (www.mobipocket.com), donated by Carl Witty
+60	string			BOOKMOBI	Mobipocket E-book
+>0	string			>\0		"%s"
diff --git a/magic/Magdir/parix b/magic/Magdir/parix
new file mode 100644
index 0000000..ba5cbf5
--- /dev/null
+++ b/magic/Magdir/parix
@@ -0,0 +1,13 @@
+
+#------------------------------------------------------------------------------
+# $File: parix,v 1.5 2020/03/08 22:18:32 christos Exp $
+#
+# Parix COFF executables
+# From: Ignatios Souvatzis <ignatios@cs.uni-bonn.de>
+#
+0	beshort&0xefff	0x8ACE	PARIX
+>0	byte&0xf0	0x80	T800
+>0	byte&0xf0	0x90	T9000
+>19	byte&0x02	0x02	executable
+>19	byte&0x02	0x00	object
+>19	byte&0x0c	0x00	not stripped
diff --git a/magic/Magdir/parrot b/magic/Magdir/parrot
new file mode 100644
index 0000000..b2a56c8
--- /dev/null
+++ b/magic/Magdir/parrot
@@ -0,0 +1,22 @@
+#------------------------------------------------------------------------------
+# $File: parrot,v 1.2 2019/04/19 00:42:27 christos Exp $
+# parrot: file(1) magic for Parrot Virtual Machine
+# URL:	https://www.lua.org/
+# From: Lubomir Rintel <lkundrak@v3.sk>
+
+# Compiled Parrot byte code
+0	string	\376PBC\r\n\032\n	Parrot bytecode
+>64	byte	x			%d.
+>72	byte	x			\b%d,
+>8	byte	>0			%d byte words,
+>16	byte	0			little-endian,
+>16	byte	1			big-endian,
+>32	byte	0			IEEE-754 8 byte double floats,
+>32	byte	1			x86 12 byte long double floats,
+>32	byte	2			IEEE-754 16 byte long double floats,
+>32	byte	3			MIPS 16 byte long double floats,
+>32	byte	4			AIX 16 byte long double floats,
+>32	byte	5			4-byte floats,
+>40	byte	x			Parrot %d.
+>48	byte	x			\b%d.
+>56	byte	x			\b%d
diff --git a/magic/Magdir/pascal b/magic/Magdir/pascal
new file mode 100644
index 0000000..6168802
--- /dev/null
+++ b/magic/Magdir/pascal
@@ -0,0 +1,39 @@
+#------------------------------------------------------------------------------
+# $File: pascal,v 1.4 2022/07/30 16:53:06 christos Exp $
+# pascal:  file(1) magic for Pascal source
+#
+0	search/8192	(input,		Pascal source text
+!:mime	text/x-pascal
+#0	regex		\^program	Pascal source text
+#!:mime	text/x-pascal
+#0	regex           	\^record		Pascal source text
+#!:mime	text/x-pascal
+
+# Free Pascal
+0	string	PPU	Pascal unit
+>3	string	x	\b, version %s
+
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Dan_Bricklin
+0	string/b	Type
+# URL:		https://dl.winworldpc.com/Dan%20Bricklins%20Demo%20II%20Version%202%20Manual.7z
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/d/dbd-v2.trid.xml
+>4	string		D2		Dan Bricklin's Demo 2 demo
+#!:mime	application/octet-stream
+!:ext	dbd
+# URL:		https://muhaz.org/turbo-pascal-download-details.html
+# From:		Joerg Jenderek
+# Note:		used by Turbo Pascal 5.5 TOUR.EXE
+>4	string		T2		Turbo Pascal TOUR data
+#!:mime	application/octet-stream
+!:mime	application/x-borland-cbt
+!:ext	cbt
+# WHAT iS THAT?
+#>4	string		\040P		Dan Bricklin's Demo 2 foo
+#!:mime	application/octet-stream
+# _PPRINT.SG2 _PASCII.SG2
+#!:ext	sg2
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/d/dbd-gen.trid.xml
+>4	default		x		Dan Bricklin's Demo demo (generic)
+#!:mime	application/octet-stream
+!:ext	dbd
diff --git a/magic/Magdir/pbf b/magic/Magdir/pbf
new file mode 100644
index 0000000..0ab7a88
--- /dev/null
+++ b/magic/Magdir/pbf
@@ -0,0 +1,11 @@
+
+#------------------------------------------------------------------------------
+# $File: pbf,v 1.3 2019/04/19 00:42:27 christos Exp $
+# file(1) magic(5) data for OpenStreetMap
+
+# OpenStreetMap Protocolbuffer Binary Format (.osm.pbf)
+# https://wiki.openstreetmap.org/wiki/PBF_Format
+# From: Markus Heidelberg <markus.heidelberg@web.de>
+0	belong&0xfffffff0	0
+>4	beshort			0x0A09
+>>6	string			OSMHeader	OpenStreetMap Protocolbuffer Binary Format
diff --git a/magic/Magdir/pbm b/magic/Magdir/pbm
new file mode 100644
index 0000000..40ecf49
--- /dev/null
+++ b/magic/Magdir/pbm
@@ -0,0 +1,8 @@
+
+#------------------------------------------------------------------------------
+# $File: pbm,v 1.6 2009/09/19 16:28:11 christos Exp $
+# pbm:  file(1) magic for Portable Bitmap files
+#
+# XXX - byte order?
+#
+0	short	0x2a17	"compact bitmap" format (Poskanzer)
diff --git a/magic/Magdir/pc88 b/magic/Magdir/pc88
new file mode 100644
index 0000000..03822f5
--- /dev/null
+++ b/magic/Magdir/pc88
@@ -0,0 +1,24 @@
+#------------------------------------------------------------------------------
+# pc88:  file(1) magic for the NEC Home Computer
+# v1.0
+# Fabio R. Schmidlin <sd-snatcher@users.sourceforge.net>
+
+# PC88 2D disk image
+0x20		ulelong&0xFFFFFEFF	0x2A0
+>0x10		string		\0\0\0\0\0\0\0\0\0\0
+>>0x280		string		\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+>>>0x1A		ubyte&0xEF	0
+>>>>0x1B	ubyte&0x8F	0
+>>>>>0x1B	ubyte&70	<0x40
+>>>>>>0x1C	ulelong	>0x21
+>>>>>>>0		regex	[[:print:]]*	NEC PC-88 disk image, name=%s
+>>>>>>>>0x1B	ubyte	0	\b, media=2D
+>>>>>>>>0x1B	ubyte	0x10	\b, media=2DD
+>>>>>>>>0x1B	ubyte	0x20	\b, media=2HD
+>>>>>>>>0x1B	ubyte	0x30	\b, media=1D
+>>>>>>>>0x1B	ubyte	0x40	\b, media=1DD
+>>>>>>>>0x1A	ubyte	0x10	\b, write-protected
+
+
+
+
diff --git a/magic/Magdir/pc98 b/magic/Magdir/pc98
new file mode 100644
index 0000000..e8f6b8a
--- /dev/null
+++ b/magic/Magdir/pc98
@@ -0,0 +1,77 @@
+#------------------------------------------------------------------------------
+# pc98:  file(1) magic for the MSX Home Computer
+# v1.0
+# Fabio R. Schmidlin <sd-snatcher@users.sourceforge.net>
+
+# Maki-chan v1 Graphic format
+# The image resolution should be X=(44.L - 40.L) and Y=(46.L - 42.L), but I couldn't find a way to do so
+# http://www.jisyo.com/viewer/faq/maki_tech.htm
+0	string/b		MAKI01 	Maki-chan v1.
+>6	ubyte|0x20	x		\b%c image
+>8	ubelong		>0x40404040	\b, system ID:
+>>8	byte		x		%c
+>>9	byte		x		\b%c
+>>10	byte		x		\b%c
+>>11	byte		x		\b%c
+>44	ubeshort	x		\b, %dx
+>46	ubeshort	x		\b%d
+>38	ubeshort&2	0		\b, 16 paletted RGB colors
+>38	ubeshort&2	2		\b, 8 fixed RGB colors
+>38	ubeshort&1	1		\b, 2:1 dot aspect ratio
+
+# Maki-chan v2 Graphic format
+# http://www.jisyo.com/viewer/faq/mag_tech.htm
+# https://mooncore.eu/bunny/txt/makichan.htm
+# http://metanest.jp/mag/mag.xhtml
+0	string/b		MAKI02\ \ 	Maki-chan v2 image,
+>8	byte		x		system ID: %c
+>9	byte		x		\b%c
+>10	byte		x		\b%c
+>11	byte		x		\b%c,
+>13	search/0x200	\x1A
+#Maki-chan video modes are a bit messy and seems to have been expanded over the years without too much planing:
+#1) When offset1(ubeshort) !=0x0344:
+# 1.1) And  offset3(ubyte).b7=0:
+# - b0=pixel aspect ratio: 1=2:1   (note: this ignores that the machine's 1:1 pixel aspect ratio isn't really 1:1)
+# - b1=number of colors: 0=16 colors, 1=8 colors
+# - b2=Palette or fixed colors flag (called "analog" and "digital" in the doc): 0=Paletted, 1=Fixed colors encoded directly in the pixel data
+# 1.2) And  offset3(ubyte).B7=1:
+# - b0=256 paletted colors
+# - b1=256 fixed colors using the MSX SCR8 palette
+#2) When offset1(ubeshort) =0x0344:
+# - 256x212 image with 19268 YJK colors. The usual resolution and color information fields from the file must be ignored
+>>&1	ubeshort	0x0344		256x212, 19268 fixed YJK colors
+>>&1	ubeshort	!0x0344
+>>>&5	uleshort+1	x		%dx
+>>>&7	uleshort+1	x		\b%d,
+>>>&0	ubyte&0x86	0x00		16 paletted RGB colors
+>>>&0	ubyte&0x86	0x02		8 paletted RGB colors
+>>>&0	ubyte&0x86	0x04		16 fixed RGB colors
+>>>&0	ubyte&0x86	0x06		8 fixed RGB colors
+>>>&0	ubyte&0x81	0x80		256 paletted RGB colors
+>>>&0	ubyte&0x81	0x81		256 fixed MSX-SCR8 colors
+>>>&0	ubyte&0x01	1		\b, 2:1 dot aspect ratio
+
+# XLD4 (Q4) picture
+11	string/b	MAJYO		XLD4(Q4) picture
+
+# Yanagisawa Pi picture
+#0	string		Pi\x1A\0	Yanagisawa Pi picture
+#>3	search/0x200	\x04
+0	string		Pi
+>2	search/0x200	\x1A
+>>&0	ubyte		0
+>>>&3	ubyte		4		Yanagisawa Pi 16 color picture,
+>>>&4	byte		x		system ID: %c
+>>>&5	byte		x		\b%c
+>>>&6	byte		x		\b%c
+>>>&7	byte		x		\b%c,
+>>>&10	ubeshort	x		%dx
+>>>&12	ubeshort	x		\b%d
+>>>&3	ubyte		8		Yanagisawa Pi 256 color picture
+>>>&4	byte		x		system ID: %c
+>>>&5	byte		x		\b%c
+>>>&6	byte		x		\b%c
+>>>&7	byte		x		\b%c,
+>>>&10	ubeshort	x		%dx
+>>>&12	ubeshort	x		\b%d
diff --git a/magic/Magdir/pci_ids b/magic/Magdir/pci_ids
new file mode 100644
index 0000000..34bc2e2
--- /dev/null
+++ b/magic/Magdir/pci_ids
@@ -0,0 +1,116 @@
+
+#------------------------------------------------------------------------------
+# $File: pci_ids,v 1.1 2022/04/02 14:47:42 christos Exp $
+# pci.ids:  file(1) magic for PCI specific informations
+#
+
+# Vendor identification (ID)		https://pci-ids.ucw.cz/v2.2/pci.ids
+# show hexadecimal PCI vendor identification in human readable text form
+0	name	PCI-vendor
+#			ID	vendor name
+#>0	uleshort	=0x0f00	fOO
+>0	uleshort	=0x1000	Broadcom
+>0	uleshort	=0x1002	AMD/ATI
+>0	uleshort	=0x1013	Cirrus Logic
+>0	uleshort	=0x1014	IBM
+>0	uleshort	=0x1022	AMD
+>0	uleshort	=0x1050	Winbond
+>0	uleshort	=0x105a	Promise
+>0	uleshort	=0x1095	Silicon
+>0	uleshort	=0x10EC	Realtek
+>0	uleshort	=0x10de	NVIDIA
+>0	uleshort	=0x1106	VIA
+# Woodward McCoach, Inc. 
+>0	uleshort	=0x1231	Woodward
+#
+>0	uleshort	=0x1234	Bochs
+>0	uleshort	=0x15ad	VMware
+>0	uleshort	=0x1af4	Virtio
+>0	uleshort	=0x1b36	QEMU
+>0	uleshort	=0x1de1	Tekram
+# maybe also Promise?
+#>0	uleshort	=0x4289	Promise
+#>0	uleshort	=0x66a1	FOO
+>0	uleshort	=0x8086	Intel
+>0	uleshort	=0x9004	Adaptec
+# also Adaptec; but no example
+>0	uleshort	=0x9005	Adaptec
+# for unknown/missing manufactors
+>0	default		x	UNKNOWN
+>>0	uleshort		x	(%#4.4x)
+
+# https://blog.ladsai.com/pci-configuration-space-class-code.html
+# Base class code			https://wiki.osdev.org/PCI
+# show hexadecimal PCI class+sub+ProgIF identification in human readable text form
+0	name		PCI-class
+#>0	ubyte		x	CLASS=%x
+>0	ubyte		x
+# Device was built prior definition of the class code field
+>>0	ubyte		0x00	PRIOR
+# Any device except for VGA-Compatible devices like: 2975BIOS.BIN Trm3x5.bin
+# BUT also NVidia44.bin vgabios-stdvga-bin.rom
+#>>>0	ubyte		0x00		NOT VGA
+# VGA-Compatible Device; NO EXAMPLE found here!!
+#>>>0	ubyte		0x01		VGA
+# like 4243.bin
+#>>>0	ubyte		0x04		SUB_CLASS_4
+>>0	ubyte		0x01	storage controller
+# device sub-type and its definition is dependent upon the base-type code
+>>>1	ubyte		0x00		SCSI
+>>>1	ubyte		0x01		IDE
+>>>1	ubyte		0x02		Floppy
+>>>1	ubyte		0x03		IPI
+>>>0	ubyte		0x04		RAID
+>>>1	ubyte		0x05		ATA
+>>>1	ubyte		0x06		SATA
+>>>1	ubyte		0x07		SAS
+>>>1	ubyte		0x08		NVM
+# 4650_sr5.bin "PROMISE" "FT TX4650 Ary X"
+>>>1	ubyte		0x80		OTHER
+>>0	ubyte		0x02	network controller
+>>>1	ubyte		0x00		ethernet
+>>>1	ubyte		0x01		token ring
+>>>1	ubyte		0x02		FDDI
+>>>1	ubyte		0x03		ATM
+>>>1	ubyte		0x04		ISDN
+>>>1	ubyte		0x05		WorldFip
+# PICMG 2.14 Multi Computing
+>>>1	ubyte		0x06		PICMG
+>>>1	ubyte		0x80		OTHER
+>>0	ubyte		0x03	display controller
+>>0	ubyte		0x04	multimedia controller
+>>0	ubyte		0x05	memory controller
+>>0	ubyte		0x06	bridge device
+# Simple Communication Controllers
+>>0	ubyte		0x07	communication controller
+# Base System Peripherals
+>>0	ubyte		0x08	base peripheral
+# Input Devices
+>>0	ubyte		0x09	input device
+# Docking Stations
+>>0	ubyte		0x0A	docking station
+>>0	ubyte		0x0B	processor
+>>0	ubyte		0x0C	serial bus controller
+>>0	ubyte		0x0D	wireless controller
+# Intelligent I/O Controllers
+>>0	ubyte		0x0E	I/O controller
+# Satellite Communication Controllers
+>>0	ubyte		0x0F	satellite controller
+# Encryption/Decryption Controllers
+>>0	ubyte		0x10	encryption controller
+# Data Acquisition and Signal Processing Controllers
+>>0	ubyte		0x11	signal controller
+# Processing Accelerator 
+>>0	ubyte		0x12	processing accelerator
+# Non-Essential Instrumentation
+>>0	ubyte		0x13	non-essential
+# reserved or unassigned
+>>0	default		x
+# device does not fit any defined class; Unassigned Class (Vendor specific) 
+>>>0		ubyte	0xFF		UNASSIGNED
+# THIS SHOULD NOT HAPPEN! BUT CLASS=8f for Promise 4650_sr5.bin 8660_sr5.bin
+>>>0		default	x		RESERVED
+>>>>0 	ubyte	x		(%#x)
+# Prog IF of PCI class code?
+# defines the specific device programming interface
+>2	ubyte		>0	\b, ProgIF=%u
diff --git a/magic/Magdir/pcjr b/magic/Magdir/pcjr
new file mode 100644
index 0000000..c3ab7a2
--- /dev/null
+++ b/magic/Magdir/pcjr
@@ -0,0 +1,8 @@
+
+#------------------------------------------------------------------------------
+# $File: pcjr,v 1.1 2021/01/09 15:09:58 christos Exp $
+# pcjr:  file(1) magic for PCjr Cartridge image file format
+# From: Francis Laniel <laniel_francis@privacyrequired.com>
+0	string	PCjr
+>0x80	beshort	0x55aa	PCjr Cartridge image
+>0x200	beshort	0x55aa	PCjr Cartridge image
diff --git a/magic/Magdir/pdf b/magic/Magdir/pdf
new file mode 100644
index 0000000..7a99d8d
--- /dev/null
+++ b/magic/Magdir/pdf
@@ -0,0 +1,51 @@
+
+#------------------------------------------------------------------------------
+# $File: pdf,v 1.18 2023/07/17 15:57:18 christos Exp $
+# pdf:  file(1) magic for Portable Document Format
+#
+
+0	name	pdf
+>8	search		/Count
+>>&0	regex		[0-9]+		\b, %s page(s)
+>8	search/512	/Filter/FlateDecode/	(zip deflate encoded)
+
+0	string		%PDF-		PDF document
+!:mime	application/pdf
+!:strength +60
+!:ext	pdf
+>5	byte		x		\b, version %c
+>7	byte		x		\b.%c
+>0	use		pdf
+
+0	string		\012%PDF-	PDF document
+!:mime	application/pdf
+!:strength +60
+!:ext	pdf
+>6	byte		x		\b, version %c
+>8	byte		x		\b.%c
+>0	use		pdf
+
+0	string		\xef\xbb\xbf%PDF-	PDF document (UTF-8)
+!:mime	application/pdf
+!:strength +60
+!:ext	pdf
+>6	byte		x		\b, version %c
+>8	byte		x		\b.%c
+>0	use		pdf
+
+# From: Nick Schmalenberger <nick@schmalenberger.us>
+# Forms Data Format
+0       string          %FDF-           FDF document
+!:mime application/vnd.fdf
+!:strength +60
+!:ext	pdf
+>5      byte            x               \b, version %c
+>7      byte            x               \b.%c
+
+0	search/1024	%PDF-		PDF document
+!:mime	application/pdf
+!:strength +60
+!:ext	pdf
+>&0	byte		x		\b, version %c
+>&2	byte		x		\b.%c
+>0	use		pdf
diff --git a/magic/Magdir/pdp b/magic/Magdir/pdp
new file mode 100644
index 0000000..2d18b62
--- /dev/null
+++ b/magic/Magdir/pdp
@@ -0,0 +1,42 @@
+
+#------------------------------------------------------------------------------
+# $File: pdp,v 1.11 2017/03/17 21:35:28 christos Exp $
+# pdp:  file(1) magic for PDP-11 executable/object and APL workspace
+#
+0	lelong		0101555		PDP-11 single precision APL workspace
+0	lelong		0101554		PDP-11 double precision APL workspace
+#
+# PDP-11 a.out
+#
+0	leshort		0407		PDP-11 executable
+>8	leshort		>0		not stripped
+>15	byte		>0		- version %d
+
+# updated by Joerg Jenderek at Mar 2013
+# GRR: line below too general as it catches also Windows precompiled setup information *.PNF
+0	leshort		0401
+# skip *.PNF with WinDirPathOffset 58h
+>68	ulelong		!0x00000058	PDP-11 UNIX/RT ldp
+# skip *.PNF with high byte of InfVersionDatumCount zero
+#>>15	byte		!0		PDP-11 UNIX/RT ldp
+0	leshort		0405		PDP-11 old overlay
+
+0	leshort		0410		PDP-11 pure executable
+>8	leshort		>0		not stripped
+>15	byte		>0		- version %d
+
+0	leshort		0411		PDP-11 separate I&D executable
+>8	leshort		>0		not stripped
+>15	byte		>0		- version %d
+
+0	leshort		0437		PDP-11 kernel overlay
+
+# These last three are derived from 2.11BSD file(1)
+0	leshort		0413		PDP-11 demand-paged pure executable
+>8	leshort		>0		not stripped
+
+0	leshort		0430		PDP-11 overlaid pure executable
+>8	leshort		>0		not stripped
+
+0	leshort		0431		PDP-11 overlaid separate executable
+>8	leshort		>0		not stripped
diff --git a/magic/Magdir/perl b/magic/Magdir/perl
new file mode 100644
index 0000000..4a3756a
--- /dev/null
+++ b/magic/Magdir/perl
@@ -0,0 +1,100 @@
+#------------------------------------------------------------------------------
+# $File: perl,v 1.27 2023/07/17 16:01:36 christos Exp $
+# perl:  file(1) magic for Larry Wall's perl language.
+#
+# The `eval' lines recognizes an outrageously clever hack.
+# Keith Waclena <keith@cerberus.uchicago.edu>
+# Send additions to <perl5-porters@perl.org>
+0	search/1024	eval\ "exec\ perl		Perl script text
+!:mime	text/x-perl
+0	search/1024	eval\ "exec\ /bin/perl		Perl script text
+!:mime	text/x-perl
+0	search/1024	eval\ "exec\ /usr/bin/perl	Perl script text
+!:mime	text/x-perl
+0	search/1024	eval\ "exec\ /usr/local/bin/perl	Perl script text
+!:mime	text/x-perl
+0	search/1024	eval\ 'exec\ perl		Perl script text
+!:mime	text/x-perl
+0	search/1024	eval\ 'exec\ /bin/perl		Perl script text
+!:mime	text/x-perl
+0	search/1024	eval\ 'exec\ /usr/bin/perl	Perl script text
+!:mime	text/x-perl
+0	search/1024	eval\ 'exec\ /usr/local/bin/perl	Perl script text
+!:mime	text/x-perl
+0	search/1024	eval\ '(exit\ $?0)'\ &&\ eval\ 'exec	Perl script text
+!:mime	text/x-perl
+0	string	#!/usr/bin/env\ perl	Perl script text executable
+!:mime	text/x-perl
+0	string	#!\ /usr/bin/env\ perl	Perl script text executable
+!:mime	text/x-perl
+0	string	#!
+>0	regex	\^#!.*/bin/perl([[:space:]].*)*$	Perl script text executable
+!:mime	text/x-perl
+
+# by Dmitry V. Levin and Alexey Tourbin
+# check the first line
+0	search/8192	package
+>0	regex		\^package[[:space:]]+[0-9A-Za-z_:]+[[:space:]]*([[:space:]]v?[0-9][0-9.]*)?[[:space:]]*;	Perl5 module source text
+!:strength + 40
+# not 'p', check other lines
+0	search/8192	!p
+>0	regex		\^package[[:space:]]+[0-9A-Za-z_:]+[[:space:]]*([[:space:]]v?[0-9][0-9.]*)?[[:space:]]*;
+>>0	regex		\^1[[:space:]]*;|\^(use|sub|my)[[:space:]].*[(;{=]	Perl5 module source text
+!:strength + 75
+
+# Perl POD documents
+# From: Tom Hukins <tom@eborcom.com>
+0	search/1024/W	\=pod\n		Perl POD document text
+0	search/1024/W	\n\=pod\n	Perl POD document text
+0	search/1024/W	\=head1\ 	Perl POD document text
+0	search/1024/W	\n\=head1\ 	Perl POD document text
+0	search/1024/W	\=head2\ 	Perl POD document text
+0	search/1024/W	\n\=head2\ 	Perl POD document text
+0	search/1024/W	\=encoding\ 	Perl POD document text
+0	search/1024/W	\n\=encoding\ 	Perl POD document text
+
+
+# Perl Storable data files.
+0	string	perl-store	perl Storable (v0.6) data
+>4	byte	>0	(net-order %d)
+>>4	byte	&01	(network-ordered)
+>>4	byte	=3	(major 1)
+>>4	byte	=2	(major 1)
+
+0	string	pst0	perl Storable (v0.7) data
+>4	byte	>0
+>>4	byte	&01	(network-ordered)
+>>4	byte	=5	(major 2)
+>>4	byte	=4	(major 2)
+>>5	byte	>0	(minor %d)
+
+# This is Debian #742949 by Zefram <zefram@fysh.org>:
+# -----------------------------------------------------------
+# The Perl module Hash::SharedMem
+# <https://metacpan.org/release/Hash-SharedMem> defines a file format
+# for a key/value store.  Details of the file format are in the "DESIGN"
+# file in the module distribution.  Magic:
+0	bequad	=0xa58afd185cbf5af7	Hash::SharedMem master file, big-endian
+>8	bequad	<0x1000000
+>>15	byte	>2	\b, line size 2^%d byte
+>>14	byte	>2	\b, page size 2^%d byte
+>>13	byte	&1
+>>>13	byte	>1	\b, max fanout %d
+0	lequad	=0xa58afd185cbf5af7	Hash::SharedMem master file, little-endian
+>8	lequad	<0x1000000
+>>8	byte	>2	\b, line size 2^%d byte
+>>9	byte	>2	\b, page size 2^%d byte
+>>10	byte	&1
+>>>10	byte	>1	\b, max fanout %d
+0	bequad	=0xc693dac5ed5e47c2	Hash::SharedMem data file, big-endian
+>8	bequad	<0x1000000
+>>15	byte	>2	\b, line size 2^%d byte
+>>14	byte	>2	\b, page size 2^%d byte
+>>13	byte	&1
+>>>13	byte	>1	\b, max fanout %d
+0	lequad	=0xc693dac5ed5e47c2	Hash::SharedMem data file, little-endian
+>8	lequad	<0x1000000
+>>8	byte	>2	\b, line size 2^%d byte
+>>9	byte	>2	\b, page size 2^%d byte
+>>10	byte	&1
+>>>10	byte	>1	\b, max fanout %d
diff --git a/magic/Magdir/pgf b/magic/Magdir/pgf
new file mode 100644
index 0000000..8318ce1
--- /dev/null
+++ b/magic/Magdir/pgf
@@ -0,0 +1,52 @@
+
+#------------------------------------------------------------------------------
+# $File: pgf,v 1.3 2021/02/23 00:51:10 christos Exp $
+# pgf: file(1) magic for Progressive Graphics File (PGF)
+#
+# <http://www.libpgf.org/uploads/media/PGF_Details_01.pdf>
+# 2013 by Philipp Hahn <pmhahn debian org>
+0 string PGF Progressive Graphics image data,
+!:mime image/x-pgf
+>3	string	2	version %s,
+>3	string	4	version %s,
+>3	string	5	version %s,
+>3	string	6	version %s,
+#	PGFPreHeader
+#>>4	lelong	x	header size %d,
+#	PGFHeader
+>>8	lelong	x	%d x
+>>12	lelong	x	%d,
+>>16	byte	x	%d levels,
+>>17	byte	x	compression level %d,
+>>18	byte	x	%d bpp,
+>>19	byte	x	%d channels,
+>>20	clear	x
+>>20	byte	0	bitmap,
+>>20	byte	1	gray scale,
+>>20	byte	2	indexed color,
+>>20	byte	3	RGB color,
+>>20	byte	4	CMYK color,
+>>20	byte	5	HSL color,
+>>20	byte	6	HSB color,
+>>20	byte	7	multi-channel,
+>>20	byte	8	duo tone,
+>>20	byte	9	LAB color,
+>>20	byte	10	gray scale 16,
+>>20	byte	11	RGB color 48,
+>>20	byte	12	LAB color 48,
+>>20	byte	13	CMYK color 64,
+>>20	byte	14	deep multi-channel,
+>>20	byte	15	duo tone 16,
+>>20	byte	17	RGBA color,
+>>20	byte	18	gray scale 32,
+>>20	byte	19	RGB color 12,
+>>20	byte	20	RGB color 16,
+>>20	byte	255	unknown format,
+>>20	default	x	format
+>>>20	byte	x	\b %d,
+>>21	byte	x	%d bpc
+#	PGFPostHeader
+#	Level-Sizes
+#>>(4.l+4)	lelong x level 0 size: %d
+#>>(4.l+8)	lelong x level 1 size: %d
+#>>(4.l+12)	lelong x level 2 size: %d
diff --git a/magic/Magdir/pgp b/magic/Magdir/pgp
new file mode 100644
index 0000000..d818838
--- /dev/null
+++ b/magic/Magdir/pgp
@@ -0,0 +1,581 @@
+
+#------------------------------------------------------------------------------
+# $File: pgp,v 1.25 2021/04/26 15:56:00 christos Exp $
+# pgp:  file(1) magic for Pretty Good Privacy
+
+# Handling of binary PGP keys is in pgp-binary-keys.
+# see https://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
+#
+0	beshort		0xa600			PGP encrypted data
+#!:mime	application/pgp-encrypted
+#0	string		-----BEGIN\040PGP	text/PGP armored data
+!:mime	text/PGP # encoding: armored data
+#>15	string	PUBLIC\040KEY\040BLOCK-	public key block
+#>15	string	MESSAGE-		message
+#>15	string	SIGNED\040MESSAGE-	signed message
+#>15	string	PGP\040SIGNATURE-	signature
+
+# Update:	Joerg Jenderek
+# URL:		http://en.wikipedia.org/wiki/Pretty_Good_Privacy
+# Reference:	https://reposcope.com/mimetype/application/pgp-keys
+2	string	---BEGIN\040PGP\040PRIVATE\040KEY\040BLOCK-	PGP private key block
+#!:mime	text/PGP
+!:mime	application/pgp-keys
+!:ext	asc
+2	string	---BEGIN\040PGP\040PUBLIC\040KEY\040BLOCK-	PGP public key block
+!:mime	application/pgp-keys
+!:ext	asc
+>10	search/100	\n\n
+>>&0	use		pgp
+0	string	-----BEGIN\040PGP\040MESSAGE-		PGP message
+# https://reposcope.com/mimetype/application/pgp-encrypted
+#!:mime	application/pgp
+!:mime	application/pgp-encrypted
+!:ext	asc
+#!:ext	asc/pgp/gpg
+>10	search/100	\n\n
+>>&0	use		pgp
+# Reference:	https://www.gnupg.org/gph/en/manual/x135.html
+0	string	-----BEGIN\040PGP\040SIGNED\040MESSAGE-	PGP signed message
+#!:mime	text/plain
+!:mime	text/PGP
+#!:mime	application/pgp
+!:ext	asc
+0	string	-----BEGIN\040PGP\040SIGNATURE-		PGP signature
+# https://reposcope.com/mimetype/application/pgp-signature
+!:mime	application/pgp-signature
+!:ext	asc
+>10	search/100	\n\n
+>>&0	use		pgp
+
+# Decode the type of the packet based on it's base64 encoding.
+# Idea from Mark Martinec
+# The specification is in RFC 4880, section 4.2 and 4.3:
+# https://tools.ietf.org/html/rfc4880#section-4.2
+
+0	name		pgp
+>0	byte		0x67		Reserved (old)
+>0	byte		0x68		Public-Key Encrypted Session Key (old)
+>0	byte		0x69		Signature (old)
+>0	byte		0x6a		Symmetric-Key Encrypted Session Key (old)
+>0	byte		0x6b		One-Pass Signature (old)
+>0	byte		0x6c		Secret-Key (old)
+>0	byte		0x6d		Public-Key (old)
+>0	byte		0x6e		Secret-Subkey (old)
+>0	byte		0x6f		Compressed Data (old)
+>0	byte		0x70		Symmetrically Encrypted Data (old)
+>0	byte		0x71		Marker (old)
+>0	byte		0x72		Literal Data (old)
+>0	byte		0x73		Trust (old)
+>0	byte		0x74		User ID (old)
+>0	byte		0x75		Public-Subkey (old)
+>0	byte		0x76		Unused (old)
+>0	byte		0x77
+>>1	byte&0xc0	0x00		Reserved
+>>1	byte&0xc0	0x40		Public-Key Encrypted Session Key
+>>1	byte&0xc0	0x80		Signature
+>>1	byte&0xc0	0xc0		Symmetric-Key Encrypted Session Key
+>0	byte		0x78
+>>1	byte&0xc0	0x00		One-Pass Signature
+>>1	byte&0xc0	0x40		Secret-Key
+>>1	byte&0xc0	0x80		Public-Key
+>>1	byte&0xc0	0xc0		Secret-Subkey
+>0	byte		0x79
+>>1	byte&0xc0	0x00		Compressed Data
+>>1	byte&0xc0	0x40		Symmetrically Encrypted Data
+>>1	byte&0xc0	0x80		Marker
+>>1	byte&0xc0	0xc0		Literal Data
+>0	byte		0x7a
+>>1	byte&0xc0	0x00		Trust
+>>1	byte&0xc0	0x40		User ID
+>>1	byte&0xc0	0x80		Public-Subkey
+>>1	byte&0xc0	0xc0		Unused [z%x]
+>0	byte		0x30
+>>1	byte&0xc0	0x00		Unused [0%x]
+>>1	byte&0xc0	0x40		User Attribute
+>>1	byte&0xc0	0x80		Sym. Encrypted and Integrity Protected Data
+>>1	byte&0xc0	0xc0		Modification Detection Code
+
+# magic signatures to detect PGP crypto material (from stef)
+# detects and extracts metadata from:
+#  - symmetric encrypted packet header
+#  - RSA (e=65537) secret (sub-)keys
+
+# 1024b RSA encrypted data
+
+0	string	\x84\x8c\x03		PGP RSA encrypted session key -
+>3	belong	x			keyid: %08X
+>7	belong	x			%08X
+>11	byte	0x01			RSA (Encrypt or Sign) 1024b
+>11	byte	0x02			RSA Encrypt-Only 1024b
+>12	string	\x04\x00
+>12	string	\x03\xff
+>12	string	\x03\xfe
+>12	string	\x03\xfd
+>12	string	\x03\xfc
+>12	string	\x03\xfb
+>12	string	\x03\xfa
+>12	string	\x03\xf9
+>142	byte	0xd2			.
+
+# 2048b RSA encrypted data
+
+0	string	\x85\x01\x0c\x03	PGP RSA encrypted session key -
+>4	belong	x			keyid: %08X
+>8	belong	x			%08X
+>12	byte	0x01			RSA (Encrypt or Sign) 2048b
+>12	byte	0x02			RSA Encrypt-Only 2048b
+>13	string	\x08\x00
+>13	string	\x07\xff
+>13	string	\x07\xfe
+>13	string	\x07\xfd
+>13	string	\x07\xfc
+>13	string	\x07\xfb
+>13	string	\x07\xfa
+>13	string	\x07\xf9
+>271	byte	0xd2			.
+
+# 3072b RSA encrypted data
+
+0	string	\x85\x01\x8c\x03	PGP RSA encrypted session key -
+>4	belong	x			keyid: %08X
+>8	belong	x			%08X
+>12	byte	0x01			RSA (Encrypt or Sign) 3072b
+>12	byte	0x02			RSA Encrypt-Only 3072b
+>13	string	\x0c\x00
+>13	string	\x0b\xff
+>13	string	\x0b\xfe
+>13	string	\x0b\xfd
+>13	string	\x0b\xfc
+>13	string	\x0b\xfb
+>13	string	\x0b\xfa
+>13	string	\x0b\xf9
+>399	byte	0xd2			.
+
+# 4096b RSA encrypted data
+
+0	string	\x85\x02\x0c\x03	PGP RSA encrypted session key -
+>4	belong	x			keyid: %08X
+>8	belong	x			%08X
+>12	byte	0x01			RSA (Encrypt or Sign) 4096b
+>12	byte	0x02			RSA Encrypt-Only 4096b
+>13	string	\x10\x00
+>13	string	\x0f\xff
+>13	string	\x0f\xfe
+>13	string	\x0f\xfd
+>13	string	\x0f\xfc
+>13	string	\x0f\xfb
+>13	string	\x0f\xfa
+>13	string	\x0f\xf9
+>527	byte	0xd2			.
+
+# 8192b RSA encrypted data
+
+0	string	\x85\x04\x0c\x03	PGP RSA encrypted session key -
+>4	belong	x			keyid: %08X
+>8	belong	x			%08X
+>12	byte	0x01			RSA (Encrypt or Sign) 8192b
+>12	byte	0x02			RSA Encrypt-Only 8192b
+>13	string	\x20\x00
+>13	string	\x1f\xff
+>13	string	\x1f\xfe
+>13	string	\x1f\xfd
+>13	string	\x1f\xfc
+>13	string	\x1f\xfb
+>13	string	\x1f\xfa
+>13	string	\x1f\xf9
+>1039	byte	0xd2			.
+
+# 1024b Elgamal encrypted data
+
+0	string	\x85\x01\x0e\x03	PGP Elgamal encrypted session key -
+>4	belong	x			keyid: %08X
+>8	belong	x			%08X
+>12	byte	0x10			Elgamal Encrypt-Only 1024b.
+>13	string	\x04\x00
+>13	string	\x03\xff
+>13	string	\x03\xfe
+>13	string	\x03\xfd
+>13	string	\x03\xfc
+>13	string	\x03\xfb
+>13	string	\x03\xfa
+>13	string	\x03\xf9
+
+# 2048b Elgamal encrypted data
+
+0	string	\x85\x02\x0e\x03	PGP Elgamal encrypted session key -
+>4	belong	x			keyid: %08X
+>8	belong	x			%08X
+>12	byte	0x10			Elgamal Encrypt-Only 2048b.
+>13	string	\x08\x00
+>13	string	\x07\xff
+>13	string	\x07\xfe
+>13	string	\x07\xfd
+>13	string	\x07\xfc
+>13	string	\x07\xfb
+>13	string	\x07\xfa
+>13	string	\x07\xf9
+
+# 3072b Elgamal encrypted data
+
+0	string	\x85\x03\x0e\x03	PGP Elgamal encrypted session key -
+>4	belong	x			keyid: %08X
+>8	belong	x			%08X
+>12	byte	0x10			Elgamal Encrypt-Only 3072b.
+>13	string	\x0c\x00
+>13	string	\x0b\xff
+>13	string	\x0b\xfe
+>13	string	\x0b\xfd
+>13	string	\x0b\xfc
+>13	string	\x0b\xfb
+>13	string	\x0b\xfa
+>13	string	\x0b\xf9
+
+# crypto algo mapper
+
+0	name	crypto
+>0	byte	0x00			Plaintext or unencrypted data
+>0	byte	0x01			IDEA
+>0	byte	0x02			TripleDES
+>0	byte	0x03			CAST5 (128 bit key)
+>0	byte	0x04			Blowfish (128 bit key, 16 rounds)
+>0	byte	0x07			AES with 128-bit key
+>0	byte	0x08			AES with 192-bit key
+>0	byte	0x09			AES with 256-bit key
+>0	byte	0x0a			Twofish with 256-bit key
+
+# hash algo mapper
+
+0	name	hash
+>0	byte	0x01			MD5
+>0	byte	0x02			SHA-1
+>0	byte	0x03			RIPE-MD/160
+>0	byte	0x08			SHA256
+>0	byte	0x09			SHA384
+>0	byte	0x0a			SHA512
+>0	byte	0x0b			SHA224
+
+# display public key algorithms as human readable text
+0	name	key_algo
+>0	byte	0x01			RSA (Encrypt or Sign)
+# keep old look of version 5.28 without parentheses
+>0	byte	0x02			RSA Encrypt-Only
+>0	byte	0x03			RSA (Sign-Only)
+>0	byte	16			ElGamal (Encrypt-Only)
+>0	byte	17			DSA
+>0	byte	18			Elliptic Curve
+>0	byte	19			ECDSA
+>0	byte	20			ElGamal (Encrypt or Sign)
+>0	byte	21			Diffie-Hellman
+>0	default	x
+>>0	ubyte	<22			unknown (pub %d)
+# this should never happen
+>>0	ubyte	>21			invalid (%d)
+
+# pgp symmetric encrypted data
+
+0	byte	0x8c			PGP symmetric key encrypted data -
+>1	byte	0x0d
+>1	byte	0x0c
+>2	byte	0x04
+>3	use	crypto
+>4	byte	0x01			salted -
+>>5	use	hash
+>>14	byte	0xd2			.
+>>14	byte	0xc9			.
+>4	byte	0x03			salted & iterated -
+>>5	use	hash
+>>15	byte	0xd2			.
+>>15	byte	0xc9			.
+
+# encrypted keymaterial needs s2k & can be checksummed/hashed
+
+0	name	chkcrypto
+>0	use	crypto
+>1	byte	0x00			Simple S2K
+>1	byte	0x01			Salted S2K
+>1	byte	0x03			Salted&Iterated S2K
+>2	use	hash
+
+# all PGP keys start with this prolog
+# containing version, creation date, and purpose
+
+0	name	keyprolog
+>0	byte	0x04
+>1	beldate	x			created on %s -
+>5	byte	0x01			RSA (Encrypt or Sign)
+>5	byte	0x02			RSA Encrypt-Only
+
+# end of secret keys known signature
+# contains e=65537 and the prolog to
+# the encrypted parameters
+
+0	name	keyend
+>0	string	\x00\x11\x01\x00\x01	e=65537
+>5	use	crypto
+>5	byte	0xff			checksummed
+>>6	use	chkcrypto
+>5	byte	0xfe			hashed
+>>6	use	chkcrypto
+
+# PGP secret keys contain also the public parts
+# these vary by bitsize of the key
+
+0	name	x1024
+>0	use	keyprolog
+>6	string	\x03\xfe
+>6	string	\x03\xff
+>6	string	\x04\x00
+>136	use	keyend
+
+0	name	x2048
+>0	use	keyprolog
+>6	string	\x80\x00
+>6	string	\x07\xfe
+>6	string	\x07\xff
+>264	use	keyend
+
+0	name	x3072
+>0	use	keyprolog
+>6	string	\x0b\xfe
+>6	string	\x0b\xff
+>6	string	\x0c\x00
+>392	use	keyend
+
+0	name	x4096
+>0	use	keyprolog
+>6	string	\x10\x00
+>6	string	\x0f\xfe
+>6	string	\x0f\xff
+>520	use	keyend
+
+# \x00|\x1f[\xfe\xff]).{1024})'
+0	name	x8192
+>0	use	keyprolog
+>6	string	\x20\x00
+>6	string	\x1f\xfe
+>6	string	\x1f\xff
+>1032	use	keyend
+
+# depending on the size of the pkt
+# we branch into the proper key size
+# signatures defined as x{keysize}
+
+0	name	pgpkey
+>0	string	\x01\xd8	1024b
+>>2	use	x1024
+>0	string	\x01\xeb	1024b
+>>2	use	x1024
+>0	string	\x01\xfb	1024b
+>>2	use	x1024
+>0	string	\x01\xfd	1024b
+>>2	use	x1024
+>0	string	\x01\xf3	1024b
+>>2	use	x1024
+>0	string	\x01\xee	1024b
+>>2	use	x1024
+>0	string	\x01\xfe	1024b
+>>2	use	x1024
+>0	string	\x01\xf4	1024b
+>>2	use	x1024
+>0	string	\x02\x0d	1024b
+>>2	use	x1024
+>0	string	\x02\x03	1024b
+>>2	use	x1024
+>0	string	\x02\x05	1024b
+>>2	use	x1024
+>0	string	\x02\x15	1024b
+>>2	use	x1024
+>0	string	\x02\x00	1024b
+>>2	use	x1024
+>0	string	\x02\x10	1024b
+>>2	use	x1024
+>0	string	\x02\x04	1024b
+>>2	use	x1024
+>0	string	\x02\x06	1024b
+>>2	use	x1024
+>0	string	\x02\x16	1024b
+>>2	use	x1024
+>0	string	\x03\x98	2048b
+>>2	use	x2048
+>0	string	\x03\xab	2048b
+>>2	use	x2048
+>0	string	\x03\xbb	2048b
+>>2	use	x2048
+>0	string	\x03\xbd	2048b
+>>2	use	x2048
+>0	string	\x03\xcd	2048b
+>>2	use	x2048
+>0	string	\x03\xb3	2048b
+>>2	use	x2048
+>0	string	\x03\xc3	2048b
+>>2	use	x2048
+>0	string	\x03\xc5	2048b
+>>2	use	x2048
+>0	string	\x03\xd5	2048b
+>>2	use	x2048
+>0	string	\x03\xae	2048b
+>>2	use	x2048
+>0	string	\x03\xbe	2048b
+>>2	use	x2048
+>0	string	\x03\xc0	2048b
+>>2	use	x2048
+>0	string	\x03\xd0	2048b
+>>2	use	x2048
+>0	string	\x03\xb4	2048b
+>>2	use	x2048
+>0	string	\x03\xc4	2048b
+>>2	use	x2048
+>0	string	\x03\xc6	2048b
+>>2	use	x2048
+>0	string	\x03\xd6	2048b
+>>2	use	x2048
+>0	string	\x05X		3072b
+>>2	use	x3072
+>0	string	\x05k		3072b
+>>2	use	x3072
+>0	string	\x05{		3072b
+>>2	use	x3072
+>0	string	\x05}		3072b
+>>2	use	x3072
+>0	string	\x05\x8d	3072b
+>>2	use	x3072
+>0	string	\x05s		3072b
+>>2	use	x3072
+>0	string	\x05\x83	3072b
+>>2	use	x3072
+>0	string	\x05\x85	3072b
+>>2	use	x3072
+>0	string	\x05\x95	3072b
+>>2	use	x3072
+>0	string	\x05n		3072b
+>>2	use	x3072
+>0	string	\x05\x7e	3072b
+>>2	use	x3072
+>0	string	\x05\x80	3072b
+>>2	use	x3072
+>0	string	\x05\x90	3072b
+>>2	use	x3072
+>0	string	\x05t		3072b
+>>2	use	x3072
+>0	string	\x05\x84	3072b
+>>2	use	x3072
+>0	string	\x05\x86	3072b
+>>2	use	x3072
+>0	string	\x05\x96	3072b
+>>2	use	x3072
+>0	string	\x07[		4096b
+>>2	use	x4096
+>0	string	\x07\x18	4096b
+>>2	use	x4096
+>0	string	\x07+		4096b
+>>2	use	x4096
+>0	string	\x07;		4096b
+>>2	use	x4096
+>0	string	\x07=		4096b
+>>2	use	x4096
+>0	string	\x07M		4096b
+>>2	use	x4096
+>0	string	\x073		4096b
+>>2	use	x4096
+>0	string	\x07C		4096b
+>>2	use	x4096
+>0	string	\x07E		4096b
+>>2	use	x4096
+>0	string	\x07U		4096b
+>>2	use	x4096
+>0	string	\x07.		4096b
+>>2	use	x4096
+>0	string	\x07>		4096b
+>>2	use	x4096
+>0	string	\x07@		4096b
+>>2	use	x4096
+>0	string	\x07P		4096b
+>>2	use	x4096
+>0	string	\x074		4096b
+>>2	use	x4096
+>0	string	\x07D		4096b
+>>2	use	x4096
+>0	string	\x07F		4096b
+>>2	use	x4096
+>0	string	\x07V		4096b
+>>2	use	x4096
+>0	string	\x0e[		8192b
+>>2	use	x8192
+>0	string	\x0e\x18	8192b
+>>2	use	x8192
+>0	string	\x0e+		8192b
+>>2	use	x8192
+>0	string	\x0e;		8192b
+>>2	use	x8192
+>0	string	\x0e=		8192b
+>>2	use	x8192
+>0	string	\x0eM		8192b
+>>2	use	x8192
+>0	string	\x0e3		8192b
+>>2	use	x8192
+>0	string	\x0eC		8192b
+>>2	use	x8192
+>0	string	\x0eE		8192b
+>>2	use	x8192
+>0	string	\x0eU		8192b
+>>2	use	x8192
+>0	string	\x0e.		8192b
+>>2	use	x8192
+>0	string	\x0e>		8192b
+>>2	use	x8192
+>0	string	\x0e@		8192b
+>>2	use	x8192
+>0	string	\x0eP		8192b
+>>2	use	x8192
+>0	string	\x0e4		8192b
+>>2	use	x8192
+>0	string	\x0eD		8192b
+>>2	use	x8192
+>0	string	\x0eF		8192b
+>>2	use	x8192
+>0	string	\x0eV		8192b
+>>2	use	x8192
+
+# PGP RSA (e=65537) secret (sub-)key header
+
+0	byte	0x97			PGP Secret Sub-key -
+>1	use	pgpkey
+0	byte	0x9d
+# Update: Joerg Jenderek
+# secret subkey packet (tag 7) with same structure as secret key packet (tag 5)
+# skip Fetus.Sys16 CALIBUS.MAIN OrbFix.Sys16.Ex by looking for positive len
+>1	ubeshort	>0
+#>1	ubeshort	x		\b, body length %#x
+# next packet type often 88h,89h~(tag 2)~Signature Packet
+#>>(1.S+3)	ubyte	x		\b, next packet type %#x
+# skip Dragon.SHR DEMO.INIT by looking for positive version
+>>3	ubyte		>0
+# skip BUISSON.13 GUITAR1 by looking for low version number
+>>>3	ubyte		<5		PGP Secret Sub-key
+# sub-key are normally part of secret key. So it does not occur as standalone file
+#!:ext	bin
+# version 2,3~old 4~new . Comment following line for version 5.28 look
+>>>>3	ubyte		x		(v%d)
+>>>>3	ubyte		x		-
+# old versions 2 or 3 but no real example found
+>>>>3	ubyte		<4
+# 2 byte for key bits in version 5.28 look
+>>>>>11		ubeshort	x	%db
+>>>>>4		beldate		x	created on %s -
+# old versions use 2 additional bytes after time stamp
+#>>>>>8		ubeshort	x	%#x
+# display key algorithm 1~RSA Encrypt|Sign - 21~Diffie-Hellman
+>>>>>10	  	use		key_algo
+>>>>>(11.S/8)	ubequad		x
+# look after first key
+>>>>>>&5	use		keyend
+# new version
+>>>>3	ubyte		>3
+>>>>>9		ubeshort	x	%db
+>>>>>4		beldate		x	created on %s -
+# display key algorithm
+>>>>>8		use		key_algo
+>>>>>(9.S/8)	ubequad		x
+# look after first key for something like s2k
+>>>>>>&3	use		keyend
diff --git a/magic/Magdir/pgp-binary-keys b/magic/Magdir/pgp-binary-keys
new file mode 100644
index 0000000..1ce76d9
--- /dev/null
+++ b/magic/Magdir/pgp-binary-keys
@@ -0,0 +1,388 @@
+
+#------------------------------------------------------------------------------
+# $File: pgp-binary-keys,v 1.2 2021/04/26 15:56:00 christos Exp $
+# pgp-binary-keys: This file handles pgp binary keys.
+#
+# An PGP certificate or message doesn't have a fixed header.  Instead,
+# they are sequences of packets:
+#
+#   https://tools.ietf.org/html/rfc4880#section-4.3
+#
+# whose order conforms to a grammar:
+#
+#   https://tools.ietf.org/html/rfc4880#section-11
+#
+# Happily most packets have a few fields that are constrained, which
+# allow us to fingerprint them with relatively high certainty.
+#
+# A PGP packet is described by a single byte: the so-called CTB.  The
+# high-bit is always set.  If bit 6 is set, then it is a so-called
+# new-style CTB; if bit 6 is clear, then it is a so-called old-style
+# CTB.  Old-style CTBs have only four bits of type information; bits
+# 1-0 are used to describe the length.  New-style CTBs have 6 bits of
+# type information.
+#
+# Following the CTB is the packet's length in bytes.  If we blindly
+# advance the file cursor by this amount past the end of the length
+# information we come to the next packet.
+#
+# Data Structures
+# ===============
+#
+# New Style CTB
+# -------------
+#
+# https://tools.ietf.org/html/rfc4880#section-4.2.2
+#
+#   76543210
+#   ||\----/
+#   ||  tag
+#   |always 1
+#   always 1
+#
+#      Tag   bits 7 and 6 set
+#       0       0xC0        -- Reserved - a packet tag MUST NOT have this value
+#       1       0xC1        -- Public-Key Encrypted Session Key Packet
+#       2       0xC2        -- Signature Packet
+#       3       0xC3        -- Symmetric-Key Encrypted Session Key Packet
+#       4       0xC4        -- One-Pass Signature Packet
+#       5       0xC5        -- Secret-Key Packet
+#       6       0xC6        -- Public-Key Packet
+#       7       0xC7        -- Secret-Subkey Packet
+#       8       0xC8        -- Compressed Data Packet
+#       9       0xC9        -- Symmetrically Encrypted Data Packet
+#       10      0xCA        -- Marker Packet
+#       11      0xCB        -- Literal Data Packet
+#       12      0xCC        -- Trust Packet
+#       13      0xCD        -- User ID Packet
+#       14      0xCE        -- Public-Subkey Packet
+#       17      0xD1        -- User Attribute Packet
+#       18      0xD2        -- Sym. Encrypted and Integrity Protected Data Packet
+#       19      0xD3        -- Modification Detection Code Packet
+#       60 to 63 -- Private or Experimental Values
+#
+# The CTB is followed by the length header, which is densely encoded:
+#
+#   if length[0] is:
+#     0..191: one byte length (length[0])
+#     192..223: two byte length ((length[0] - 192) * 256 + length[2] + 192
+#     224..254: four byte length (big endian interpretation of length[1..5])
+#     255: partial body encoding
+#
+# The partial body encoding is similar to HTTP's chunk encoding.  It
+# is only allowed for container packets (SEIP, Compressed Data and
+# Literal).
+#
+# Old Style CTB
+# -------------
+#
+#  https://tools.ietf.org/html/rfc4880#section-4.2.1
+#
+# CTB:
+#
+#   76543210
+#   ||\--/\/
+#   ||  |  length encoding
+#   ||  tag
+#   |always 0
+#   always 1
+#
+# Tag:
+#
+#      Tag   bit 7 set, bits 6, 1, 0 clear
+#       0       0x80        -- Reserved - a packet tag MUST NOT have this value
+#       1       0x84        -- Public-Key Encrypted Session Key Packet
+#       2       0x88        -- Signature Packet
+#       3       0x8C        -- Symmetric-Key Encrypted Session Key Packet
+#       4       0x90        -- One-Pass Signature Packet
+#       5       0x94        -- Secret-Key Packet
+#       6       0x98        -- Public-Key Packet
+#       7       0x9C        -- Secret-Subkey Packet
+#       8       0xA0        -- Compressed Data Packet
+#       9       0xA4        -- Symmetrically Encrypted Data Packet
+#       10      0xA8        -- Marker Packet
+#       11      0xAC        -- Literal Data Packet
+#       12      0xB0        -- Trust Packet
+#       13      0xB4        -- User ID Packet
+#       14      0xB8        -- Public-Subkey Packet
+#
+# Length encoding:
+#
+#     Value
+#       0      1 byte length (following byte is the length)
+#       1      2 byte length (following two bytes are the length)
+#       2      4 byte length (following four bytes are the length)
+#       3      indeterminate length: natural end of packet, e.g., EOF
+#
+# An indeterminate length is only allowed for container packets
+# (SEIP, Compressed Data and Literal).
+#
+# Certificates
+# ------------
+#
+# We check the first three packets to determine if a sequence of
+# OpenPGP packets is likely to be a certificate.  The grammar allows
+# the following prefixes:
+#
+#   [Primary Key] [SIG] (EOF or another certificate)
+#   [Primary Key] [SIG]            [User ID]        [SIG]...
+#   [Primary Key] [SIG]            [User Attribute] [SIG]...
+#   [Primary Key] [SIG]            [Subkey]         [SIG]...
+#   [Primary Key] [User ID]        [SIG]...
+#   [Primary Key] [User Attribute] [SIG]...
+#   [Primary Key] [Subkey]         [SIG]...
+#
+# Any number of marker packets are also allowed between each packet,
+# but they are not normally used and we don't currently check for
+# them.
+#
+# The keys and subkeys may be public or private.
+#
+
+# Key packets and signature packets are versioned.  There are two
+# packet versions that we need to worry about in practice: v3 and v4.
+# v4 packets were introduced in RFC 2440, which was published in 1998.
+# It also deprecated v3 packets.  There are no actively used v3
+# certificates (GnuPG removed the code to support them in November
+# 2014).  But there are v3 keys lying around and it is useful to
+# identify them.  The next version of OpenPGP will introduce v5 keys.
+# The document has not yet been standardized so changes are still
+# possible.  But, for our purposes, it appears that v5 data structures
+# will be identical to v4 data structures modulo the version number.
+#
+#   https://tools.ietf.org/html/rfc2440
+#   https://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000358.html
+#   https://www.ietf.org/id/draft-ietf-openpgp-rfc4880bis-09.html#name-key-material-packet
+
+
+
+
+# The first packet has to be a public key or a secret key.
+#
+# New-Style Public Key
+0	ubyte			=0xC6	OpenPGP Public Key
+>&0	use			primary_key_length_new
+# New-Style Secret Key
+0	ubyte			=0xC5	OpenPGP Secret Key
+>&0	use			primary_key_length_new
+# Old-Style Public Key
+0	ubyte&0xFC		=0x98	OpenPGP Public Key
+>&-1	use			primary_key_length_old
+# Old-Style Secret Key
+0	ubyte&0xFC		=0x94	OpenPGP Secret Key
+>&-1	use			primary_key_length_old
+
+# Parse the length, check the packet's body and finally advance to the
+# next packet.
+
+# There are 4 different new-style length encodings, but the partial
+# body encoding is only acceptable for the SEIP, Compressed Data, and
+# Literal packets, which isn't valid for any packets in a certificate
+# so we ignore it.
+0		name		primary_key_length_new
+>&0		ubyte		<192
+#>>&0		ubyte		x		(1 byte length encoding, %d bytes)
+>>&0		use		pgp_binary_key_pk_check
+>>>&(&-1.B)	use		sig_or_component_1
+>&0		ubyte		>191
+>>&-1		ubyte		<225
+# offset = ((offset[0] - 192) << 8) + offset[1] + 192 (for the length header)
+# raw - (192 * 256 - 192)
+# = 48960
+#>>>&0		ubeshort		x	(2 byte length encoding, %d bytes)
+>>>&1		use		pgp_binary_key_pk_check
+>>>>&(&-2.S-48960)	use	sig_or_component_1
+>&0		ubyte		=255
+#>>&0   	belong		x		(5 byte length encoding, %d bytes)
+>>&4		use		pgp_binary_key_pk_check
+>>>&(&-4.L)	use		sig_or_component_1
+# Partial body encoding (only valid for container packets).
+# >&0		ubyte	>224
+# >>&0		ubyte		<255		partial body encoding
+
+# There are 4 different old-style length encodings, but the
+# indeterminate length encoding is only acceptable for the SEIP,
+# Compressed Data, and Literal packets, which isn't valid for any
+# packets in a certificate.
+0		name		primary_key_length_old
+#>&0		ubyte		x		(ctb: %x)
+>&0		ubyte&0x3	=0
+#>>&0    	ubyte		x		(1 byte length encoding, %d bytes)
+>>&1		use		pgp_binary_key_pk_check
+>>>&(&-1.B)	use		sig_or_component_1
+>&0		ubyte&0x3	=1
+#>>&0    	ubeshort	x		(2 byte length encoding, %d bytes)
+>>&2		use		pgp_binary_key_pk_check
+>>>&(&-2.S)	use		sig_or_component_1
+>&0		ubyte&0x3	=2
+#>>&0    	ubelong	x		(4 byte length encoding, %d bytes)
+>>&4		use		pgp_binary_key_pk_check
+>>>&(&-4.L)	use		sig_or_component_1
+
+# Check the Key.
+#
+# https://tools.ietf.org/html/rfc4880#section-5.5.2
+0		name		pgp_binary_key_pk_check
+# Valid versions are: 2, 3, 4.  5 is proposed in RFC 4880bis.
+# Anticipate a v6 / v7 format that like v5 is compatible with v4.
+# key format in a decade or so :D.
+>&0		ubyte		>1
+>>&-1		ubyte		<8
+>>>&-1		byte		x		Version %d
+# Check that keys were created after 1990.
+# (1990 - 1970) * 365.2524 * 24 * 60 * 60 = 631156147
+>>>&0		bedate		>631156147      \b, Created %s
+>>>>&-5		ubyte		>3
+>>>>>&4		use		pgp_binary_key_algo
+>>>>&-5		ubyte		<4
+>>>>>&6		use		pgp_binary_key_algo
+
+# Print out the key's algorithm and the number of bits, if this is
+# relevant (ECC keys are a fixed size).
+0		name		pgp_binary_key_algo
+>0		clear		x
+>&0		ubyte		=1	\b, RSA (Encrypt or Sign,
+>>&0		ubeshort	x	\b %d bits)
+>&0		ubyte		=2	\b, RSA (Encrypt,
+>>&0		ubeshort	x	\b %d bits)
+>&0		ubyte		=3	\b, RSA (Sign,
+>>&0		ubeshort	x	\b %d bits)
+>&0		ubyte		=16	\b, El Gamal (Encrypt,
+>>&0		ubeshort	x	\b %d bits)
+>&0		ubyte		=17	\b, DSA
+>>&0		ubeshort	x	\b (%d bits)
+>&0		ubyte		=18	\b, ECDH
+>&0		ubyte		=19	\b, ECDSA
+>&0		ubyte		=20	\b, El Gamal (Encrypt or Sign,
+>>&0		ubeshort	x	\b %d bits)
+>&0		ubyte		=22	\b, EdDSA
+>&0		default         x
+>>&0		ubyte		x	\b, Unknown Algorithm (%#x)
+
+# Match all possible second packets.
+0	name		sig_or_component_1
+#>0	ubyte		x	(ctb: %x)
+>&0	ubyte		=0xC2
+>>0	ubyte		x	\b; Signature
+>>&0	use		sig_or_component_1_length_new
+>&0	ubyte		=0xCD
+>>0	ubyte		x	\b; User ID
+>>&0	use		sig_or_component_1_length_new
+>&0	ubyte		=0xCE
+>>0	ubyte		x	\b; Public Subkey
+>>&0	use		sig_or_component_1_length_new
+>&0	ubyte		=0xC7
+>>0	ubyte		x	\b; Secret Subkey
+>>&0	use		sig_or_component_1_length_new
+>&0	ubyte		=0xD1
+>>0	ubyte		x	\b; User Attribute
+>>&0	use		sig_or_component_1_length_new
+>&0	ubyte&0xFC	=0x88
+>>0	ubyte		x	\b; Signature
+>>&-1	use		sig_or_component_1_length_old
+>&0	ubyte&0xFC	=0xB4
+>>0	ubyte		x	\b; User ID
+>>&-1	use		sig_or_component_1_length_old
+>&0	ubyte&0xFC	=0xB8
+>>0	ubyte		x	\b; Public Subkey
+>>&-1	use		sig_or_component_1_length_old
+>&0	ubyte&0xFC	=0x9C
+>>0	ubyte		x	\b; Secret Subkey
+>>&-1	use		sig_or_component_1_length_old
+
+# Copy of 'primary_key_length_new', but calls cert_packet_3.
+0		name		sig_or_component_1_length_new
+>&0		ubyte		<192
+#>>&0		ubyte		x		(1 byte new length encoding, %d bytes)
+>>&(&-1.B)	use		cert_packet_3
+>&0		ubyte		>191
+>>&-1		ubyte		<225
+# offset = ((offset[0] - 192) << 8) + offset[1] + 192 + 1 (for the length header)
+# raw - (192 * 256 - 192 - 1)
+# = 48959
+#>>>&-1		ubeshort		x	(2 byte new length encoding, %d bytes)
+>>>&(&-1.S-48959)	use	cert_packet_3
+>&0		ubyte		=255
+#>>&0   	belong		x		(5 byte new length encoding, %d bytes)
+>>&(&-4.L)	use		cert_packet_3
+# Partial body encoding (only valid for container packets).
+# >&0		ubyte	>224
+# >>&0		ubyte		<255		partial body encoding
+
+0		name		sig_or_component_1_length_old
+#>&0		ubyte		x		(ctb: %x)
+>&0		ubyte&0x3	=0
+#>>&0    	ubyte		x		(1 byte old length encoding, %d bytes)
+>>&(&0.B+1)	use		cert_packet_3
+>&0		ubyte&0x3	=1
+#>>&0    	ubeshort	x		(2 byte old length encoding, %d bytes)
+>>&(&0.S+2)	use		cert_packet_3
+>&0		ubyte&0x3	=2
+#>>&0    	ubelong	x		(4 byte old length encoding, %d bytes)
+>>&(&0.L+4)	use		cert_packet_3
+
+# Copy of above.
+0	name		cert_packet_3
+#>0	ubyte		x	(ctb: %x)
+>&0	ubyte		=0xC2
+>>0	ubyte		x	\b; Signature
+>>&0	use		cert_packet_3_length_new
+>&0	ubyte		=0xCD
+>>0	ubyte		x	\b; User ID
+>>&0	use		cert_packet_3_length_new
+>&0	ubyte		=0xCE
+>>0	ubyte		x	\b; Public Subkey
+>>&0	use		cert_packet_3_length_new
+>&0	ubyte		=0xC7
+>>0	ubyte		x	\b; Secret Subkey
+>>&0	use		cert_packet_3_length_new
+>&0	ubyte		=0xD1
+>>0	ubyte		x	\b; User Attribute
+>>&0	use		cert_packet_3_length_new
+>&0	ubyte&0xFC	=0x88
+>>0	ubyte		x	\b; Signature
+>>&-1	use		cert_packet_3_length_old
+>&0	ubyte&0xFC	=0xB4
+>>0	ubyte		x	\b; User ID
+>>&-1	use		cert_packet_3_length_old
+>&0	ubyte&0xFC	=0xB8
+>>0	ubyte		x	\b; Public Subkey
+>>&-1	use		cert_packet_3_length_old
+>&0	ubyte&0xFC	=0x9C
+>>0	ubyte		x	\b; Secret Subkey
+>>&-1	use		cert_packet_3_length_old
+
+# Copy of above.
+0		name		cert_packet_3_length_new
+>&0		ubyte		<192
+#>>&0		ubyte		x		(1 byte new length encoding, %d bytes)
+>>&(&-1.B)	use		pgp_binary_keys_end
+>&0		ubyte		>191
+>>&-1		ubyte		<225
+# offset = ((offset[0] - 192) << 8) + offset[1] + 192 + 1 (for the length header)
+# raw - (192 * 256 - 192 - 1)
+# = 48959
+#>>>&-1		ubeshort		x	(2 byte new length encoding, %d bytes)
+>>>&(&-1.S-48959)	use	pgp_binary_keys_end
+>&0		ubyte		=255
+#>>&0   	belong		x		(5 byte new length encoding, %d bytes)
+>>&(&-4.L)	use		pgp_binary_keys_end
+
+0		name		cert_packet_3_length_old
+#>&0		ubyte		x		(ctb: %x)
+>&0		ubyte&0x3	=0
+#>>&0    	ubyte		x		(1 byte old length encoding, %d bytes)
+>>&(&0.B+1)	use		pgp_binary_keys_end
+>&0		ubyte&0x3	=1
+#>>&0    	ubeshort	x		(2 byte old length encoding, %d bytes)
+>>&(&0.S+2)	use		pgp_binary_keys_end
+>&0		ubyte&0x3	=2
+#>>&0    	ubelong	x		(4 byte old length encoding, %d bytes)
+>>&(&0.L+4)	use		pgp_binary_keys_end
+
+# We managed to parse the first three packets of the certificate.  Declare
+# victory.
+0		name		pgp_binary_keys_end
+>0		byte		x		\b; OpenPGP Certificate
+!:mime		application/pgp-keys
+!:ext		pgp/gpg/pkr/asd
diff --git a/magic/Magdir/pkgadd b/magic/Magdir/pkgadd
new file mode 100644
index 0000000..7dfb286
--- /dev/null
+++ b/magic/Magdir/pkgadd
@@ -0,0 +1,7 @@
+
+#------------------------------------------------------------------------------
+# $File: pkgadd,v 1.6 2009/09/19 16:28:11 christos Exp $
+# pkgadd:  file(1) magic for SysV R4 PKG Datastreams
+#
+0       string          #\ PaCkAgE\ DaTaStReAm  pkg Datastream (SVR4)
+!:mime	application/x-svr4-package
diff --git a/magic/Magdir/plan9 b/magic/Magdir/plan9
new file mode 100644
index 0000000..db06847
--- /dev/null
+++ b/magic/Magdir/plan9
@@ -0,0 +1,25 @@
+
+#------------------------------------------------------------------------------
+# $File: plan9,v 1.6 2021/07/30 12:25:13 christos Exp $
+# plan9:  file(1) magic for AT&T Bell Labs' Plan 9 executables and object files
+# From: "Stefan A. Haubenthal" <polluks@web.de>
+#
+0	belong		0x00000107	Plan 9 executable, Motorola 68k
+0	belong		0x00000197	Plan 9 executable, AT&T Hobbit
+0	belong		0x000001EB	Plan 9 executable, Intel 386
+0	belong		0x00000247	Plan 9 executable, Intel 960
+0	belong		0x000002AB	Plan 9 executable, SPARC
+0	belong		0x00000407	Plan 9 executable, MIPS R3000
+0	belong		0x0000048B	Plan 9 executable, AT&T DSP 3210
+0	belong		0x00000517	Plan 9 executable, MIPS R4000 BE
+0	belong		0x000005AB	Plan 9 executable, AMD 29000
+0	belong		0x00000647	Plan 9 executable, ARM 7-something
+0	belong		0x000006EB	Plan 9 executable, PowerPC
+0	belong		0x00000797	Plan 9 executable, MIPS R4000 LE
+0	belong		0x0000084B	Plan 9 executable, DEC Alpha
+
+0	belong		0x3A11013C	Plan 9 object file, MIPS R3000
+0	belong		0x430D013C	Plan 9 object file, AT&T Hobbit
+0	belong		0x4D013201	Plan 9 object file, Motorola 68k
+0	belong		0x7410013C	Plan 9 object file, SPARC
+0	belong		0x7E004501	Plan 9 object file, Intel 386
diff --git a/magic/Magdir/playdate b/magic/Magdir/playdate
new file mode 100644
index 0000000..77f8c68
--- /dev/null
+++ b/magic/Magdir/playdate
@@ -0,0 +1,57 @@
+
+#------------------------------------------------------------------------------
+# $File: playdate,v 1.1 2022/11/04 13:34:48 christos Exp $
+#
+# Various native file formats for the Playdate portable video game console.
+#
+# These are unofficially documented at
+# https://github.com/jaames/playdate-reverse-engineering
+# 
+# The SDK is a source for many test files, and can be used to
+# create others. https://play.date/dev/
+
+
+# pdi: static image
+0	string	Playdate\ IMG	Playdate image data
+>12	belong&0x80	0x80	(compressed)
+>>20	lelong	x	%d x
+>>24	lelong	x	%d
+>12	belong&0x80	0x00	(uncompressed)
+>>16	leshort	x	%d x
+>>18	leshort	x	%d
+
+# pdt: multiple static images
+0	string	Playdate\ IMT	Playdate image data set
+>12	belong&0x80	0x80	(compressed)
+>>20	lelong	x	%d x
+>>24	lelong	x	%d,
+>>28	lelong	x	%d cells
+>12	belong&0x80	0x00	(uncompressed)
+>>20	lelong	x	tile grid %d x
+>>24	lelong	x	%d
+
+# pds: string tables
+0	string	Playdate\ STR	Playdate localization strings
+>12	belong&0x80	0x80	(compressed)
+>12	belong&0x80	0x00	(uncompressed)
+
+# pda: audio
+0	string	Playdate\ AUD	Playdate audio file
+>12	lelong&0xffffff	x	%d Hz,
+>15	byte	0	unsigned, 8-bit PCM, 1 channel
+>15	byte	1	unsigned, 8-bit PCM, 2 channel
+>15	byte	2	signed, 16-bit little-endian PCM, 1 channel
+>15	byte	3	signed, 16-bit little-endian PCM, 1 channel
+>15	byte	4	4-bit ADPCM, 1 channel
+>15	byte	5	4-bit ADPCM, 2 channel
+
+# pda: video
+0	string	Playdate\ VID	Playdate video file
+>24	leshort	x	%d x
+>26	leshort	x	%d,
+>16	leshort	x	%d frames,
+>20	lefloat x	%.2f FPS
+
+# pdz: executable package
+# Not a lot we can do, as it's a stream of entries with no summary information.
+0	string	Playdate\ PDZ	Playdate executable package
diff --git a/magic/Magdir/plus5 b/magic/Magdir/plus5
new file mode 100644
index 0000000..795cca1
--- /dev/null
+++ b/magic/Magdir/plus5
@@ -0,0 +1,18 @@
+
+#------------------------------------------------------------------------------
+# $File: plus5,v 1.6 2009/09/19 16:28:11 christos Exp $
+# plus5:  file(1) magic for Plus Five's UNIX MUMPS
+#
+# XXX - byte order?  Paging Hokey....
+#
+0	short		0x259		mumps avl global
+>2	byte		>0		(V%d)
+>6	byte		>0		with %d byte name
+>7	byte		>0		and %d byte data cells
+0	short		0x25a		mumps blt global
+>2	byte		>0		(V%d)
+>8	short		>0		- %d byte blocks
+>15	byte		0x00		- P/D format
+>15	byte		0x01		- P/K/D format
+>15	byte		0x02		- K/D format
+>15	byte		>0x02		- Bad Flags
diff --git a/magic/Magdir/pmem b/magic/Magdir/pmem
new file mode 100644
index 0000000..c0ead73
--- /dev/null
+++ b/magic/Magdir/pmem
@@ -0,0 +1,46 @@
+
+#------------------------------------------------------------------------------
+# $File: pmem,v 1.4 2021/04/26 15:56:00 christos Exp $
+# pmem: file(1) magic for Persistent Memory Development Kit pool files
+#
+0	string		PMEM
+>4	string		POOLSET		Persistent Memory Poolset file
+>>11	search		REPLICA		with replica
+>4	regex		LOG|BLK|OBJ	Persistent Memory Pool file, type: %s,
+>>8	lelong		>0		version: %#x,
+>>12	lelong		x		compat: %#x,
+>>16	lelong		x		incompat: %#x,
+>>20	lelong		x		ro_compat: %#x,
+
+
+>>120	leqldate	x		crtime: %s,
+>>128	lequad		x		alignment_desc: %#016llx,
+
+>>136	clear		x
+>>136	byte		2		machine_class: 64-bit,
+>>136	default		x		machine_class: unknown
+>>>136	byte		x		(%#d),
+
+>>137	clear		x
+>>137	byte		1		data: little-endian,
+>>137	byte		2		data: big-endian,
+>>137	default		x		data: unknown
+>>>137	byte		x		(%#d),
+
+>>138	byte		!0		reserved[0]: %d,
+>>139	byte		!0		reserved[1]: %d,
+>>140	byte		!0		reserved[2]: %d,
+>>141	byte		!0		reserved[3]: %d,
+
+>>142	clear		x
+>>142	leshort		62		machine: x86_64
+>>142	leshort		183		machine: aarch64
+>>142	default		x		machine: unknown
+>>>142	leshort		x		(%#d)
+
+>4	string		BLK
+>>4096	lelong		x		\b, blk.bsize: %d
+
+>4	string		OBJ
+>>4096	string		>0		\b, obj.layout: '%s'
+>>4096	string		<0		\b, obj.layout: NULL
diff --git a/magic/Magdir/polyml b/magic/Magdir/polyml
new file mode 100644
index 0000000..1cc0109
--- /dev/null
+++ b/magic/Magdir/polyml
@@ -0,0 +1,23 @@
+
+#------------------------------------------------------------------------------
+# $File: polyml,v 1.2 2019/04/19 00:42:27 christos Exp $
+# polyml:  file(1) magic for PolyML
+#
+# PolyML
+# MPEG, FLI, DL originally from vax@ccwf.cc.utexas.edu (VaX#n8)
+# FLC, SGI, Apple originally from Daniel Quinlan (quinlan@yggdrasil.com)
+
+# [0]: https://www.polyml.org/
+# [1]: https://github.com/polyml/polyml/blob/master/\
+#	libpolyml/savestate.cpp#L146-L147
+# [2]: https://github.com/polyml/polyml/blob/master/\
+#	libpolyml/savestate.cpp#L1262-L1263
+
+# Type: Poly/ML saved data
+# From: Matthew Fernandez <matthew.fernandez@gmail.com>
+
+0	string	POLYSAVE	Poly/ML saved state
+>8	long	x		version %u
+
+0	string  POLYMODU	Poly/ML saved module
+>8	long	x		version %u
diff --git a/magic/Magdir/printer b/magic/Magdir/printer
new file mode 100644
index 0000000..b45a202
--- /dev/null
+++ b/magic/Magdir/printer
@@ -0,0 +1,278 @@
+
+#------------------------------------------------------------------------------
+# $File: printer,v 1.34 2023/06/16 19:27:12 christos Exp $
+# printer:  file(1) magic for printer-formatted files
+#
+
+# PostScript, updated by Daniel Quinlan (quinlan@yggdrasil.com)
+0	string		%!		PostScript document text
+!:mime	application/postscript
+!:apple	ASPSTEXT
+>2	string		PS-Adobe-	conforming
+>>11	string		>\0		DSC level %.3s
+>>>15	string		EPS		\b, type %s
+>>>15	string		Query		\b, type %s
+>>>15	string		ExitServer	\b, type %s
+>>>15   search/1000		%%LanguageLevel:\040
+>>>>&0	string		>\0		\b, Level %s
+# Some PCs have the annoying habit of adding a ^D as a document separator
+0	string		\004%!		PostScript document text
+!:mime	application/postscript
+!:apple	ASPSTEXT
+>3	string		PS-Adobe-	conforming
+>>12	string		>\0		DSC level %.3s
+>>>16	string		EPS		\b, type %s
+>>>16	string		Query		\b, type %s
+>>>16	string		ExitServer	\b, type %s
+>>>16   search/1000		%%LanguageLevel:\040
+>>>>&0	string		>\0		\b, Level %s
+0	string		\033%-12345X%!PS	PostScript document
+
+# DOS EPS Binary File Header
+# From: Ed Sznyter <ews@Black.Market.NET>
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Encapsulated_PostScript
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/eps-adobe.trid.xml
+# Note:		called "Encapsulated PostScript binary" by TrID and 
+#		verified partly by ImageMagick `identify -verbose *` as EPT (Encapsulated PostScript with TIFF preview)
+0       belong          0xC5D0D3C6
+# skip DROID fmt-122-signature-id-174.eps fmt-123-signature-id-178.eps fmt-124-signature-id-180.eps
+# by looking for content after header
+# GRR: in version 5.44 unequal and not endian variant not working!
+>32	ulelong		>0		DOS EPS Binary File
+!:mime	image/x-eps
+# TODO: check that "long" is false on big endian machines
+# Postscript often (850/857) comes after header; so values like: 30 32 or 2788 10644 43350 71828  
+>>4      long            >0              at byte %d
+# 1 space char after length value to get phrase like "length 263893 PostScript document text"
+>>>8     long            >0              length %d 
+# PostScript document text handled by ./printer
+>>>>(4.l)	indirect		x
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/e/eps-wmf.trid.xml
+# Note:		called "Encapsulated PostScript binary (with WMF preview)" by TrID
+#		verified partly by XnView `nconvert -info *.EP?` as TIFF epsp
+>>>>12   long            >0               at byte %d
+!:ext	eps
+# GRR: in file version 5.44 calling indirect of ./msdos produce phrase like "length 452\012- Windows metafile"
+>>>>16  long            >0              length %d
+# Windows metafile data handled by ./msdos
+>>>>>(12.l)	indirect		x
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/e/eps-tiff.trid.xml
+# Note:		called "Encapsulated PostScript binary (with TIFF preview)" by TrID
+>>>>20   long            >0              at byte %d
+# For the variant with the TIFF preview image sometimes the file extension ept is used
+!:ext	eps/ept
+# GRR: in file version 5.44 calling indirect of ./images produce phrase like "length 43320\012- TIFF image data,"
+>>>>>24  long            >0              length %d
+# TIFF image data handled by ./images
+>>>>>>(20.l)	indirect		x
+
+# Summary: Adobe's PostScript Printer Description File
+# Extension: .ppd
+# Reference: https://partners.adobe.com/public/developer/en/ps/5003.PPD_Spec_v4.3.pdf, Section 3.8
+# Submitted by: Yves Arrouye <arrouye@marin.fdn.fr>
+#
+0	string		*PPD-Adobe:\x20	PPD file
+>&0	string		x		\b, version %s
+!:ext	ppd
+!:mime	application/vnd.cups-ppd
+
+# HP Printer Job Language
+0	string		\033%-12345X@PJL	HP Printer Job Language data
+# HP Printer Job Language
+# The header found on Win95 HP plot files is the "Silliest Thing possible"
+# (TM)
+# Every driver puts the language at some random position, with random case
+# (LANGUAGE and Language)
+# For example the LaserJet 5L driver puts the "PJL ENTER LANGUAGE" in line 10
+# From: Uwe Bonnes <bon@elektron.ikp.physik.th-darmstadt.de>
+#
+0	string		\033%-12345X@PJL	HP Printer Job Language data
+>&0	string		>\0			%s
+>>&0	string		>\0			%s
+>>>&0	string		>\0			%s
+>>>>&0	string		>\0			%s
+#>15	string		\ ENTER\ LANGUAGE\ =
+#>31	string		PostScript		PostScript
+
+# From: Stefan Thurner <thurners@nicsys.de>
+0	string		\033%-12345X@PJL
+>&0	search/10000	%!			PJL encapsulated PostScript document text
+
+# Rick Richardson <rickrich@gmail.com>
+
+# For Fuji-Xerox Printers - HBPL stands for Host Based Printer Language
+# For Oki Data Printers - HIPERC
+# For Konica Minolta Printers - LAVAFLOW
+# For Samsung Printers - QPDL
+# For HP Printers - ZJS stands for Zenographics ZJStream
+0	string		\033%-12345X@PJL	HP Printer Job Language data
+>0	search/10000	@PJL\ ENTER\ LANGUAGE=HBPL	- HBPL
+>0	search/10000	@PJL\ ENTER\ LANGUAGE=HIPERC	- Oki Data HIPERC
+>0	search/10000	@PJL\ ENTER\ LANGUAGE=LAVAFLOW	- Konica Minolta LAVAFLOW
+>0	search/10000	@PJL\ ENTER\ LANGUAGE=QPDL	- Samsung QPDL
+>0	search/10000	@PJL\ ENTER\ LANGUAGE\ =\ QPDL	- Samsung QPDL
+>0	search/10000	@PJL\ ENTER\ LANGUAGE=ZJS	- HP ZJS
+# Summary:	Hewlett-Packard printer firmware update
+# From:		Joerg Jenderek
+# URL:		https://support.hp.com/us-en/drivers/selfservice/hp-envy-6000e-all-in-one-printer-series/2100187505/model/2100187513
+# Note:		firmware update tested with ENVY 6000 All-in-One Printer
+0	string		@PJL\ ENTER\ LANGUAGE=FWUPDATE2	HP Printer firmware update
+#!:mime	application/octet-stream
+#!:mime	application/x-hp-firmware
+# https://ftp.hp.com/pub/softlib/software13/printers/en6000/2214/EN6000_2214B.exe
+# vasari_base_dist_pp1_001.2214B_nonassert_appsigned_lbi_rootfs_secure_signed.ful2
+!:ext	ful2
+
+# HP Printer Control Language, Daniel Quinlan (quinlan@yggdrasil.com)
+0	string		\033E\033	HP PCL printer data
+>3	string		\&l0A		- default page size
+>3	string		\&l1A		- US executive page size
+>3	string		\&l2A		- US letter page size
+>3	string		\&l3A		- US legal page size
+>3	string		\&l26A		- A4 page size
+>3	string		\&l80A		- Monarch envelope size
+>3	string		\&l81A		- No. 10 envelope size
+>3	string		\&l90A		- Intl. DL envelope size
+>3	string		\&l91A		- Intl. C5 envelope size
+>3	string		\&l100A		- Intl. B5 envelope size
+>3	string		\&l-81A		- No. 10 envelope size (landscape)
+>3	string		\&l-90A		- Intl. DL envelope size (landscape)
+
+# IMAGEN printer-ready files:
+0	string	@document(		Imagen printer
+# this only works if "language xxx" is first item in Imagen header.
+>10	string	language\ impress	(imPRESS data)
+>10	string	language\ daisy		(daisywheel text)
+>10	string	language\ diablo	(daisywheel text)
+>10	string	language\ printer	(line printer emulation)
+>10	string	language\ tektronix	(Tektronix 4014 emulation)
+# Add any other languages that your Imagen uses - remember
+# to keep the word `text' if the file is human-readable.
+# [GRR 950115:  missing "postscript" or "ultrascript" (whatever it was called)]
+#
+# Now magic for IMAGEN font files...
+0	string		Rast		RST-format raster font data
+>45	string		>0		face %s
+# From Jukka Ukkonen
+0	string		\033[K\002\0\0\017\033(a\001\0\001\033(g	Canon Bubble Jet BJC formatted data
+
+# From <mike@flyn.org>
+# These are the /etc/magic entries to decode data sent to an Epson printer.
+0       string          \x1B\x40\x1B\x28\x52\x08\x00\x00REMOTE1P        Epson Stylus Color 460 data
+
+
+#------------------------------------------------------------------------------
+# zenographics:  file(1) magic for Zenographics ZjStream printer data
+# Rick Richardson <rickrich@gmail.com>
+0	string		JZJZ
+>0x12	string		ZZ		Zenographics ZjStream printer data (big-endian)
+0	string		ZJZJ
+>0x12	string		ZZ		Zenographics ZjStream printer data (little-endian)
+
+
+#------------------------------------------------------------------------------
+# Oak Technologies printer stream
+# Rick Richardson <rickrich@gmail.com>
+0       string          OAK
+>0x07	byte		0
+>0x0b	byte		0	Oak Technologies printer stream
+
+# This would otherwise be recognized as PostScript - nick@debian.org
+0	string		%!VMF 		SunClock's Vector Map Format data
+
+#------------------------------------------------------------------------------
+# HP LaserJet 1000 series downloadable firmware file
+0	string	\xbe\xefABCDEFGH	HP LaserJet 1000 series downloadable firmware
+
+# From: Paolo <oopla@users.sf.net>
+# Epson ESC/Page, ESC/PageColor
+0	string	\x1b\x01@EJL	Epson ESC/Page language printer data
+
+# Summary:	Hewlett-Packard Graphics Language
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/HP-GL
+#		https://en.wikipedia.org/wiki/HPGL
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/h/hpg.trid.xml
+# Note:		called "Hewlett-Packard Graphics Language" by TrID and
+#		"Hewlett Packard Graphics Language" by DROID via PUID x-fmt/293 and
+#		HPGL by XnView command `nconvert -info *`
+# initialize, start a plotting job 
+0	string	IN;
+>0		use		hpgl
+# fill.plt
+0	string	INPS
+>0		use		hpgl
+# http://ftp.funet.fi/index/graphics/packages/hpgl2ps/hpgl2ps.tar.Z/hpgl2ps/test1.hpgl 
+0	string	DF;
+>0		use		hpgl
+# http://ftp.funet.fi/index/graphics/packages/hpgl2ps/hpgl2ps.tar.Z/hpgl2ps/test3.hpgl 
+# Select Pen n; If no pen number or 0, the controller performs an end of file command; n in range between -32767 and 32768 like: 6
+0	string	SP
+# skip text Linux-syscall-note inside qemu sources starting with SPDX-Exception-Identifier: Linux-syscall-note
+# by checking for valid Pen number
+>2	regex	\^([0-9]{1,5})
+#>2	regex	\^([0-9]{1,5})	PEN_NUMBER=%s
+>>0		use		hpgl
+# charsize.hp pages.hp	set the scaling points (P1 and P2) to their default positions
+0	string	IP0
+>0		use		hpgl
+# ci.hp
+0	string	CO\040
+>0		use		hpgl
+# iw.hp 286x192.5_lh.hpg 286x192.5_lq.hpg
+0	string	PS\040
+>0		use		hpgl
+# thick.hp
+0	string	PS9
+>0		use		hpgl
+# ul.hp
+0	string	PS4
+>0		use		hpgl
+# la.hp
+0	string	BP
+>0		use		hpgl
+# miter.hp
+# Plot Absolute x,y{,x,y{...}}; x and y in range between -32767 and 32768 like: PA4000,3000;
+0	string	PA
+# skip shell scripts test_msa_run_32r5eb.sh test_msa_run_32r5eb.sh with variable PATH_TO_QEMU
+# by checking for valid x coordinate
+>2	regex	\^([-]{0,1}[0-9]{1,5})
+#>2	regex	\^([-]{0,1}[0-9]{1,5})	COORDINATE=%s
+>>0		use		hpgl
+# pw.hpg	number of pens x
+0	string	NP
+>0		use		hpgl
+# win_1.hp
+#0	string	\003INCA		WHAT_IS_THAT
+#>0		use		hpgl
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/h/hpgl2.trid.xml
+# Note:		called "Hewlett-Packard Graphics Language 2" by TrID
+0	string	\033%-1B		Hewlett-Packard Graphics Language 2
+!:mime	application/vnd.hp-HPGL
+# like: dt.plt
+!:ext	plt
+#!:ext	plt/gl2/hpg2/spl
+# remaining part after escsape sequnce
+>5	string	x			with "%-.10s"
+#	display Hewlett-Packard Graphics Language vector graphic information
+0	name				hpgl
+>0	string	x			Hewlett-Packard Graphics Language
+#!:mime	vector/x-hpgl
+# https://www.iana.org/assignments/media-types/application/vnd.hp-HPGL
+!:mime	application/vnd.hp-HPGL
+# no example with HPL suffix found
+!:ext	hpgl/hpg/hp/plt
+# like: "IN;" "DF;IN;LT;PU1000,1000;PD2000,10" "SP6;DI0,1;SR0.70,1.90;SC0,800,"
+# "CO Concentric circles drawn with different linewidths;"
+>0	string	x			\b, starting with "%-.54s"
+# continue but not for 1 long line without CR or LF
+>>&0	ubyte	<0x0E
+#>>&0	ubyte	<0x0E			TERMINATOR=%x
+# second line after 1 terminator character
+>>>&0	string	>\r			with "%-.10s"
+# next character again CR or LF
+>>>&0	ubyte	<0x0E
+#>>>&0	ubyte	<0x0E			2ND_CHARACTER=%x
+# second line after 2 terminator characters
+>>>>&0	string	>\r			with "%-.10s"
diff --git a/magic/Magdir/project b/magic/Magdir/project
new file mode 100644
index 0000000..9180b57
--- /dev/null
+++ b/magic/Magdir/project
@@ -0,0 +1,10 @@
+
+#------------------------------------------------------------------------------
+# $File: project,v 1.5 2017/03/17 21:35:28 christos Exp $
+# project:  file(1) magic for Project management
+#
+# Magic strings for ftnchek project files. Alexander Mai
+0	string	FTNCHEK_\ P	project file for ftnchek
+>10	string	1		version 2.7
+>10	string	2		version 2.8 to 2.10
+>10	string	3		version 2.11 or later
diff --git a/magic/Magdir/psdbms b/magic/Magdir/psdbms
new file mode 100644
index 0000000..3eec965
--- /dev/null
+++ b/magic/Magdir/psdbms
@@ -0,0 +1,14 @@
+
+#------------------------------------------------------------------------------
+# $File: psdbms,v 1.8 2017/03/17 21:35:28 christos Exp $
+# psdbms:  file(1) magic for psdatabase
+#
+# Update: Joerg Jenderek
+# GRR: line below too general as it catches also some Panorama database *.pan ,
+# AppleWorks word processor
+0	belong&0xff00ffff	0x56000000
+# assume version starts with digit
+>1	regex/s			=^[0-9]		ps database
+>>1	string	>\0	version %s
+# kernel name
+>>4	string	>\0	from kernel %s
diff --git a/magic/Magdir/psl b/magic/Magdir/psl
new file mode 100644
index 0000000..0296540
--- /dev/null
+++ b/magic/Magdir/psl
@@ -0,0 +1,14 @@
+
+#------------------------------------------------------------------------------
+# $File: psl,v 1.3 2019/04/19 00:42:27 christos Exp $
+# psl:  file(1) magic for Public Suffix List representations
+# From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+# URL: https://publicsuffix.org
+# see also: https://thread.gmane.org/gmane.network.dns.libpsl.bugs/162/focus=166
+
+0	search/512	\n\n//\ ===BEGIN\ ICANN\ DOMAINS===\n\n Public Suffix List data
+
+0	string	.DAFSA@PSL_
+>15	string	\n	Public Suffix List data (optimized)
+>>11	byte	>0x2f
+>>>11	byte	<0x3a   (Version %c)
diff --git a/magic/Magdir/pulsar b/magic/Magdir/pulsar
new file mode 100644
index 0000000..7cb6f18
--- /dev/null
+++ b/magic/Magdir/pulsar
@@ -0,0 +1,13 @@
+
+#------------------------------------------------------------------------------
+# $File: pulsar,v 1.5 2009/09/19 16:28:12 christos Exp $
+# pulsar:  file(1) magic for Pulsar POP3 daemon binary files
+#
+# http://pulsar.sourceforge.net
+# mailto:rok.papez@lugos.si
+#
+
+0	belong	0x1ee7f11e	Pulsar POP3 daemon mailbox cache file.
+>4	ubelong	x		Version: %d.
+>8	ubelong	x		\b%d
+
diff --git a/magic/Magdir/puzzle b/magic/Magdir/puzzle
new file mode 100644
index 0000000..ac983f3
--- /dev/null
+++ b/magic/Magdir/puzzle
@@ -0,0 +1,17 @@
+
+#------------------------------------------------------------------------------
+# $File: puzzle,v 1.2 2021/10/07 15:40:40 christos Exp $
+# wsdl: Magic for various puzzles
+
+# PUZ crossword puzzles from Alan De Smet
+# Test files can be found at
+# https://theworld.com/~wij/puzzles/wij-themed.html or using the
+# "Universal" or "WS Journal" links on the right side of
+# https://www.cruciverb.com/ .
+
+2	string	ACROSS&DOWN	PUZ crossword puzzle
+>0x2c	byte	x		%d x
+>0x2d	byte	x		%d,
+>0x2e	leshort	x		%d clues,
+>0x1e	leshort	0x0000		plain text solution
+>0x1e	leshort	!0x0000		scrambled solution
diff --git a/magic/Magdir/pwsafe b/magic/Magdir/pwsafe
new file mode 100644
index 0000000..549093f
--- /dev/null
+++ b/magic/Magdir/pwsafe
@@ -0,0 +1,14 @@
+
+#------------------------------------------------------------------------------
+# $File: pwsafe,v 1.2 2019/04/19 00:42:27 christos Exp $
+# pwsafe: file(1) magic for passwordsafe file
+#
+# Password Safe
+# http://passwordsafe.sourceforge.net/
+# file format specs
+# https://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV3.txt
+# V2 https://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV2.txt
+# V1 https://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/notes.txt
+# V2 and V1 have no easy identifier that I can find
+# .psafe3
+0	string	PWS3	Password Safe V3 database
diff --git a/magic/Magdir/pyramid b/magic/Magdir/pyramid
new file mode 100644
index 0000000..ee47c80
--- /dev/null
+++ b/magic/Magdir/pyramid
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: pyramid,v 1.7 2009/09/19 16:28:12 christos Exp $
+# pyramid:  file(1) magic for Pyramids
+#
+# XXX - byte order?
+#
+0	long		0x50900107	Pyramid 90x family executable
+0	long		0x50900108	Pyramid 90x family pure executable
+>16	long		>0		not stripped
+0	long		0x5090010b	Pyramid 90x family demand paged pure executable
+>16	long		>0		not stripped
diff --git a/magic/Magdir/python b/magic/Magdir/python
new file mode 100644
index 0000000..00d90d1
--- /dev/null
+++ b/magic/Magdir/python
@@ -0,0 +1,305 @@
+
+#------------------------------------------------------------------------------
+# $File: python,v 1.45 2022/07/24 23:59:37 christos Exp $
+# python:  file(1) magic for python
+#
+# Outlook puts """ too for urgent messages
+# From: David Necas <yeti@physics.muni.cz>
+# often the module starts with a multiline string
+0	string/t	"""	Python script text executable
+# MAGIC as specified in Python/import.c (1.0 to 3.7)
+# and in Lib/importlib/_bootstrap_external.py (3.5+)
+# two bytes of magic followed by "\r\n" in little endian order
+0	belong		0x02099900	python 1.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x03099900	python 1.1/1.2 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x892e0d0a	python 1.3 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x04170d0a	python 1.4 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x994e0d0a	python 1.5 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xfcc40d0a	python 1.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xfdc40d0a	python 1.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x87c60d0a	python 2.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x88c60d0a	python 2.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x2aeb0d0a	python 2.1 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x2beb0d0a	python 2.1 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x2ded0d0a	python 2.2 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x2eed0d0a	python 2.2 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x3bf20d0a	python 2.3 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x3cf20d0a	python 2.3 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x45f20d0a	python 2.3 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x59f20d0a	python 2.4 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x63f20d0a	python 2.4 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x6df20d0a	python 2.4 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x6ef20d0a	python 2.4 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x77f20d0a	python 2.5 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x81f20d0a	python 2.5 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x8bf20d0a	python 2.5 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x8cf20d0a	python 2.5 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x95f20d0a	python 2.5 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x9ff20d0a	python 2.5 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xa9f20d0a	python 2.5 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xb3f20d0a	python 2.5 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xb4f20d0a	python 2.5 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xc7f20d0a	python 2.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xd1f20d0a	python 2.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xd2f20d0a	python 2.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xdbf20d0a	python 2.7 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xe5f20d0a	python 2.7 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xeff20d0a	python 2.7 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xf9f20d0a	python 2.7 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x03f30d0a	python 2.7 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x04f30d0a	python 2.7 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x0af30d0a	PyPy2.7 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xb80b0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xc20b0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xcc0b0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xd60b0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xe00b0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xea0b0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xf40b0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xf50b0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xff0b0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x090c0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x130c0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x1d0c0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x1f0c0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x270c0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x3b0c0d0a	python 3.0 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x450c0d0a	python 3.1 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x4f0c0d0a	python 3.1 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x580c0d0a	python 3.2 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x620c0d0a	python 3.2 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x6c0c0d0a	python 3.2 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x760c0d0a	python 3.3 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x800c0d0a	python 3.3 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x8a0c0d0a	python 3.3 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x940c0d0a	python 3.3 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x9e0c0d0a	python 3.3 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xb20c0d0a	python 3.4 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xbc0c0d0a	python 3.4 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xc60c0d0a	python 3.4 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xd00c0d0a	python 3.4 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xda0c0d0a	python 3.4 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xe40c0d0a	python 3.4 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xee0c0d0a	python 3.4 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0xf80c0d0a	python 3.5.1- byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x020d0d0a	python 3.5.1- byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x0c0d0d0a	python 3.5.1- byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x160d0d0a	python 3.5.1- byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x170d0d0a	python 3.5.2+ byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x200d0d0a	python 3.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x210d0d0a	python 3.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x2a0d0d0a	python 3.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x2b0d0d0a	python 3.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x2c0d0d0a	python 3.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x2d0d0d0a	python 3.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x2f0d0d0a	python 3.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x300d0d0a	python 3.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x310d0d0a	python 3.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x320d0d0a	python 3.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x330d0d0a	python 3.6 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x3e0d0d0a	python 3.7 byte-compiled
+!:mime application/x-bytecode.python
+0	belong		0x3f0d0d0a	python 3.7 byte-compiled
+!:mime application/x-bytecode.python
+
+# magic 3392+ implements PEP 552: Deterministic pycs
+0	name		pyc-pep552
+# the flag field determines how .pyc validity is checked
+>4	ulelong&1	0		timestamp-based,
+>>8	uledate		x		.py timestamp: %s UTC,
+>>12	ulelong		x		.py size: %d bytes
+>4	ulelong&1	!0		hash-based, check-source flag
+>>4	ulelong&2	0		unset,
+>>4	ulelong&2	!0		set,
+>>8	ulequad		x		hash: 0x%llx
+
+# uleshort magic followed by \x0d\0xa
+2		string		\x0d\x0a
+# extra check: only two bits of flag field are currently used
+>4		ulelong		<0x4
+# \x0d as part of magic should suffice till Python 3.14 (magic 3600)
+>>1		ubyte		0x0d		Byte-compiled Python module for
+!:mime application/x-bytecode.python
+# now look at the magic number to determine the version
+>>>0		uleshort	<3400		CPython 3.7,
+>>>0		default		x
+>>>>0		uleshort	<3420		CPython 3.8,
+>>>>0		default		x
+>>>>>0		uleshort	<3430		CPython 3.9,
+>>>>>0		default		x
+>>>>>>0		uleshort	<3450		CPython 3.10,
+>>>>>>0		default		x
+>>>>>>>0	uleshort	<3500		CPython 3.11,
+>>>>>>>0	default		x		CPython 3.12 or newer,
+>>>0		use		pyc-pep552
+>>0		uleshort	240		Byte-compiled Python module for PyPy3.7,
+!:mime application/x-bytecode.python
+>>>0		use		pyc-pep552
+>>0		uleshort	256		Byte-compiled Python module for PyPy3.8,
+!:mime application/x-bytecode.python
+>>>0		use		pyc-pep552
+>>0		uleshort	336		Byte-compiled Python module for PyPy3.9,
+!:mime application/x-bytecode.python
+>>>0		use		pyc-pep552
+
+0	search/1/w	#!\040/usr/bin/python	Python script text executable
+!:strength + 15
+!:mime text/x-script.python
+0	search/1/w	#!\040/usr/local/bin/python	Python script text executable
+!:strength + 15
+!:mime text/x-script.python
+0	search/10/w	#!\040/usr/bin/env\040python	Python script text executable
+!:strength + 15
+!:mime text/x-script.python
+
+
+# from module.submodule import func1, func2
+0	search/8192	import
+>0	regex		\^from[\040\t]+([A-Za-z0-9_]|\\.)+[\040\t]+import.*$	Python script text executable
+!:strength + 15
+!:mime text/x-script.python
+
+# def __init__ (self, ...):
+0	search/4096	def\ __init__
+>&0	search/64 self	Python script text executable
+!:strength + 15
+!:mime text/x-script.python
+
+# if __name__ == "__main__":
+0 search/4096 if\ __name__
+>&0 search/64 '__main__'	Python script text executable
+>&0 search/64 "__main__"	Python script text executable
+!:strength + 15
+!:mime text/x-script.python
+
+# import module [as abrev]
+0	search/8192	import
+>0	regex	\^import\ [_[:alpha:]]+\ as\ [[:alpha:]][[:space:]]*$ Python script text executable
+!:mime text/x-script.python
+
+# comments
+#0	search/4096	'''
+#>&0	regex	.*'''$	Python script text executable
+#!:mime text/x-script.python
+
+#0	search/4096	"""
+#>&0	regex	.*"""$	Python script text executable
+#!:mime text/x-script.python
+
+# try:
+# except: or finally:
+# block
+0	search/4096	try:
+>&0	regex	\^[[:space:]]*except.*:$	Python script text executable
+!:strength + 15
+!:mime text/x-script.python
+>&0	search/4096	finally:	Python script text executable
+!:mime text/x-script.python
+
+# class name[(base classes,)]: [pass]
+0	search/8192	class
+>0	regex	\^class\ [_[:alpha:]]+(\\(.*\\))?(\ )*:([\ \t]+pass)?$		Python script text executable
+!:strength + 15
+!:mime text/x-script.python
+
+# def name(*args, **kwargs):
+0	search/8192	def\ 
+>0	regex	 \^[[:space:]]{0,50}def\ {1,50}[_a-zA-Z]{1,100}
+>>&0	regex	 \\(([[:alpha:]*_,\ ]){0,255}\\):$ Python script text executable
+!:strength + 15
+!:mime text/x-script.python
+
+# https://numpy.org/devdocs/reference/generated/numpy.lib.format.html
+0	string	\223NUMPY		NumPy data file
+!:mime  application/x-numpy-data
+>6	byte	x			\b, version %d
+>7	byte	x			\b.%d
+#>8	leshort	x			\b, header length=%d
+>10	string	x			\b, description %s
diff --git a/magic/Magdir/qt b/magic/Magdir/qt
new file mode 100644
index 0000000..68085f2
--- /dev/null
+++ b/magic/Magdir/qt
@@ -0,0 +1,30 @@
+
+#------------------------------------------------------------------------------
+# $File: qt,v 1.4 2022/11/11 14:50:23 christos Exp $
+# qt:  file(1) magic for Qt
+
+# https://doc.qt.io/qt-5/resources.html
+0	string		\<!DOCTYPE\040RCC\>	Qt Resource Collection file
+
+# https://qt.gitorious.org/qt/qtbase/source/\
+# 5367fa356233da4c0f28172a8f817791525f5457:\
+# src/tools/rcc/rcc.cpp#L840
+0	string		qres\0\0		Qt Binary Resource file
+0	search/1024	The\040Resource\040Compiler\040for\040Qt	Qt C-code resource file
+
+# https://qt.gitorious.org/qt/qtbase/source/\
+# 5367fa356233da4c0f28172a8f817791525f5457:\
+# src/corelib/kernel/qtranslator.cpp#L62
+0	string		\x3c\xb8\x64\x18\xca\xef\x9c\x95
+>8	string		\xcd\x21\x1c\xbf\x60\xa1\xbd\xdd	Qt Translation file
+
+
+# Qt V4 Javascript engine compiled unit
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://github.com/qt/qtdeclarative/blob/v6.4.0/src/qml/common/qv4compileddata_p.h
+0	string		qv4cdata	QV4 compiled unit
+!:ext	qmlc
+>8	ulelong		x		\b, version %d
+>12	byte		x		\b, Qt %d
+>13	byte		x		\b.%d
+>14	byte		x		\b.%d
diff --git a/magic/Magdir/revision b/magic/Magdir/revision
new file mode 100644
index 0000000..824220a
--- /dev/null
+++ b/magic/Magdir/revision
@@ -0,0 +1,66 @@
+
+#------------------------------------------------------------------------------
+# $File: revision,v 1.11 2019/04/19 00:42:27 christos Exp $
+# file(1) magic for revision control files
+# From Hendrik Scholz <hendrik@scholz.net>
+0	string/t	/1\ :pserver:	cvs password text file
+
+# Conary changesets
+# From: Jonathan Smith <smithj@rpath.com>
+0	belong	0xea3f81bb	Conary changeset data
+
+# Type: Git bundles (git-bundle)
+# From: Josh Triplett <josh@freedesktop.org>
+0	string	#\ v2\ git\ bundle\n	Git bundle
+
+# Type: Git pack
+# From: Adam Buchbinder <adam.buchbinder@gmail.com>
+# Update: Joerg Jenderek
+# URL: http://fileformats.archiveteam.org/wiki/Git
+# reference: https://github.com/git/git/blob/master/Documentation/technical/pack-format.txt
+# The actual magic is 'PACK', but that clashes with Doom/Quake packs. However,
+# those have a little-endian offset immediately following the magic 'PACK',
+# the first byte of which is never 0, while the first byte of the Git pack
+# version, since it's a tiny number stored in big-endian format, is always 0.
+0	string	PACK
+# GRR: line above is too general as it matches also PackDir archive ./acorn
+# test for major version. Git 2017 accepts version number 2 or 3
+>4	ubelong	<9
+# Acorn PackDir with method 0 compression has root like ADFS::HardDisc4.$.AsylumSrc
+# or SystemDevice::foobar
+>>9	search/13 ::
+# but in git binary
+>>9	default	x	Git pack
+!:mime	application/x-git
+!:ext	pack
+# 4 GB limit implies unsigned integer
+>>>4	ubelong	x		\b, version %u
+>>>8	ubelong	x		\b, %u objects
+
+# Type: Git pack index
+# From: Adam Buchbinder <adam.buchbinder@gmail.com>
+0	string	\377tOc		Git pack index
+>4	belong	=2		\b, version 2
+
+# Type: Git index file
+# From: Frederic Briare <fbriere@fbriere.net>
+0	string	DIRC		Git index
+>4	belong	>0		\b, version %d
+>>8	belong	>0		\b, %d entries
+
+# Type:	Mercurial bundles
+# From:	Seo Sanghyeon <tinuviel@sparcs.kaist.ac.kr>
+0	string	HG10		Mercurial bundle,
+>4	string	UN		uncompressed
+>4	string	BZ		bzip2 compressed
+
+# Type:	Subversion (SVN) dumps
+# From:	Uwe Zeisberger <zeisberg@informatik.uni-freiburg.de>
+0	string	SVN-fs-dump-format-version:	Subversion dumpfile
+>28	string	>\0				(version: %s)
+
+# Type:	Bazaar revision bundles and merge requests
+# URL:	https://www.bazaar-vcs.org/
+# From:	Jelmer Vernooij <jelmer@samba.org>
+0	string	#\ Bazaar\ revision\ bundle\ v Bazaar Bundle
+0	string	#\ Bazaar\ merge\ directive\ format Bazaar merge directive
diff --git a/magic/Magdir/riff b/magic/Magdir/riff
new file mode 100644
index 0000000..9b913a5
--- /dev/null
+++ b/magic/Magdir/riff
@@ -0,0 +1,840 @@
+
+#------------------------------------------------------------------------------
+# $File: riff,v 1.45 2022/07/24 23:47:49 christos Exp $
+# riff:  file(1) magic for RIFF format
+# See
+#
+#	https://www.seanet.com/users/matts/riffmci/riffmci.htm
+#	http://www-mmsp.ece.mcgill.ca/Documents/AudioFormats/WAVE/Docs/riffmci.pdf
+#	https://www.iana.org/assignments/wave-avi-codec-registry/wave-avi-codec-registry.xml
+#
+
+# audio format tag. Assume limits: max 1024 bit, 128 channels, 1 MHz
+0   name    riff-wave
+>0	leshort		0x01		\b, Microsoft PCM
+>>14	leshort		>0
+>>>14	leshort		<1024	\b, %d bit
+>0	leshort		0x02		\b, Microsoft ADPCM
+>0	leshort		0x03		\b, IEEE Float
+>0	leshort		0x04		\b, Compaq VSELP
+>0	leshort		0x05		\b, IBM CVSD
+>0	leshort		0x06		\b, ITU G.711 A-law
+>0	leshort		0x07		\b, ITU G.711 mu-law
+>0	leshort		0x08		\b, Microsoft DTS
+>0	leshort		0x10		\b, OKI ADPCM
+>0	leshort		0x11		\b, IMA ADPCM
+>0	leshort		0x12		\b, MediaSpace ADPCM
+>0	leshort		0x13		\b, Sierra ADPCM
+>0	leshort		0x14		\b, ITU G.723 ADPCM (Yamaha)
+>0	leshort		0x15		\b, DSP Solutions DIGISTD
+>0	leshort		0x16		\b, DSP Solutions DIGIFIX
+>0	leshort		0x17		\b, Dialogic OKI ADPCM
+>0	leshort		0x18		\b, MediaVision ADPCM
+>0	leshort		0x19		\b, HP CU
+>0	leshort		0x20		\b, Yamaha ADPCM
+>0	leshort		0x21		\b, Speech Compression SONARC
+>0	leshort		0x22		\b, DSP Group True Speech
+>0	leshort		0x23		\b, Echo Speech EchoSC1
+>0	leshort		0x24		\b, AudioFile AF36
+>0	leshort		0x25		\b, APTX
+>0	leshort		0x26		\b, AudioFile AF10
+>0	leshort		0x27		\b, Prosody 1612
+>0	leshort		0x28		\b, LRC
+>0	leshort		0x30		\b, Dolby AC2
+>0	leshort		0x31		\b, GSM 6.10
+>0	leshort		0x32		\b, MSN Audio
+>0	leshort		0x33		\b, Antex ADPCME
+>0	leshort		0x34		\b, Control Res VQLPC
+>0	leshort		0x35		\b, Digireal
+>0	leshort		0x36		\b, DigiADPCM
+>0	leshort		0x37		\b, Control Res CR10
+>0	leshort		0x38		\b, NMS VBXADPCM
+>0	leshort		0x39		\b, Roland RDAC
+>0	leshort		0x3A		\b, Echo Speech EchoSC3
+>0	leshort		0x3B		\b, Rockwell ADPCM
+>0	leshort		0x3C		\b, Rockwell Digitalk
+>0	leshort		0x3D		\b, Xebec
+>0	leshort		0x40		\b, ITU G.721 ADPCM
+>0	leshort		0x41		\b, ITU G.728 CELP
+>0	leshort		0x42		\b, MSG723
+>0	leshort		0x50		\b, MPEG
+>0	leshort		0x52		\b, RT24
+>0	leshort		0x53		\b, PAC
+>0	leshort		0x55		\b, MPEG Layer 3
+>0	leshort		0x59		\b, Lucent G.723
+>0	leshort		0x60		\b, Cirrus
+>0	leshort		0x61		\b, ESPCM
+>0	leshort		0x62		\b, Voxware
+>0	leshort		0x63		\b, Canopus Atrac
+>0	leshort		0x64		\b, ITU G.726 ADPCM
+>0	leshort		0x65		\b, ITU G.722 ADPCM
+>0	leshort		0x66		\b, DSAT
+>0	leshort		0x67		\b, DSAT Display
+>0	leshort		0x69		\b, Voxware Byte Aligned
+>0	leshort		0x70		\b, Voxware AC8
+>0	leshort		0x71		\b, Voxware AC10
+>0	leshort		0x72		\b, Voxware AC16
+>0	leshort		0x73		\b, Voxware AC20
+>0	leshort		0x74		\b, Voxware MetaVoice
+>0	leshort		0x75		\b, Voxware MetaSound
+>0	leshort		0x76		\b, Voxware RT29HW
+>0	leshort		0x77		\b, Voxware VR12
+>0	leshort		0x78		\b, Voxware VR18
+>0	leshort		0x79		\b, Voxware TQ40
+>0	leshort		0x80		\b, Softsound
+>0	leshort		0x81		\b, Voxware TQ60
+>0	leshort		0x82		\b, MSRT24
+>0	leshort		0x83		\b, ITU G.729A
+>0	leshort		0x84		\b, MVI MV12
+>0	leshort		0x85		\b, DF G.726
+>0	leshort		0x86		\b, DF GSM610
+>0	leshort		0x88		\b, ISIAudio
+>0	leshort		0x89		\b, Onlive
+>0	leshort		0x91		\b, SBC24
+>0	leshort		0x92		\b, Dolby AC3 S/PDIF
+>0	leshort		0x97		\b, ZyXEL ADPCM
+>0	leshort		0x98		\b, Philips LPCBB
+>0	leshort		0x99		\b, Packed
+>0	leshort		0x100		\b, Rhetorex ADPCM
+>0	leshort		0x101		\b, BeCubed Software IRAT
+>0	leshort		0x111		\b, Vivo G.723
+>0	leshort		0x112		\b, Vivo Siren
+>0	leshort		0x123		\b, Digital G.723
+>0	leshort		0x200		\b, Creative ADPCM
+>0	leshort		0x202		\b, Creative FastSpeech8
+>0	leshort		0x203		\b, Creative FastSpeech10
+>0	leshort		0x220		\b, Quarterdeck
+>0	leshort		0x300		\b, FM Towns Snd
+>0	leshort		0x400		\b, BTV Digital
+>0	leshort		0x680		\b, VME VMPCM
+>0	leshort		0x1000		\b, OLIGSM
+>0	leshort		0x1001		\b, OLIADPCM
+>0	leshort		0x1002		\b, OLICELP
+>0	leshort		0x1003		\b, OLISBC
+>0	leshort		0x1004		\b, OLIOPR
+>0	leshort		0x1100		\b, LH Codec
+>0	leshort		0x1400		\b, Norris
+>0	leshort		0x1401		\b, ISIAudio
+>0	leshort		0x1500		\b, Soundspace Music Compression
+>0	leshort		0x2000		\b, AC3 DVM
+>0	leshort		0x2001		\b, DTS
+>2	leshort		=1		\b, mono
+>2	leshort		=2		\b, stereo
+>2	leshort		>2
+>>2	leshort		<128	\b, %d channels
+>4	lelong		>0
+>>4	lelong		<1000000	%d Hz
+
+# try to find "fmt "
+0   name    riff-walk
+>0  string  fmt\x20
+>>4 lelong  >15
+>>>8 use    riff-wave
+>0  string  LIST
+>>&(4.l+4)  use riff-walk
+>0  string  DISP
+>>&(4.l+4)  use riff-walk
+>0  string  bext
+>>&(4.l+4)  use riff-walk
+>0  string  Fake
+>>&(4.l+4)  use riff-walk
+>0  string  fact
+>>&(4.l+4)  use riff-walk
+>0  string  VP8
+>>11		byte		0x9d
+>>>12		byte		0x01
+>>>>13		byte		0x2a	\b, VP8 encoding
+>>>>>14		leshort&0x3fff	x	\b, %d
+>>>>>16		leshort&0x3fff	x	\bx%d, Scaling:
+>>>>>14		leshort&0xc000	0x0000	\b [none]
+>>>>>14		leshort&0xc000	0x1000	\b [5/4]
+>>>>>14		leshort&0xc000	0x2000	\b [5/3]
+>>>>>14		leshort&0xc000	0x3000	\b [2]
+>>>>>14		leshort&0xc000	0x0000	\bx[none]
+>>>>>14		leshort&0xc000	0x1000	\bx[5/4]
+>>>>>14		leshort&0xc000	0x2000	\bx[5/3]
+>>>>>14		leshort&0xc000	0x3000	\bx[2]
+>>>>>15		byte&0x80	=0x00	\b, YUV color
+>>>>>15		byte&0x80	=0x80	\b, bad color specification
+>>>>>15		byte&0x40	=0x40	\b, no clamping required
+>>>>>15		byte&0x40	=0x00	\b, decoders should clamp
+#>0  string  x		we got %s
+#>>&(4.l+4)  use riff-walk
+
+# RecorderGear TR500 call recorder digits (BCD)
+0	name	tr500-call-recorder-digits
+>0	byte&0xF0	0x00	\b0
+>0	byte&0xF0	0x10	\b1
+>0	byte&0xF0	0x20	\b2
+>0	byte&0xF0	0x30	\b3
+>0	byte&0xF0	0x40	\b4
+>0	byte&0xF0	0x50	\b5
+>0	byte&0xF0	0x60	\b6
+>0	byte&0xF0	0x70	\b7
+>0	byte&0xF0	0x80	\b8
+>0	byte&0xF0	0x90	\b9
+>0	byte&0xF0	0xb0	\b*
+>0	byte&0xF0	0xc0	\b#
+>0	byte&0x0F	0	\b0
+>0	byte&0x0F	1	\b1
+>0	byte&0x0F	2	\b2
+>0	byte&0x0F	3	\b3
+>0	byte&0x0F	4	\b4
+>0	byte&0x0F	5	\b5
+>0	byte&0x0F	6	\b6
+>0	byte&0x0F	7	\b7
+>0	byte&0x0F	8	\b8
+>0	byte&0x0F	9	\b9
+>0	byte&0x0F	0xb	\b*
+>0	byte&0x0F	0xc	\b#
+
+# TR500 call recorder extended header
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Contains dialed/incoming phone number and timestamp.
+# TODO: Verify byte 15.
+0	name	tr500-call-recorder-header
+>15	byte	2	(outgoing call: 
+>15	byte	4	(incoming call: 
+>1	byte	0xFF	\bno number
+>1	byte	!0xFF
+>>1	use	tr500-call-recorder-digits
+>>2	byte	!0xFF
+>>>2	use	tr500-call-recorder-digits
+>>3	byte	!0xFF
+>>>3	use	tr500-call-recorder-digits
+>>4	byte	!0xFF
+>>>4	use	tr500-call-recorder-digits
+>>5	byte	!0xFF
+>>>5	use	tr500-call-recorder-digits
+>>6	byte	!0xFF
+>>>6	use	tr500-call-recorder-digits
+>>7	byte	!0xFF
+>>>7	use	tr500-call-recorder-digits
+>>8	byte	!0xFF
+>>>8	use	tr500-call-recorder-digits
+>9	byte	x	\b, 20%02x
+>10	byte	x	\b/%02x
+>11	byte	x	\b/%02x
+>12	byte	x	%02x
+>13	byte	x	\b:%02x
+>14	byte	x	\b:%02x)
+
+# AVI section extended by Patrik Radman <patrik+file-magic@iki.fi>
+#
+0	string		RIFF		RIFF (little-endian) data
+# RIFF Palette format
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Resource_Interchange_File_Format
+# Reference: https://worms2d.info/Palette_file
+# WAVE/AVI codec registry: https://www.iana.org/assignments/wave-avi-codec-registry/wave-avi-codec-registry.xml
+>8	string		PAL\ 		\b, palette
+!:mime	application/x-riff
+# color palette by Microsoft Corporation
+!:ext	pal
+# file size =  chunk size + 8 in most cases
+>>4	ulelong+8	x		\b, %u bytes
+# Extended PAL Format
+>>12	string		plth		\b, extended
+# Simple PAL Format
+>>12	string		data		
+# data chunk size = color entries * 4 + 4 + sometimes extra (4) appended bytes
+>>>16	ulelong		x		\b, data size %u
+# palVersion is always 0x0300
+#>>>20	leshort		x		\b, version %#4.4x
+# palNumEntries specifies the number of palette color entries
+>>>22	uleshort	x		\b, %u entries
+# after palPalEntry sized (number of color entries * 4 ) vector
+>>>(22.s*4)	ubequad	x		
+# jump relative 22 ( 8 + 16) bytes forward points after end of file or to
+# appended extra bytes like in http://safecolours.rigdenage.com/set(ms).zip/Protan(MS).pal
+>>>>&16		ubelong	x		\b, extra bytes
+>>>>>&-4	ubelong	>0		%#8.8x
+# RIFF Device Independent Bitmap format
+# URL: http://fileformats.archiveteam.org/wiki/RDIB
+>8	string		RDIB		\b, device-independent bitmap
+!:ext	rdi/dib
+>>16	string		BM
+>>>30	leshort		12		\b, OS/2 1.x format
+>>>>34	leshort		x		\b, %d x
+>>>>36	leshort		x		%d
+>>>30	leshort		64		\b, OS/2 2.x format
+>>>>34	leshort		x		\b, %d x
+>>>>36	leshort		x		%d
+>>>30	leshort		40		\b, Windows 3.x format
+>>>>34	lelong		x		\b, %d x
+>>>>38	lelong		x		%d x
+>>>>44	leshort		x		%d
+# RIFF MIDI format
+# URL:	http://fileformats.archiveteam.org/wiki/RIFF_MIDI
+>8	string		RMID		\b, MIDI
+# http://extension.nirsoft.net/rmi
+!:mime	audio/mid
+#!:mime	audio/x-rmid
+!:ext	rmi
+# RIFF Multimedia Movie File format
+# URL:	http://fileformats.archiveteam.org/wiki/RIFF_Multimedia_Movie
+>8	string		RMMP		\b, multimedia movie
+!:mime	video/x-mmm
+!:ext	mmm
+# RIFF wrapper for MP3
+>8	string		RMP3		\b, MPEG Layer 3 audio
+#!:mime	audio/x-rmp3
+# Microsoft WAVE format (*.wav)
+# URL:		http://fileformats.archiveteam.org/wiki/WAV
+>8	string		WAVE		\b, WAVE audio
+#!:mime	audio/vnd.wave
+!:mime	audio/x-wav
+# https://www.macdisk.com/macsigen.php
+#!:apple	????WAVE
+!:ext	wav/wave
+>>12    string  >\0
+>>>12   use     riff-walk
+# TR500 call recorder extended header
+>>16	ulelong		0x1E4
+>>>20	leshort		0x11
+>>>>256	byte		4
+>>>>>256 use		tr500-call-recorder-header
+# Update:	Joerg Jenderek
+# lower case for Corel Draw version 8 Bidi
+>8	string/c	cdr
+# skip Corel CCX Clipart
+>>8	string		!CDRXcont
+# Corel Draw Picture
+>>>0	use     corel-draw
+# URL:		http://fileformats.archiveteam.org/wiki/CCX_(Corel)
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/c/ccx-corel.trid.xml 
+>>8	string		=CDRXcont	\b, Corel Clipart
+!:mime	application/x-corel-ccx
+!:ext	ccx
+# 3rd chunk data {Corel\040Binary\040Meta\040File}
+#>>>20	string		x		\b, 3rd '%-s'
+>>>4	ulelong+8	x		\b, %u bytes
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/CorelDRAW
+# Reference:	http://fileformats.archiveteam.org/wiki/CorelDRAW
+# Picture templates created by newer software start with RIFF type CDT
+>8	string		CDT
+>>0	use		corel-draw
+# Picture templates with version 4.4
+>8	string		CDST
+>>0	use		corel-draw
+# pattern created by newer software start with RIFF type PAT
+>8	string		PAT
+>>0	use		corel-draw
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Corel_Designer
+# Reference:	http://fileformats.archiveteam.org/wiki/Corel_Designer
+>8	string		DES
+>>8	string		!DESC
+>>>0	use		corel-des
+# Corel Draw templates with version 12.5 or Corel Designer illustration 12
+>>8	string		=DESC
+# MORE TESTS NEEDED HERE!
+#>>>0	use		corel-des
+#>>>0	use		corel-draw
+>8	string		NUNDROOT	\b, Steinberg CuBase
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/MIDI_Instrument_Definition_File
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/i/idf.trid.xml
+#		ftp://curscott.servebeer.com/Download/Apps/_Microsoft/
+#  		Visual%20Studio%206.0%20Professional%20MSDN/
+#		SAMPLES/VC98/SDK/GRAPHICS/AUDIO/IDFEDIT/GLOBALS.H 
+# Note:		called "MIDI Instrument Definition File" by TrID
+>8	string		IDF\ LIST	\b, MIDI Instrument Definition File
+!:mime	audio/x-idf
+!:ext	idf
+# 3rd chunk size like: 254 284 286 670
+#>>0x10	ulelong		x		\b, 3th SIZE %u
+# for debugging purpose display next chunk like: MMAPhdr
+#>>0x14	string		x		\b, 4th "%-8.8s"
+#>>0x1C	ulelong		x		\b, 4th SIZE 0x%x
+# probably MIDI instrument name like: "Universal-MIDI-Instrument" "instrument name" "General MIDI"
+>>0x30	string		x		"%s"
+# look for inst TAG
+>>0x31	search/256	inst		by
+# probably manufacture name like: "Unspecified Company" "NVidia Corporation"
+>>>&0x24	string	x		"%s"
+# AVI == Audio Video Interleave
+# Reference:	http://fileformats.archiveteam.org/wiki/AVI
+>8	string		AVI\040		\b, AVI
+# https://reposcope.com/mimetype/video/x-msvideo
+!:mime	video/x-msvideo
+# https://www.iana.org/assignments/wave-avi-codec-registry/wave-avi-codec-registry.xml
+#!:mime	video/vnd.avi
+!:ext	avi/divx
+>>12    string          LIST
+>>>20   string          hdrlavih
+>>>>&36 lelong          x               \b, %u x
+>>>>&40 lelong          x               %u,
+>>>>&4  lelong          >1000000        <1 fps,
+>>>>&4  lelong          1000000         1.00 fps,
+>>>>&4  lelong          500000          2.00 fps,
+>>>>&4  lelong          333333          3.00 fps,
+>>>>&4  lelong          250000          4.00 fps,
+>>>>&4  lelong          200000          5.00 fps,
+>>>>&4  lelong          166667          6.00 fps,
+>>>>&4  lelong          142857          7.00 fps,
+>>>>&4  lelong          125000          8.00 fps,
+>>>>&4  lelong          111111          9.00 fps,
+>>>>&4  lelong          100000          10.00 fps,
+# ]9.9,10.1[
+>>>>&4  lelong          <101010
+>>>>>&-4        lelong  >99010
+>>>>>>&-4       lelong  !100000         ~10 fps,
+>>>>&4  lelong          83333           12.00 fps,
+# ]11.9,12.1[
+>>>>&4  lelong          <84034
+>>>>>&-4        lelong  >82645
+>>>>>>&-4       lelong  !83333          ~12 fps,
+>>>>&4  lelong          66667           15.00 fps,
+# ]14.9,15.1[
+>>>>&4  lelong          <67114
+>>>>>&-4        lelong  >66225
+>>>>>>&-4       lelong  !66667          ~15 fps,
+>>>>&4  lelong          50000           20.00 fps,
+>>>>&4  lelong          41708           23.98 fps,
+>>>>&4  lelong          41667           24.00 fps,
+# ]23.9,24.1[
+>>>>&4  lelong          <41841
+>>>>>&-4        lelong  >41494
+>>>>>>&-4       lelong  !41708
+>>>>>>>&-4      lelong  !41667          ~24 fps,
+>>>>&4  lelong          40000           25.00 fps,
+# ]24.9,25.1[
+>>>>&4  lelong          <40161
+>>>>>&-4        lelong  >39841
+>>>>>>&-4       lelong  !40000          ~25 fps,
+>>>>&4  lelong          33367           29.97 fps,
+>>>>&4  lelong          33333           30.00 fps,
+# ]29.9,30.1[
+>>>>&4  lelong          <33445
+>>>>>&-4        lelong  >33223
+>>>>>>&-4       lelong  !33367
+>>>>>>>&-4      lelong  !33333          ~30 fps,
+>>>>&4  lelong          <32224          >30 fps,
+##>>>>&4  lelong          x               (%lu)
+##>>>>&20 lelong          x               %lu frames,
+# Note: The tests below assume that the AVI has 1 or 2 streams,
+#       "vids" optionally followed by "auds".
+#       (Should cover 99.9% of all AVIs.)
+# assuming avih length = 56
+>>>88   string  LIST
+>>>>96  string  strlstrh
+>>>>>108        string  vids    video:
+>>>>>>&0        lelong  0               uncompressed
+# skip past vids strh
+>>>>>>(104.l+108)       string  strf
+>>>>>>>(104.l+132)      lelong          1       RLE 8bpp
+>>>>>>>(104.l+132)      string/c        anim    Intel RDX
+>>>>>>>(104.l+132)      string/c        aur2    AuraVision Aura 2
+>>>>>>>(104.l+132)      string/c        aura    AuraVision Aura
+>>>>>>>(104.l+132)      string/c        bt20    Brooktree MediaStream
+>>>>>>>(104.l+132)      string/c        btcv    Brooktree Composite Video
+>>>>>>>(104.l+132)      string/c        cc12    Intel YUV12
+>>>>>>>(104.l+132)      string/c        cdvc    Canopus DV
+>>>>>>>(104.l+132)      string/c        cham    Winnov Caviara Cham
+>>>>>>>(104.l+132)      string/c        cljr    Proprietary YUV 4 pixels
+>>>>>>>(104.l+132)      string/c        cmyk    Common Data Format in Printing
+>>>>>>>(104.l+132)      string/c        cpla    Weitek 4:2:0 YUV Planar
+>>>>>>>(104.l+132)      string/c        cvid    Cinepak
+>>>>>>>(104.l+132)      string/c        cwlt    Microsoft Color WLT DIB
+>>>>>>>(104.l+132)      string/c        cyuv    Creative Labs YUV
+>>>>>>>(104.l+132)      string/c        d261    H.261
+>>>>>>>(104.l+132)      string/c        d263    H.263
+>>>>>>>(104.l+132)      string/c        duck    TrueMotion 1.0
+>>>>>>>(104.l+132)      string/c        dve2    DVE-2 Videoconferencing
+>>>>>>>(104.l+132)      string/c        fljp    Field Encoded Motion JPEG
+>>>>>>>(104.l+132)      string/c        fvf1    Fractal Video Frame
+>>>>>>>(104.l+132)      string/c        gwlt    Microsoft Greyscale WLT DIB
+>>>>>>>(104.l+132)      string/c        h260    H.260
+>>>>>>>(104.l+132)      string/c        h261    H.261
+>>>>>>>(104.l+132)      string/c        h262    H.262
+>>>>>>>(104.l+132)      string/c        h263    H.263
+>>>>>>>(104.l+132)      string/c        h264    H.264
+>>>>>>>(104.l+132)      string/c        h265    H.265
+>>>>>>>(104.l+132)      string/c        h266    H.266
+>>>>>>>(104.l+132)      string/c        h267    H.267
+>>>>>>>(104.l+132)      string/c        h268    H.268
+>>>>>>>(104.l+132)      string/c        h269    H.269
+>>>>>>>(104.l+132)      string/c        i263    Intel I.263
+>>>>>>>(104.l+132)      string/c        i420    Intel Indeo 4
+>>>>>>>(104.l+132)      string/c        ian     Intel RDX
+>>>>>>>(104.l+132)      string/c        iclb    CellB Videoconferencing Codec
+>>>>>>>(104.l+132)      string/c        ilvc    Intel Layered Video
+>>>>>>>(104.l+132)      string/c        ilvr    ITU-T H.263+
+>>>>>>>(104.l+132)      string/c        iraw    Intel YUV Uncompressed
+>>>>>>>(104.l+132)      string/c        iv30    Intel Indeo 3
+>>>>>>>(104.l+132)      string/c        iv31    Intel Indeo 3.1
+>>>>>>>(104.l+132)      string/c        iv32    Intel Indeo 3.2
+>>>>>>>(104.l+132)      string/c        iv33    Intel Indeo 3.3
+>>>>>>>(104.l+132)      string/c        iv34    Intel Indeo 3.4
+>>>>>>>(104.l+132)      string/c        iv35    Intel Indeo 3.5
+>>>>>>>(104.l+132)      string/c        iv36    Intel Indeo 3.6
+>>>>>>>(104.l+132)      string/c        iv37    Intel Indeo 3.7
+>>>>>>>(104.l+132)      string/c        iv38    Intel Indeo 3.8
+>>>>>>>(104.l+132)      string/c        iv39    Intel Indeo 3.9
+>>>>>>>(104.l+132)      string/c        iv40    Intel Indeo 4.0
+>>>>>>>(104.l+132)      string/c        iv41    Intel Indeo 4.1
+>>>>>>>(104.l+132)      string/c        iv42    Intel Indeo 4.2
+>>>>>>>(104.l+132)      string/c        iv43    Intel Indeo 4.3
+>>>>>>>(104.l+132)      string/c        iv44    Intel Indeo 4.4
+>>>>>>>(104.l+132)      string/c        iv45    Intel Indeo 4.5
+>>>>>>>(104.l+132)      string/c        iv46    Intel Indeo 4.6
+>>>>>>>(104.l+132)      string/c        iv47    Intel Indeo 4.7
+>>>>>>>(104.l+132)      string/c        iv48    Intel Indeo 4.8
+>>>>>>>(104.l+132)      string/c        iv49    Intel Indeo 4.9
+>>>>>>>(104.l+132)      string/c        iv50    Intel Indeo 5.0
+>>>>>>>(104.l+132)      string/c        mpeg    MPEG 1 Video Frame
+>>>>>>>(104.l+132)      string/c        mjpg    Motion JPEG
+>>>>>>>(104.l+132)      string/c        mp42    Microsoft MPEG-4 v2
+>>>>>>>(104.l+132)      string/c        mp43    Microsoft MPEG-4 v3
+>>>>>>>(104.l+132)      string/c        mrca    MR Codec
+>>>>>>>(104.l+132)      string/c        mrle    Run Length Encoding
+>>>>>>>(104.l+132)      string/c        msvc    Microsoft Video 1
+>>>>>>>(104.l+132)      string/c        phmo    Photomotion
+>>>>>>>(104.l+132)      string/c        qpeq    QPEG 1.1 Format Video
+>>>>>>>(104.l+132)      string/c        rgbt    RGBT
+>>>>>>>(104.l+132)      string/c        rle4    Run Length Encoded 4
+>>>>>>>(104.l+132)      string/c        rle8    Run Length Encoded 8
+>>>>>>>(104.l+132)      string/c        rt21    Intel Indeo 2.1
+>>>>>>>(104.l+132)      string/c        rvx     Intel RDX
+>>>>>>>(104.l+132)      string/c        sdcc    Sun Digital Camera Codec
+>>>>>>>(104.l+132)      string/c        sfmc    Crystal Net SFM Codec
+>>>>>>>(104.l+132)      string/c        smsc    SMSC
+>>>>>>>(104.l+132)      string/c        smsd    SMSD
+>>>>>>>(104.l+132)      string/c        splc    Splash Studios ACM Audio Codec
+>>>>>>>(104.l+132)      string/c        sqz2    Microsoft VXtreme Video Codec
+>>>>>>>(104.l+132)      string/c        sv10    Sorenson Video R1
+>>>>>>>(104.l+132)      string/c        tlms    TeraLogic Motion Intraframe Codec A
+>>>>>>>(104.l+132)      string/c        tlst    TeraLogic Motion Intraframe Codec B
+>>>>>>>(104.l+132)      string/c        tm20    TrueMotion 2.0
+>>>>>>>(104.l+132)      string/c        tmic    TeraLogic Motion Intraframe Codec 2
+>>>>>>>(104.l+132)      string/c        tmot    TrueMotion Video Compression
+>>>>>>>(104.l+132)      string/c        tr20    TrueMotion RT 2.0
+>>>>>>>(104.l+132)      string/c        ulti    Ultimotion
+>>>>>>>(104.l+132)      string/c        uyvy    UYVY 4:2:2 byte ordering
+>>>>>>>(104.l+132)      string/c        v422    24-bit YUV 4:2:2 format
+>>>>>>>(104.l+132)      string/c        v655    16-bit YUV 4:2:2 format
+>>>>>>>(104.l+132)      string/c        vcr1    ATI VCR 1.0
+>>>>>>>(104.l+132)      string/c        vcr2    ATI VCR 2.0
+>>>>>>>(104.l+132)      string/c        vcr3    ATI VCR 3.0
+>>>>>>>(104.l+132)      string/c        vcr4    ATI VCR 4.0
+>>>>>>>(104.l+132)      string/c        vcr5    ATI VCR 5.0
+>>>>>>>(104.l+132)      string/c        vcr6    ATI VCR 6.0
+>>>>>>>(104.l+132)      string/c        vcr7    ATI VCR 7.0
+>>>>>>>(104.l+132)      string/c        vcr8    ATI VCR 8.0
+>>>>>>>(104.l+132)      string/c        vcr9    ATI VCR 9.0
+>>>>>>>(104.l+132)      string/c        vdct    Video Maker Pro DIB
+>>>>>>>(104.l+132)      string/c        vids    YUV 4:2:2 CCIR 601 for V422
+>>>>>>>(104.l+132)      string/c        vivo    Vivo H.263
+>>>>>>>(104.l+132)      string/c        vixl    VIXL
+>>>>>>>(104.l+132)      string/c        vlv1    VLCAP.DRV
+>>>>>>>(104.l+132)      string/c        wbvc    W9960
+>>>>>>>(104.l+132)      string/c        x263    mmioFOURCC('X','2','6','3')
+>>>>>>>(104.l+132)      string/c        xlv0    XL Video Decoder
+>>>>>>>(104.l+132)      string/c        y211    YUV 2:1:1 Packed
+>>>>>>>(104.l+132)      string/c        y411    YUV 4:1:1 Packed
+>>>>>>>(104.l+132)      string/c        y41b    YUV 4:1:1 Planar
+>>>>>>>(104.l+132)      string/c        y41p    PC1 4:1:1
+>>>>>>>(104.l+132)      string/c        y41t    PC1 4:1:1 with transparency
+>>>>>>>(104.l+132)      string/c        y42b    YUV 4:2:2 Planar
+>>>>>>>(104.l+132)      string/c        y42t    PC1 4:2:2 with transparency
+>>>>>>>(104.l+132)      string/c        yc12    Intel YUV12 Codec
+>>>>>>>(104.l+132)      string/c        yuv8    Winnov Caviar YUV8
+>>>>>>>(104.l+132)      string/c        yuv9    YUV9
+>>>>>>>(104.l+132)      string/c        yuy2    YUY2 4:2:2 byte ordering packed
+>>>>>>>(104.l+132)      string/c        yuyv    BI_YUYV, Canopus
+>>>>>>>(104.l+132)      string/c        fmp4    FFMpeg MPEG-4
+>>>>>>>(104.l+132)      string/c        div3    DivX 3
+>>>>>>>>112             string/c        div3    Low-Motion
+>>>>>>>>112             string/c        div4    Fast-Motion
+>>>>>>>(104.l+132)      string/c        divx    DivX 4
+>>>>>>>(104.l+132)      string/c        dx50    DivX 5
+>>>>>>>(104.l+132)      string/c        xvid    XviD
+>>>>>>>(104.l+132)	string/c	h264	H.264
+>>>>>>>(104.l+132)      string/c        wmv3    Windows Media Video 9
+>>>>>>>(104.l+132)      string/c        h264    X.264 or H.264
+>>>>>>>(104.l+132)      lelong  0
+##>>>>>>>(104.l+132)      string  x       (%.4s)
+# skip past first (video) LIST
+>>>>(92.l+96)   string  LIST
+>>>>>(92.l+104) string  strlstrh
+>>>>>>(92.l+116)        string          auds    \b, audio:
+# auds strh length = 56:
+>>>>>>>(92.l+172)       string          strf
+>>>>>>>>(92.l+180)      leshort 0x0001  uncompressed PCM
+>>>>>>>>(92.l+180)      leshort 0x0002  ADPCM
+>>>>>>>>(92.l+180)      leshort 0x0006  aLaw
+>>>>>>>>(92.l+180)      leshort 0x0007  uLaw
+>>>>>>>>(92.l+180)      leshort 0x0050  MPEG-1 Layer 1 or 2
+>>>>>>>>(92.l+180)      leshort 0x0055  MPEG-1 Layer 3
+>>>>>>>>(92.l+180)      leshort 0x2000  Dolby AC3
+>>>>>>>>(92.l+180)      leshort 0x0161  DivX
+##>>>>>>>>(92.l+180)      leshort x       (%#.4x)
+>>>>>>>>(92.l+182)      leshort 1       (mono,
+>>>>>>>>(92.l+182)      leshort 2       (stereo,
+>>>>>>>>(92.l+182)      leshort >2      (%d channels,
+>>>>>>>>(92.l+184)      lelong  x       %d Hz)
+# auds strh length = 64:
+>>>>>>>(92.l+180)       string          strf
+>>>>>>>>(92.l+188)      leshort 0x0001  uncompressed PCM
+>>>>>>>>(92.l+188)      leshort 0x0002  ADPCM
+>>>>>>>>(92.l+188)      leshort 0x0055  MPEG-1 Layer 3
+>>>>>>>>(92.l+188)      leshort 0x2000  Dolby AC3
+>>>>>>>>(92.l+188)      leshort 0x0161  DivX
+##>>>>>>>>(92.l+188)      leshort x       (%#.4x)
+>>>>>>>>(92.l+190)      leshort 1       (mono,
+>>>>>>>>(92.l+190)      leshort 2       (stereo,
+>>>>>>>>(92.l+190)      leshort >2      (%d channels,
+>>>>>>>>(92.l+192)      lelong  x       %d Hz)
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/VDR_(VirtualDub)
+# Reference:	http://sourceforge.net/projects/virtualdub/files/virtualdub-win/
+#		1.10.4.35491/VirtualDub-1.10.4-src.7z/src/vdremote/Main.cpp
+# VirtualDub link handler
+>8	string		VDRM		\b, VirtualDub link
+!:mime	video/x-vdr
+!:ext	vdr
+>>12	string		PATH		\b, PATH
+# remote-path to video file
+>>16	pstring/l	x		%s
+# Animated Cursor format
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Windows_Animated_Cursor
+# Reference:	https://www.gdgsoft.com/anituner/help/aniformat.htm
+>8	string		ACON		\b, animated cursor
+!:mime	application/x-navi-animation
+# http://extension.nirsoft.net/ani
+#!:mime	image/ani
+!:ext	ani
+# INAM tag followed by length of title
+>>24	string		INAM
+>>>28	pstring/l	x		"%s"
+# IART tag followed by length of author
+>>>(28.l+32)	ubelong	0x49415254
+>>>>&0	pstring/l	x		%s
+# SoundFont 2 <mpruett@sgi.com>
+# URL:	http://fileformats.archiveteam.org/wiki/SoundFont_2.0
+>8	string		sfbk		\b, SoundFont/Bank
+!:mime	audio/x-sfbk
+!:ext	sf2
+# MPEG-1 wrapped in a RIFF, apparently
+# URL:	http://file.fyicenter.com/17_Video_.DAT_File_Extension_for_VCD_Files.html
+>8      string          CDXA            \b, wrapped MPEG-1 (CDXA)
+!:mime	video/x-cdxa
+!:ext	mpg/dat
+# URL:	http://fileformats.archiveteam.org/wiki/4X_IMA_ADPCM
+>8	string		4XMV		\b, 4X Movie file
+!:mime	video/x-4xmv
+!:ext	4xm/4xa
+# AMV-type AVI file: https://wiki.multimedia.cx/index.php?title=AMV
+>8	string		AMV\040		\b, AMV
+# http://fileformats.archiveteam.org/wiki/MTV_Video_(.AMV)
+!:mime	video/x-amv
+!:ext	amv
+#!:ext	amv/mtv
+# URL:	http://fileformats.archiveteam.org/wiki/WebP
+>8      string          WEBP            \b, Web/P image
+!:mime	image/webp
+!:ext	webp
+>>12	use		riff-walk
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/RIFF_MIDS
+>8      string          MIDS            \b, MIDI Stream
+!:mime	audio/x-mids
+!:ext	mds
+# From:		Joerg Jenderek
+# URL:		http://mark0.net/soft-trid-e.html
+# Reference:	http://fileformats.archiveteam.org/wiki/Trd_(TRID)
+>8      string          TRID            \b, TrID defs package
+!:mime	application/x-trid-trd
+!:ext	trd
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/CorelDRAW
+# Reference:	http://fileformats.archiveteam.org/wiki/CorelDRAW
+# Note:		Since version 3 CorelDraw Pictures are RIFF based
+# but data chunks remain proprietary.
+# Since version 14 til 15 packed as "content/riffData.cdr" and
+# since 16 "content/root.dat" in ZIP container
+# TODO:		distinguish templates with version 12.5 from Designer illustration 12
+#	display information of RIFF based Corel Draw pictures, templates and patterns
+0	name   	corel-draw
+# display second chunk for debugging
+#>8	string		x		\b, [8]=%.8s
+>0	string		x		\b, Corel Draw
+#!:mime	image/x-coreldraw
+!:mime	application/vnd.corel-draw
+# used by newer pictures templates
+>>8	string		CDT
+# used by templates with newer versions since 16
+>>>12	string		=fver		Picture template (root.dat)
+!:ext	dat
+# used by templates with older versions with vrsn tag
+>>>12	string		!fver
+# used by templates with older versions 14-15
+>>>>11	string		>E		Picture template (riffData.cdr)
+!:ext	cdr
+# used by templates with older versions 11-13
+>>>>11	string		<F		Picture template
+!:ext	cdt/cdrt
+# used by older templates with version 4.4
+>>8	string		CDST		Picture template
+!:ext	cdt
+# used by templates with version 12.5
+>>8	string		DESC		Picture template
+!:ext	cdt
+# used by newer patterns with version 22
+>>8	string		PAT		Pattern
+!:ext	dat
+# remaining older templates, patterns, drawings
+>>8	default		x
+# pattern with old version 4.y
+>>>26	ulelong		=0x0000206C	Pattern
+!:ext	pat
+# pattern with newer versions
+>>>26	ulelong		=0x00000D2C	Pattern
+!:ext	pat
+# remaining older templates or pictures
+>>>26	default		x
+# used by older versions 5 - 15
+>>>>12	string		=vrsn
+# 4th chunk size unequal 282Ch only found for CDR
+>>>>>26	ulelong		!0x0000282c	Picture
+!:ext	cdr
+>>>>>26	default		x		Picture or template
+!:ext	cdr/cdt
+# used by newer versions since 16
+>>>>12	string		=fver		Picture (root.dat)
+!:ext	dat
+# version marked by 1 ASCII char: space~3, ... , F~15,  ... , N~22, ... R~22 template
+>11	string		x		\b, version
+>11	string		>\040		'%-.1s'
+>0	use		corel-version
+>4	ulelong+8	x		\b, %u bytes
+#
+#	display numeric version of RIFF based Corel after 3rd RIFF tag
+0	name   	corel-version
+# for debugging purpose; vrsn for short content; fver for 16 byte size
+#>12	string		x		\b, TAG "%-4.4s"
+# 1st data chunk length 2 implies short content version
+>16	ulelong		2
+# vrsn chunk short content interpreted by MajorVersion * 100 + MinorVersion
+>>20	uleshort/100	x		%u
+>>20	uleshort%100	>0		\b.%u
+# for debugging purpose display next chunk like: DISP LIST
+#>>22	string		x		\b, 4th "%-4.4s"
+#>>26	ulelong		x		\b, 4th SIZE %#x
+# for debugging purpose display 5th chunk like: LIST DISP ccmm osfp
+#>>(26.l+30)	string	x		\b, 5th "%-4.4s"
+# 1st data chunk length 10h implies 16 byte content with version info
+>16	ulelong		0x10
+>>34	ubyte		x		%u
+>>>33	ubyte		>0		\b.%u
+#	display information of RIFF based Corel Design formats
+0	name   	corel-des
+# display second chunk for debugging
+#>8	string		x		\b, [8]=%.8s
+>12	string		x		\b, Corel DESIGNER
+!:mime	image/x-corel-des
+#!:mime	application/x-vnd.corel.designer.document
+# used by Corel Designer with newer versions since 16
+>12	string		=fver		graphics (root.dat)
+!:ext	dat
+# used by Corel Designer templates with older versions with vrsn tag
+>12	string		!fver
+# used by Corel Designer with versions 14-15
+>>11	string		>D		graphics (riffData.cdr)
+!:ext	cdr
+# used by Corel Designer with versions 10-12
+>>11	string		<E		graphics
+!:ext	des
+# version indicated by last ASCII char of second chunk tag
+>11	string		x		\b, version '%-.1s'
+# but vrsn short content is not always version indicator
+# exceptions: 'A'~11.4 'B'~12 'C'~12.5
+>11	string		>D
+>>0	use		corel-version
+# for debugging purpose display next chunk like: DISP LIST
+#>>22	string		x		\b, 4th "%-4.4s"
+#>>26	ulelong		x		\b, 4th SIZE %#x
+# for debugging purpose display 5th chunk like: LIST osfp
+#>>(26.l+30)	string	x		\b, 5th "%-4.4s"
+>4	ulelong+8	x		\b, %u bytes
+
+#
+# XXX - some of the below may only appear in little-endian form.
+#
+# Also "MV93" appears to be for one form of Macromedia Director
+# files, and "GDMF" appears to be another multimedia format.
+#
+0	string		RIFX		RIFF (big-endian) data
+# RIFF Palette format
+>8	string		PAL		\b, palette
+>>16	beshort		x		\b, version %d
+>>18	beshort		x		\b, %d entries
+# RIFF Device Independent Bitmap format
+>8	string		RDIB		\b, device-independent bitmap
+>>16	string		BM
+>>>30	beshort		12		\b, OS/2 1.x format
+>>>>34	beshort		x		\b, %d x
+>>>>36	beshort		x		%d
+>>>30	beshort		64		\b, OS/2 2.x format
+>>>>34	beshort		x		\b, %d x
+>>>>36	beshort		x		%d
+>>>30	beshort		40		\b, Windows 3.x format
+>>>>34	belong		x		\b, %d x
+>>>>38	belong		x		%d x
+>>>>44	beshort		x		%d
+# RIFF MIDI format
+>8	string		RMID		\b, MIDI
+# RIFF Multimedia Movie File format
+>8	string		RMMP		\b, multimedia movie
+# Microsoft WAVE format (*.wav)
+>8	string		WAVE		\b, WAVE audio
+>>20	leshort		1		\b, Microsoft PCM
+>>>34	leshort		>0		\b, %d bit
+>>22	beshort		=1		\b, mono
+>>22	beshort		=2		\b, stereo
+>>22	beshort		>2		\b, %d channels
+>>24	belong		>0		%d Hz
+# Corel Draw Picture big endian not tested by real examples
+#>8	string		CDRA		\b, Corel Draw Picture
+#>8	string		CDR6		\b, Corel Draw Picture, version 6
+>8	string		CDR
+>>0	use     \^corel-draw
+
+# AVI == Audio Video Interleave
+>8	string		AVI\040		\b, AVI
+# Animated Cursor format
+>8	string		ACON		\b, animated cursor
+# Notation Interchange File Format (big-endian only)
+>8	string		NIFF		\b, Notation Interchange File Format
+# SoundFont 2 <mpruett@sgi.com>
+>8	string		sfbk		SoundFont/Bank
+
+#------------------------------------------------------------------------------
+# Sony Wave64
+# see http://www.vcs.de/fileadmin/user_upload/MBS/PDF/Whitepaper/Informations_about_Sony_Wave64.pdf
+# 128 bit RIFF-GUID { 66666972-912E-11CF-A5D6-28DB04C10000 } in little-endian
+0	string	riff\x2E\x91\xCF\x11\xA5\xD6\x28\xDB\x04\xC1\x00\x00		Sony Wave64 RIFF data
+# 128 bit + total file size (64 bits) so 24 bytes
+# then WAVE-GUID { 65766177-ACF3-11D3-8CD1-00C04F8EDB8A }
+>24	string		wave\xF3\xAC\xD3\x11\x8C\xD1\x00\xC0\x4F\x8E\xDB\x8A		\b, WAVE 64 audio
+!:mime	audio/x-w64
+# FMT-GUID { 20746D66-ACF3-11D3-8CD1-00C04F8EDB8A }
+>>40	search/256	fmt\x20\xF3\xAC\xD3\x11\x8C\xD1\x00\xC0\x4F\x8E\xDB\x8A		\b
+>>>&10	leshort		=1		\b, mono
+>>>&10	leshort		=2		\b, stereo
+>>>&10	leshort		>2		\b, %d channels
+>>>&12	lelong		>0		%d Hz
+
+#------------------------------------------------------------------------------
+# MBWF/RF64
+# see EBU TECH 3306 https://tech.ebu.ch/docs/tech/tech3306-2009.pdf
+0	string	RF64\xff\xff\xff\xffWAVEds64		MBWF/RF64 audio
+!:mime	audio/x-wav
+>40	search/256	fmt\x20		\b
+>>&6	leshort		=1		\b, mono
+>>&6	leshort		=2		\b, stereo
+>>&6	leshort		>2		\b, %d channels
+>>&8	lelong		>0		%d Hz
diff --git a/magic/Magdir/ringdove b/magic/Magdir/ringdove
new file mode 100644
index 0000000..38dd4bf
--- /dev/null
+++ b/magic/Magdir/ringdove
@@ -0,0 +1,45 @@
+#------------------------------------------------------------------------------
+# $File: ringdove,v 1.1 2022/08/16 12:04:30 christos Exp $
+# ringdove:  file(1) magic for RingdoveEDA data files
+
+# librnd and global
+0	regex/128l	ha:rnd-menu-v[0-9]+[\ \t\r\n]*[{]	librnd menu system (lihata)
+0	regex/128l	ha:rnd-menu-patch-v[0-9]+[\ \t\r\n]*[{]	librnd menu patch (lihata)
+0	regex/128l	ha:coraleda-project-v[0-9]+[\ \t\r\n]*[{]	CoralEDA/Ringdove project file (lihata)
+0	regex/128l	ha:ringdove-project-v[0-9]+[\ \t\r\n]*[{]	Ringdove project file (lihata)
+
+# pcb-rnd
+0	regex/128l	ha:pcb-rnd-board-v[0-9]+[\ \t\r\n]*[{]	pcb-rnd board file (lihata)
+0	regex/128l	li:pcb-rnd-subcircuit-v[0-9]+[\ \t\r\n]*[{]	pcb-rnd subcircuit/footprint file (lihata)
+0	regex/128l	ha:pcb-rnd-buffer-v[0-9]+[\ \t\r\n]*[{]	pcb-rnd paste buffer content (lihata)
+0	regex/128l	li:pcb-rnd-conf-v[0-9]+[\ \t\r\n]*[{]	pcb-rnd configuration (lihata)
+0	regex/128l	ha:pcb-rnd-drc-query-v[0-9]+[\ \t\r\n]*[{]	pcb-rnd drc query string (lihata)
+0	regex/128l	li:pcb-rnd-font-v[0-9]+[\ \t\r\n]*[{]	pcb-rnd vector font (lihata)
+0	regex/128l	ha:pcb-rnd-log-v[0-9]+[\ \t\r\n]*[{]	pcb-rnd message log dump (lihata)
+0	regex/128l	ha:pcb-rnd-padstack-v[0-9]+[\ \t\r\n]*[{]	pcb-rnd padstack (lihata)
+0	regex/128l	li:pcb-rnd-view-list-v[0-9]+[\ \t\r\n]*[{]	pcb-rnd view list (lihata)
+0	regex/128l	li:view-list-v[0-9]+[\ \t\r\n]*[{]	pcb-rnd view list (lihata)
+0	search	Netlist(Freeze)	pcb-rnd or gEDA/PCB netlist forward annotation action script
+
+# sch-rnd (cschem data model)
+0	regex/128l	li:cschem-buffer-v[0-9]+[\ \t\r\n]*[{]	sch-rnd/cschem buffer content (lihata)
+0	regex/128l	li:sch-rnd-conf-v[0-9]+[\ \t\r\n]*[{]	sch-rnd configuration (lihata)
+0	regex/128l	ha:std_devmap.v[0-9]+[\ \t\r\n]*[{]	sch-rnd devmap (device mapping; lihata)
+0	regex/128l	li:cschem-group-v[0-9]+[\ \t\r\n]*[{]	sch-rnd/cschem group or symbol (lihata)
+0	regex/128l	ha:cschem-sheet-v[0-9]+[\ \t\r\n]*[{]	sch-rnd/cschem schematic sheet (lihata)
+
+# tEDAx (modular format)
+0	regex/1l	tEDAx[\ \t\r\n]v	tEDAx (Trivial EDA eXchange)
+>0	regex	begin\ symbol\ v	with schematic symbol
+>0	regex	begin\ board\ v	with Printed Circuit Board
+>0	regex	begin\ route_req\ v	with PCB routing request
+>0	regex	begin\ route_res\ v	with PCB routing result
+>0	regex	begin\ camv_layer\ v	with camv-rnd exported layer
+>0	regex	begin\ netlist\ v	with netlist
+>0	regex	begin\ backann\ v	with Ringdove EDA back annotation
+>0	regex	begin\ footprint\ v	with PCB footprint
+>0	regex	begin\ drc\ v	with PCB DRC script
+>0	regex	begin\ drc_query_rule\ v	with pcb-rnd drc_query rules
+>0	regex	begin\ drc_query_def\ v	with pcb-rnd drc_query value/config definitions
+>0	regex	begin\ etest\ v	with PCB electric test
+
diff --git a/magic/Magdir/rpi b/magic/Magdir/rpi
new file mode 100644
index 0000000..0d213b5
--- /dev/null
+++ b/magic/Magdir/rpi
@@ -0,0 +1,52 @@
+
+#------------------------------------------------------------------------------
+# $File: rpi,v 1.3 2022/04/02 14:39:34 christos Exp $
+# rpi:  file(1) magic for Raspberry Pi images
+-44		lelong	0
+>4		lelong	0
+>>8		lelong	1
+>>12		lelong	4
+>>>16		string	283x
+>>>>20		lelong	1
+>>>>>24		lelong	4
+>>>>>>28	string	DTOK
+>>>>>>>32	lelong	44
+>>>>>>>>36	lelong	4
+>>>>>>>>>40	string	RPTL		Raspberry PI kernel image
+
+-56		lelong	0
+>4		lelong	0
+>>8		lelong	1
+>>12		lelong	4
+>>>16		string	283x
+>>>>20		lelong	1
+>>>>>24		lelong	4
+>>>>>>28	string	DTOK
+>>>>>>>32	lelong	1
+>>>>>>>>36	lelong	4
+>>>>>>>>>40	string	DDTK8
+>>>>>>>>>>48	lelong	4
+>>>>>>>>>>>52	string	RPTL		Raspberry PI kernel image
+
+# From: 	Joerg Jenderek
+# URL:		https://www.raspberrypi.com/documentation/computers/raspberry-pi.html
+#		#raspberry-pi-4-boot-eeprom
+# Reference:	https://github.com/raspberrypi/rpi-eeprom/blob/master/rpi-eeprom-config
+# Note:		start with same magic as for BIOS (ia32) ROM Extension handled by ./intel
+# masked with MAGIC_MASK and then compared with MAGIC
+0	belong&0xFFffF00F	0x55aaF00F	Raspberry PI EEPROM
+#!:mime	application/octet-stream
+!:mime	application/x-raspberry-eeprom
+# like: pieeprom-2020-09-03.bin
+!:ext	bin
+# a 32 bit offset to the next section like: 000184d4 000184c8 00018534 ... 0000bb84 0000bbd4 0000bbd4
+>4	ubelong			x		\b, offset %8.8x
+#>(4.L)	ubelong			x		NEXT=%8.8x
+# self.length
+>8	ubelong			!0		\b, length %x
+# self.filename
+>12	string			>0		\b, "%s"
+# length is zero
+>8	ubelong			=0
+# if length is zero then 2nd section magic here can be zero; this means sections parsing done
+>>8	ubelong			!0		\b, 2nd MAGIC=%8.8x
diff --git a/magic/Magdir/rpm b/magic/Magdir/rpm
new file mode 100644
index 0000000..9a795f8
--- /dev/null
+++ b/magic/Magdir/rpm
@@ -0,0 +1,45 @@
+
+#------------------------------------------------------------------------------
+# $File: rpm,v 1.12 2013/01/11 16:45:23 christos Exp $
+#
+# RPM: file(1) magic for Red Hat Packages   Erik Troan (ewt@redhat.com)
+#
+0	belong		0xedabeedb	RPM
+!:mime	application/x-rpm
+>4	byte		x		v%d
+>5	byte		x		\b.%d
+>6	beshort		1		src
+>6	beshort		0		bin
+>>8	beshort		1		i386/x86_64
+>>8	beshort		2		Alpha/Sparc64
+>>8	beshort		3		Sparc
+>>8	beshort		4		MIPS
+>>8	beshort		5		PowerPC
+>>8	beshort		6		68000
+>>8	beshort		7		SGI
+>>8	beshort		8		RS6000
+>>8	beshort		9		IA64
+>>8	beshort		10		Sparc64
+>>8	beshort		11		MIPSel
+>>8	beshort		12		ARM
+>>8	beshort		13		MiNT
+>>8	beshort		14		S/390
+>>8	beshort		15		S/390x
+>>8	beshort		16		PowerPC64
+>>8	beshort		17		SuperH
+>>8	beshort		18		Xtensa
+>>8	beshort		255		noarch
+
+#delta RPM    Daniel Novotny (dnovotny@redhat.com)
+0	string		drpm		Delta RPM
+!:mime  application/x-rpm
+>12	string 	x	%s
+>>8	beshort		11		MIPSel
+>>8	beshort		12		ARM
+>>8	beshort		13		MiNT
+>>8	beshort		14		S/390
+>>8	beshort		15		S/390x
+>>8	beshort		16		PowerPC64
+>>8	beshort		17		SuperH
+>>8	beshort		18		Xtensa
+>>10	string		x		%s
diff --git a/magic/Magdir/rpmsg b/magic/Magdir/rpmsg
new file mode 100644
index 0000000..cbbbb2b
--- /dev/null
+++ b/magic/Magdir/rpmsg
@@ -0,0 +1,7 @@
+
+#------------------------------------------------------------------------------
+# $File: rpmsg,v 1.1 2019/04/19 00:40:47 christos Exp $
+# rpmsg: file(1) magic for restricted-permission messages (or "rights-protected" messages)
+# see https://en.wikipedia.org/wiki/Rpmsg
+
+0	string	\x76\xe8\x04\x60\xc4\x11\xe3\x86	rpmsg Restricted Permission Message
diff --git a/magic/Magdir/rst b/magic/Magdir/rst
new file mode 100644
index 0000000..0df15b8
--- /dev/null
+++ b/magic/Magdir/rst
@@ -0,0 +1,13 @@
+
+#------------------------------------------------------------------------------
+# $File: rst,v 1.4 2023/07/27 18:26:32 christos Exp $
+# rst: ReStructuredText http://docutils.sourceforge.net/rst.html
+0	search/256	\=\=
+!:strength + 30
+>&0	regex/256	\^[\=]+$
+>>&0	search/512	:Author:		ReStructuredText file
+>>&0	search/512	\012Authors:		ReStructuredText file
+>>&0	search/512	\012Author:		ReStructuredText file
+>>&0	default		x
+>>>&0	regex/512	\^\\.\\.[A-Za-z]	ReStructuredText file
+!:ext	rst
diff --git a/magic/Magdir/rtf b/magic/Magdir/rtf
new file mode 100644
index 0000000..48a1f28
--- /dev/null
+++ b/magic/Magdir/rtf
@@ -0,0 +1,94 @@
+
+#------------------------------------------------------------------------------
+# $File: rtf,v 1.9 2020/12/12 20:01:47 christos Exp $
+# rtf:	file(1) magic for Rich Text Format (RTF)
+#
+# Duncan P. Simpson, D.P.Simpson@dcs.warwick.ac.uk
+# Update:	Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Rich_Text_Format
+# Reference:	http://www.snake.net/software/RTF/RTF-Spec-1.7.rtf
+#		http://www.kleinlercher.at/tools/Windows_Protocols/Word2007RTFSpec9.pdf
+0	string		{\\rtf
+# skip DROID fmt-355-signature-id-522.rtf by looking for valid version
+>5	ubyte		!0xAB
+# skip also \ in DROID fmt-50-signature-id-158.rtf by looking for valid version
+>>5	ubyte		!0x5C		Rich Text Format data
+!:mime	text/rtf
+!:apple	????RTF
+!:ext	rtf
+>>>0	use		rtf-info
+#	display information like version, language and code page of RTF
+0	name		rtf-info
+# 1 mostly, 2 for newer Pocket Word documents, space for test like fdo78502.rtf, { for some urtf
+>5	ubyte		!0x7b		\b, version %c
+# The word for character set must precede any text or most other control words
+>6	string		\\mac		\b, Apple Macintosh
+>6	string		\\pc
+# control word \pca
+>>9	ubyte		=0x61		\b, IBM PS/2, code page 850
+>>9	ubyte		!0x61		\b, IBM PC, code page 437
+# unknown character set or ANSI later after control words like
+# \adeflang1025 \info \title \author \category \manager
+# "Burow, Steffanie - Im Tal des Schneeleoparden.rtf"
+#>6	search/105	\\ansi		\b, ANSI
+>6	search/502	\\ansi		\b, ANSI
+>6	default		x		\b, unknown character set
+# look for explicit codepage keyword
+# "Burow, Steffanie - Im Tal des Schneeleoparden.rtf"
+#>5	search/110	\\ansicpg
+>5	search/500	\\ansicpg
+# skip unknown or buggy codepage string 0 like in fdo78502.rtf
+>>&0	ubyte		!0x30		\b, code page
+# codepage string: 437~United States IBM, ..., 1252~WesternEuropean, ..., 57011~Punjabi
+>>>&-1		string	x		%-.3s
+# skip space or \ and display possible 4th digit of code page string
+>>>&2		ubyte	>0x2F
+>>>>&-1		ubyte	<0x3A		\b%c
+# possible 5th digit of code page string
+>>>>>&0		ubyte	>0x2F
+>>>>>>&-1	ubyte	<0x3A		\b%c
+# look again at version byte to use default clause
+>5	ubyte		x
+# Default language ID for South Asian/Middle Eastern text
+# language ID: 1025, ..., 1065~Persian, ..., 2057~English_UnitedKingdom, ..., 58380~French_NorthAfrica
+# Readme-0.72-Persian.rtf
+#>6	search/1	\\adeflang	\b, default middle east language ID
+>>6	search/497	\\adeflang	\b, default middle east language ID
+# https://docs.microsoft.com/en-us/openspecs/office_standards/ms-oe376/6c085406-a698-4e12-9d4d-c3b0ee3dbc4a
+>>>&0	string		x		%.4s
+# skip \ and NL and show possible 5th digit of language string
+>>>&4	ubyte		>0x2F
+>>>>&-1	ubyte		<0x3A		\b%c
+# else look for default language to be used when the \plain control word is encountered
+>>6	default		x
+# "Burow, Steffanie - Im Tal des Schneeleoparden.rtf"
+#>>>6	search/127	\\deflang
+>>>6	search/505	\\deflang
+>>>>&0	string		>0		\b, default language ID %-.4s
+# possible 5th digit of language string
+>>>>&4		ubyte	>0x2F
+>>>>>&-1	ubyte	<0x3A		\b%c
+
+# Reference:	http://latex2rtf.sourceforge.net/rtfspec_63.html
+# Note:		no real world example found
+0	string		{\\urtf		Rich Text Format unicoded data
+!:mime	text/rtf
+#!:apple	????RTF
+!:ext	rtf
+>1	use		rtf-info
+
+# URL:		https://en.wikipedia.org/wiki/Microsoft_Word
+# Reference:	http://fileformats.archiveteam.org/wiki/Microsoft_Word
+# Note:	called by TrID "Pocket Word document"
+#	by PlanMaker "Pocket Word-Handheld PC" for pwd
+#	by PlanMaker "Pocket Word-Pocket PC" for psw
+0	string		{\\pwd		Pocket Word document or template
+# by SoftMaker Office	http://extension.nirsoft.net/pwd
+#!:mime	application/msword
+# https://reposcope.com/mimetype/application/x-pocket-word
+!:mime	application/x-pocket-word
+# PWD for Handheld PC variant and PSW for Pocket PC variant
+# PWT for template
+!:ext	pwd/psw/pwt
+>0	use		rtf-info
+
diff --git a/magic/Magdir/ruby b/magic/Magdir/ruby
new file mode 100644
index 0000000..9e67a3e
--- /dev/null
+++ b/magic/Magdir/ruby
@@ -0,0 +1,55 @@
+
+#------------------------------------------------------------------------------
+# $File: ruby,v 1.10 2019/07/21 09:40:17 christos Exp $
+# ruby:  file(1) magic for Ruby scripting language
+# URL:  https://www.ruby-lang.org/
+# From: Reuben Thomas <rrt@sc3d.org>
+
+# Ruby scripts
+0	search/1/w	#!\ /usr/bin/ruby				Ruby script text executable
+!:strength + 15
+!:mime text/x-ruby
+0	search/1/w	#!\ /usr/local/bin/ruby	Ruby script text executable
+!:strength + 15
+!:mime text/x-ruby
+0	search/1	#!/usr/bin/env\ ruby				Ruby script text executable
+!:strength + 15
+!:mime text/x-ruby
+0	search/1	#!\ /usr/bin/env\ ruby			Ruby script text executable
+!:strength + 15
+!:mime text/x-ruby
+
+# What looks like ruby, but does not have a shebang
+# (modules and such)
+# From: Lubomir Rintel <lkundrak@v3.sk>
+0	search/8192	require
+>0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/.]+'
+>>0	regex		def\ [a-z]|\ do$
+>>>&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
+!:strength + 30
+!:mime	text/x-ruby
+0	regex		\^[[:space:]]*(class|module)[[:space:]][A-Z]
+>0	regex		(modul|includ)e\ [A-Z]|def\ [a-z]
+>>&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
+!:strength + 30
+!:mime	text/x-ruby
+# Classes with no modules or defs, beats simple ASCII
+0	regex		\^[[:space:]]*(class|module)[[:space:]][A-Z]
+>&0	regex	\^[[:space:]]*end([[:space:]]+[;#if].*)?$		Ruby script text
+!:strength + 10
+!:mime	text/x-ruby
+# Looks for function definition to balance python magic
+# def name (args)
+# end
+0	search/8192	def\ 
+>0	regex		\^[[:space:]]*def\ [a-z]|def\ [[:alpha:]]+::[a-z]
+>>&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
+!:strength + 10
+!:mime	text/x-ruby
+
+0	search/8192	require
+>0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/.]+'	Ruby script text
+!:mime	text/x-ruby
+0	search/8192	include
+>0 regex 	\^[[:space:]]*include\ ([A-Z]+[a-z]*(::))+	Ruby script text
+!:mime	text/x-ruby
diff --git a/magic/Magdir/rust b/magic/Magdir/rust
new file mode 100644
index 0000000..b1bbd9d
--- /dev/null
+++ b/magic/Magdir/rust
@@ -0,0 +1,21 @@
+
+#------------------------------------------------------------------------------
+# $File: rust,v 1.2 2022/11/18 15:58:15 christos Exp $
+# Magic for Rust and related languages programs
+#
+
+# Rust compiler metadata
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://github.com/rust-lang/rust/blob/1.64.0/compiler/rustc_metadata/src/rmeta/mod.rs
+0	string		rust\x00\x00\x00
+>12	string		\014rustc\x20		Rust compiler metadata
+!:ext	rmeta
+>>7	byte		x			\b, version %d
+
+# Rust incremental compilation metadata
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://github.com/rust-lang/rust/blob/1.64.0/compiler/rustc_incremental/src/persist/file_format.rs
+0	string		RSIC
+>4	uleshort	=0			Rust incremental compilation metadata
+!:ext	bin
+>>6	pstring		x			\b, rustc %s
diff --git a/magic/Magdir/sc b/magic/Magdir/sc
new file mode 100644
index 0000000..dc6d6c8
--- /dev/null
+++ b/magic/Magdir/sc
@@ -0,0 +1,7 @@
+
+#------------------------------------------------------------------------------
+# $File: sc,v 1.6 2009/09/19 16:28:12 christos Exp $
+# sc:  file(1) magic for "sc" spreadsheet
+#
+38	string		Spreadsheet	sc spreadsheet file
+!:mime	application/x-sc
diff --git a/magic/Magdir/sccs b/magic/Magdir/sccs
new file mode 100644
index 0000000..04e7929
--- /dev/null
+++ b/magic/Magdir/sccs
@@ -0,0 +1,24 @@
+
+#------------------------------------------------------------------------------
+# $File: sccs,v 1.8 2020/06/20 21:32:52 christos Exp $
+# sccs:  file(1) magic for SCCS archives
+#
+# SCCS v4 archive structure:
+# \001h01207
+# \001s 00276/00000/00000
+# \001d D 1.1 87/09/23 08:09:20 ian 1 0
+# \001c date and time created 87/09/23 08:09:20 by ian
+# \001e
+# \001u
+# \001U
+# ... etc.
+# Now '\001h' happens to be the same as the 3B20's a.out magic number (0550).
+# *Sigh*. And these both came from various parts of the USG.
+# Maybe we should just switch everybody from SCCS to RCS!
+# Further, you can't just say '\001h0', because the five-digit number
+# is a checksum that could (presumably) have any leading digit,
+# Fortunately we have regular expression matching:
+0	string		\001h
+>2	regex		[0-9][0-9][0-9][0-9][0-9]$
+>>8	string		\001s\040 		SCCS v4 archive data
+>2	string		V6,sum=			SCCS v6 archive data
diff --git a/magic/Magdir/scientific b/magic/Magdir/scientific
new file mode 100644
index 0000000..d52d6ae
--- /dev/null
+++ b/magic/Magdir/scientific
@@ -0,0 +1,144 @@
+
+#------------------------------------------------------------------------------
+# $File: scientific,v 1.14 2023/04/29 17:28:09 christos Exp $
+# scientific:  file(1) magic for scientific formats
+#
+# From: Joe Krahn <krahn@niehs.nih.gov>
+
+########################################################
+# CCP4 data and plot files:
+0	string		MTZ\040		MTZ reflection file
+
+92	string		PLOT%%84	Plot84 plotting file
+>52	byte		1		, Little-endian
+>55	byte		1		, Big-endian
+
+########################################################
+# Electron density MAP/MASK formats
+
+0	string		EZD_MAP	NEWEZD Electron Density Map
+109	string		MAP\040(  Old EZD Electron Density Map
+
+0	string/c	:-)\040Origin	BRIX Electron Density Map
+>170	string		>0	, Sigma:%.12s
+#>4	string		>0	%.178s
+#>4	addr		x	%.178s
+
+7	string		18\040!NTITLE	XPLOR ASCII Electron Density Map
+9	string		\040!NTITLE\012\040REMARK	CNS ASCII electron density map
+
+208	string		MAP\040	CCP4 Electron Density Map
+# Assumes same stamp for float and double (normal case)
+>212	byte		17	\b, Big-endian
+>212	byte		34	\b, VAX format
+>212	byte		68	\b, Little-endian
+>212	byte		85	\b, Convex native
+
+############################################################
+# X-Ray Area Detector images
+0	string	R-AXIS4\ \ \ 	R-Axis Area Detector Image:
+>796	lelong	<20		Little-endian, IP #%d,
+>>768	lelong	>0		Size=%dx
+>>772	lelong	>0		\b%d
+>796	belong	<20		Big-endian, IP #%d,
+>>768	belong	>0		Size=%dx
+>>772	belong	>0		\b%d
+
+0	string	RAXIS\ \ \ \ \ 	R-Axis Area Detector Image, Win32:
+>796	lelong	<20		Little-endian, IP #%d,
+>>768	lelong	>0		Size=%dx
+>>772	lelong	>0		\b%d
+>796	belong	<20		Big-endian, IP #%d,
+>>768	belong	>0		Size=%dx
+>>772	belong	>0		\b%d
+
+
+1028	string	MMX\000\000\000\000\000\000\000\000\000\000\000\000\000	MAR Area Detector Image,
+>1072	ulong	>1		Compressed(%d),
+>1100	ulong	>1		%d headers,
+>1104	ulong	>0		%d x
+>1108	ulong	>0		%d,
+>1120	ulong	>0		%d bits/pixel
+
+# Type: GEDCOM genealogical (family history) data
+# From: Giuseppe Bilotta
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/GEDCOM
+#		https://en.wikipedia.org/wiki/GEDCOM
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/g/
+#		ged.trid.xml ged-utf8.trid.xml ged-utf16.trid.xml
+# Note:		called "GEDCOM Family History" by TrID and "Genealogical Data Communication (GEDCOM) Format" by DROID via PUID fmt/851
+0       search/1/c	0\ HEAD         GEDCOM genealogy text
+#!:mime	text/plain
+#!:mime	application/x-gedcom
+# https://www.iana.org/assignments/media-types/text/vnd.familysearch.gedcom
+!:mime	text/vnd.familysearch.gedcom
+!:ext	ged
+# no gedcom sample found and ged suffix also used for other formats
+#!:ext	ged/gedcom
+>&0     search		1\ GEDC
+>>&0    search		2\ VERS         version
+# 4 5.0 5.3 5.4 5.5 5.5.1 5.5.5 5.6 7.0 or no version
+>>>&1   string		>\0		%s
+# From: Phil Endecott <phil05@chezphil.org>
+# 0\040HEAD as UTF-16 big endian without BOM
+0	string	\000\060\000\040\000\110\000\105\000\101\000\104		GEDCOM genealogy text
+!:mime	text/vnd.familysearch.gedcom
+!:ext	ged
+# look for VERS tag encoded as UTF-16 big endian
+>12		search/0x65	V\0E\0R\0S					version
+# version like: 5.5.1
+>>&2		bestring16	x						%s
+>>0		string		x						\b, UTF-16 (without BOM) big-endian text
+# 0\040HEAD as UTF-16 little endian without BOM
+0	string	\060\000\040\000\110\000\105\000\101\000\104\000		GEDCOM genealogy text
+!:mime	text/vnd.familysearch.gedcom
+!:ext	ged
+# look for VERS tag encoded as UTF-16 lttle endian
+>12		search/0x65	V\0E\0R\0S					version
+# version like: 5.5.1
+>>&3		lestring16	x						%s
+>>2		string		x						\b, UTF-16 (without BOM) little-endian text
+# Note:		UTF-16 with BOM variants already described above by first test as "GEDCOM genealogy text"
+# 0\040HEAD as UTF-16 big endian with BOM
+#0	string	\376\377\000\060\000\040\000\110\000\105\000\101\000\104	GEDCOM data
+# 0\040HEAD as UTF-16 little endian with BOM
+#0	string	\377\376\060\000\040\000\110\000\105\000\101\000\104\000	GEDCOM data
+
+# PDB: Protein Data Bank files
+# Adam Buchbinder <adam.buchbinder@gmail.com>
+#
+# https://www.wwpdb.org/documentation/format32/sect2.html
+# https://www.ch.ic.ac.uk/chemime/
+#
+# The PDB file format is fixed-field, 80 columns. From the spec:
+#
+# COLS        DATA
+#  1 -  6      "HEADER"
+#  11 - 50     String(40)
+#  51 - 59     Date
+#  63 - 66     IDcode
+#
+# Thus, positions 7-10, 60-62 and 67-80 are spaces. The Date must be in the
+# format DD-MMM-YY, e.g., 01-JAN-70, and the IDcode consists of numbers and
+# uppercase letters. However, examples have been seen without the date string,
+# e.g., the example on the chemime site.
+0	string	HEADER\ \ \ \040
+>&0	regex/1l	\^.{40}
+>>&0	regex/1l	[0-9]{2}-[A-Z]{3}-[0-9]{2}\ {3}
+>>>&0	regex/1ls	[A-Z0-9]{4}.{14}$
+>>>>&0	regex/1l	[A-Z0-9]{4}	Protein Data Bank data, ID Code %s
+!:mime	chemical/x-pdb
+>>>>0	regex/1l	[0-9]{2}-[A-Z]{3}-[0-9]{2}	\b, %s
+
+# Type:	GDSII Stream file
+0	belong	0x00060002	GDSII Stream file
+>4	byte	0x00
+>>5	byte	x		version %d.0
+>4	byte	>0x00		version %d
+>>5	byte	x		\b.%d
+
+# Type: LXT (interLaced eXtensible Trace)
+# chrysn <chrysn@fsfe.org>
+0	beshort	0x0138	interLaced eXtensible Trace (LXT) file
+>2	beshort	>0	(Version %u)
diff --git a/magic/Magdir/securitycerts b/magic/Magdir/securitycerts
new file mode 100644
index 0000000..8785dd8
--- /dev/null
+++ b/magic/Magdir/securitycerts
@@ -0,0 +1,6 @@
+
+#------------------------------------------------------------------------------
+# $File: securitycerts,v 1.4 2009/09/19 16:28:12 christos Exp $
+0	search/1		-----BEGIN\ CERTIFICATE------	RFC1421 Security Certificate text
+0	search/1		-----BEGIN\ NEW\ CERTIFICATE	RFC1421 Security Certificate Signing Request text
+0	belong	0xedfeedfe	Sun 'jks' Java Keystore File data
diff --git a/magic/Magdir/selinux b/magic/Magdir/selinux
new file mode 100644
index 0000000..89d5f53
--- /dev/null
+++ b/magic/Magdir/selinux
@@ -0,0 +1,24 @@
+# Type:	SE Linux policy modules *.pp reference policy
+#	for Fedora 5 to 9, RHEL5, and Debian Etch and Lenny.
+# URL:	https://doc.coker.com.au/computers/selinux-magic
+# From:	Russell Coker <russell@coker.com.au>
+
+0		lelong	0xf97cff8f	SE Linux modular policy
+>4		lelong	x		version %d,
+>8		lelong	x		%d sections,
+>>(12.l)	lelong	0xf97cff8d
+>>>(12.l+27)	lelong	x		mod version %d,
+>>>(12.l+31)	lelong	0		Not MLS,
+>>>(12.l+31)	lelong	1		MLS,
+>>>(12.l+23)	lelong	2
+>>>>(12.l+47)	string	>\0		module name %s
+>>>(12.l+23)	lelong	1		base
+
+1	string	policy_module(	SE Linux policy module source
+2	string	policy_module(	SE Linux policy module source
+
+0	string	##\ <summary>	SE Linux policy interface source
+
+#0	search	gen_context(	SE Linux policy file contexts
+
+#0	search	gen_sens(	SE Linux policy MLS constraints source
diff --git a/magic/Magdir/sendmail b/magic/Magdir/sendmail
new file mode 100644
index 0000000..6808dbf
--- /dev/null
+++ b/magic/Magdir/sendmail
@@ -0,0 +1,37 @@
+
+#------------------------------------------------------------------------------
+# $File: sendmail,v 1.12 2022/10/31 13:22:26 christos Exp $
+# sendmail:  file(1) magic for sendmail config files
+#
+# XXX - byte order?
+#
+# Update: Joerg Jenderek
+# GRR: this test is too general as it catches also
+# READ.ME.FIRST.AWP Sendmail frozen configuration
+# - version ====|====|====|====|====|====|====|====|====|====|====|====|===
+# Email_23_f217153422.ts Sendmail frozen configuration
+# - version \330jK\354
+0	byte	046
+# https://www.sendmail.com/sm/open_source/docs/older_release_notes/
+# freezed configuration file (dbm format?) created from sendmail.cf with -bz
+# by older sendmail. til version 8.6 support for frozen configuration files is removed
+# valid version numbers look like "7.14.4" and should be similar to output of commands
+# "sendmail -d0 -bt < /dev/null |grep -i Version" or "egrep '^DZ' /etc/sendmail.cf"
+>16	regex/s	=^[0-78][0-9.]{4}	Sendmail frozen configuration
+# normally only /etc/sendmail.fc or /var/adm/sendmail/sendmail.fc
+!:ext fc
+>>16	string	>\0			- version %s
+0	short	0x271c
+# look for valid version number
+>16	regex/s	=^[0-78][0-9.]{4}	Sendmail frozen configuration
+!:ext fc
+>>16	string	>\0			- version %s
+
+#------------------------------------------------------------------------------
+# sendmail:  file(1) magic for sendmail m4(1) files
+#
+# From Hendrik Scholz <hendrik@scholz.net>
+# i.e. files in /usr/share/sendmail/cf/
+#
+0   string  divert(-1)\n    sendmail m4 text file
+
diff --git a/magic/Magdir/sequent b/magic/Magdir/sequent
new file mode 100644
index 0000000..da38de6
--- /dev/null
+++ b/magic/Magdir/sequent
@@ -0,0 +1,42 @@
+
+#------------------------------------------------------------------------------
+# $File: sequent,v 1.14 2019/04/19 00:42:27 christos Exp $
+# sequent:  file(1) magic for Sequent machines
+#
+# Sequent information updated by Don Dwiggins <atsun!dwiggins>.
+# For Sequent's multiprocessor systems (incomplete).
+0	lelong	0x00ea        	BALANCE NS32000 .o
+>16	lelong	>0		not stripped
+>124	lelong	>0		version %d
+0	lelong	0x10ea        	BALANCE NS32000 executable (0 @ 0)
+>16	lelong  >0            	not stripped
+>124	lelong	>0		version %d
+0	lelong	0x20ea        	BALANCE NS32000 executable (invalid @ 0)
+>16	lelong  >0            	not stripped
+>124	lelong	>0		version %d
+0	lelong	0x30ea        	BALANCE NS32000 standalone executable
+>16	lelong  >0          	not stripped
+>124	lelong	>0		version %d
+#
+# Symmetry information added by Jason Merrill <jason@jarthur.claremont.edu>.
+# Symmetry magic nums will not be reached if DOS COM comes before them;
+# byte 0xeb is matched before these get a chance.
+0	leshort	0x12eb		SYMMETRY i386 .o
+>16	lelong	>0		not stripped
+>124	lelong	>0		version %d
+0	leshort	0x22eb		SYMMETRY i386 executable (0 @ 0)
+>16	lelong	>0		not stripped
+>124	lelong	>0		version %d
+0	leshort	0x32eb		SYMMETRY i386 executable (invalid @ 0)
+>16	lelong	>0		not stripped
+>124	lelong	>0		version %d
+# https://en.wikipedia.org/wiki/Sequent_Computer_Systems
+# below test line conflicts with MS-DOS 2.11 floppies and Acronis loader
+#0	leshort	0x42eb		SYMMETRY i386 standalone executable
+0	leshort	0x42eb
+# skip unlike negative version
+>124	lelong	>-1
+# assuming version 28867614 is very low probable
+>>124	lelong	!28867614	SYMMETRY i386 standalone executable
+>>>16	lelong	>0		not stripped
+>>>124	lelong	>0		version %d
diff --git a/magic/Magdir/sereal b/magic/Magdir/sereal
new file mode 100644
index 0000000..ead78d5
--- /dev/null
+++ b/magic/Magdir/sereal
@@ -0,0 +1,35 @@
+
+#------------------------------------------------------------------------------
+# $File: sereal,v 1.3 2015/02/05 19:14:45 christos Exp $
+# sereal: file(1) magic the Sereal binary serialization format
+#
+# From: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
+#
+# See the specification of the format at
+# https://github.com/Sereal/Sereal/blob/master/sereal_spec.pod#document-header-format
+#
+# I'd have liked to do the byte&0xF0 matching against 0, 1, 2 ... by
+# doing (byte&0xF0)>>4 here, but unfortunately that's not
+# supported. So when we print out a message about an unknown format
+# we'll print out e.g. 0x30 instead of the more human-readable
+# 0x30>>4.
+#
+# See https://github.com/Sereal/Sereal/commit/35372ae01d in the
+# Sereal.git repository for test Sereal data.
+0	name		sereal
+>4	byte&0x0F	x		(version %d,
+>4	byte&0xF0	0x00		uncompressed)
+>4	byte&0xF0	0x10		compressed with non-incremental Snappy)
+>4	byte&0xF0	0x20		compressed with incremental Snappy)
+>4	byte&0xF0	>0x20		unknown subformat, flag: %d>>4)
+
+0	string/b	\=srl		Sereal data packet
+!:mime application/sereal
+>&0	use		sereal
+0	string/b	\=\xF3rl	Sereal data packet
+!:mime application/sereal
+>&0	use		sereal
+0	string/b	\=\xC3\xB3rl	Sereal data packet, UTF-8 encoded
+!:mime application/sereal
+>&0	use		sereal
+
diff --git a/magic/Magdir/sgi b/magic/Magdir/sgi
new file mode 100644
index 0000000..fe532e0
--- /dev/null
+++ b/magic/Magdir/sgi
@@ -0,0 +1,144 @@
+
+#------------------------------------------------------------------------------
+# $File: sgi,v 1.24 2021/09/13 13:23:53 christos Exp $
+# sgi:  file(1) magic for Silicon Graphics operating systems and applications
+#
+# Executable images are handled either in aout (for old-style a.out
+# files for 68K; they are indistinguishable from other big-endian 32-bit
+# a.out files) or in mips (for MIPS ECOFF and Ucode files)
+#
+
+# kbd file definitions
+0	string	kbd!map		kbd map file
+>8	byte	>0		Ver %d:
+>10	short	>0		with %d table(s)
+
+0	beshort	0x8765		disk quotas file
+
+0	beshort	0x0506		IRIS Showcase file
+>2	byte	0x49		-
+>3	byte	x		- version %d
+0	beshort	0x0226		IRIS Showcase template
+>2	byte	0x63		-
+>3	byte	x		- version %d
+0	belong	0x5343464d	IRIS Showcase file
+>4	byte	x		- version %d
+0	belong	0x5443464d	IRIS Showcase template
+>4	byte	x		- version %d
+0	belong	0xdeadbabe	IRIX Parallel Arena
+>8	belong	>0		- version %d
+
+# core files
+#
+# 32bit core file
+0	belong	0xdeadadb0	IRIX core dump
+>4	belong	1		of
+>16	string	>\0		'%s'
+# 64bit core file
+0	belong	0xdeadad40	IRIX 64-bit core dump
+>4	belong	1		of
+>16	string	>\0		'%s'
+# N32bit core file
+0       belong	0xbabec0bb	IRIX N32 core dump
+>4      belong	1               of
+>16     string	>\0             '%s'
+# New style crash dump file
+0	string	\x43\x72\x73\x68\x44\x75\x6d\x70	IRIX vmcore dump of
+>36	string	>\0					'%s'
+
+# Trusted IRIX info
+0	string	SGIAUDIT	SGI Audit file
+>8	byte	x		- version %d
+>9	byte	x		\b.%d
+#
+0	string	WNGZWZSC	Wingz compiled script
+0	string	WNGZWZSS	Wingz spreadsheet
+0	string	WNGZWZHP	Wingz help file
+#
+0	string	#Inventor\040V	IRIS Inventor 1.0 file
+0	string	#Inventor\040V2	Open Inventor 2.0 file
+# GLF is OpenGL stream encoding
+0	string	glfHeadMagic();		GLF_TEXT
+4	belong	0x7d000000		GLF_BINARY_LSB_FIRST
+!:strength -30
+4	belong	0x0000007d		GLF_BINARY_MSB_FIRST
+!:strength -30
+# GLS is OpenGL stream encoding; GLS is the successor of GLF
+0	string	glsBeginGLS(		GLS_TEXT
+4	belong	0x10000000		GLS_BINARY_LSB_FIRST
+!:strength -30
+4	belong	0x00000010		GLS_BINARY_MSB_FIRST
+!:strength -30
+
+# Performance Co-Pilot file types
+0	string	PmNs				PCP compiled namespace (V.0)
+0	string	PmN				PCP compiled namespace
+>3	string	>\0				(V.%1.1s)
+3	belong	0x84500526			PCP archive
+>7	byte	x				(V.%d)
+>20	belong	-2				temporal index
+>20	belong	-1				metadata
+>20	belong	0				log volume #0
+>20	belong	>0				log volume #%d
+>24	string	>\0				host: %s
+3	belong	0x28500526			PCP archive
+>7	byte	x				(V.%d)
+>24	belong	-2				temporal index
+>24	belong	-1				metadata
+>24	belong	0				log volume #0
+>24	belong	>0				log volume #%d
+>36	string	>\0				host: %s
+0	string	PCPFolio			PCP
+>9	string	Version:			Archive Folio
+>18	string	>\0				(V.%s)
+0	string	#pmchart			PCP pmchart view
+>9	string	Version
+>17	string	>\0				(V%-3.3s)
+0	string	#kmchart			PCP pmchart view
+>9	string	Version
+>17	string	>\0				(V.%s)
+0	string	pmview				PCP pmview config
+>7	string	Version
+>15	string	>\0				(V%-3.3s)
+0	string	#pmlogger			PCP pmlogger config
+>10	string	Version
+>18	string	>\0				(V%1.1s)
+0	string	#pmdahotproc			PCP pmdahotproc config
+>13	string	Version
+>21	string	>\0				(V%-3.3s)
+0	string	PcPh				PCP Help
+>4	string	1				Index
+>4	string	2				Text
+>5	string	>\0				(V.%1.1s)
+0	string	#pmieconf-rules			PCP pmieconf rules
+>16	string	>\0				(V.%1.1s)
+3	string	pmieconf-pmie			PCP pmie config
+>17	string	>\0				(V.%1.1s)
+0	string	#pmlogconf-setup		PCP pmlogconf config
+>17	string	>\0				(V.%1.1s)
+1	string	pmlogconf			PCP pmlogger config
+>11	string	>\0				(V.%1.1s)
+0	string	MMV				PCP memory mapped values
+>4	long	x				(V.%d)
+
+# SpeedShop data files
+0	lelong	0x13130303			SpeedShop data file
+
+# mdbm files
+0	lelong	0x01023962			mdbm file, version 0 (obsolete)
+0	string	mdbm				mdbm file,
+>5	byte	x				version %d,
+>6	byte	x				2^%d pages,
+>7	byte	x				pagesize 2^%d,
+>17	byte	x				hash %d,
+>11	byte	x				dataformat %d
+
+# Alias Maya files
+0	string/t	//Maya\040ASCII	Alias Maya Ascii File,
+>13	string	>\0	version %s
+8	string	MAYAFOR4	Alias Maya Binary File,
+>32	string	>\0	version %s scene
+8	string	MayaFOR4	Alias Maya Binary File,
+>32	string	>\0	version %s scene
+8	string	CIMG		Alias Maya Image File
+8	string	DEEP		Alias Maya Image File
diff --git a/magic/Magdir/sgml b/magic/Magdir/sgml
new file mode 100644
index 0000000..fb698a5
--- /dev/null
+++ b/magic/Magdir/sgml
@@ -0,0 +1,161 @@
+
+#------------------------------------------------------------------------------
+# $File: sgml,v 1.48 2023/01/18 16:10:21 christos Exp $
+# Type:	SVG Vectorial Graphics
+# From:	Noel Torres <tecnico@ejerciciosresueltos.com>
+0	string		\<?xml\ version=
+>14	regex		['"\ \t]*[0-9.]+['"\ \t]*
+>>19	search/4096	\<svg			SVG Scalable Vector Graphics image
+!:mime	image/svg+xml
+!:ext   svg
+>>19	search/4096	\<gnc-v2		GnuCash file
+!:mime	application/x-gnucash
+0	string		\<svg			SVG Scalable Vector Graphics image
+!:mime	image/svg+xml
+!:ext   svg
+
+# Sitemap file
+0	string/t		\<?xml\ version=
+>14	regex		['"\ \t]*[0-9.]+['"\ \t]*
+>>19	search/4096	\<urlset		XML Sitemap document text
+!:mime	application/xml-sitemap
+
+# OpenStreetMap XML (.osm)
+# https://wiki.openstreetmap.org/wiki/OSM_XML
+# From: Markus Heidelberg <markus.heidelberg@web.de>
+0	string		\<?xml\ version=
+>14	regex		['"\ \t]*[0-9.]+['"\ \t]*
+>>19	search/4096	\<osm			OpenStreetMap XML data
+
+# xhtml
+0	string/t		\<?xml\ version="
+>19	search/4096/cWbt	\<!doctype\ html	XHTML document text
+>>15	string		>\0	(version %.3s)
+!:mime	text/html
+0	string/t		\<?xml\ version='
+>19	search/4096/cWbt	\<!doctype\ html	XHTML document text
+>>15	string		>\0	(version %.3s)
+!:mime	text/html
+0	string/t		\<?xml\ version="
+>19	search/4096/cWbt	\<html	broken XHTML document text
+>>15	string		>\0	(version %.3s)
+!:mime	text/html
+
+#------------------------------------------------------------------------------
+# sgml:  file(1) magic for Standard Generalized Markup Language
+# HyperText Markup Language (HTML) is an SGML document type,
+# from Daniel Quinlan (quinlan@yggdrasil.com)
+# adapted to string extensions by Anthon van der Neut <anthon@mnt.org)
+0	search/4096/cWt	\<!doctype\ html	HTML document text
+!:mime	text/html
+!:strength + 5
+
+# avoid misdetection as JavaScript
+0	string/cWt	\<!doctype\ html	HTML document text
+!:mime	text/html
+0	string/ct	\<html>	HTML document text
+!:mime	text/html
+0	string/ct	\<!--
+>&0	search/4096/cWt	\<!doctype\ html	HTML document text
+!:mime	text/html
+>&0	search/4096/ct	\<html>	HTML document text
+!:mime	text/html
+
+# SVG document
+# https://www.w3.org/TR/SVG/single-page.html
+0	search/4096/cWbt	\<!doctype\ svg	SVG XML document
+!:mime  image/svg+xml
+!:strength + 15
+
+0	search/4096/cwt	\<head\>		HTML document text
+!:mime	text/html
+!:strength + 15
+0	search/4096/cWt	\<head\ 		HTML document text
+!:mime	text/html
+!:strength + 15
+0	search/4096/cwt	\<title\>		HTML document text
+!:mime	text/html
+!:strength + 15
+0	search/4096/cWt	\<title\ 		HTML document text
+!:mime	text/html
+!:strength + 15
+0	search/4096/cwt	\<html\>		HTML document text
+!:mime	text/html
+!:strength + 15
+0	search/4096/cWt	\<html\ 		HTML document text
+!:mime	text/html
+!:strength + 15
+0	search/4096/cwt	\<script\> 		HTML document text
+!:mime	text/html
+!:strength + 15
+0	search/4096/cWt	\<script\ 		HTML document text
+!:mime	text/html
+!:strength + 15
+0	search/4096/cwt	\<style\> 		HTML document text
+!:mime	text/html
+!:strength + 15
+0	search/4096/cWt	\<style\  		HTML document text
+!:mime	text/html
+!:strength + 15
+0	search/4096/cwt	\<table\>		HTML document text
+!:mime	text/html
+!:strength + 15
+0	search/4096/cWt	\<table\ 		HTML document text
+!:mime	text/html
+!:strength + 15
+
+0	search/4096/cwt	\<a\ href=		HTML document text
+!:mime	text/html
+!:strength + 15
+
+# Extensible markup language (XML), a subset of SGML
+# from Marc Prud'hommeaux (marc@apocalypse.org)
+0	search/1/cwt	\<?xml			XML document text
+!:mime	text/xml
+!:strength + 15
+0	string/t		\<?xml\ version\ "	XML
+!:mime	text/xml
+!:strength + 15
+0	string/t		\<?xml\ version="	XML
+!:mime	text/xml
+!:strength + 15
+>15	string/t	>\0			%.3s document text
+>>23	search/1	\<xsl:stylesheet	(XSL stylesheet)
+>>24	search/1	\<xsl:stylesheet	(XSL stylesheet)
+0	string/t	\<?xml\ version='	XML
+!:mime	text/xml
+!:strength + 15
+>15	string/t	>\0			%.3s document text
+>>23	search/1	\<xsl:stylesheet	(XSL stylesheet)
+>>24	search/1	\<xsl:stylesheet	(XSL stylesheet)
+0	search/1/wt	\<?XML			broken XML document text
+!:mime	text/xml
+!:strength - 10
+
+
+# SGML, mostly from rph@sq
+0	search/4096/cwt	\<!doctype		exported SGML document text
+0	search/4096/cwt	\<!subdoc		exported SGML subdocument text
+0	search/4096/cwt	\<!--			exported SGML document text
+!:strength - 10
+
+# Web browser cookie files
+# (Mozilla, Galeon, Netscape 4, Konqueror..)
+# Ulf Harnhammar <ulfh@update.uu.se>
+0	search/1	#\ HTTP\ Cookie\ File	Web browser cookie text
+0	search/1	#\ Netscape\ HTTP\ Cookie\ File	Netscape cookie text
+0	search/1	#\ KDE\ Cookie\ File	Konqueror cookie text
+
+# XML-based format representing braille pages in a digital format.
+#
+# Specification:
+# http://files.pef-format.org/specifications/pef-2008-1/pef-specification.html
+#
+# Simon Aittamaa <simon.aittamaa@gmail.com>
+0	string		\<?xml\ version=
+>14	regex		['"\ \t]*[0-9.]+['"\ \t]*
+>>19    search/4096	\<pef           Portable Embosser Format
+!:mime  application/x-pef+xml
+
+# https://www.qgis.org/en/site/
+0	string		\<!DOCTYPE\040qgis	QGIS XML document
diff --git a/magic/Magdir/sharc b/magic/Magdir/sharc
new file mode 100644
index 0000000..e54088b
--- /dev/null
+++ b/magic/Magdir/sharc
@@ -0,0 +1,23 @@
+
+#------------------------------------------------------------------------
+# $File: sharc,v 1.8 2017/03/17 21:35:28 christos Exp $
+# file(1) magic for sharc files
+#
+# SHARC DSP, MIDI SysEx and RiscOS filetype definitions added by
+# FutureGroove Music (dsp@futuregroove.de)
+
+#------------------------------------------------------------------------
+#0	string			Draw		RiscOS Drawfile
+#0	string			PACK		RiscOS PackdDir archive
+
+#------------------------------------------------------------------------
+# SHARC DSP stuff (based on the FGM SHARC DSP SDK)
+
+#0	string			=!		Assembler source
+#0	string			Analog		ADi asm listing file
+0	string			.SYSTEM		SHARC architecture file
+0	string			.system		SHARC architecture file
+
+0	leshort			0x521C		SHARC COFF binary
+>2	leshort			>1		, %d sections
+>>12	lelong			>0		, not stripped
diff --git a/magic/Magdir/sinclair b/magic/Magdir/sinclair
new file mode 100644
index 0000000..608d779
--- /dev/null
+++ b/magic/Magdir/sinclair
@@ -0,0 +1,40 @@
+
+#------------------------------------------------------------------------------
+# $File: sinclair,v 1.7 2021/04/27 20:35:51 christos Exp $
+# sinclair:  file(1) sinclair QL
+
+# additions to /etc/magic by Thomas M. Ott (ThMO)
+
+# Sinclair QL floppy disk formats (ThMO)
+0	string	=QL5		QL disk dump data,
+>3	string	=A		720 KB,
+>3	string	=B		1.44 MB,
+>3	string	=C		3.2 MB,
+>4	string	>\0		label:%.10s
+
+# Sinclair QL OS dump (ThMO)
+0		belong	=0x30000
+>49124		belong	<47104
+>>49128		belong	<47104
+>>>49132	belong	<47104
+>>>>49136	belong	<47104	QL OS dump data,
+>>>>>49148	string	>\0	type %.3s,
+>>>>>49142	string	>\0	version %.4s
+
+# Sinclair QL firmware executables (ThMO)
+0	string	NqNqNq`\004	QL firmware executable (BCPL)
+
+# Sinclair QL libraries (was ThMO)
+0	beshort	0xFB01		QDOS object
+>2	pstring	x		'%s'
+
+# Sinclair QL executables (was ThMO)
+4	belong	0x4AFB		QDOS executable
+>9	pstring	x		'%s'
+6	beshort	0x4AFB		QDOS executable
+>9	pstring	x		'%s'
+
+# Sinclair QL ROM (ThMO)
+0	belong	=0x4AFB0001	QL plugin-ROM data,
+>9	pstring	=\0		un-named
+>9	pstring	>\0		named: %s
diff --git a/magic/Magdir/sisu b/magic/Magdir/sisu
new file mode 100644
index 0000000..ba7104f
--- /dev/null
+++ b/magic/Magdir/sisu
@@ -0,0 +1,18 @@
+# Type: SiSU Markup Language
+# URL:  http://www.sisudoc.org/
+# From: Ralph Amissah <ralph.amissah@gmail.com>
+
+0	regex	\^%?[\ \t]*SiSU[\ \t]+insert	SiSU text insert
+>5	regex	[0-9.]+				%s
+
+0	regex	\^%[\ \t]+SiSU[\ \t]+master	SiSU text master
+>5	regex	[0-9.]+				%s
+
+0	regex	\^%?[\ \t]*SiSU[\ \t]+text	SiSU text
+>5	regex	[0-9.]+				%s
+
+0	regex	\^%?[\ \t]*SiSU[\ \t][0-9.]+	SiSU text
+>5	regex	[0-9.]+				%s
+
+0	regex	\^%*[\ \t]*sisu-[0-9.]+		SiSU text
+>5	regex	[0-9.]+				%s
diff --git a/magic/Magdir/sketch b/magic/Magdir/sketch
new file mode 100644
index 0000000..ee731dd
--- /dev/null
+++ b/magic/Magdir/sketch
@@ -0,0 +1,6 @@
+
+#------------------------------------------------------------------------------
+# $File: sketch,v 1.5 2017/03/17 21:35:28 christos Exp $
+# Sketch Drawings: http://sketch.sourceforge.net/
+# From: Edwin Mons <e@ik.nu>
+0	search/1	##Sketch	Sketch document text
diff --git a/magic/Magdir/smalltalk b/magic/Magdir/smalltalk
new file mode 100644
index 0000000..9ff2c6b
--- /dev/null
+++ b/magic/Magdir/smalltalk
@@ -0,0 +1,25 @@
+
+#-----------------------------------------------
+# $File: smalltalk,v 1.5 2009/09/19 16:28:12 christos Exp $
+# GNU Smalltalk image, starting at version 1.6.2
+# From: catull_us@yahoo.com
+#
+0	string	GSTIm\0\0	GNU SmallTalk
+# little-endian
+>7	byte&1	=0		LE image version
+>>10	byte	x		%d.
+>>9	byte	x		\b%d.
+>>8	byte	x		\b%d
+#>>12	lelong	x		, data: %ld
+#>>16	lelong	x		, table: %ld
+#>>20	lelong	x		, memory: %ld
+# big-endian
+>7	byte&1	=1		BE image version
+>>8	byte	x		%d.
+>>9	byte	x		\b%d.
+>>10	byte	x		\b%d
+#>>12	belong	x		, data: %ld
+#>>16	belong	x		, table: %ld
+#>>20	belong	x		, memory: %ld
+
+
diff --git a/magic/Magdir/smile b/magic/Magdir/smile
new file mode 100644
index 0000000..d196de5
--- /dev/null
+++ b/magic/Magdir/smile
@@ -0,0 +1,34 @@
+
+#------------------------------------------------------------------------------
+# $File: smile,v 1.1 2011/08/17 17:37:18 christos Exp $
+# smile:  file(1) magic for Smile serialization
+#
+# The Smile serialization format uses a 4-byte header:
+#
+#   Constant byte #0: 0x3A (ASCII ':')
+#   Constant byte #1: 0x29 (ASCII ')')
+#   Constant byte #2: 0x0A (ASCII linefeed, '\n')
+#   Variable byte #3, consisting of bits:
+#     Bits 4-7 (4 MSB): 4-bit version number
+#     Bits 3: Reserved
+#     Bit 2 (mask 0x04): Whether raw binary (unescaped 8-bit) values may be present in content
+#     Bit 1 (mask 0x02): Whether shared String value checking was enabled during encoding, default false
+#     Bit 0 (mask 0x01): Whether shared property name checking was enabled during encoding, default true
+#
+# Reference: http://wiki.fasterxml.com/SmileFormatSpec
+# Created by: Pierre-Alexandre Meyer <pierre@mouraf.org>
+
+# Detection
+0	string		:)\n	Smile binary data
+
+# Versioning
+>3	byte&0xF0	x		version %d:
+
+# Properties
+>3	byte&0x04	0x04		binary raw,
+>3	byte&0x04	0x00		binary encoded,
+>3	byte&0x02	0x02		shared String values enabled,
+>3	byte&0x02	0x00		shared String values disabled,
+>3	byte&0x01	0x01		shared field names enabled
+>3	byte&0x01	0x00		shared field names disabled
+
diff --git a/magic/Magdir/sniffer b/magic/Magdir/sniffer
new file mode 100644
index 0000000..751d197
--- /dev/null
+++ b/magic/Magdir/sniffer
@@ -0,0 +1,482 @@
+
+#------------------------------------------------------------------------------
+# $File: sniffer,v 1.34 2022/12/14 18:27:36 christos Exp $
+# sniffer:  file(1) magic for packet capture files
+#
+# From: guy@alum.mit.edu (Guy Harris)
+#
+
+#
+# Microsoft Network Monitor 1.x capture files.
+#
+0	string		RTSS		NetMon capture file
+>5	byte		x		- version %d
+>4	byte		x		\b.%d
+>6	leshort		0		(Unknown)
+>6	leshort		1		(Ethernet)
+>6	leshort		2		(Token Ring)
+>6	leshort		3		(FDDI)
+>6	leshort		4		(ATM)
+>6	leshort		>4		(type %d)
+
+#
+# Microsoft Network Monitor 2.x capture files.
+#
+0	string		GMBU		NetMon capture file
+>5	byte		x		- version %d
+>4	byte		x		\b.%d
+>6	leshort		0		(Unknown)
+>6	leshort		1		(Ethernet)
+>6	leshort		2		(Token Ring)
+>6	leshort		3		(FDDI)
+>6	leshort		4		(ATM)
+>6	leshort		5		(IP-over-IEEE 1394)
+>6	leshort		6		(802.11)
+>6	leshort		7		(Raw IP)
+>6	leshort		8		(Raw IP)
+>6	leshort		9		(Raw IP)
+>6	leshort		>9		(type %d)
+
+#
+# Network General Sniffer capture files.
+# Sorry, make that "Network Associates Sniffer capture files."
+# Sorry, make that "Network General old DOS Sniffer capture files."
+#
+0	string		TRSNIFF\040data\040\040\040\040\032	Sniffer capture file
+>33	byte		2		(compressed)
+>23	leshort		x		- version %d
+>25	leshort		x		\b.%d
+>32	byte		0		(Token Ring)
+>32	byte		1		(Ethernet)
+>32	byte		2		(ARCNET)
+>32	byte		3		(StarLAN)
+>32	byte		4		(PC Network broadband)
+>32	byte		5		(LocalTalk)
+>32	byte		6		(Znet)
+>32	byte		7		(Internetwork Analyzer)
+>32	byte		9		(FDDI)
+>32	byte		10		(ATM)
+
+#
+# Cinco Networks NetXRay capture files.
+# Sorry, make that "Network General Sniffer Basic capture files."
+# Sorry, make that "Network Associates Sniffer Basic capture files."
+# Sorry, make that "Network Associates Sniffer Basic, and Windows
+# Sniffer Pro", capture files."
+# Sorry, make that "Network General Sniffer capture files."
+# Sorry, make that "NetScout Sniffer capture files."
+#
+0	string		XCP\0		NetXRay capture file
+>4	string		>\0		- version %s
+>44	leshort		0		(Ethernet)
+>44	leshort		1		(Token Ring)
+>44	leshort		2		(FDDI)
+>44	leshort		3		(WAN)
+>44	leshort		8		(ATM)
+>44	leshort		9		(802.11)
+
+#
+# "libpcap" capture files.
+# https://www.tcpdump.org/manpages/pcap-savefile.5.html
+# (We call them "tcpdump capture file(s)" for now, as "tcpdump" is
+# the main program that uses that format, but there are other programs
+# that use "libpcap", or that use the same capture file format.)
+#
+0	name		pcap-be
+>4	beshort		x		- version %d
+>6	beshort		x		\b.%d
+# clear that continuation level match
+>20	clear		x
+>20	belong&0x03FFFFFF		0		(No link-layer encapsulation
+>20	belong&0x03FFFFFF		1		(Ethernet
+>20	belong&0x03FFFFFF		2		(3Mb Ethernet
+>20	belong&0x03FFFFFF		3		(AX.25
+>20	belong&0x03FFFFFF		4		(ProNET
+>20	belong&0x03FFFFFF		5		(CHAOS
+>20	belong&0x03FFFFFF		6		(Token Ring
+>20	belong&0x03FFFFFF		7		(BSD ARCNET
+>20	belong&0x03FFFFFF		8		(SLIP
+>20	belong&0x03FFFFFF		9		(PPP
+>20	belong&0x03FFFFFF		10		(FDDI
+>20	belong&0x03FFFFFF		11		(RFC 1483 ATM
+>20	belong&0x03FFFFFF		12		(Raw IP
+>20	belong&0x03FFFFFF		13		(BSD/OS SLIP
+>20	belong&0x03FFFFFF		14		(BSD/OS PPP
+>20	belong&0x03FFFFFF		19		(Linux ATM Classical IP
+>20	belong&0x03FFFFFF		50		(PPP or Cisco HDLC
+>20	belong&0x03FFFFFF		51		(PPP-over-Ethernet
+>20	belong&0x03FFFFFF		99		(Symantec Enterprise Firewall
+>20	belong&0x03FFFFFF		100		(RFC 1483 ATM
+>20	belong&0x03FFFFFF		101		(Raw IP
+>20	belong&0x03FFFFFF		102		(BSD/OS SLIP
+>20	belong&0x03FFFFFF		103		(BSD/OS PPP
+>20	belong&0x03FFFFFF		104		(BSD/OS Cisco HDLC
+>20	belong&0x03FFFFFF		105		(802.11
+>20	belong&0x03FFFFFF		106		(Linux Classical IP over ATM
+>20	belong&0x03FFFFFF		107		(Frame Relay
+>20	belong&0x03FFFFFF		108		(OpenBSD loopback
+>20	belong&0x03FFFFFF		109		(OpenBSD IPsec encrypted
+>20	belong&0x03FFFFFF		112		(Cisco HDLC
+>20	belong&0x03FFFFFF		113		(Linux cooked v1
+>20	belong&0x03FFFFFF		114		(LocalTalk
+>20	belong&0x03FFFFFF		117		(OpenBSD PFLOG
+>20	belong&0x03FFFFFF		119		(802.11 with Prism header
+>20	belong&0x03FFFFFF		122		(RFC 2625 IP over Fibre Channel
+>20	belong&0x03FFFFFF		123		(SunATM
+>20	belong&0x03FFFFFF		127		(802.11 with radiotap header
+>20	belong&0x03FFFFFF		129		(Linux ARCNET
+>20	belong&0x03FFFFFF		130		(Juniper Multi-Link PPP
+>20	belong&0x03FFFFFF		131		(Juniper Multi-Link Frame Relay
+>20	belong&0x03FFFFFF		132		(Juniper Encryption Services PIC
+>20	belong&0x03FFFFFF		133		(Juniper GGSN PIC
+>20	belong&0x03FFFFFF		134		(Juniper FRF.16 Frame Relay
+>20	belong&0x03FFFFFF		135		(Juniper ATM2 PIC
+>20	belong&0x03FFFFFF		136		(Juniper Advanced Services PIC
+>20	belong&0x03FFFFFF		137		(Juniper ATM1 PIC
+>20	belong&0x03FFFFFF		138		(Apple IP over IEEE 1394
+>20	belong&0x03FFFFFF		139		(SS7 MTP2 with pseudo-header
+>20	belong&0x03FFFFFF		140		(SS7 MTP2
+>20	belong&0x03FFFFFF		141		(SS7 MTP3
+>20	belong&0x03FFFFFF		142		(SS7 SCCP
+>20	belong&0x03FFFFFF		143		(DOCSIS
+>20	belong&0x03FFFFFF		144		(Linux IrDA
+>20	belong&0x03FFFFFF		147		(Private use 0
+>20	belong&0x03FFFFFF		148		(Private use 1
+>20	belong&0x03FFFFFF		149		(Private use 2
+>20	belong&0x03FFFFFF		150		(Private use 3
+>20	belong&0x03FFFFFF		151		(Private use 4
+>20	belong&0x03FFFFFF		152		(Private use 5
+>20	belong&0x03FFFFFF		153		(Private use 6
+>20	belong&0x03FFFFFF		154		(Private use 7
+>20	belong&0x03FFFFFF		155		(Private use 8
+>20	belong&0x03FFFFFF		156		(Private use 9
+>20	belong&0x03FFFFFF		157		(Private use 10
+>20	belong&0x03FFFFFF		158		(Private use 11
+>20	belong&0x03FFFFFF		159		(Private use 12
+>20	belong&0x03FFFFFF		160		(Private use 13
+>20	belong&0x03FFFFFF		161		(Private use 14
+>20	belong&0x03FFFFFF		162		(Private use 15
+>20	belong&0x03FFFFFF		163		(802.11 with AVS header
+>20	belong&0x03FFFFFF		164		(Juniper Passive Monitor PIC
+>20	belong&0x03FFFFFF		165		(BACnet MS/TP
+>20	belong&0x03FFFFFF		166		(PPPD
+>20	belong&0x03FFFFFF		167		(Juniper PPPoE
+>20	belong&0x03FFFFFF		168		(Juniper PPPoE/ATM
+>20	belong&0x03FFFFFF		169		(GPRS LLC
+>20	belong&0x03FFFFFF		170		(GPF-T
+>20	belong&0x03FFFFFF		171		(GPF-F
+>20	belong&0x03FFFFFF		174		(Juniper PIC Peer
+>20	belong&0x03FFFFFF		175		(Ethernet with Endace ERF header
+>20	belong&0x03FFFFFF		176		(Packet-over-SONET with Endace ERF header
+>20	belong&0x03FFFFFF		177		(Linux LAPD
+>20	belong&0x03FFFFFF		178		(Juniper Ethernet
+>20	belong&0x03FFFFFF		179		(Juniper PPP
+>20	belong&0x03FFFFFF		180		(Juniper Frame Relay
+>20	belong&0x03FFFFFF		181		(Juniper C-HDLC
+>20	belong&0x03FFFFFF		182		(FRF.16 Frame Relay
+>20	belong&0x03FFFFFF		183		(Juniper Voice PIC
+>20	belong&0x03FFFFFF		184		(Arinc 429
+>20	belong&0x03FFFFFF		185		(Arinc 653 Interpartition Communication
+>20	belong&0x03FFFFFF		186		(USB with FreeBSD header
+>20	belong&0x03FFFFFF		187		(Bluetooth HCI H4
+>20	belong&0x03FFFFFF		188		(802.16 MAC Common Part Sublayer
+>20	belong&0x03FFFFFF		189		(Linux USB
+>20	belong&0x03FFFFFF		190		(Controller Area Network (CAN) v. 2.0B
+>20	belong&0x03FFFFFF		191		(802.15.4 with Linux padding
+>20	belong&0x03FFFFFF		192		(PPI
+>20	belong&0x03FFFFFF		193		(802.16 MAC Common Part Sublayer plus radiotap header
+>20	belong&0x03FFFFFF		194		(Juniper Integrated Service Module
+>20	belong&0x03FFFFFF		195		(802.15.4 with FCS
+>20	belong&0x03FFFFFF		196		(SITA
+>20	belong&0x03FFFFFF		197		(Endace ERF
+>20	belong&0x03FFFFFF		198		(Ethernet with u10 Networks pseudo-header
+>20	belong&0x03FFFFFF		199		(IPMB
+>20	belong&0x03FFFFFF		200		(Juniper Secure Tunnel
+>20	belong&0x03FFFFFF		201		(Bluetooth HCI H4 with pseudo-header
+>20	belong&0x03FFFFFF		202		(AX.25 with KISS header
+>20	belong&0x03FFFFFF		203		(LAPD
+>20	belong&0x03FFFFFF		204		(PPP with direction pseudo-header
+>20	belong&0x03FFFFFF		205		(Cisco HDLC with direction pseudo-header
+>20	belong&0x03FFFFFF		206		(Frame Relay with direction pseudo-header
+>20	belong&0x03FFFFFF		209		(Linux IPMB
+>20	belong&0x03FFFFFF		215		(802.15.4 with non-ASK PHY header
+>20	belong&0x03FFFFFF		216		(Linux evdev events
+>20	belong&0x03FFFFFF		219		(MPLS with label as link-layer header
+>20	belong&0x03FFFFFF		220		(Memory-mapped Linux USB
+>20	belong&0x03FFFFFF		221		(DECT
+>20	belong&0x03FFFFFF		222		(AOS Space Data Link protocol
+>20	belong&0x03FFFFFF		223		(Wireless HART
+>20	belong&0x03FFFFFF		224		(Fibre Channel FC-2
+>20	belong&0x03FFFFFF		225		(Fibre Channel FC-2 with frame delimiters
+>20	belong&0x03FFFFFF		226		(Solaris IPNET
+>20	belong&0x03FFFFFF		227		(SocketCAN
+>20	belong&0x03FFFFFF		228		(Raw IPv4
+>20	belong&0x03FFFFFF		229		(Raw IPv6
+>20	belong&0x03FFFFFF		230		(802.15.4 without FCS
+>20	belong&0x03FFFFFF		231		(D-Bus messages
+>20	belong&0x03FFFFFF		232		(Juniper Virtual Server
+>20	belong&0x03FFFFFF		233		(Juniper SRX E2E
+>20	belong&0x03FFFFFF		234		(Juniper Fibre Channel
+>20	belong&0x03FFFFFF		235		(DVB-CI
+>20	belong&0x03FFFFFF		236		(MUX27010
+>20	belong&0x03FFFFFF		237		(STANAG 5066 D_PDUs
+>20	belong&0x03FFFFFF		238		(Juniper ATM CEMIC
+>20	belong&0x03FFFFFF		239		(Linux netfilter log messages
+>20	belong&0x03FFFFFF		240		(Hilscher netAnalyzer
+>20	belong&0x03FFFFFF		241		(Hilscher netAnalyzer with delimiters
+>20	belong&0x03FFFFFF		242		(IP-over-Infiniband
+>20	belong&0x03FFFFFF		243		(MPEG-2 Transport Stream packets
+>20	belong&0x03FFFFFF		244		(ng4t ng40
+>20	belong&0x03FFFFFF		245		(NFC LLCP
+>20	belong&0x03FFFFFF		246		(Packet filter state syncing
+>20	belong&0x03FFFFFF		247		(InfiniBand
+>20	belong&0x03FFFFFF		248		(SCTP
+>20	belong&0x03FFFFFF		249		(USB with USBPcap header
+>20	belong&0x03FFFFFF		250		(Schweitzer Engineering Laboratories RTAC packets
+>20	belong&0x03FFFFFF		251		(Bluetooth Low Energy air interface
+>20	belong&0x03FFFFFF		252		(Wireshark Upper PDU export
+>20	belong&0x03FFFFFF		253		(Linux netlink
+>20	belong&0x03FFFFFF		254		(Bluetooth Linux Monitor
+>20	belong&0x03FFFFFF		255		(Bluetooth Basic Rate/Enhanced Data Rate baseband packets
+>20	belong&0x03FFFFFF		256		(Bluetooth Low Energy air interface with pseudo-header
+>20	belong&0x03FFFFFF		257		(PROFIBUS data link layer
+>20	belong&0x03FFFFFF		258		(Apple DLT_PKTAP
+>20	belong&0x03FFFFFF		259		(Ethernet with 802.3 Clause 65 EPON preamble
+>20	belong&0x03FFFFFF		260		(IPMI trace packets
+>20	belong&0x03FFFFFF		261		(Z-Wave RF profile R1 and R2 packets
+>20	belong&0x03FFFFFF		262		(Z-Wave RF profile R3 packets
+>20	belong&0x03FFFFFF		263		(WattStopper Digital Lighting Mngmt/Legrand Nitoo Open Proto
+>20	belong&0x03FFFFFF		264		(ISO 14443 messages
+>20	belong&0x03FFFFFF		265		(IEC 62106 Radio Data System groups
+>20	belong&0x03FFFFFF		266		(USB with Darwin header
+>20	belong&0x03FFFFFF		267		(OpenBSD DLT_OPENFLOW
+>20	belong&0x03FFFFFF		268		(IBM SDLC frames
+>20	belong&0x03FFFFFF		269		(TI LLN sniffer frames
+>20	belong&0x03FFFFFF		271		(Linux vsock
+>20	belong&0x03FFFFFF		272		(Nordic Semiconductor Bluetooth LE sniffer frames
+>20	belong&0x03FFFFFF		273		(Excentis XRA-31 DOCSIS 3.1 RF sniffer frames
+>20	belong&0x03FFFFFF		274		(802.3br mPackets
+>20	belong&0x03FFFFFF		275		(DisplayPort AUX channel monitoring data
+>20	belong&0x03FFFFFF		276		(Linux cooked v2
+>20	belong&0x03FFFFFF		278		(OpenVizsla USB
+>20	belong&0x03FFFFFF		279		(Elektrobit High Speed Capture and Replay (EBHSCR)
+>20	belong&0x03FFFFFF		281		(Broadcom tag
+>20	belong&0x03FFFFFF		282		(Broadcom tag (prepended)
+>20	belong&0x03FFFFFF		283		(802.15.4 with TAP
+>20	belong&0x03FFFFFF		284		(Marvell DSA
+>20	belong&0x03FFFFFF		285		(Marvell EDSA
+>20	belong&0x03FFFFFF		286		(ELEE lawful intercept
+>20	belong&0x03FFFFFF		287		(Z-Wave serial
+>20	belong&0x03FFFFFF		288		(USB 2.0
+>20	belong&0x03FFFFFF		289		(ATSC ALP
+>20	belong&0x03FFFFFF		290		(Event Tracing for Windows
+>20	belong&0x03FFFFFF		291		(Hilscher netANALYZER NG pseudo-footer
+>20	belong&0x03FFFFFF		292		(ZBOSS NCP protocol with pseudo-header
+>20	belong&0x03FFFFFF		293		(Low-Speed USB 2.0/1.1/1.0
+>20	belong&0x03FFFFFF		294		(Full-Speed USB 2.0/1.1/1.0
+>20	belong&0x03FFFFFF		295		(High-Speed USB 2.0
+# print default match
+>20	default		x
+>>20	belong		x		(linktype#%u
+>16	belong		x		\b, capture length %u)
+
+# packets time stamps in seconds and microseconds.
+0	ubelong		0xa1b2c3d4	pcap capture file, microseconds ts (big-endian)
+!:mime	application/vnd.tcpdump.pcap
+>0	use	pcap-be
+0	ulelong		0xa1b2c3d4	pcap capture file, microsecond ts (little-endian)
+!:mime	application/vnd.tcpdump.pcap
+>0	use	\^pcap-be
+
+# packets time stamps in seconds and nanoseconds.
+0	ubelong		0xa1b23c4d	pcap capture file, nanosecond ts (big-endian)
+!:mime	application/vnd.tcpdump.pcap
+>0	use	pcap-be
+0	ulelong		0xa1b23c4d	pcap capture file, nanosecond ts (little-endian)
+!:mime	application/vnd.tcpdump.pcap
+>0	use	\^pcap-be
+
+#
+# "libpcap"-with-Alexey-Kuznetsov's-patches capture files.
+#
+0	ubelong		0xa1b2cd34	pcap capture file, microsecond ts, extensions (big-endian)
+>0	use	pcap-be
+0	ulelong		0xa1b2cd34	pcap capture file, microsecond ts, extensions (little-endian)
+>0	use	\^pcap-be
+
+#
+# "pcapng" capture files.
+# https://github.com/pcapng/pcapng
+# Pcapng files can contain multiple sections. Printing the endianness,
+# snaplen, or other information from the first SHB may be misleading.
+#
+0	ubelong		0x0a0d0d0a
+>8	ubelong		0x1a2b3c4d	pcapng capture file
+>>12	beshort		x		- version %d
+>>14	beshort		x		\b.%d
+0	ulelong		0x0a0d0d0a
+>8	ulelong		0x1a2b3c4d	pcapng capture file
+>>12	leshort		x		- version %d
+>>14	leshort		x		\b.%d
+
+#
+# AIX "iptrace" capture files.
+#
+0	string		iptrace\0401.0	AIX iptrace capture file
+0	string		iptrace\0402.0	AIX iptrace capture file
+
+#
+# Novell LANalyzer capture files.
+# URL:		http://www.blacksheepnetworks.com/security/info/nw/lan/trace.txt
+# Reference:	https://github.com/wireshark/wireshark/blob/master/wiretap/lanalyzer.c
+# Update:	Joerg Jenderek
+# 
+# regular trace header record (RT_HeaderRegular)
+0	leshort		0x1001
+# GRR: line above is too generic because it matches Commodore Plus/4 BASIC V3.5
+# and VIC-20 BASIC V2 program
+# skip many Commodore Basic program (Microzodiac.prg Minefield.prg Vic-tac-toe.prg breakvic_joy.prg)
+# with invalid second record type 0 instead of "Trace receive channel name record"
+>(2.s+4)	leshort	=0x1006h
+>>0	use	novell-lanalyzer
+# cyclic trace header record (RT_HeaderCyclic)
+0	leshort		0x1007
+>0	use	novell-lanalyzer
+0	name	novell-lanalyzer
+>0	leshort		x		Novell LANalyzer capture file
+# https://reposcope.com/mimetype/application/x-lanalyzer
+!:mime	application/x-lanalyzer
+# maybe also TR2 .. TR9 TRA .. TRZ
+!:ext	tr1
+# version like: 1.5
+>4		ubyte	x		\b, version %u
+# minor version; one byte identifying the trace file minor version number
+>5		ubyte	x		\b.%u
+# Trace header record type like: 1001~regular or 1007~cyclic
+>0	leshort		!0x1001		\b, record type %4.4x
+# record_length[2] is the length of the data part of 1st reorcd (without "type" and "length" fields) like: 4Ch
+>2		leshort	x		\b, record length %#x
+# second record type like: 1006h~Trace receive channel name record
+>(2.s+4)	leshort	!0x1006h	\b, 2nd record type %#4.4x
+>(2.s+6)	leshort	x		\b, 2nd record length %#x
+# each channel name is a null-terminated, eight-byte ASCII string like: Channel1
+>(2.s+8)	string	x		\b, names %.9s
+# 2nd channel name like: Channel2
+>(2.s+17)	string	x		%.9s ...
+
+#
+# HP-UX "nettl" capture files.
+# URL:		https://nixdoc.net/man-pages/HP-UX/man1m/nettl.1m.html
+# Reference:	https://github.com/wireshark/wireshark/blob/master/wiretap/nettl.c
+# Update:	Joerg Jenderek
+# Note:		Wireshark fills "meta information header fields" with "dummy" values 
+# nettl_magic_hpux9[12]; for HP-UX 9.x not tested
+0	string		\x00\x00\x00\x01\x00\x00\x00\x00\x00\x07\xD0\x00	HP/UX 9.x nettl capture file
+!:mime	application/x-nettl
+!:ext	trc0/trc1
+# nettl_magic_hpux10[12]; for HP-UX 10.x and 11.x
+0	string		\x54\x52\x00\x64\x00	HP/UX nettl capture file
+# https://reposcope.com/mimetype/application/x-nettl
+!:mime	application/x-nettl
+# maybe also TRC000 TRC001 TRC002 ...
+!:ext	trc0/trc1
+# file_name[56]; maybe also like /tmp/raw.tr.TRC000
+>12	string		!/tmp/wireshark.TRC000
+>>12	string		x			"%-.56s"
+# tz[20]; like UTC
+>68	string		!UTC			\b, tz
+>>68	string		x			%-.20s
+# host_name[9];
+>88	string		>\0			\b, host %-.9s
+# os_vers[9]; like B.11.11
+>97	string		!B.11.11		\b, os
+>>97	string		x			%-.9s
+# os_v; like 55h
+>>106	ubyte		x			(%#x)
+# xxa[8]; like 0
+>107	ubequad		!0			\b, xxa=%#16.16llx
+# model[11] like: 9000/800
+>115	string		!9000/800		\b, model
+>>115	string		x			%-.11s
+# unknown; probably just padding to 128 bytes like: 0406h
+>126	ubeshort	!0x0406h		\b, at 126 %#4.4x
+
+#
+# RADCOM WAN/LAN Analyzer capture files.
+#
+0	string		\x42\xd2\x00\x34\x12\x66\x22\x88	RADCOM WAN/LAN Analyzer capture file
+
+#
+# NetStumbler log files.  Not really packets, per se, but about as
+# close as you can get.  These are log files from NetStumbler, a
+# Windows program, that scans for 802.11b networks.
+#
+0	string		NetS		NetStumbler log file
+>8	lelong		x		\b, %d stations found
+
+#
+# *Peek tagged capture files.
+#
+0	string		\177ver		EtherPeek/AiroPeek/OmniPeek capture file
+
+#
+# Visual Networks traffic capture files.
+#
+0	string		\x05VNF		Visual Networks traffic capture file
+
+#
+# Network Instruments Observer capture files.
+#
+0	string		ObserverPktBuffe	Network Instruments Observer capture file
+
+#
+# Files from Accellent Group's 5View products.
+#
+# URL:		http://www.infovista.com
+# Reference:	http://mark0.net/download/triddefs_xml.7z
+#		defs/0/5vw.trid.xml
+#		https://2.na.dl.wireshark.org/src/wireshark-3.6.2.tar.xz
+#		wireshark-3.6.2/wiretap/5views.c 
+# Update:	Joerg Jenderek
+# Note:		called "5View capture" by TrID and
+#		"Wireshark capture file" on Windows or
+#		"Packet Capture (Accellent/InfoVista 5view)" by shared MIME-info database
+#		verified/falsified by `wireshark *.5vw`
+0	string		\xaa\xaa\xaa\xaa
+# skip misidentified boot/x86_64/loader/kroete.dat on Suse LEAP DVD
+# by check for valid record version
+>8	ulelong		=0x00010000
+>>0	use	5view-le
+0	name	5view-le
+# t_5VW_Info_Header.Signature = CST_5VW_INFO_HEADER_KEY = 0xAAAAAAAAU
+>0	ulelong		x			5View capture file
+# https://reposcope.com/mimetype/application/x-5view
+!:mime	application/x-5view
+!:ext	5vw
+# size of header in bytes (included signature and reserved fields); probably always 20h
+>4	ulelong		!0x00000020		\b, header size %#x
+# version of header record; apparently always CST_5VW_INFO_RECORD_VERSION=0x00010000U
+>8	ulelong		!0x00010000		\b, record version %#x
+# DataSize; total size of data without header like: 18h
+>12	ulelong		x			\b, record size %#x
+# filetype; type of the capture file like: 18001000h
+>16	ulelong		x			\b, file type %#8.8x
+# Reserved[3]; reserved for future use; apparently zero
+>20	quad		!0			\b, Reserved %#llx
+# look for record header key CST_5VW_RECORDS_HEADER_KEY of structure t_5VW_TimeStamped_Header
+>0x20	search/0xB8/b	\xEE\xEE\x33\x33	\b; record
+# HeaderSize; actual size of this header in bytes like: 32 24h
+>>&0	uleshort	x			size %#x
+# HeaderType; exact type of this header; probably always 0x4000
+>>&2	uleshort	!0x4000			\b, header type %#x
+# RecType; type of record like: 80000000h
+>>&4	ulelong		x			\b, record type %#x
+# RecSubType; subtype of record like: 0
+>>&8	ulelong		!0			\b, subtype %#x
+# RecSize; Size of one record like: 5Ch
+>>&12	ulelong		x			\b, RecSize %#x
+# RecNb; Number of records like: 1
+>>&16	ulelong		>1			\b, %#x records
+# Timestamp Utc
+#>>&20	ulelong		x			\b, RAW TIME %#8.8x
+>>&20	date		x			\b, Time-stamp %s
diff --git a/magic/Magdir/softquad b/magic/Magdir/softquad
new file mode 100644
index 0000000..28f03b9
--- /dev/null
+++ b/magic/Magdir/softquad
@@ -0,0 +1,40 @@
+
+#------------------------------------------------------------------------------
+# $File: softquad,v 1.14 2022/10/28 17:19:54 christos Exp $
+# softquad:  file(1) magic for SoftQuad Publishing Software
+# URL:		https://en.wikipedia.org/wiki/SoftQuad_Software
+#
+# Author/Editor and RulesBuilder
+#
+# XXX - byte order?
+#
+0	string		\<!SQ\ DTD>	Compiled SGML rules file
+>9	string		>\0		 Type %s
+0	string		\<!SQ\ A/E>	A/E SGML Document binary
+>9	string		>\0		 Type %s
+0	string		\<!SQ\ STS>	A/E SGML binary styles file
+>9	string		>\0		 Type %s
+0	short		0xc0de		Compiled PSI (v1) data
+0	short		0xc0da		Compiled PSI (v2) data
+>3	string		>\0		(%s)
+# Binary sqtroff font/desc files...
+# GRR: the line below is also true for 5View capture file handled by ./sniffer
+0	short		0125252
+# skip 5View capture file with "invalid" version AAAAh
+>2	short		>0		SoftQuad DESC or font file binary - version %d
+# Bitmaps...
+0	search/1	SQ\ BITMAP1	SoftQuad Raster Format text
+#0	string		SQ\ BITMAP2	SoftQuad Raster Format data
+# sqtroff intermediate language (replacement for ditroff int. lang.)
+0	string		X\ 		SoftQuad troff Context intermediate
+>2	string		495		for AT&T 495 laser printer
+>2	string		hp		for Hewlett-Packard LaserJet
+>2	string		impr		for IMAGEN imPRESS
+>2	string		ps		for PostScript
+
+# From: Michael Piefel <piefel@debian.org>
+# sqtroff intermediate language (replacement for ditroff int. lang.)
+0	string		X\ 495		SoftQuad troff Context intermediate for AT&T 495 laser printer
+0	string		X\ hp		SoftQuad troff Context intermediate for HP LaserJet
+0	string		X\ impr		SoftQuad troff Context intermediate for IMAGEN imPRESS
+0	string		X\ ps		SoftQuad troff Context intermediate for PostScript
diff --git a/magic/Magdir/sosi b/magic/Magdir/sosi
new file mode 100644
index 0000000..88ecc51
--- /dev/null
+++ b/magic/Magdir/sosi
@@ -0,0 +1,40 @@
+
+#------------------------------------------------------------------------------
+# $File: sosi,v 1.2 2021/02/23 00:51:10 christos Exp $
+# SOSI
+# Summary: Systematic Organization of Spatial Information
+# Long description: Norwegian text based map format
+# File extension: .sos
+# Full name:    Petter Reinholdtsen (pere@hungry.com)
+# Reference: https://en.wikipedia.org/wiki/SOSI
+#
+# Example SOSI files available from
+# https://trac.osgeo.org/gdal/ticket/3638
+# https://nedlasting.geonorge.no/geonorge/Basisdata/N50Kartdata/SOSI/
+# https://nedlasting.geonorge.no/geonorge/Samferdsel/Elveg/SOSI/
+#
+# Start with optional comments (from "!" to the next line end)
+# followed by ".HODE" and end with "\n.SLUTT" followed by an optional
+# separator (any number of " ", "\t", "\n" or "\r"), might have BOM at
+# the start and following ".HODE" near the start there is "..OMR=C3=85DE"
+# (either UTF-8, ISO-8859-1 or some 7 bit Norwegian charset based on
+# ASCII) , "..TRANSPAR", "..TEGNSETT " followed by the charset and a
+# separator, as well as "..SOSI-VERSJON " followed by the format
+# version and a separator.
+#
+# FIXME figure out how to accept any of [space], [tab], [newline] and
+# [carriage return] as separators, not only line end.
+
+# Not searching for full "OMR=C3=85DE" to match also for non-UTF-8
+# character sets
+0	search	..OMR
+>0	search	..TRANSPAR
+>>0       search  .HODE           SOSI map data
+>>>&0      search  ..SOSI-VERSJON
+>>>>&1	string	x		\b, version %s
+# FIXME could not figure out way to make a match for .SLUTT at the end required
+#>-7      string  \n.SLUTT	slutt
+#>-8      string  \n.SLUTT\n	slutt-nl
+#>-9      string  \n.SLUTT\r\n	slutt-crnl2
+!:mime text/vnd.sosi
+!:ext sos
diff --git a/magic/Magdir/spec b/magic/Magdir/spec
new file mode 100644
index 0000000..c504b1f
--- /dev/null
+++ b/magic/Magdir/spec
@@ -0,0 +1,21 @@
+
+#------------------------------------------------------------------------------
+# $File: spec,v 1.4 2009/09/19 16:28:12 christos Exp $
+# spec:  file(1) magic for SPEC raw results (*.raw, *.rsf)
+#
+# Cloyce D. Spradling <cloyce@headgear.org>
+
+0	string	spec			SPEC
+>4	string	.cpu			CPU
+>>8	string	<:			\b%.4s
+>>12	string	.			raw result text
+
+17	string	version=SPECjbb		SPECjbb
+>32	string	<:			\b%.4s
+>>37	string	<:			v%.4s raw result text
+
+0	string	BEGIN\040SPECWEB	SPECweb
+>13	string	<:			\b%.2s
+>>15	string	_SSL			\b_SSL
+>>>20	string	<:			v%.4s raw result text
+>>16	string	<:			v%.4s raw result text
diff --git a/magic/Magdir/spectrum b/magic/Magdir/spectrum
new file mode 100644
index 0000000..cf14551
--- /dev/null
+++ b/magic/Magdir/spectrum
@@ -0,0 +1,184 @@
+
+#------------------------------------------------------------------------------
+# $File: spectrum,v 1.10 2023/05/08 01:33:36 christos Exp $
+# spectrum:  file(1) magic for Spectrum emulator files.
+#
+# John Elliott <jce@seasip.demon.co.uk>
+
+#
+# Spectrum +3DOS header
+#
+0       string          PLUS3DOS\032    Spectrum +3 data
+>15     byte            0               - BASIC program
+>15     byte            1               - number array
+>15     byte            2               - character array
+>15     byte            3               - memory block
+>>16    belong          0x001B0040      (screen)
+>15     byte            4               - Tasword document
+>15     string          TAPEFILE        - ZXT tapefile
+#
+# Tape file. This assumes the .TAP starts with a Spectrum-format header,
+# which nearly all will.
+#
+# Update: Sanity-check string contents to be printable.
+#  -Adam Buchbinder <adam.buchbinder@gmail.com>
+# Update:	Joerg Jenderek 2023 May
+# URL:		http://fileformats.archiveteam.org/wiki/TAP_(ZX_Spectrum)
+# Reference:	http://web.archive.org/web/20110711141601/http://www.zxmodules.de/fileformats/tapformat.html
+#		http://mark0.net/download/triddefs_xml.7z/defs/t/tap-zx.trid.xml
+# Note:		called "ZX Spectrum Tape image" by TrID and "TAP (ZX Spectrum)" by DROID via PUID fmt/801
+#		verified by fuse-emulator-utils `tzxlist EXAMPLES.TAP`
+#
+# headers length 19=023 and flag byte 0 indicating a standard ROM loading header 
+0       string          \023\000\000
+>4      string          >\0
+# skip {85CEE8D6-0F90-4492-B484-98E38862B28D}.2.ver0x0000000000000004.db {DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db
+# inside c:\ProgramData\Microsoft\Windows\Caches according to TrID and DROID
+>>23	ubyte		=0xFF
+# skip DROID fmt-801-signature-id-1166.tap with invalid name \253\253\253\253\253\253\253\253\253\253
+# which looks like: "TF COPY II" "screen    " "\023\001TF" "  1943    "
+>>>4     string          <\177           Spectrum .TAP data "%-10.10s"
+#!:mime	application/octet-stream
+!:mime	application/x-spectrum-tap
+!:ext	tap
+>>>>3	byte		0	- BASIC program
+# autostart line; 0..9999 are valid; 32768 means "no auto-loading"
+>>>>>16	uleshort	x	\b, autostart line %u
+# program length; length of BASIC program
+>>>>>18	uleshort	x	\b, program length %u
+>>>>3	byte		1	- number array
+>>>>3	byte		2	- character array
+>>>>3	byte		3	- memory block
+# length of the following data 1B00h=6912 and start address 4000h=16384 in case of a SCREEN$ header
+>>>>>14 belong          0x001B0040      (screen)
+# unused 32768=8000h 
+>>>>>18	uleshort	!32768	\b, unused %u
+# zxlength; length of the following data after the header
+>>>>14	uleshort	x	\b, data length %u
+#>>14	uleshort	x	\b, data length %#x
+# checksum byte; simply all bytes (including flag byte) XORed 
+#>>>>20	ubyte		x	\b, checksum %#x
+
+# The following three blocks are from pak21-spectrum@srcf.ucam.org
+# TZX tape images
+# Update:	Joerg Jenderek 2023 May
+# URL:		http://fileformats.archiveteam.org/wiki/TZX
+# Reference:	https://worldofspectrum.net/TZXformat.html
+#		http://mark0.net/download/triddefs_xml.7z/defs/t/tzx.trid.xml
+# Note:		called "ZX Spectrum Tape image" by TrID and "TZX Format" by DROID via PUID fmt/1000
+0      string          ZXTape!\x1a     Spectrum .TZX data
+#!:mime	application/octet-stream
+!:mime	application/x-spectrum-tzx
+# CDT is used for Amstrad tapes
+!:ext	tzx/cdt
+>8     byte            x               version %d
+>9     byte            x               \b.%d
+# ID of first block
+>10	ubyte		x		\b; ID %#x
+# turbo speed data block
+>10	ubyte		=0x11		(turbo)
+# length of PILOT tone (number of pulses) 
+>>21	uleshort	x		\b, %u pilot pulses
+# length of PILOT pulse
+>>11	uleshort	x		with %u tstates
+# length of SYNC first pulse
+>>13	uleshort	x		\b, %u and
+# length of SYNC second pulse
+>>15	uleshort	x		%u sync tstates
+# length of ZERO bit pulse
+>>17	uleshort	x		\b, %u zero tstates
+# length of ONE bit pulse
+>>19	uleshort	x		\b, %u one tstates
+# used bits in the last byte
+>>23	ubyte		x		\b, use %u bit
+# plural s
+>>23	ubyte		>1		\bs
+# pause after this block in milliseconds
+>>24	uleshort	x		\b, %u ms pause
+# BYTE[3]; length of data that follow
+>>26	ulelong&0x00FFffFF x		\b, %u data bytes 
+>10	ubyte		=0x20		(pause)
+# pause duration in milliseconds
+>>11	uleshort	x		%u ms
+# text description
+>10	ubyte		=0x30		(text)
+# length of the text description
+#>>11	ubyte		x		L=%u
+>>11	pstring		x		"%s"
+# archive text description in ASCII format
+>10	ubyte		=0x32		(archive info)
+# length of archive text
+>>11	uleshort	x		\b, %#x bytes
+# number of text strings
+>>13	ubyte		x		with %u (type) text parts
+# text type identification byte: 0~title 1~publisher 2~author 3~year 4~language 5~type 6~price 7~protection 8~origin ff~comment
+>>14	byte		<9		(%d)
+>>>14	byte		>-2
+# length of text string
+#>>>>15	ubyte		x		L=%u
+>>>>15	pstring		x		%s
+# 2nd possible text description
+>>>>>&0	byte		<9		(%d)
+>>>>>>&-1	byte	>-2
+>>>>>>>&0	pstring	x		%s
+# 3rd possible text description
+>>>>>>>>&0	byte	<9		(%d)
+>>>>>>>>>&-1	byte	>-2
+>>>>>>>>>>&0	pstring	x		%s
+# 4th possible text description
+>>>>>>>>>>>&0	byte	<9		(%d)
+>>>>>>>>>>>>&-1	byte	>-2
+>>>>>>>>>>>>>&0	pstring	x		%s
+# 5th possible text description
+>>>>>>>>>>>>>>&0	byte	<9	(%d)
+>>>>>>>>>>>>>>>&-1	byte	>-2
+>>>>>>>>>>>>>>>>&0	pstring	x	%s
+# 6th possible text description
+>>>>>>>>>>>>>>>>>&0	byte	<9	(%d)
+>>>>>>>>>>>>>>>>>>&-1	byte	>-2
+>>>>>>>>>>>>>>>>>>>&0	pstring	x	%s
+# 7th possible text description
+>>>>>>>>>>>>>>>>>>>>&0	byte	<9	(%d)
+>>>>>>>>>>>>>>>>>>>>>&-1 byte	>-2
+>>>>>>>>>>>>>>>>>>>>>>&0 pstring x	%s
+
+# RZX input recording files
+0      string          RZX!            Spectrum .RZX data
+>4     byte            x               version %d
+>5     byte            x               \b.%d
+
+# Floppy disk images
+0      string          MV\ -\ CPCEMU\ Disk-Fil Amstrad/Spectrum .DSK data
+0      string          MV\ -\ CPC\ format\ Dis Amstrad/Spectrum DU54 .DSK data
+0      string          EXTENDED\ CPC\ DSK\ Fil Amstrad/Spectrum Extended .DSK data
+0      string          SINCLAIR        Spectrum .SCL Betadisk image
+
+# Hard disk images
+0      string          RS-IDE\x1a      Spectrum .HDF hard disk image
+>7     byte            x               \b, version %#02x
+
+# SZX snapshots (fuse and spectaculator)
+# Martin M. S. Pedersen <martin@linux.com>
+# http://www.spectaculator.com/docs/zx-state/header.shtml
+#
+0      string		ZXST	       zx-state snapshot
+>4     byte		x	       version %d
+>5     byte		x	       \b.%d
+>>6    byte		0	       16k ZX Spectrum
+>>6    byte		1	       48k ZX Spectrum/ZX Spectrum+
+>>6    byte		2	       ZX Spectrum 128
+>>6    byte		3	       ZX Spectrum +2
+>>6    byte		4	       ZX Spectrum +2A/+2B
+>>6    byte		5	       ZX Spectrum +3
+>>6    byte		6	       ZX Spectrum +3e
+>>6    byte		7	       Pentagon 128
+>>6    byte		8	       Timex Sinclair TC2048
+>>6    byte		9	       Timex Sinclair TC2068
+>>6    byte	       10	       Scorpion ZS-256
+>>6    byte	       11	       ZX Spectrum SE
+>>6    byte	       12	       Timex Sinclair TS2068
+>>6    byte	       13	       Pentagon 512
+>>6    byte	       14	       Pentagon 1024
+>>6    byte	       15	       48k ZX Spectrum (NTSC)
+>>6    byte	       16	       ZX Spectrum 12Ke
+>>>7   byte		1	       (alternate timings)
diff --git a/magic/Magdir/sql b/magic/Magdir/sql
new file mode 100644
index 0000000..00f3617
--- /dev/null
+++ b/magic/Magdir/sql
@@ -0,0 +1,288 @@
+
+#------------------------------------------------------------------------------
+# $File: sql,v 1.26 2023/04/29 17:26:58 christos Exp $
+# sql:  file(1) magic for SQL files
+#
+# From: "Marty Leisner" <mleisner@eng.mc.xerox.com>
+# Recognize some MySQL files.
+# Elan Ruusamae <glen@delfi.ee>, added MariaDB signatures
+# from https://bazaar.launchpad.net/~maria-captains/maria/5.5/view/head:/support-files/magic
+#
+0	beshort			0xfe01		MySQL table definition file
+>2	byte			x		Version %d
+>3	byte			0		\b, type UNKNOWN
+>3	byte			1		\b, type DIAM_ISAM
+>3	byte			2		\b, type HASH
+>3	byte			3		\b, type MISAM
+>3	byte			4		\b, type PISAM
+>3	byte			5		\b, type RMS_ISAM
+>3	byte			6		\b, type HEAP
+>3	byte			7		\b, type ISAM
+>3	byte			8		\b, type MRG_ISAM
+>3	byte			9		\b, type MYISAM
+>3	byte			10		\b, type MRG_MYISAM
+>3	byte			11		\b, type BERKELEY_DB
+>3	byte			12		\b, type INNODB
+>3	byte			13		\b, type GEMINI
+>3	byte			14		\b, type NDBCLUSTER
+>3	byte			15		\b, type EXAMPLE_DB
+>3	byte			16		\b, type CSV_DB
+>3	byte			17		\b, type FEDERATED_DB
+>3	byte			18		\b, type BLACKHOLE_DB
+>3	byte			19		\b, type PARTITION_DB
+>3	byte			20		\b, type BINLOG
+>3	byte			21		\b, type SOLID
+>3	byte			22		\b, type PBXT
+>3	byte			23		\b, type TABLE_FUNCTION
+>3	byte			24		\b, type MEMCACHE
+>3	byte			25		\b, type FALCON
+>3	byte			26		\b, type MARIA
+>3	byte			27		\b, type PERFORMANCE_SCHEMA
+>3	byte			127		\b, type DEFAULT
+>0x0033	ulong			x		\b, MySQL version %d
+0	belong&0xffffff00	0xfefe0500	MySQL ISAM index file
+>3	byte			x		Version %d
+0	belong&0xffffff00	0xfefe0600	MySQL ISAM compressed data file
+>3	byte			x		Version %d
+0	belong&0xffffff00	0xfefe0700	MySQL MyISAM index file
+>3	byte			x		Version %d
+>14	beshort			x		\b, %d key parts
+>16	beshort			x		\b, %d unique key parts
+>18	byte			x		\b, %d keys
+>28	bequad			x		\b, %lld records
+>36	bequad			x		\b, %lld deleted records
+0	belong&0xffffff00	0xfefe0800	MySQL MyISAM compressed data file
+>3	byte			x		Version %d
+0	belong&0xffffff00	0xfefe0900	MySQL Maria index file
+>3	byte			x		Version %d
+0	belong&0xffffff00	0xfefe0a00	MySQL Maria compressed data file
+>3	byte			x		Version %d
+0	belong&0xffffff00	0xfefe0c00
+>4	string			MACF		MySQL Maria control file
+>>3	byte			x		Version %d
+0	string			\376bin	MySQL replication log,
+>9	long			x		server id %d
+>8	byte			1
+>>13	long			69		\b, MySQL V3.2.3
+>>>19	string			x		\b, server version %s
+>>13	long			75		\b, MySQL V4.0.2-V4.1
+>>>25	string			x		\b, server version %s
+>8	byte			15		MySQL V5+,
+>>25	string			x		server version %s
+>4	string			MARIALOG	MySQL Maria transaction log file
+>>3	byte			x		Version %d
+
+#------------------------------------------------------------------------------
+# iRiver H Series database file
+# From Ken Guest <ken@linux.ie>
+# As observed from iRivNavi.iDB and unencoded firmware
+#
+0   string		iRivDB	iRiver Database file
+>11  string	>\0	Version %s
+>39  string		iHP-100	[H Series]
+
+#------------------------------------------------------------------------------
+# SQLite database files
+# Ken Guest <ken@linux.ie>, Ty Sarna, Zack Weinberg
+#
+# Version 1 used GDBM internally; its files cannot be distinguished
+# from other GDBM files.
+#
+# Update:	Joerg Jenderek
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/s/sqlite-2x.trid.xml
+# Note:		called "SQLite 2.x database" by TrID and "SQLite Database File Format" version 2 by DROID via PUID fmt/1135
+# Version 2 used this format:
+0	string	**\ This\ file\ contains\ an\ SQLite  SQLite 2.x database
+!:mime	application/x-sqlite2
+# FileAttributesStore.db test.sqlite2
+!:ext	sqlite/sqlite2/db
+
+# URL:		https://en.wikipedia.org/wiki/SQLite
+# Reference:	https://www.sqlite.org/fileformat.html
+# Update:	Joerg Jenderek
+# Version 3 of SQLite allows applications to embed their own "user version"
+# number in the database at offset 60.  Later, SQLite added an "application id"
+# at offset 68 that is preferred over "user version" for indicating the
+# associated application.
+#
+0   string  SQLite\ format\ 3
+# skip DROID fmt-729-signature-id-1053.sqlite by checking for valid page size
+>16 ubeshort >0                 SQLite 3.x
+# deprecated
+#!:mime	application/x-sqlite3
+!:mime	application/vnd.sqlite3
+# seldom found extension sqlite3 like in SyncData.sqlite3
+# db
+# db3 like: AddrBook.db3 cgipcrvp.db3
+# https://www.maplesoft.com/support/help/Maple/view.aspx?path=worksheet%2freference%2fhelpdatabase
+# help is used for newer Maple help database
+# SQLite database weewx.sdb used by weather software weewx
+# https://www.weewx.com/docs/usersguide.htm
+# Avira Antivir use extension "dbe" like in avevtdb.dbe, avguard_tchk.dbe
+# Unfortunately extension sqlite also used for other databases starting with string
+# "TTCONTAINER" like in tracks.sqlite contentconsumer.sqlite contentproducerrepository.sqlite
+# and with string "ZV-zlib" in like extra.sqlite
+>>68 belong !0x5CDE09EF	database
+!:ext sqlite/sqlite3/db/db3/dbe/sdb/help
+>>68 belong =0x5CDE09EF  database
+# maple is used for Maple Workbook
+!:ext maple
+>>60 belong =0x5f4d544e  (Monotone source repository)
+# if no known user version then check for Application IDs with default clause
+>>60 belong !0x5f4d544e
+# The "Application ID" set by PRAGMA application_id
+>>>68 belong =0x0f055112 (Fossil checkout)
+>>>68 belong =0x0f055113 (Fossil global configuration)
+>>>68 belong =0x0f055111 (Fossil repository)
+>>>68 belong =0x42654462 (Bentley Systems BeSQLite Database)
+>>>68 belong =0x42654c6e (Bentley Systems Localization File)
+>>>68 belong =0x47504b47 (OGC GeoPackage file)
+#	https://www.sqlite.org/src/artifact?ci=trunk&filename=magic.txt
+>>>68 belong =0x47503130 (OGC GeoPackage version 1.0 file)
+>>>68 belong =0x45737269 (Esri Spatially-Enabled Database)
+>>>68 belong =0x4d504258 (MBTiles tileset)
+#	https://www.maplesoft.com/support/help/errors/view.aspx?path=Formats/Maple
+>>>68 belong =0x5CDE09EF (Maple Workbook)
+# unknown application ID
+>>>68 default x
+>>>>68 belong !0         \b, application id %u
+# The "user version" as read and set by the user_version pragma like:
+# 1 2 4 5 7 9 10 25 36 43 53 400 416 131073 131074 131075
+>>60 belong !0          \b, user version %d
+# SQLITE_VERSION_NUMBER like: 0 3008011 3016002 3007014 3017000 3022000 3028000 3031001
+>>96 belong  x           \b, last written using SQLite version %d
+# database page size in bytes; a power of two between 512 and 32768, or 1 for 65536
+# like: 512 1024 often 4096 32768
+>>16 ubeshort !4096      \b, page size %u
+# File format write version. 1 for legacy; 2 for WAL; 0 for corruptDB.sqlite
+>>18 ubyte   !1          \b, writer version %u
+# File format read version. 1 for legacy; 2 for WAL; 4 for corruptDB.sqlite
+>>19 ubyte   !1          \b, read version %u
+# Bytes of unused "reserved" space at the end of each page. Usually 0
+>>20 ubyte   !0          \b, unused bytes %u
+# maximum embedded payload fraction. Must be 64; 1 for corruptDB.sqlite
+>>21 ubyte   !64         \b, maximum payload %u
+# Minimum embedded payload fraction. Must be 32; 1 for corruptDB.sqlite
+>>22 ubyte   !32         \b, minimum payload %u
+# Leaf payload fraction. Must be 32; 0 for corruptDB.sqlite
+>>23 ubyte   !32         \b, leaf payload %u
+# file change counter
+>>24 ubelong x           \b, file counter %u
+# Size of the database file in pages
+>>28 ubelong x           \b, database pages %u
+# page number of the first freelist trunk page like: 0 2 3 4 5 9
+# 10 13 14 15 16 17 18 19 23 36 39 46 50 136 190 217 307 505 516 561 883 1659
+>>32 ubelong !0          \b, 1st free page %u
+# total number of freelist pages
+>>36 ubelong !0          \b, free pages %u
+# The schema cookie like: 2 3 4 6 7 9 A D E F 13 14 1C 25 2A 2F 33 44 4B 53 5A 5F 62 86 87 8F 91 A8
+>>40 ubelong x           \b, cookie %#x
+# the schema format number. Supported formats are 1 2 3 and often 4
+# 3328 for corruptDB.sqlite and 0 for 512 byte storage.sqlite (TorBrowser Firefox Thunderbird)
+>>44 ubelong x           \b, schema %u
+# Suggested cache size  like: 0 2000
+>>48 ubelong !0          \b, cache page size %u
+# The page number of the largest root b-tree page when in auto-vacuum or incremental-vacuum modes, or zero otherwise. 
+>>52 ubelong !0          \b, largest root page %u
+# The database text encoding; a value of 1 means UTF-8; 2 means UTF-16le; 3 means UTF-16be
+#>>56 ubelong x           \b, encoding %u
+>>56 ubelong x
+>>>56 ubelong =1         \b, UTF-8
+>>>56 ubelong =2         \b, UTF-16 little endian
+>>>56 ubelong =3         \b, UTF-16 big endian
+# 0 for corruptDB.sqlite and for storage.sqlite with database pages 1 (TorBrowser Firefox Thunderbird)
+# https://mozilla.github.io/firefox-browser-architecture/text/0010-firefox-data-stores.html
+>>>56 default x
+>>>>56 ubelong x         \b, unknown %#x encoding
+# True (non-zero) for incremental-vacuum mode; false (zero) otherwiseqy
+>>64 ubelong !0           \b, vacuum mode %u
+# Reserved for expansion. Must be zero
+>>72 uquad !0             \b, reserved %#llx
+# The version-valid-for number like:
+# 1 2 3 4 C F 68h 95h 266h A99h 3DCDh B7CEh
+>>92 ubelong x            \b, version-valid-for %u
+
+# SQLite Write-Ahead Log from SQLite version >= 3.7.0
+# https://www.sqlite.org/fileformat.html#walformat
+0	belong&0xfffffffe	0x377f0682	SQLite Write-Ahead Log,
+!:ext sqlite-wal/db-wal
+>4	belong	x	version %d
+# Summary:	SQLite Write-Ahead-Log index (shared memory)
+# From: 	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/SQLite
+# Reference:	http://www.sqlite.org/draft/walformat.html#walidxfmt
+# iVersion; WAL-index format version number; always 3007000=2DE218h
+0	ulelong		0x002DE218
+>0	use	shm-le
+# big endian variant not tested
+0	ubelong		0x002DE218
+>0	use	\^shm-le
+# show information about SQLite Write-Ahead-Log shared memory
+0	name	shm-le
+>0	ulelong		x		SQLite Write-Ahead Log shared memory
+#!:mime	application/octet-stream
+!:mime	application/vnd.sqlite3
+# db3-shm	Acronis	BackupAndRecovery			F4CEEE47-042C-4828-95A0-DE44EC267A28.db3-shm
+# dbx-shm	probably Dropbox				filecache.dbx-shm
+# aup3-shm	Audacity project				tada.aup3-shm
+# srd-shm	Microsoft Windows StateRepository service	StateRepository-Deployment.srd-shm StateRepository-Machine.srd-shm:
+!:ext	sqlite-shm/db-shm/db3-shm/dbx-shm/aup3-shm/srd-shm 
+# unused padding space; must be zero
+>4	ulelong		!0		\b, unused %x
+# iChange; unsigned integer counter, incremented with each transaction
+>8	ulelong		x		\b, counter %u
+# isInit; the "isInit" flag; 1 when the shm file has been initialized
+>12	ubyte		!1		\b, not initialized %u
+# bigEndCksum; true if the WAL file uses big-ending checksums; 0 if the WAL uses little-endian checksums
+>13	ubyte		!0		\b, checksum type %u
+# szPage; database page size in bytes, or 1 if the page size is 65536
+>14	uleshort	!1		\b, page size %u
+>14	uleshort	=1		\b, page size 65536
+# mxFrame; number of valid and committed frames in the WAL file
+>16	ulelong		x		\b, %u frames
+# nPage; size of the database file in pages
+>20	ulelong		x		\b, %u pages
+# aFrameCksum; checksum of the last frame in the WAL file
+>24	ulelong		x		\b, frame checksum %#x
+# aSalt; two salt value copied from the WAL file header in the byte-order of the WAL file; might be different from machine byte-order
+>32	ulequad		x		\b, salt %#llx
+# aCksum; checksum over bytes 0 through 39 of this header
+>40	ulelong		x		\b, header checksum %#x
+# a copy of bytes 0 through 47 of header
+>48	ulelong		!3007000	\b, iversion %u
+# nBackfill; number of WAL frames that have already been backfilled into the database by prior checkpoints
+>96	ulelong		!0		\b, %u backfilled
+# nBackfillAttempted; number of WAL frames that have attempted to be backfilled
+>>128	ulelong		x		(%u attempts)
+# read-mark[0..4]; five "read marks"; each read mark is a 32-bit unsigned integer
+>100	ulelong		!0		\b, read-mark[0] %#x
+>104	ulelong		x		\b, read-mark[1] %#x
+>108	ulelong		!0xffffffff	\b, read-mark[2] %#x
+>112	ulelong		!0xffffffff	\b, read-mark[3] %#x
+>116	ulelong		!0xffffffff	\b, read-mark[4] %#x
+# unused space set aside for 8 file locks
+>120	ulequad		!0		\b, space %#llx
+# unused space reserved for further expansion
+>132	ulelong		!0		\b, reserved %#x
+
+# SQLite Rollback Journal
+# https://www.sqlite.org/fileformat.html#rollbackjournal
+0	string	\xd9\xd5\x05\xf9\x20\xa1\x63\xd7	SQLite Rollback Journal
+
+# Panasonic channel list database svl.bin or svl.db added by Joerg Jenderek
+# https://github.com/PredatH0r/ChanSort
+0	string		PSDB\0			Panasonic channel list DataBase
+!:ext db/bin
+#!:mime	application/x-db-svl-panasonic
+>126	string		SQLite\ format\ 3
+#!:mime	application/x-panasonic-sqlite3
+>>&-15	indirect	x			\b; contains
+
+# H2 Database from https://www.h2database.com/
+0	string		--\ H2\ 0.5/B\ --\ \n	H2 Database file
+
+# DuckDB database file from https://duckdb.org
+8	string	DUCK    DuckDB database file
+>12	lequad	x	\b, version %lld
+#>20	lequad	x	\b, flags %#llx
+#>28	lequad	x	\b, flags %#llx
diff --git a/magic/Magdir/ssh b/magic/Magdir/ssh
new file mode 100644
index 0000000..56b28a8
--- /dev/null
+++ b/magic/Magdir/ssh
@@ -0,0 +1,42 @@
+# Type:	OpenSSH key files
+# From:	Nicolas Collignon <tsointsoin@gmail.com>
+
+0	string	SSH\040PRIVATE\040KEY	OpenSSH RSA1 private key,
+>28	string	>\0			version %s
+0	string	-----BEGIN\040OPENSSH\040PRIVATE\040KEY-----	OpenSSH private key
+# https://www.rfc-editor.org/rfc/rfc5958
+0	string	-----BEGIN\040PRIVATE\040KEY-----	OpenSSH private key (no password)
+0	string	-----BEGIN\040ENCRYPTED\040PRIVATE\040KEY-----	OpenSSH private key (with password)
+
+0	string	ssh-dss\040		OpenSSH DSA public key
+0	string	ssh-rsa\040		OpenSSH RSA public key
+0	string	ecdsa-sha2-nistp256	OpenSSH ECDSA public key
+0	string	ecdsa-sha2-nistp384	OpenSSH ECDSA public key
+0	string	ecdsa-sha2-nistp521	OpenSSH ECDSA public key
+0	string	ssh-ed25519		OpenSSH ED25519 public key
+
+0	string	SSHKRL\n\0
+>8	ubelong	1		OpenSSH key/certificate revocation list, format %u
+>>12	ubequad	x		\b, version %llx
+>>>20	beqdate	x		\b, generated %s
+
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/PuTTY
+# Reference:	https://the.earth.li/~sgtatham/putty/latest/putty-0.73.tar.gz
+#		/sshpubk.c
+0	string		PuTTY-User-Key-File-	PuTTY Private Key File
+#!:mime	text/plain
+# https://github.com/github/putty/blob/master/windows/installer.wxs
+!:mime	application/x-putty-private-key
+!:ext	ppk
+# version 1 or 2
+>20	string		x			\b, version %.1s
+# name of the algorithm like: ssh-dss ssh-rsa ecdsa-sha2-nistp256 ssh-ed25519
+>23	string		x			\b, algorithm %s
+# next line says "Encryption: " plus an encryption type like aes256-cbc or none
+>32	search/13	Encryption:\040		\b, Encryption
+>>&0	string		x			%s
+# next line says "Comment: " plus the comment string
+>>>&0	search/3	Comment:\040
+>>>>&0	string		x			"%s"
+
diff --git a/magic/Magdir/ssl b/magic/Magdir/ssl
new file mode 100644
index 0000000..2309392
--- /dev/null
+++ b/magic/Magdir/ssl
@@ -0,0 +1,20 @@
+
+#------------------------------------------------------------------------------
+# $File: ssl,v 1.5 2017/12/29 04:00:07 christos Exp $
+# ssl:  file(1) magic for SSL file formats
+
+# Type: OpenSSL certificates/key files
+# From: Nicolas Collignon <tsointsoin@gmail.com>
+
+0	string	-----BEGIN\040CERTIFICATE-----	PEM certificate
+0	string	-----BEGIN\040CERTIFICATE\040REQ	PEM certificate request
+0	string	-----BEGIN\040RSA\040PRIVATE	PEM RSA private key
+0	string	-----BEGIN\040DSA\040PRIVATE	PEM DSA private key
+0	string	-----BEGIN\040EC\040PRIVATE	PEM EC private key
+0	string	-----BEGIN\040ECDSA\040PRIVATE	PEM ECDSA private key
+
+# From Luc Gommans
+# OpenSSL enc file (recognized by a magic string preceding the password's salt)
+0	string	Salted__	openssl enc'd data with salted password
+# Using the -a or -base64 option, OpenSSL will base64-encode the data.
+0	string U2FsdGVkX1	openssl enc'd data with salted password, base64 encoded
diff --git a/magic/Magdir/statistics b/magic/Magdir/statistics
new file mode 100644
index 0000000..ca9f859
--- /dev/null
+++ b/magic/Magdir/statistics
@@ -0,0 +1,45 @@
+
+#------------------------------------------------------------------------------
+# $File: statistics,v 1.3 2022/03/24 15:48:58 christos Exp $
+# statistics:  file(1) magic for statistics related software
+#
+
+# From Remy Rampin
+
+# Stata is a statistical software tool that was created in 1985. While I
+# don't personally use it, data files in its native (proprietary) format
+# are common (.dta files).
+# 
+# Because they are so common, especially in statistical and social
+# sciences, Stata files and SPSS files can be opened by a lot of modern
+# software, for example Python's pandas package provides built-in
+# support for them (read_stata() and read_spss()).
+# 
+# I noticed that the magic database includes an entry for SPSS files but
+# not Stata files. Stata files for Stata 13 and newer (formats 117, 118,
+# and 119) always begin with the string "<stata_dta><header>" as per
+# https://www.stata.com/help.cgi?dta#definition
+# 
+# The format version number always follows, for example:
+#    <stata_dta><header><release>117</release>
+#    <stata_dta><header><release>118</release>
+# 
+# Therefore the following line would do the trick:
+#    0       string  <stata_dta><header>     Stata Data File
+# 
+# (I'm sure the version number could be captured as well but I did not
+# manage this without a regex)
+# 
+# Unfortunately the previous formats (created by Stata before 13, which
+# was released 2013) are harder to recognize. Format 115 starts with the
+# four bytes 0x73010100 or 0x73020100, format 114 with 0x72010100 or
+# 0x72020100, format 113 with 0x71010101 or 0x71020101.
+# 
+# For additional reference, the Library of Congress website has an entry
+# for the Stata Data File Format 118:
+# https://www.loc.gov/preservation/digital/formats/fdd/fdd000471.shtml
+# 
+# Example of those files can be found on Zenodo:
+# https://zenodo.org/search?page=1&size=20&q=&file_type=dta
+0	string	\<stata_dta\>\<header\>\<release\>	Stata Data File
+>&0	regex	[0-9]+					(Release %s)
diff --git a/magic/Magdir/subtitle b/magic/Magdir/subtitle
new file mode 100644
index 0000000..cfbe293
--- /dev/null
+++ b/magic/Magdir/subtitle
@@ -0,0 +1,38 @@
+
+#------------------------------------------------------------------------------
+# $File: subtitle,v 1.2 2022/09/07 11:29:09 christos Exp $
+# subtitle:  file(1) magic for subtitles files
+
+# EBU-STL
+# https://tech.ebu.ch/docs/tech/tech3264.pdf
+3	string	STL		EBU-STL subtitles
+>6	regex	=^[0-9][0-9]	\b, rate %s
+>>8	string	.01		\b, v1
+!:mime	application/x-ebu-stl
+>>>16	regex	=^[^\ ]{0,32}	\b, title "%s"
+>>>>224 regex	=^[0-9]{2}	\b, created %-.2s
+>>>>>&0 regex	=^[0-9]{2}	\b-%-.2s
+>>>>>>&0 regex	=^[0-9]{2}	\b-%-.2s
+!:ext	stl
+
+# SubRip (srt) subtitles
+0	regex/20	=^1[\r\n]+0[01]:[0-9]{2}:[0-9]{2},[0-9]{3}\040-->	 SubRip
+!:mime	application/x-subrip
+!:ext	srt
+
+# WebVTT subtitles
+# https://www.w3.org/TR/webvtt1/
+0	string/t	WEBVTT
+>&0	regex/255	=[0-9]{2}:[0-9]{2}\\.[0-9]{3}\040-->	WebVTT subtitles
+!:mime	text/vtt
+!:ext	vtt
+
+# XML TTML subtitles
+# https://www.w3.org/TR/ttml2/
+0	string/t	\<?xml
+>20	search/400	\020xmlns=
+>>&0 regex ['"]http://www.w3.org/ns/ttml    TTML subtitles
+!:mime	application/ttml+xml
+# Augment strength to beat plain XML
+!:strength * 3
+!:ext	ttml
diff --git a/magic/Magdir/sun b/magic/Magdir/sun
new file mode 100644
index 0000000..df83834
--- /dev/null
+++ b/magic/Magdir/sun
@@ -0,0 +1,141 @@
+
+#------------------------------------------------------------------------------
+# $File: sun,v 1.28 2019/04/19 00:42:27 christos Exp $
+# sun:  file(1) magic for Sun machines
+#
+# Values for big-endian Sun (MC680x0, SPARC) binaries on pre-5.x
+# releases.  (5.x uses ELF.)  Entries for executables without an
+# architecture type, used before the 68020-based Sun-3's came out,
+# are in aout, as they're indistinguishable from other big-endian
+# 32-bit a.out files.
+#
+0	belong&077777777	0600413		a.out SunOS SPARC demand paged
+>0	byte		&0x80
+>>20	belong		<4096		shared library
+>>20	belong		=4096		dynamically linked executable
+>>20	belong		>4096		dynamically linked executable
+>0	byte		^0x80		executable
+>16	belong		>0		not stripped
+
+0	belong&077777777	0600410		a.out SunOS SPARC pure
+>0	byte		&0x80		dynamically linked executable
+>0	byte		^0x80		executable
+>16	belong		>0		not stripped
+
+0	belong&077777777	0600407		a.out SunOS SPARC
+>0	byte		&0x80		dynamically linked executable
+>0	byte		^0x80		executable
+>16	belong		>0		not stripped
+
+0	belong&077777777	0400413		a.out SunOS mc68020 demand paged
+>0	byte		&0x80
+>>20	belong		<4096		shared library
+>>20	belong		=4096		dynamically linked executable
+>>20	belong		>4096		dynamically linked executable
+>0	byte		^0x80		executable
+>16	belong		>0		not stripped
+
+0	belong&077777777	0400410		a.out SunOS mc68020 pure
+>0	byte		&0x80		dynamically linked executable
+>0	byte		^0x80		executable
+>16	belong		>0		not stripped
+
+0	belong&077777777	0400407		a.out SunOS mc68020
+>0	byte		&0x80		dynamically linked executable
+>0	byte		^0x80		executable
+>16	belong		>0		not stripped
+
+0	belong&077777777	0200413		a.out SunOS mc68010 demand paged
+>0	byte		&0x80
+>>20	belong		<4096		shared library
+>>20	belong		=4096		dynamically linked executable
+>>20	belong		>4096		dynamically linked executable
+>0	byte		^0x80		executable
+>16	belong		>0		not stripped
+
+0	belong&077777777	0200410		a.out SunOS mc68010 pure
+>0	byte		&0x80		dynamically linked executable
+>0	byte		^0x80		executable
+>16	belong		>0		not stripped
+
+0	belong&077777777	0200407		a.out SunOS mc68010
+>0	byte		&0x80		dynamically linked executable
+>0	byte		^0x80		executable
+>16	belong		>0		not stripped
+
+#
+# Core files.  "SPARC 4.x BCP" means "core file from a SunOS 4.x SPARC
+# binary executed in compatibility mode under SunOS 5.x".
+#
+0	belong		0x080456	SunOS core file
+>4	belong		432		(SPARC)
+>>132	string		>\0		from '%s'
+>>116	belong		=3		(quit)
+>>116	belong		=4		(illegal instruction)
+>>116	belong		=5		(trace trap)
+>>116	belong		=6		(abort)
+>>116	belong		=7		(emulator trap)
+>>116	belong		=8		(arithmetic exception)
+>>116	belong		=9		(kill)
+>>116	belong		=10		(bus error)
+>>116	belong		=11		(segmentation violation)
+>>116	belong		=12		(bad argument to system call)
+>>116	belong		=29		(resource lost)
+>>120	belong		x		(T=%dK,
+>>124	belong		x		D=%dK,
+>>128	belong		x		S=%dK)
+>4	belong		826		(68K)
+>>128	string		>\0		from '%s'
+>4	belong		456		(SPARC 4.x BCP)
+>>152	string		>\0		from '%s'
+# Sun SunPC
+0	long		0xfa33c08e	SunPC 4.0 Hard Disk
+0	string		#SUNPC_CONFIG	SunPC 4.0 Properties Values
+# Sun snoop (see RFC 1761, which describes the capture file format,
+# RFC 3827, which describes some additional datalink types, and
+# https://www.iana.org/assignments/snoop-datalink-types/snoop-datalink-types.xml,
+# which is the IANA registry of Snoop datalink types)
+#
+0	string		snoop		Snoop capture file
+>8	belong		>0		- version %d
+>12	belong		0		(IEEE 802.3)
+>12	belong		1		(IEEE 802.4)
+>12	belong		2		(IEEE 802.5)
+>12	belong		3		(IEEE 802.6)
+>12	belong		4		(Ethernet)
+>12	belong		5		(HDLC)
+>12	belong		6		(Character synchronous)
+>12	belong		7		(IBM channel-to-channel adapter)
+>12	belong		8		(FDDI)
+>12	belong		9		(Other)
+>12	belong		10		(type %d)
+>12	belong		11		(type %d)
+>12	belong		12		(type %d)
+>12	belong		13		(type %d)
+>12	belong		14		(type %d)
+>12	belong		15		(type %d)
+>12	belong		16		(Fibre Channel)
+>12	belong		17		(ATM)
+>12	belong		18		(ATM Classical IP)
+>12	belong		19		(type %d)
+>12	belong		20		(type %d)
+>12	belong		21		(type %d)
+>12	belong		22		(type %d)
+>12	belong		23		(type %d)
+>12	belong		24		(type %d)
+>12	belong		25		(type %d)
+>12	belong		26		(IP over Infiniband)
+>12	belong		>26		(type %d)
+
+#---------------------------------------------------------------------------
+# The following entries have been tested by Duncan Laurie <duncan@sun.com> (a
+# lead Sun/Cobalt developer) who agrees that they are good and worthy of
+# inclusion.
+
+# Boot ROM images for Sun/Cobalt Linux server appliances
+0       string  Cobalt\ Networks\ Inc.\nFirmware\ v     Paged COBALT boot rom
+>38     string x        V%.4s
+
+# New format for Sun/Cobalt boot ROMs is annoying, it stores the version code
+# at the very end where file(1) can't get it.
+0       string CRfs     COBALT boot rom data (Flat boot rom or file system)
diff --git a/magic/Magdir/svf b/magic/Magdir/svf
new file mode 100644
index 0000000..b0d5c98
--- /dev/null
+++ b/magic/Magdir/svf
@@ -0,0 +1,5 @@
+# $File: svf,v 1.2 2023/05/23 13:37:32 christos Exp $
+# 
+# file(1) magic(5) data for SmartVersion files with the .svf extension.
+
+0	string	DFS\ File\x0D\x0Ahttp://www.difstream.com\x0D\x0A	SmartVersion binary patch file
diff --git a/magic/Magdir/sylk b/magic/Magdir/sylk
new file mode 100644
index 0000000..f497c05
--- /dev/null
+++ b/magic/Magdir/sylk
@@ -0,0 +1,36 @@
+
+#------------------------------------------------------------------------------
+# $File: sylk,v 1.1 2020/04/05 22:18:34 christos Exp $
+# sylk:  file(1) magic for SYLK text files
+
+# From:	Joerg Jenderek
+# URL:	https://en.wikipedia.org/wiki/SYmbolic_LinK_%28SYLK%29
+#	http://fileformats.archiveteam.org/wiki/SYLK
+# Note:	called by TrID "SYLK - SYmbolic LinK data",
+#	by DROID "Microsoft Symbolic Link (SYLK) File"
+#	by FreeDesktop.org "spreadsheet interchange document"
+0	string		ID;P
+# skip short DROID x-fmt-106-signature-id-603.slk
+>7	ubyte		>0		spreadsheet interchange document
+# https://reposcope.com/mimetype/text/spreadsheet
+#!:mime	text/spreadsheet
+# https://reposcope.com/mimetype/application/x-sylk	by Gnumeric
+!:mime	application/x-sylk
+!:ext	slk/sylk
+>>4	ubyte		>037		\b, created by
+# Gnumeric, pmw~PlanMaker, CALCOOO32~LibreOffice OpenOffice, SCALC3~StarOffice
+# MP~Multiplan, XL~Excel WXL~Excel Windows
+>>>4	string		Gnumeric	Gnumeric
+>>>4	string		pmw		PlanMaker
+>>>4	string		CALCOOO32	Libre/OpenOffice Calc
+>>>4	string		SCALC3		StarOffice Calc
+>>>4	string		XL		Excel
+# Excel, version probably running on Windows
+>>>4	string		WXL		Excel
+# not tested
+>>>4	string		MP		Multiplan
+# unknown spreadsheet software
+>>>4	default		x
+>>>>4	string		x		%s
+
+
diff --git a/magic/Magdir/symbos b/magic/Magdir/symbos
new file mode 100644
index 0000000..c97a42e
--- /dev/null
+++ b/magic/Magdir/symbos
@@ -0,0 +1,42 @@
+
+#------------------------------------------------------------------------------
+# msx:  file(1) magic for the SymbOS operating system
+# http://www.symbos.de
+# Fabio R. Schmidlin <frs@pop.com.br>
+
+# SymbOS EXE file
+0x30	string		SymExe		SymbOS executable
+>0x36	ubyte		x		v%c
+>0x37	ubyte		x		\b.%c
+>0xF	string		x		\b, name: %s
+
+# SymbOS DOX document
+0	string		INFOq\0		SymbOS DOX document
+
+# Symbos driver
+0	string		SMD1		SymbOS driver
+>19	byte		x		\b, name: %c
+>20	byte		x		\b%c
+>21	byte		x		\b%c
+>22	byte		x		\b%c
+>23	byte		x		\b%c
+>24	byte		x		\b%c
+>25	byte		x		\b%c
+>26	byte		x		\b%c
+>27	byte		x		\b%c
+>28	byte		x		\b%c
+>29	byte		x		\b%c
+>30	byte		x		\b%c
+>31	byte		x		\b%c
+
+# Symbos video
+0	string		SymVid		SymbOS video
+>6	ubyte		x		v%c
+>7	ubyte		x		\b.%c
+
+# Soundtrakker 128 ST2 music
+0	byte		0
+>0xC	string		\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x40\x00	Soundtrakker 128 ST2 music,
+>>1	string		x		name: %s
+
+
diff --git a/magic/Magdir/sysex b/magic/Magdir/sysex
new file mode 100644
index 0000000..d02389d
--- /dev/null
+++ b/magic/Magdir/sysex
@@ -0,0 +1,429 @@
+
+#------------------------------------------------------------------------
+# $File: sysex,v 1.12 2022/10/31 13:22:26 christos Exp $
+# sysex: file(1) magic for MIDI sysex files
+#
+# GRR: original 1 byte test at offset was too general as it catches also many FATs of DOS filesystems
+# where real SYStem EXclusive messages at offset 1 are limited to seven bits
+# https://en.wikipedia.org/wiki/MIDI
+# test for StartSysEx byte and upper unsed bit of vendor ID
+0	ubeshort&0xFF80		0xF000
+# MIDI System Exclusive (SysEx) messages (strength=50) after Microsoft Visual C library (strength=70)
+#!:strength +0
+# skip Microsoft Visual C library with page size 16 misidentified as ADA and
+# page size 32 misidentified as Inventronics by looking for terminating End Of eXclusive byte (EOX)
+>2		search/12	\xF7
+>>0	use	midi-sysex
+#	display information about MIDI System Exclusive (SysEx) messages
+0	name		midi-sysex
+# https://fileinfo.com/extension/syx	
+>1	ubyte			x		MIDI audio System Exclusive (SysEx) message -
+# Note: file (version 5.41) labeled the above entry as "SysEx File"
+#!:mime	application/octet-stream
+!:mime	audio/x-syx
+# https://onsongapp.com/docs/features/formats/sysex
+!:ext	syx/sysex
+# https://www.midi.org/specifications-old/item/manufacturer-id-numbers
+# https://raw.githubusercontent.com/insolace/MIDI-Sysex-MFG-IDs/master/Sysex%20ID%20Tables/MIDI%20Sysex%20MFG%20IDs.csv
+# SysEx manufacturer ID; originally one byte, but now 0 is used as an escapement to reach the next two
+# North American Group
+#>1	byte			0x01		Sequential
+>1	byte			0x01		Sequential Circuits
+>1	byte			0x02		IDP
+#>1	byte			0x03		OctavePlateau
+>1	byte			0x03		Voyetra Turtle Beach
+>1	byte			0x04		Moog
+#>1	byte			0x05		Passport
+>1	byte			0x05		Passport Designs
+#>1	byte			0x06		Lexicon
+>1	byte			0x06		Lexicon Inc.
+>1	byte			0x07		Kurzweil/Future Retro
+>>3	byte			0x77		777
+>>4	byte			0x00		Bank
+>>4	byte			0x01		Song
+>>5	byte			0x0f		16
+>>5	byte			0x0e		15
+>>5	byte			0x0d		14
+>>5	byte			0x0c		13
+>>5	byte			0x0b		12
+>>5	byte			0x0a		11
+>>5	byte			0x09		10
+>>5	byte			0x08		9
+>>5	byte			0x07		8
+>>5	byte			0x06		7
+>>5	byte			0x05		6
+>>5	byte			0x04		5
+>>5	byte			0x03		4
+>>5	byte			0x02		3
+>>5	byte			0x01		2
+>>5	byte			0x00		1
+>>5	byte			0x10		(ALL)
+>>2	byte			x			\b, Channel %d
+>1	byte			0x08		Fender
+#>1	byte			0x09		Gulbransen
+>1	byte			0x09		MIDI9
+#>1	byte			0x0a		AKG
+>1	byte			0x0a		AKG Acoustics
+>1	byte			0x0b		Voyce
+>1	byte			0x0c		Waveframe
+# not ADA programming language
+#>1	byte			0x0d		ADA
+>1	byte			0x0d		ADA Signal Processors Inc.
+#>1	byte			0x0e		Garfield
+>1	byte			0x0e		Garfield Electronics
+>1	byte			0x0f		Ensoniq
+>1	byte			0x10		Oberheim
+>>2	byte			0x06		Matrix 6 series
+>>3	byte			0x0A		Dump (All)
+>>3	byte			0x01		Dump (Bank)
+>>4 belong			0x0002040E		Matrix 1000
+>>>11 byte			<2			User bank %d
+>>>11 byte			>1			Preset bank %d
+>1	byte			0x11		Apple
+>1	byte			0x12		GreyMatter
+>1	byte			0x14		PalmTree
+>1	byte			0x15		JLCooper
+>1	byte			0x16		Lowrey
+>1	byte			0x17		AdamsSmith
+>1	byte			0x18		E-mu
+#>1	byte			0x19		Harmony
+>1	byte			0x19		Harmony Systems
+>1	byte			0x1a		ART
+>1	byte			0x1b		Baldwin
+>1	byte			0x1c		Eventide
+>1	byte			0x1d		Inventronics
+>1	byte			0x1f		Clarity
+
+# European Group
+#>1	byte			0x21		SIEL
+>1	byte			0x21		Proel Labs (SIEL)
+>1	byte			0x22		Synthaxe
+>1	byte			0x24		Hohner
+>1	byte			0x25		Twister
+#>1	byte			0x26		Solton
+>1	byte			0x26		Ketron s.r.l.
+>1	byte			0x27		Jellinghaus
+>1	byte			0x28		Southworth
+>1	byte			0x29		PPG
+>1	byte			0x2a		JEN
+#>1	byte			0x2b		SSL
+>1	byte			0x2b		Solid State Logic Organ Systems
+#>1	byte			0x2c		AudioVertrieb
+>1	byte			0x2c		Audio Veritrieb-P. Struven
+
+>1	byte			0x2f		ELKA
+>>3	byte			0x09		EK-44
+
+>1	byte			0x30		Dynacord
+#>1	byte			0x31		Jomox
+>1	byte			0x31		Viscount International Spa
+>1	byte			0x33		Clavia
+>1	byte			0x39		Soundcraft
+# Some Waldorf info from http://Stromeko.Synth.net/Downloads#WaldorfDocs
+>1	byte			0x3e		Waldorf
+>>2	byte			0x00		microWave
+>>2	byte			0x0E		microwave2 / XT
+>>2	byte			0x0F		Q / Q+
+>>3	byte			=0			(default id)
+>>3 byte			>0			(
+>>>3 byte			<0x7F		\bdevice %d)
+>>>3 byte			=0x7F		\bbroadcast id)
+>>3	byte			0x7f		Microwave I
+>>>4	byte			0x00		SNDR (Sound Request)
+>>>4	byte			0x10		SNDD (Sound Dump)
+>>>4	byte			0x20		SNDP (Sound Parameter Change)
+>>>4	byte			0x30		SNDQ (Sound Parameter Inquiry)
+>>>4	byte			0x70		BOOT (Sound Reserved)
+>>>4	byte			0x01		MULR (Multi Request)
+>>>4	byte			0x11		MULD (Multi Dump)
+>>>4	byte			0x21		MULP (Multi Parameter Change)
+>>>4	byte			0x31		MULQ (Multi Parameter Inquiry)
+>>>4	byte			0x71		OS (Multi Reserved)
+>>>4	byte			0x02		DRMR (Drum Map Request)
+>>>4	byte			0x12		DRMD (Drum Map Dump)
+>>>4	byte			0x22		DRMP (Drum Map Parameter Change)
+>>>4	byte			0x32		DRMQ (Drum Map Parameter Inquiry)
+>>>4	byte			0x72		BIN (Drum Map Reserved)
+>>>4	byte			0x03		PATR (Sequencer Pattern Request)
+>>>4	byte			0x13		PATD (Sequencer Pattern Dump)
+>>>4	byte			0x23		PATP (Sequencer Pattern Parameter Change)
+>>>4	byte			0x33		PATQ (Sequencer Pattern Parameter Inquiry)
+>>>4	byte			0x73		AFM (Sequencer Pattern Reserved)
+>>>4	byte			0x04		GLBR (Global Parameter Request)
+>>>4	byte			0x14		GLBD (Global Parameter Dump)
+>>>4	byte			0x24		GLBP (Global Parameter Parameter Change)
+>>>4	byte			0x34		GLBQ (Global Parameter Parameter Inquiry)
+>>>4	byte			0x07		MODR (Mode Parameter Request)
+>>>4	byte			0x17		MODD (Mode Parameter Dump)
+>>>4	byte			0x27		MODP (Mode Parameter Parameter Change)
+>>>4	byte			0x37		MODQ (Mode Parameter Parameter Inquiry)
+>>2	byte			0x10		microQ
+>>>4	byte			0x00		SNDR (Sound Request)
+>>>4	byte			0x10		SNDD (Sound Dump)
+>>>4	byte			0x20		SNDP (Sound Parameter Change)
+>>>4	byte			0x30		SNDQ (Sound Parameter Inquiry)
+>>>4	byte			0x70		(Sound Reserved)
+>>>4	byte			0x01		MULR (Multi Request)
+>>>4	byte			0x11		MULD (Multi Dump)
+>>>4	byte			0x21		MULP (Multi Parameter Change)
+>>>4	byte			0x31		MULQ (Multi Parameter Inquiry)
+>>>4	byte			0x71		OS (Multi Reserved)
+>>>4	byte			0x02		DRMR (Drum Map Request)
+>>>4	byte			0x12		DRMD (Drum Map Dump)
+>>>4	byte			0x22		DRMP (Drum Map Parameter Change)
+>>>4	byte			0x32		DRMQ (Drum Map Parameter Inquiry)
+>>>4	byte			0x72		BIN (Drum Map Reserved)
+>>>4	byte			0x04		GLBR (Global Parameter Request)
+>>>4	byte			0x14		GLBD (Global Parameter Dump)
+>>>4	byte			0x24		GLBP (Global Parameter Parameter Change)
+>>>4	byte			0x34		GLBQ (Global Parameter Parameter Inquiry)
+>>2	byte			0x11		rackAttack
+>>>4	byte			0x00		SNDR (Sound Parameter Request)
+>>>4	byte			0x10		SNDD (Sound Parameter Dump)
+>>>4	byte			0x20		SNDP (Sound Parameter Parameter Change)
+>>>4	byte			0x30		SNDQ (Sound Parameter Parameter Inquiry)
+>>>4	byte			0x01		PRGR (Program Parameter Request)
+>>>4	byte			0x11		PRGD (Program Parameter Dump)
+>>>4	byte			0x21		PRGP (Program Parameter Parameter Change)
+>>>4	byte			0x31		PRGQ (Program Parameter Parameter Inquiry)
+>>>4	byte			0x71		OS (Program Parameter Reserved)
+>>>4	byte			0x03		PATR (Pattern Parameter Request)
+>>>4	byte			0x13		PATD (Pattern Parameter Dump)
+>>>4	byte			0x23		PATP (Pattern Parameter Parameter Change)
+>>>4	byte			0x33		PATQ (Pattern Parameter Parameter Inquiry)
+>>>4	byte			0x04		GLBR (Global Parameter Request)
+>>>4	byte			0x14		GLBD (Global Parameter Dump)
+>>>4	byte			0x24		GLBP (Global Parameter Parameter Change)
+>>>4	byte			0x34		GLBQ (Global Parameter Parameter Inquiry)
+>>>4	byte			0x05		EFXR (FX Parameter Request)
+>>>4	byte			0x15		EFXD (FX Parameter Dump)
+>>>4	byte			0x25		EFXP (FX Parameter Parameter Change)
+>>>4	byte			0x35		EFXQ (FX Parameter Parameter Inquiry)
+>>>4	byte			0x07		MODR (Mode Command Request)
+>>>4	byte			0x17		MODD (Mode Command Dump)
+>>>4	byte			0x27		MODP (Mode Command Parameter Change)
+>>>4	byte			0x37		MODQ (Mode Command Parameter Inquiry)
+>>2	byte			0x03		Wave
+>>>4	byte			0x00		SBPR (Soundprogram)
+>>>4	byte			0x01		SAPR (Performance)
+>>>4	byte			0x02		SWAVE (Wave)
+>>>4	byte			0x03		SWTBL (Wave control table)
+>>>4	byte			0x04		SVT (Velocity Curve)
+>>>4	byte			0x05		STT (Tuning Table)
+>>>4	byte			0x06		SGLB (Global Parameters)
+>>>4	byte			0x07		SARRMAP (Performance Program Change Map)
+>>>4	byte			0x08		SBPRMAP (Sound Program Change Map)
+>>>4	byte			0x09		SBPRPAR (Sound Parameter)
+>>>4	byte			0x0A		SARRPAR (Performance Parameter)
+>>>4	byte			0x0B		SINSPAR (Instrument/External Parameter)
+>>>4	byte			0x0F		SBULK (Bulk Switch on/off)
+
+# Japanese Group
+>1	byte			0x40		Kawai
+>>3	byte			0x20		K1
+>>3	byte			0x22		K4
+
+>1	byte			0x41		Roland
+>>3	byte			0x14		D-50
+>>3	byte			0x2b		U-220
+>>3	byte			0x02		TR-707
+
+>1	byte			0x42		Korg
+>>3	byte			0x19		M1
+
+>1	byte			0x43		Yamaha
+>1	byte			0x44		Casio
+>1	byte			0x46		Kamiya
+>1	byte			0x47		Akai
+#>1	byte			0x48		Victor
+>1	byte			0x48		Victor Company of Japan. Ltd.
+>1	byte			0x49		Mesosha
+>1	byte			0x4b		Fujitsu
+>1	byte			0x4c		Sony
+>1	byte			0x4e		Teac
+>1	byte			0x50		Matsushita
+>1	byte			0x51		Fostex
+#>1	byte			0x52		Zoom
+>1	byte			0x52		Zoom Corporation
+>1	byte			0x54		Matsushita
+>1	byte			0x57		Acoustic tech. lab.
+# https://www.midi.org/techspecs/manid.php
+>1	belong&0xffffff00	0x00007400	Ta Horng
+>1	belong&0xffffff00	0x00007500	e-Tek
+>1	belong&0xffffff00	0x00007600	E-Voice
+>1	belong&0xffffff00	0x00007700	Midisoft
+>1	belong&0xffffff00	0x00007800	Q-Sound
+>1	belong&0xffffff00	0x00007900	Westrex
+>1	belong&0xffffff00	0x00007a00	Nvidia*
+>1	belong&0xffffff00	0x00007b00	ESS
+>1	belong&0xffffff00	0x00007c00	Mediatrix
+>1	belong&0xffffff00	0x00007d00	Brooktree
+>1	belong&0xffffff00	0x00007e00	Otari
+>1	belong&0xffffff00	0x00007f00	Key Electronics
+>1	belong&0xffffff00	0x00010000	Shure
+>1	belong&0xffffff00	0x00010100	AuraSound
+>1	belong&0xffffff00	0x00010200	Crystal
+>1	belong&0xffffff00	0x00010300	Rockwell
+>1	belong&0xffffff00	0x00010400	Silicon Graphics
+>1	belong&0xffffff00	0x00010500	Midiman
+>1	belong&0xffffff00	0x00010600	PreSonus
+>1	belong&0xffffff00	0x00010800	Topaz
+>1	belong&0xffffff00	0x00010900	Cast Lightning
+>1	belong&0xffffff00	0x00010a00	Microsoft
+>1	belong&0xffffff00	0x00010b00	Sonic Foundry
+>1	belong&0xffffff00	0x00010c00	Line 6
+>1	belong&0xffffff00	0x00010d00	Beatnik Inc.
+>1	belong&0xffffff00	0x00010e00	Van Koerving
+>1	belong&0xffffff00	0x00010f00	Altech Systems
+>1	belong&0xffffff00	0x00011000	S & S Research
+>1	belong&0xffffff00	0x00011100	VLSI Technology
+>1	belong&0xffffff00	0x00011200	Chromatic
+>1	belong&0xffffff00	0x00011300	Sapphire
+>1	belong&0xffffff00	0x00011400	IDRC
+>1	belong&0xffffff00	0x00011500	Justonic Tuning
+>1	belong&0xffffff00	0x00011600	TorComp
+>1	belong&0xffffff00	0x00011700	Newtek Inc.
+>1	belong&0xffffff00	0x00011800	Sound Sculpture
+>1	belong&0xffffff00	0x00011900	Walker Technical
+>1	belong&0xffffff00	0x00011a00	Digital Harmony
+>1	belong&0xffffff00	0x00011b00	InVision
+>1	belong&0xffffff00	0x00011c00	T-Square
+>1	belong&0xffffff00	0x00011d00	Nemesys
+>1	belong&0xffffff00	0x00011e00	DBX
+>1	belong&0xffffff00	0x00011f00	Syndyne
+>1	belong&0xffffff00	0x00012000	Bitheadz
+>1	belong&0xffffff00	0x00012100	Cakewalk
+>1	belong&0xffffff00	0x00012200	Staccato
+>1	belong&0xffffff00	0x00012300	National Semicon.
+>1	belong&0xffffff00	0x00012400	Boom Theory
+>1	belong&0xffffff00	0x00012500	Virtual DSP Corp
+>1	belong&0xffffff00	0x00012600	Antares
+>1	belong&0xffffff00	0x00012700	Angel Software
+>1	belong&0xffffff00	0x00012800	St Louis Music
+>1	belong&0xffffff00	0x00012900	Lyrrus dba G-VOX
+>1	belong&0xffffff00	0x00012a00	Ashley Audio
+>1	belong&0xffffff00	0x00012b00	Vari-Lite
+>1	belong&0xffffff00	0x00012c00	Summit Audio
+>1	belong&0xffffff00	0x00012d00	Aureal Semicon.
+>1	belong&0xffffff00	0x00012e00	SeaSound
+>1	belong&0xffffff00	0x00012f00	U.S. Robotics
+>1	belong&0xffffff00	0x00013000	Aurisis
+>1	belong&0xffffff00	0x00013100	Nearfield Multimedia
+>1	belong&0xffffff00	0x00013200	FM7 Inc.
+>1	belong&0xffffff00	0x00013300	Swivel Systems
+>1	belong&0xffffff00	0x00013400	Hyperactive
+>1	belong&0xffffff00	0x00013500	MidiLite
+>1	belong&0xffffff00	0x00013600	Radical
+>1	belong&0xffffff00	0x00013700	Roger Linn
+>1	belong&0xffffff00	0x00013800	Helicon
+>1	belong&0xffffff00	0x00013900	Event
+>1	belong&0xffffff00	0x00013a00	Sonic Network
+>1	belong&0xffffff00	0x00013b00	Realtime Music
+>1	belong&0xffffff00	0x00013c00	Apogee Digital
+
+>1	belong&0xffffff00	0x00202b00	Medeli Electronics
+>1	belong&0xffffff00	0x00202c00	Charlie Lab
+>1	belong&0xffffff00	0x00202d00	Blue Chip Music
+>1	belong&0xffffff00	0x00202e00	BEE OH Corp
+>1	belong&0xffffff00	0x00202f00	LG Semicon America
+>1	belong&0xffffff00	0x00203000	TESI
+>1	belong&0xffffff00	0x00203100	EMAGIC
+>1	belong&0xffffff00	0x00203200	Behringer
+>1	belong&0xffffff00	0x00203300	Access Music
+>1	belong&0xffffff00	0x00203400	Synoptic
+>1	belong&0xffffff00	0x00203500	Hanmesoft Corp
+>1	belong&0xffffff00	0x00203600	Terratec
+>1	belong&0xffffff00	0x00203700	Proel SpA
+>1	belong&0xffffff00	0x00203800	IBK MIDI
+>1	belong&0xffffff00	0x00203900	IRCAM
+>1	belong&0xffffff00	0x00203a00	Propellerhead Software
+>1	belong&0xffffff00	0x00203b00	Red Sound Systems
+>1	belong&0xffffff00	0x00203c00	Electron ESI AB
+>1	belong&0xffffff00	0x00203d00	Sintefex Audio
+>1	belong&0xffffff00	0x00203e00	Music and More
+>1	belong&0xffffff00	0x00203f00	Amsaro
+>1	belong&0xffffff00	0x00204000	CDS Advanced Technology
+>1	belong&0xffffff00	0x00204100	Touched by Sound
+>1	belong&0xffffff00	0x00204200	DSP Arts
+>1	belong&0xffffff00	0x00204300	Phil Rees Music
+>1	belong&0xffffff00	0x00204400	Stamer Musikanlagen GmbH
+>1	belong&0xffffff00	0x00204500	Soundart
+>1	belong&0xffffff00	0x00204600	C-Mexx Software
+>1	belong&0xffffff00	0x00204700	Klavis Tech.
+>1	belong&0xffffff00	0x00204800	Noteheads AB
+
+# Update:	Joerg Jenderek; January 2022
+>1	byte			0x00		ID EXTENSIONS
+>1	byte			0x13		Digidesign Inc.
+>1	byte			0x1e		Key Concepts
+>1	byte			0x20		Passac
+>1	byte			0x23		Stepp
+>1	byte			0x2d		Neve
+>1	byte			0x2e		Soundtracs Ltd.
+>1	byte			0x32		Drawmer
+>1	byte			0x34		Audio Architecture
+>1	byte			0x35		Generalmusic Corp SpA
+>1	byte			0x36		Cheetah Marketing
+>1	byte			0x37		C.T.M.
+>1	byte			0x38		Simmons UK
+>1	byte			0x3a		Steinberg
+>1	byte			0x3b		Wersi GmbH
+>1	byte			0x3c		AVAB Niethammer AB
+>1	byte			0x3d		Digigram
+>1	byte			0x3f		Quasimidi
+#
+>1	byte			0x40		Kawai Musical Instruments MFG. CO. Ltd
+#>1	byte			0x45		foo
+#>1	byte			0x4a		foo
+#>1	byte			0x4d		foo
+#>1	byte			0x4f		foo
+#>1	byte			0x53		foo
+>1	byte			0x55		Suzuki Musical Instruments MFG. Co. Ltd.
+>1	byte			0x56		Fuji Sound Corporation Ltd.
+#>1	byte			0x58		foo
+>1	byte			0x59		Faith. Inc.
+>1	byte			0x5a		Internet Corporation
+#>1	byte			0x5b		foo
+>1	byte			0x5c		Seekers Co. Ltd.
+#>1	byte			0x5d		foo
+#>1	byte			0x5e		foo
+>1	byte			0x5f		SD Card Association
+# Reserved for other uses for 60H to 7FH
+# URL:		https://www.philscomputerlab.com/roland-midi-emulator-project-20.html
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/s/syx--midiemu.trid.xml
+# Note:         called by TrID "MIDI Emulator Project SysEx preset command"
+>1	byte			0x66		MIDI Emulator
+# https://electronicmusic.fandom.com/wiki/List_of_MIDI_Manufacturer_IDs
+# Educational, prototyping, test, private use and experimentation
+>1	byte			0x7D		PROTOTYPING
+# universal non-real-time (sample dump, tuning table, etc.)
+>1	byte			0x7E		UNIVERSAL
+# universal real time (MIDI time code, MIDI Machine control, etc.)
+>1	byte			0x7F		universal real time 
+# display information about End Of eXclusive byte (EOX=F7)
+#>2	ubyte			0xF7		\b, at 2 EOX
+#>3	ubyte			0xF7		\b, at 3 EOX
+# https://tttapa.github.io/Control-Surface-doc/new-input/Doxygen/d2/d93/SysEx-Send-Receive_8ino-example.html
+>4	ubyte			0xF7		\b, at 4 EOX
+# http://www.1manband.nl/tutorials2/sysex.htm
+>5	ubyte			0xF7		\b, at 5 EOX
+# http://www.somascape.org/midi/tech/mfile.html#sysex
+>6	ubyte			0xF7		\b, at 6 EOX
+#
+>7	ubyte			0xF7		\b, at 7 EOX
+# https://webmidijs.org/forum/discussion/34/how-to-send-or-receive-system-exclusive-messages
+>8	ubyte			0xF7		\b, at 8 EOX
+#
+>9	ubyte			0xF7		\b, at 9 EOX
+# https://www.chd-el.cz/wp-content/uploads/845010_syxcom.pdf
+>10	ubyte			0xF7		\b, at 10 EOX
+# https://stackoverflow.com/questions/52906076/handling-midi-the-input-of-multiple-system-exclusive-messages-in-vb
+>11	ubyte			0xF7		\b, at 11 EOX
+# https://www.2writers.com/eddie/TutSysEx.htm
+>12	ubyte			0xF7		\b, at 12 EOX
+>13	ubyte			0xF7		\b, at 13 EOX
+# http://www.chromakinetics.com/handsonic/rolSysEx.htm
+>14	ubyte			0xF7		\b, at 14 EOX
+#>15	ubyte			0xF7		\b, at 15 EOX
+
+0	string			T707		Roland TR-707 Data
diff --git a/magic/Magdir/tcl b/magic/Magdir/tcl
new file mode 100644
index 0000000..edc3ec4
--- /dev/null
+++ b/magic/Magdir/tcl
@@ -0,0 +1,29 @@
+#------------------------------------------------------------------------------
+# file:  file(1) magic for Tcl scripting language
+# URL:  https://www.tcl.tk/
+# From: gustaf neumann
+
+# Tcl scripts
+0	search/1/w	#!\ /usr/bin/tcl	Tcl script text executable
+!:mime	text/x-tcl
+0	search/1/w	#!\ /usr/local/bin/tcl	Tcl script text executable
+!:mime	text/x-tcl
+0	search/1	#!/usr/bin/env\ tcl	Tcl script text executable
+!:mime	text/x-tcl
+0	search/1	#!\ /usr/bin/env\ tcl	Tcl script text executable
+!:mime	text/x-tcl
+0	search/1/w	#!\ /usr/bin/wish	Tcl/Tk script text executable
+!:mime	text/x-tcl
+0	search/1/w	#!\ /usr/local/bin/wish	Tcl/Tk script text executable
+!:mime	text/x-tcl
+0	search/1	#!/usr/bin/env\ wish	Tcl/Tk script text executable
+!:mime	text/x-tcl
+0	search/1	#!\ /usr/bin/env\ wish	Tcl/Tk script text executable
+!:mime	text/x-tcl
+
+# check the first line
+0	search/1	package\ req
+>0	regex		\^package[\ \t]+req	Tcl script
+# not 'p', check other lines
+0	search/1	!p
+>0	regex		\^package[\ \t]+req	Tcl script
diff --git a/magic/Magdir/teapot b/magic/Magdir/teapot
new file mode 100644
index 0000000..b6577b6
--- /dev/null
+++ b/magic/Magdir/teapot
@@ -0,0 +1,6 @@
+
+#------------------------------------------------------------------------------
+# $File: teapot,v 1.4 2009/09/19 16:28:12 christos Exp $
+# teapot:  file(1) magic for "teapot" spreadsheet
+#
+0       string          #!teapot\012xdr      teapot work sheet (XDR format)
diff --git a/magic/Magdir/terminfo b/magic/Magdir/terminfo
new file mode 100644
index 0000000..41704eb
--- /dev/null
+++ b/magic/Magdir/terminfo
@@ -0,0 +1,63 @@
+
+#------------------------------------------------------------------------------
+# $File: terminfo,v 1.13 2022/11/21 22:25:37 christos Exp $
+# terminfo:  file(1) magic for terminfo
+#
+# URL: https://invisible-island.net/ncurses/man/term.5.html
+# URL: https://invisible-island.net/ncurses/man/scr_dump.5.html
+#
+# Workaround for Targa image type by Joerg Jenderek
+# GRR: line below too general as it catches also
+# Targa image type 1 with 26 long identification field
+# and HELP.DSK
+0	string		\032\001
+# 5th character of terminal name list, but not Targa image pixel size (15 16 24 32)
+>16	ubyte		>32
+# namelist, if more than 1 separated by "|" like "st|stterm| simpleterm 0.4.1"
+>>12	regex		\^[a-zA-Z0-9][a-zA-Z0-9.][^|]*	Compiled terminfo entry "%-s"
+!:mime	application/x-terminfo
+# no extension
+#!:ext
+#
+#------------------------------------------------------------------------------
+# The following was added for ncurses6 development:
+#------------------------------------------------------------------------------
+#
+0	string		\036\002
+# imitate the legacy compiled-format, to get the entry-name printed
+>16	ubyte		>32
+# namelist, if more than 1 separated by "|" like "st|stterm| simpleterm 0. 4.1"
+>>12	regex		\^[a-zA-Z0-9][a-zA-Z0-9.][^|]*	Compiled 32-bit terminfo entry "%-s"
+!:mime	application/x-terminfo2
+#
+# While the compiled terminfo uses little-endian format regardless of
+# platform, SystemV screen dumps do not.  They came later, and that detail was
+# overlooked.
+#
+# AIX and HPUX use the SVr4 big-endian format
+# Solaris uses the SVr3 formats (sparc and x86 differ endian-ness)
+0	beshort		0433 		SVr2 curses screen image, big-endian
+# GRR: line below too general as it catches Commodore C128 program (crc32.prg XLINK.PRG) with start address 1C01h handled by ./c64
+0	beshort		0434		SVr3 curses screen image, big-endian
+0	beshort		0435		SVr4 curses screen image, big-endian
+#
+0	leshort		0433		SVr2 curses screen image, little-endian
+0	leshort		0434		SVr3 curses screen image, little-endian
+0	leshort		0435		SVr4 curses screen image, little-endian
+#
+# Rather than SVr4, Solaris "xcurses" writes this header:
+0	regex		\^MAX=[0-9]+,[0-9]+$
+>1	regex		\^BEG=[0-9]+,[0-9]+$
+>2	regex		\^SCROLL=[0-9]+,[0-9]+$
+>3	regex		\^VMIN=[0-9]+$
+>4	regex		\^VTIME=[0-9]+$
+>5	regex		\^FLAGS=0x[[:xdigit:]]+$
+>6	regex		\^FG=[0-9],[0-9]+$
+>7	regex		\^BG=[0-9]+,[0-9]+,	Solaris xcurses screen image
+#
+# ncurses5 (and before) did not use a magic number, making screen dumps "data".
+# ncurses6 (2015) uses this format, ignoring byte-order
+0	string	\210\210\210\210ncurses	ncurses6 screen image
+#
+# PDCurses added this in 2005
+0	string		PDC\001		PDCurses screen image
diff --git a/magic/Magdir/tex b/magic/Magdir/tex
new file mode 100644
index 0000000..e66f8ff
--- /dev/null
+++ b/magic/Magdir/tex
@@ -0,0 +1,141 @@
+
+#------------------------------------------------------------------------------
+# $File: tex,v 1.22 2022/12/21 16:50:04 christos Exp $
+# tex:  file(1) magic for TeX files
+#
+# XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
+#
+# From <conklin@talisman.kaleida.com>
+
+# Although we may know the offset of certain text fields in TeX DVI
+# and font files, we can't use them reliably because they are not
+# zero terminated. [but we do anyway, christos]
+0	string		\367\002
+>(14.b+15)	string	\213
+>>14	pstring		>\0		TeX DVI file (%s)
+!:mime	application/x-dvi
+0	string		\367\203	TeX generic font data
+0	string		\367\131	TeX packed font data
+>3	string		>\0		(%s)
+0	string		\367\312
+>(2.b+11)	string	\363	TeX virtual font data
+0	search/1	This\ is\ TeX,	TeX transcript text
+0	search/1	This\ is\ METAFONT,	METAFONT transcript text
+
+# There is no way to detect TeX Font Metric (*.tfm) files without
+# breaking them apart and reading the data.  The following patterns
+# match most *.tfm files generated by METAFONT or afm2tfm.
+2	string		\000\021	TeX font metric data
+!:mime	application/x-tex-tfm
+>33	string		>\0		(%s)
+2	string		\000\022	TeX font metric data
+!:mime	application/x-tex-tfm
+>33	string		>\0		(%s)
+
+# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com)
+0	search/1	\\input\ texinfo	Texinfo source text
+!:mime	text/x-texinfo
+0	search/1	This\ is\ Info\ file	GNU Info text
+!:mime	text/x-info
+
+# TeX documents, from Daniel Quinlan (quinlan@yggdrasil.com)
+0	search/4096	\\input		TeX document text
+!:mime	text/x-tex
+!:strength + 15
+0	search/4096	\\begin		LaTeX document text
+!:mime	text/x-tex
+!:strength + 15
+0	search/4096	\\section	LaTeX document text
+!:mime	text/x-tex
+!:strength + 18
+0	search/4096	\\setlength	LaTeX document text
+!:mime	text/x-tex
+!:strength + 15
+0	search/4096	\\documentstyle	LaTeX document text
+!:mime	text/x-tex
+!:strength + 18
+0	search/4096	\\chapter	LaTeX document text
+!:mime	text/x-tex
+!:strength + 18
+0	search/4096	\\documentclass	LaTeX 2e document text
+!:mime	text/x-tex
+!:strength + 15
+0	search/4096	\\relax		LaTeX auxiliary file
+!:mime	text/x-tex
+!:strength + 15
+0	search/4096	\\contentsline	LaTeX table of contents
+!:mime	text/x-tex
+!:strength + 15
+0	search/4096	%\ -*-latex-*-	LaTeX document text
+!:mime	text/x-tex
+
+# Tex document, from Hendrik Scholz <hendrik@scholz.net>
+0   	search/1	\\ifx		TeX document text
+
+# Index and glossary files
+0	search/4096	\\indexentry	LaTeX raw index file
+0	search/4096	\\begin{theindex}	LaTeX sorted index
+0	search/4096	\\glossaryentry	LaTeX raw glossary
+0	search/4096	\\begin{theglossary}	LaTeX sorted glossary
+0	search/4096	This\ is\ makeindex	Makeindex log file
+
+# End of TeX
+
+#------------------------------------------------------------------------------
+# file(1) magic for BibTex text files
+# From Hendrik Scholz <hendrik@scholz.net>
+
+0	search/1/c	@article{	BibTeX text file
+0	search/1/c	@book{		BibTeX text file
+0	search/1/c	@inbook{	BibTeX text file
+0	search/1/c	@incollection{	BibTeX text file
+0	search/1/c	@inproceedings{	BibTeX text file
+0	search/1/c	@manual{	BibTeX text file
+0	search/1/c	@misc{		BibTeX text file
+0	search/1/c	@preamble{	BibTeX text file
+0	search/1/c	@phdthesis{	BibTeX text file
+0	search/1/c	@techreport{	BibTeX text file
+0	search/1/c	@unpublished{	BibTeX text file
+
+73	search/1	%%%\ \ 		BibTeX-file{ BibTex text file (with full header)
+
+73	search/1	%%%\ \ @BibTeX-style-file{   BibTeX style text file (with full header)
+
+0	search/1	%\ BibTeX\ standard\ bibliography\ 	BibTeX standard bibliography style text file
+
+0	search/1	%\ BibTeX\ `	BibTeX custom bibliography style text file
+
+0	search/1	@c\ @mapfile{	TeX font aliases text file
+
+0	string		#LyX		LyX document text
+
+# ConTeXt documents
+#	https://wiki.contextgarden.net/
+0	search/4096	\\setupcolors[		ConTeXt document text
+!:strength + 15
+0	search/4096	\\definecolor[		ConTeXt document text
+!:strength + 15
+0	search/4096	\\setupinteraction[	ConTeXt document text
+!:strength + 15
+0	search/4096	\\useURL[		ConTeXt document text
+!:strength + 15
+0	search/4096	\\setuppapersize[	ConTeXt document text
+!:strength + 15
+0	search/4096	\\setuplayout[		ConTeXt document text
+!:strength + 15
+0	search/4096	\\setupfooter[		ConTeXt document text
+!:strength + 15
+0	search/4096	\\setupfootertexts[	ConTeXt document text
+!:strength + 15
+0	search/4096	\\setuppagenumbering[	ConTeXt document text
+!:strength + 15
+0	search/4096	\\setupbodyfont[	ConTeXt document text
+!:strength + 15
+0	search/4096	\\setuphead[		ConTeXt document text
+!:strength + 15
+0	search/4096	\\setupitemize[		ConTeXt document text
+!:strength + 15
+0	search/4096	\\setupwhitespace[	ConTeXt document text
+!:strength + 15
+0	search/4096	\\setupindenting[	ConTeXt document text
+!:strength + 15
diff --git a/magic/Magdir/tgif b/magic/Magdir/tgif
new file mode 100644
index 0000000..e80b3a7
--- /dev/null
+++ b/magic/Magdir/tgif
@@ -0,0 +1,7 @@
+
+#------------------------------------------------------------------------------
+# $File: tgif,v 1.7 2010/09/20 19:03:46 rrt Exp $
+# file(1) magic for tgif(1) files
+# From Hendrik Scholz <hendrik@scholz.net>
+0	string	%TGIF\ 			Tgif file version
+>6	string	x			%s
diff --git a/magic/Magdir/ti-8x b/magic/Magdir/ti-8x
new file mode 100644
index 0000000..b05c5c9
--- /dev/null
+++ b/magic/Magdir/ti-8x
@@ -0,0 +1,239 @@
+
+#------------------------------------------------------------------------------
+# $File: ti-8x,v 1.8 2020/02/12 22:13:01 christos Exp $
+# ti-8x: file(1) magic for the TI-8x and TI-9x Graphing Calculators.
+#
+# From: Ryan McGuire (rmcguire@freenet.columbus.oh.us).
+#
+# Update: Romain Lievin (roms@lpg.ticalc.org).
+#
+# NOTE: This list is not complete.
+# Files for the TI-80 and TI-81 are pretty rare. I'm not going to put the
+# program/group magic numbers in here because I cannot find any.
+0		string		**TI80**	TI-80 Graphing Calculator File.
+0		string		**TI81**	TI-81 Graphing Calculator File.
+#
+# Magic Numbers for the TI-73
+#
+0		string		**TI73**	TI-73 Graphing Calculator
+>0x00003B	byte		0x00		(real number)
+>0x00003B	byte		0x01		(list)
+>0x00003B	byte		0x02		(matrix)
+>0x00003B	byte		0x03		(equation)
+>0x00003B	byte		0x04		(string)
+>0x00003B	byte		0x05		(program)
+>0x00003B	byte		0x06		(assembly program)
+>0x00003B	byte		0x07		(picture)
+>0x00003B	byte		0x08		(gdb)
+>0x00003B	byte		0x0C		(complex number)
+>0x00003B	byte		0x0F		(window settings)
+>0x00003B	byte		0x10		(zoom)
+>0x00003B	byte		0x11		(table setup)
+>0x00003B	byte		0x13		(backup)
+
+# Magic Numbers for the TI-82
+#
+0		string		**TI82**	TI-82 Graphing Calculator
+>0x00003B	byte		0x00		(real)
+>0x00003B	byte		0x01		(list)
+>0x00003B	byte		0x02		(matrix)
+>0x00003B	byte		0x03		(Y-variable)
+>0x00003B	byte		0x05		(program)
+>0x00003B	byte		0x06		(protected prgm)
+>0x00003B	byte		0x07		(picture)
+>0x00003B	byte		0x08		(gdb)
+>0x00003B	byte		0x0B		(window settings)
+>0x00003B	byte		0x0C		(window settings)
+>0x00003B	byte		0x0D		(table setup)
+>0x00003B	byte		0x0E		(screenshot)
+>0x00003B	byte		0x0F		(backup)
+#
+# Magic Numbers for the TI-83
+#
+0		string		**TI83**	TI-83 Graphing Calculator
+>0x00003B	byte		0x00		(real)
+>0x00003B	byte		0x01		(list)
+>0x00003B	byte		0x02		(matrix)
+>0x00003B	byte		0x03		(Y-variable)
+>0x00003B	byte		0x04		(string)
+>0x00003B	byte		0x05		(program)
+>0x00003B	byte		0x06		(protected prgm)
+>0x00003B	byte		0x07		(picture)
+>0x00003B	byte		0x08		(gdb)
+>0x00003B	byte		0x0B		(window settings)
+>0x00003B	byte		0x0C		(window settings)
+>0x00003B	byte		0x0D		(table setup)
+>0x00003B	byte		0x0E		(screenshot)
+>0x00003B	byte		0x13		(backup)
+#
+# Magic Numbers for the TI-83+
+#
+0		string		**TI83F*	TI-83+ Graphing Calculator
+>0x00003B	byte		0x00		(real number)
+>0x00003B	byte		0x01		(list)
+>0x00003B	byte		0x02		(matrix)
+>0x00003B	byte		0x03		(equation)
+>0x00003B	byte		0x04		(string)
+>0x00003B	byte		0x05		(program)
+>0x00003B	byte		0x06		(assembly program)
+>0x00003B	byte		0x07		(picture)
+>0x00003B	byte		0x08		(gdb)
+>0x00003B	byte		0x0C		(complex number)
+>0x00003B	byte		0x0F		(window settings)
+>0x00003B	byte		0x10		(zoom)
+>0x00003B	byte		0x11		(table setup)
+>0x00003B	byte		0x13		(backup)
+>0x00003B	byte		0x15		(application variable)
+>0x00003B	byte		0x17		(group of variable)
+
+#
+# Magic Numbers for the TI-85
+#
+0		string		**TI85**	TI-85 Graphing Calculator
+>0x00003B	byte		0x00		(real number)
+>0x00003B	byte		0x01		(complex number)
+>0x00003B	byte		0x02		(real vector)
+>0x00003B	byte		0x03		(complex vector)
+>0x00003B	byte		0x04		(real list)
+>0x00003B	byte		0x05		(complex list)
+>0x00003B	byte		0x06		(real matrix)
+>0x00003B	byte		0x07		(complex matrix)
+>0x00003B	byte		0x08		(real constant)
+>0x00003B	byte		0x09		(complex constant)
+>0x00003B	byte		0x0A		(equation)
+>0x00003B	byte		0x0C		(string)
+>0x00003B	byte		0x0D		(function GDB)
+>0x00003B	byte		0x0E		(polar GDB)
+>0x00003B	byte		0x0F		(parametric GDB)
+>0x00003B	byte		0x10		(diffeq GDB)
+>0x00003B	byte		0x11		(picture)
+>0x00003B	byte		0x12		(program)
+>0x00003B	byte		0x13		(range)
+>0x00003B	byte		0x17		(window settings)
+>0x00003B	byte		0x18		(window settings)
+>0x00003B	byte		0x19		(window settings)
+>0x00003B	byte		0x1A		(window settings)
+>0x00003B	byte		0x1B		(zoom)
+>0x00003B	byte		0x1D		(backup)
+>0x00003B	byte		0x1E		(unknown)
+>0x00003B	byte		0x2A		(equation)
+>0x000032	string		ZS4		- ZShell Version 4 File.
+>0x000032	string		ZS3		- ZShell Version 3 File.
+#
+# Magic Numbers for the TI-86
+#
+0		string		**TI86**	TI-86 Graphing Calculator
+>0x00003B	byte		0x00		(real number)
+>0x00003B	byte		0x01		(complex number)
+>0x00003B	byte		0x02		(real vector)
+>0x00003B	byte		0x03		(complex vector)
+>0x00003B	byte		0x04		(real list)
+>0x00003B	byte		0x05		(complex list)
+>0x00003B	byte		0x06		(real matrix)
+>0x00003B	byte		0x07		(complex matrix)
+>0x00003B	byte		0x08		(real constant)
+>0x00003B	byte		0x09		(complex constant)
+>0x00003B	byte		0x0A		(equation)
+>0x00003B	byte		0x0C		(string)
+>0x00003B	byte		0x0D		(function GDB)
+>0x00003B	byte		0x0E		(polar GDB)
+>0x00003B	byte		0x0F		(parametric GDB)
+>0x00003B	byte		0x10		(diffeq GDB)
+>0x00003B	byte		0x11		(picture)
+>0x00003B	byte		0x12		(program)
+>0x00003B	byte		0x13		(range)
+>0x00003B	byte		0x17		(window settings)
+>0x00003B	byte		0x18		(window settings)
+>0x00003B	byte		0x19		(window settings)
+>0x00003B	byte		0x1A		(window settings)
+>0x00003B	byte		0x1B		(zoom)
+>0x00003B	byte		0x1D		(backup)
+>0x00003B	byte		0x1E		(unknown)
+>0x00003B	byte		0x2A		(equation)
+#
+# Magic Numbers for the TI-89
+#
+0		string		**TI89**	TI-89 Graphing Calculator
+>0x000048	byte		0x00		(expression)
+>0x000048	byte		0x04		(list)
+>0x000048	byte		0x06		(matrix)
+>0x000048	byte		0x0A		(data)
+>0x000048	byte		0x0B		(text)
+>0x000048	byte		0x0C		(string)
+>0x000048	byte		0x0D		(graphic data base)
+>0x000048	byte		0x0E		(figure)
+>0x000048	byte		0x10		(picture)
+>0x000048	byte		0x12		(program)
+>0x000048	byte		0x13		(function)
+>0x000048	byte		0x14		(macro)
+>0x000048	byte		0x1C		(zipped)
+>0x000048	byte		0x21		(assembler)
+#
+# Magic Numbers for the TI-92
+#
+0		string		**TI92**	TI-92 Graphing Calculator
+>0x000048	byte		0x00		(expression)
+>0x000048	byte		0x04		(list)
+>0x000048	byte		0x06		(matrix)
+>0x000048	byte		0x0A		(data)
+>0x000048	byte		0x0B		(text)
+>0x000048	byte		0x0C		(string)
+>0x000048	byte		0x0D		(graphic data base)
+>0x000048	byte		0x0E		(figure)
+>0x000048	byte		0x10		(picture)
+>0x000048	byte		0x12		(program)
+>0x000048	byte		0x13		(function)
+>0x000048	byte		0x14		(macro)
+>0x000048	byte		0x1D		(backup)
+#
+# Magic Numbers for the TI-92+/V200
+#
+0		string		**TI92P*	TI-92+/V200 Graphing Calculator
+>0x000048	byte		0x00		(expression)
+>0x000048	byte		0x04		(list)
+>0x000048	byte		0x06		(matrix)
+>0x000048	byte		0x0A		(data)
+>0x000048	byte		0x0B		(text)
+>0x000048	byte		0x0C		(string)
+>0x000048	byte		0x0D		(graphic data base)
+>0x000048	byte		0x0E		(figure)
+>0x000048	byte		0x10		(picture)
+>0x000048	byte		0x12		(program)
+>0x000048	byte		0x13		(function)
+>0x000048	byte		0x14		(macro)
+>0x000048	byte		0x1C		(zipped)
+>0x000048	byte		0x21		(assembler)
+#
+# Magic Numbers for the TI-73/83+/89/92+/V200 FLASH upgrades
+#
+#0x0000016	string		Advanced	TI-XX Graphing Calculator (FLASH)
+0		string		**TIFL**	TI-XX Graphing Calculator (FLASH)
+>8		byte		>0		- Revision %d
+>>9 		byte		x		\b.%d,
+>12		byte		>0		Revision date %02x
+>>13		byte		x		\b/%02x
+>>14		beshort		x		\b/%04x,
+>17		string		>/0		name: '%s',
+>48		byte		0x74		device: TI-73,
+>48		byte		0x73		device: TI-83+,
+>48		byte		0x98		device: TI-89,
+>48		byte		0x88		device: TI-92+,
+>49		byte		0x23		type: OS upgrade,
+>49		byte		0x24		type: application,
+>49		byte		0x25		type: certificate,
+>49		byte		0x3e		type: license,
+>74		lelong		>0		size: %d bytes
+
+# VTi & TiEmu skins (TI Graphing Calculators).
+# From: Romain Lievin (roms@lpg.ticalc.org).
+# Magic Numbers for the VTi skins
+0               string          VTI		Virtual TI skin
+>3		string		v		- Version
+>>4		byte		>0		\b %c
+>>6		byte		x		\b.%c
+# Magic Numbers for the TiEmu skins
+0		string		TiEmu		TiEmu skin
+>6              string          v               - Version
+>>7             byte            >0              \b %c
+>>9             byte            x               \b.%c
+>>10		byte		x		\b%c
diff --git a/magic/Magdir/timezone b/magic/Magdir/timezone
new file mode 100644
index 0000000..84e9081
--- /dev/null
+++ b/magic/Magdir/timezone
@@ -0,0 +1,42 @@
+
+#------------------------------------------------------------------------------
+# $File: timezone,v 1.13 2021/07/21 17:57:20 christos Exp $
+# timezone:  file(1) magic for timezone data
+#
+# from Daniel Quinlan (quinlan@yggdrasil.com)
+# this should work on Linux, SunOS, and maybe others
+# Added new official magic number for recent versions of the Olson code
+0	name	timezone
+>4	byte	0	\b, old version
+>4	byte	>0	\b, version %c
+>20	belong	0	\b, no gmt time flags
+>20	belong	1	\b, 1 gmt time flag
+>20	belong	>1	\b, %d gmt time flags
+>24	belong	0	\b, no std time flags
+>24	belong	1	\b, 1 std time flag
+>24	belong	>1	\b, %d std time flags
+>28	belong	0	\b, no leap seconds
+>28	belong	1	\b, 1 leap second
+>28	belong  >1	\b, %d leap seconds
+>32	belong	0	\b, no transition times
+>32	belong	1	\b, 1 transition time
+>32	belong  >1	\b, %d transition times
+>36	belong	0	\b, no local time types
+>36	belong	1	\b, 1 local time type
+>36	belong	>1	\b, %d local time types
+>40	belong	0	\b, no abbreviation chars
+>40	belong	1	\b, 1 abbreviation char
+>40	belong	>1	\b, %d abbreviation chars
+
+0	string	TZif	timezone data 
+>51	string	TZif	\b(slim)
+>>51	use timezone
+>51	default x	\b(fat)
+>>0	use timezone
+
+0	string	\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1\0	old timezone data
+0	string	\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\2\0	old timezone data
+0	string  \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\3\0	old timezone data
+0	string	\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\4\0	old timezone data
+0	string	\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\5\0	old timezone data
+0	string	\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\6\0	old timezone data
diff --git a/magic/Magdir/tplink b/magic/Magdir/tplink
new file mode 100644
index 0000000..1b4ef0f
--- /dev/null
+++ b/magic/Magdir/tplink
@@ -0,0 +1,95 @@
+
+#------------------------------------------------------------------------------
+# $File: tplink,v 1.8 2023/05/15 16:41:02 christos Exp $
+# tplink: File magic for openwrt firmware files
+
+# URL: https://wiki.openwrt.org/doc/techref/header
+# Reference: https://git.openwrt.org/?p=openwrt.git;a=blob;f=tools/firmware-utils/src/mktplinkfw.c
+#		http://mark0.net/download/triddefs_xml.7z/defs/b/bin-tplink-v1.trid.xml
+# Note:		called "TP-Link router firmware (v1)" by TrID
+# From: Joerg Jenderek
+# check for valid header version 1 or 2
+0		ulelong		<3
+>0		ulelong		!0
+# test for header padding with nulls
+>>0x100		long		0
+# skip Norton Commander Cleanup Utility NCCLEAN.INI by looking for valid vendor name
+>>>4		ubelong		>0x1F000000
+# skip user.dbt by looking for positive hardware id
+>>>>0x40	ubeshort	>0
+# skip cversions.1.db cversions.2.db cversions.3.db inside
+# c:\ProgramData\Microsoft\Windows\Caches
+# with invalid vendor names \240\0\0\0 \140\0\0\0 \040\0\0\0 
+>>>>>5		short		!0
+>>>>>>0		use		firmware-tplink
+
+0		name		firmware-tplink
+>0		ubyte		x		firmware
+!:mime application/x-tplink-bin
+# like: TL-WR1043ND-V1-FW0.0.3-stripped.bin gluon-ffrefugee-0.9.2-tp-link-archer-c5-v1-sysupgrade.bin
+!:ext	bin
+# hardware id like 10430001 07410001 09410004 09410006
+>0x40		ubeshort	x		%x
+>0x42		ubeshort	x		v%x
+# hardware revision like 1
+>0x44		ubelong		!1		(revision %u)
+# vendor_name[24] like OpenWrt or TP-LINK Technologies
+>4		string		x		%.24s
+# fw_version[36] like r49389 or ver. 1.0
+>0x1c		string		x		%.36s
+# header version 1 or 2
+>0		ubyte		!1		V%X
+# ver_hi.ver_mid.ver_lo
+>0x98		long		!0		\b, version
+>>0x98		ubeshort	x		%u
+>>0x9A		ubeshort	x		\b.%u
+>>0x9C		ubeshort	x		\b.%u
+# region code 0~universal 1~US
+>0x48		ubelong		x
+#>>0x48		ubelong		0		(universal)
+>>0x48		ubelong		1		(US)
+>>0x48		ubelong		>1		(region %u)
+# total length of the firmware. not always true
+>0x7C		ubelong		x		\b, %u bytes or less
+# unknown 1
+>0x48		ubelong		!0		\b, UNKNOWN1 %#x
+# md5sum1[16]
+#>0x4c		ubequad		x		\b, MD5 %llx
+#>>0x54		ubequad		x		\b%llx
+# unknown 2
+>0x5c		ubelong		!0		\b, UNKNOWN2 %#x
+# md5sum2[16]
+#>0x60		ubequad		!0		\b, 2nd MD5 %llx
+#>>0x68		ubequad		x		\b%llx
+# unknown 3
+>0x70		ubelong		!0		\b, UNKNOWN3 %#x
+# kernel load address
+#>0x74		ubelong		x		\b, %#x load
+# kernel entry point
+#>0x78		ubelong		x		\b, %#x entry
+# kernel data offset. 200h means direct after header
+>0x80		ubelong		x		\b, at %#x
+# kernel data length and 1 space
+>0x84		ubelong		x		%u bytes 
+# look for kernel type (gzip compressed vmlinux.bin by ./compress)
+>(0x80.L)	indirect	x
+# root file system data offset
+# WRONG in 5.35 with above indirect expression
+>0x88		ubelong		x		\b, at %#x
+# rootfs data length and 1 space
+>0x8C		ubelong		x		%u bytes 
+# in 5.32 only true for offset ~< FILE_BYTES_MAX=9 MB defined in ../../src/file.h 
+>(0x88.L)	indirect	x
+# 'qshs' for wr940nv1_en_3_13_7_up(111228).bin
+#>(0x88.L)	string		x		\b, file system '%.4s'
+#>(0x88.L)	ubequad		x		\b, file system %#llx
+# bootloader data offset
+>0x90		ubelong		!0		\b, at %#x
+# bootloader data length only reasonable if bootloader offset not null
+>>0x94		ubelong		!0		%u bytes
+# pad[354] should be 354 null bytes.
+#>0x9E		ubequad		!0		\b, padding %#llx
+# But at 0x120 18 non null bytes in examples like
+# wr940nv4_eu_3_16_9_up_boot(160620).bin
+# wr940nv6_us_3_18_1_up_boot(171030).bin
+#>0x120		ubequad		!0		\b, other padding %#llx
diff --git a/magic/Magdir/troff b/magic/Magdir/troff
new file mode 100644
index 0000000..301a40b
--- /dev/null
+++ b/magic/Magdir/troff
@@ -0,0 +1,44 @@
+
+#------------------------------------------------------------------------------
+# $File: troff,v 1.14 2023/06/01 16:00:46 christos Exp $
+# troff:  file(1) magic for *roff
+#
+# updated by Daniel Quinlan (quinlan@yggdrasil.com)
+
+# troff input
+0	search/1	.\\"		troff or preprocessor input text
+!:strength +12
+!:mime	text/troff
+0	search/1	'\\"		troff or preprocessor input text
+!:strength +12
+!:mime	text/troff
+0	search/1	'.\\"		troff or preprocessor input text
+!:strength +12
+!:mime	text/troff
+0	search/1	\\"		troff or preprocessor input text
+!:strength +12
+!:mime	text/troff
+#0	search/1	'''		troff or preprocessor input text
+#!:mime	text/troff
+0	regex/20l	\^\\.[A-Za-z][A-Za-z0-9][\ \t]	troff or preprocessor input text
+!:strength +12
+!:mime	text/troff
+0	regex/20l	\^\\.[A-Za-z][A-Za-z0-9]$	troff or preprocessor input text
+!:strength +12
+!:mime	text/troff
+
+# ditroff intermediate output text
+0	search/1	x\ T		ditroff output text
+>4	search/1	cat		for the C/A/T phototypesetter
+>4	search/1	ps		for PostScript
+>4	search/1	dvi		for DVI
+>4	search/1	ascii		for ASCII
+>4	search/1	lj4		for LaserJet 4
+>4	search/1	latin1		for ISO 8859-1 (Latin 1)
+>4	search/1	X75		for xditview at 75dpi
+>>7	search/1	-12		(12pt)
+>4	search/1	X100		for xditview at 100dpi
+>>8	search/1	-12		(12pt)
+
+# output data formats
+0	string		\100\357	very old (C/A/T) troff output data
diff --git a/magic/Magdir/tuxedo b/magic/Magdir/tuxedo
new file mode 100644
index 0000000..191501d
--- /dev/null
+++ b/magic/Magdir/tuxedo
@@ -0,0 +1,8 @@
+
+#------------------------------------------------------------------------------
+# $File: tuxedo,v 1.4 2009/09/19 16:28:13 christos Exp $
+# tuxedo:	file(1) magic for BEA TUXEDO data files
+#
+# from Ian Springer <ispringer@hotmail.com>
+#
+0	string		\0\0\1\236\0\0\0\0\0\0\0\0\0\0\0\0	BEA TUXEDO DES mask data
diff --git a/magic/Magdir/typeset b/magic/Magdir/typeset
new file mode 100644
index 0000000..e99fe37
--- /dev/null
+++ b/magic/Magdir/typeset
@@ -0,0 +1,8 @@
+
+#------------------------------------------------------------------------------
+# $File: typeset,v 1.8 2009/09/19 16:28:13 christos Exp $
+# typeset:  file(1) magic for other typesetting
+#
+0	string		Interpress/Xerox	Xerox InterPress data
+>16	string		/			(version
+>>17	string		>\0			%s)
diff --git a/magic/Magdir/uf2 b/magic/Magdir/uf2
new file mode 100644
index 0000000..49a86d7
--- /dev/null
+++ b/magic/Magdir/uf2
@@ -0,0 +1,72 @@
+
+#------------------------------------------------------------------------------
+# $File: uf2,v 1.3 2021/04/28 01:00:31 christos Exp $
+# uf2:  file(1) magic for UF2 firmware image files
+#
+# https://github.com/microsoft/uf2
+#
+# Created by Blake Ramsdell <blaker@gmail.com>
+
+0	string	UF2\n		UF2 firmware image
+!:ext uf2
+# This is for checking the other magic numbers, do we want to do that?
+#>4	lelong	0x9E5D5157	howdy
+#>>508	lelong	0x0AB16F30	doody
+>8	lelong	&0x0001		\b, not main flash
+>8	lelong	&0x1000		\b, file container
+>8	lelong	&0x2000		\b, family
+
+# To update the UF2 family data, use this fine command
+#
+# families=`curl \
+# https://raw.githubusercontent.com/microsoft/uf2/master/utils/uf2families.json \
+# | jq -r '.[] | ">>28\tlelong\t\(.id)\t\(.description)"' | sort -n -k 3` && \
+# perl -0777 -i -pe \
+# "s/(### BEGIN UF2 FAMILIES\\n).*(\\n### END UF2 FAMILIES)/\$1$families\$2/s" \
+# uf2
+
+### BEGIN UF2 FAMILIES
+>>28	lelong	0x00ff6919	ST STM32L4xx
+>>28	lelong	0x04240bdf	ST STM32L5xx
+>>28	lelong	0x16573617	Microchip (Atmel) ATmega32
+>>28	lelong	0x1851780a	Microchip (Atmel) SAML21
+>>28	lelong	0x1b57745f	Nordic NRF52
+>>28	lelong	0x1c5f21b0	ESP32
+>>28	lelong	0x1e1f432d	ST STM32L1xx
+>>28	lelong	0x202e3a91	ST STM32L0xx
+>>28	lelong	0x21460ff0	ST STM32WLxx
+>>28	lelong	0x2abc77ec	NXP LPC55xx
+>>28	lelong	0x300f5633	ST STM32G0xx
+>>28	lelong	0x31d228c6	GD32F350
+>>28	lelong	0x4c71240a	ST STM32G4xx
+>>28	lelong	0x4fb2d5bd	NXP i.MX RT10XX
+>>28	lelong	0x53b80f00	ST STM32F7xx
+>>28	lelong	0x55114460	Microchip (Atmel) SAMD51
+>>28	lelong	0x57755a57	ST STM32F401
+>>28	lelong	0x5a18069b	Cypress FX2
+>>28	lelong	0x5d1a0a2e	ST STM32F2xx
+>>28	lelong	0x5ee21072	ST STM32F103
+>>28	lelong	0x647824b6	ST STM32F0xx
+>>28	lelong	0x68ed2b88	Microchip (Atmel) SAMD21
+>>28	lelong	0x6b846188	ST STM32F3xx
+>>28	lelong	0x6d0922fa	ST STM32F407
+>>28	lelong	0x6db66082	ST STM32H7xx
+>>28	lelong	0x70d16653	ST STM32WBxx
+>>28	lelong	0x7eab61ed	ESP8266
+>>28	lelong	0x7f83e793	NXP KL32L2x
+>>28	lelong	0x8fb060fe	ST STM32F407VG
+>>28	lelong	0xada52840	Nordic NRF52840
+>>28	lelong	0xbfdd4eee	ESP32-S2
+>>28	lelong	0xc47e5767	ESP32-S3
+>>28	lelong	0xd42ba06c	ESP32-C3
+>>28	lelong	0xe48bff56	Raspberry Pi RP2040
+### END UF2 FAMILIES
+
+>>28	default	x
+>>>28	lelong	x		%#08x
+>8	lelong&0x2000	0	\b, file size
+>>28	lelong	x		%#08x
+>8	lelong	&0x4000		\b, MD5 checksum present
+>8	lelong	&0x8000		\b, extension tags present
+>12	lelong	x 		\b, address %#08x
+>24	lelong	x		\b, %u total blocks
diff --git a/magic/Magdir/unicode b/magic/Magdir/unicode
new file mode 100644
index 0000000..7ca61ba
--- /dev/null
+++ b/magic/Magdir/unicode
@@ -0,0 +1,15 @@
+
+#------------------------------------------------------------------------------
+# $File: unicode,v 1.7 2019/02/19 20:34:42 christos Exp $
+# Unicode:  BOM prefixed text files - Adrian Havill <havill@turbolinux.co.jp>
+# These types are recognised in file_ascmagic so these encodings can be
+# treated by text patterns.  Missing types are already dealt with internally.
+#
+0	string	+/v8			Unicode text, UTF-7
+0	string	+/v9			Unicode text, UTF-7
+0	string	+/v+			Unicode text, UTF-7
+0	string	+/v/			Unicode text, UTF-7
+0	string	\335\163\146\163	Unicode text, UTF-8-EBCDIC
+0	string	\000\000\376\377	Unicode text, UTF-32, big-endian
+0	string	\377\376\000\000	Unicode text, UTF-32, little-endian
+0	string	\016\376\377		Unicode text, SCSU (Standard Compression Scheme for Unicode)
diff --git a/magic/Magdir/unisig b/magic/Magdir/unisig
new file mode 100644
index 0000000..6212c38
--- /dev/null
+++ b/magic/Magdir/unisig
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: unisig,v 1.1 2020/04/09 19:05:44 christos Exp $
+# unisig:  file(1) magic for files carrying a uniform signature (Unisig)
+# From: Lassi Kortela, John Cowan
+# URL:	https://github.com/unisig
+#
+0	string	\xDC\xDC\x0D\x0A\x1A\x0A\x00	Unisig:
+>7	ubyte	=0				UUID
+>>8	guid	x				%s
+>7	ubyte	>0				URI
+>>7	pstring x				%s
diff --git a/magic/Magdir/unknown b/magic/Magdir/unknown
new file mode 100644
index 0000000..578a8ea
--- /dev/null
+++ b/magic/Magdir/unknown
@@ -0,0 +1,34 @@
+
+#------------------------------------------------------------------------------
+# $File: unknown,v 1.8 2013/01/09 22:37:24 christos Exp $
+# unknown:  file(1) magic for unknown machines
+#
+# 0x107 is 0407, 0x108 is 0410, and 0x109 is 0411; those are all PDP-11
+# (executable, pure, and split I&D, respectively), but the PDP-11 version
+# doesn't have the "version %ld", which may be a bogus COFFism (I don't
+# think there was ever COFF for the PDP-11).
+#
+# 0x10B is 0413; that's VAX demand-paged, but this is a short, not a
+# long, as it would be on a VAX.  In any case, that could collide with
+# VAX demand-paged files, as the magic number is little-endian on those
+# binaries, so the first 16 bits of the file would contain 0x10B.
+#
+# Therefore, those entries are commented out.
+#
+# 0x10C is 0414 and 0x10E is 0416; those *are* unknown.
+#
+#0	short		0x107		unknown machine executable
+#>8	short		>0		not stripped
+#>15	byte		>0		- version %ld
+#0	short		0x108		unknown pure executable
+#>8	short		>0		not stripped
+#>15	byte		>0		- version %ld
+#0	short		0x109		PDP-11 separate I&D
+#>8	short		>0		not stripped
+#>15	byte		>0		- version %ld
+#0	short		0x10b		unknown pure executable
+#>8	short		>0		not stripped
+#>15	byte		>0		- version %ld
+0	long		0x10c		unknown demand paged pure executable
+>16	long		>0		not stripped
+0	long		0x10e		unknown readable demand paged pure executable
diff --git a/magic/Magdir/usd b/magic/Magdir/usd
new file mode 100644
index 0000000..356cdf7
--- /dev/null
+++ b/magic/Magdir/usd
@@ -0,0 +1,21 @@
+
+#------------------------------------------------------------------------------
+# $File: usd,v 1.2 2020/05/21 22:17:00 christos Exp $
+#
+# From Christian Schmidbauer
+#
+# https://github.com/PixarAnimationStudios/USD
+
+# USD crate file
+# https://github.com/PixarAnimationStudios/USD/blob/ebac0a8b6703f4fa1c27115f1f013bb9819662f4/pxr/usd/usd/crateFile.h#L441-L450
+0	string		PXR-USDC	USD crate
+>8	byte		x		\b, version %x.
+>9	byte		x		\b%x.
+>10	byte		x		\b%x
+!:ext	usd
+
+# USD ASCII file
+0	string		#usda\040	USD ASCII
+>6	string		x		\b, version %s
+!:mime	text/plain
+!:ext	usd
diff --git a/magic/Magdir/uterus b/magic/Magdir/uterus
new file mode 100644
index 0000000..4b9e768
--- /dev/null
+++ b/magic/Magdir/uterus
@@ -0,0 +1,16 @@
+
+#------------------------------------------------------------------------------
+# $File: uterus,v 1.4 2022/10/31 13:22:26 christos Exp $
+# file(1) magic for uterus files
+# http://freecode.com/projects/uterus
+#
+0	string		UTE+	uterus file
+>4	string		v	\b, version
+>5	byte		x	%c
+>6	string		.	\b.
+>7	byte		x	\b%c
+>8	string		\<\>	\b, big-endian
+>>16	belong		>0	\b, slut size %u
+>8	string		\>\<	\b, little-endian
+>>16	lelong		>0	\b, slut size %u
+>10	byte		&8	\b, compressed
diff --git a/magic/Magdir/uuencode b/magic/Magdir/uuencode
new file mode 100644
index 0000000..df70dc5
--- /dev/null
+++ b/magic/Magdir/uuencode
@@ -0,0 +1,28 @@
+
+#------------------------------------------------------------------------------
+# $File: uuencode,v 1.9 2021/11/13 17:48:10 christos Exp $
+# uuencode:  file(1) magic for ASCII-encoded files
+#
+
+# The first line of xxencoded files is identical to that in uuencoded files,
+# but the first character in most subsequent lines is 'h' instead of 'M'.
+# (xxencoding uses lowercase letters in place of most of uuencode's
+# punctuation and survives BITNET gateways better.)
+0		regex/1024	\^begin\040[0-7]{3}\040
+>&0		regex/256	[\012\015]+M[\040-\140]{60}[\012\015]+				uuencoded text
+>&0		regex/256	[\012\015]+h[0-9A-Za-z\053\055]{60}[\012\015]+		xxencoded text
+>&0		default		x													uuencoded or xxencoded text
+>&0		string		>\0													\b, file name "%s"
+
+# btoa(1) is an alternative to uuencode that requires less space.
+0	search/1	xbtoa\ Begin	btoa'd text
+
+# ship(1) is another, much cooler alternative to uuencode.
+# Greg Roelofs, newt@uchicago.edu
+0	search/1	$\012ship	ship'd binary text
+
+# bencode(8) is used to encode compressed news batches (Bnews/Cnews only?)
+# Greg Roelofs, newt@uchicago.edu
+0	search/1	Decode\ the\ following\ with\ bdeco	bencoded News text
+
+# GRR: handle BASE64
diff --git a/magic/Magdir/vacuum-cleaner b/magic/Magdir/vacuum-cleaner
new file mode 100644
index 0000000..eef78f2
--- /dev/null
+++ b/magic/Magdir/vacuum-cleaner
@@ -0,0 +1,54 @@
+
+#------------------------------------------------------------------------------
+# $File: vacuum-cleaner,v 1.1 2015/11/14 13:38:35 christos Exp $
+# vacuum cleaner magic by Thomas M. Ott (ThMO)
+#
+# navigation map for LG robot vacuum cleaner models VR62xx, VR64xx, VR63xx
+# file: MAPDATAyyyymmddhhmmss_xxxxxx_cc.blk
+# -> yyyymmdd: year, month, day of cleaning
+# -> hhmmss: hour, minute, second of cleaning
+# -> xxxxxx: 6 digits
+# -> cc: cleaning runs counter
+# size: 136044 bytes
+#
+# struct maphdr {
+#     int32_t  map_cnt;	     /*  0: single map */
+#     int32_t  min_ceil;     /*  4: 100 mm == 10 cm == min. ceil */
+#     int32_t  max_ceil;     /*  8: 10000 mm == 100 m == max. ceil */
+#     int32_t  max_climb;    /* 12: 50 mm = 5 cm == max. height to climb */
+#     int32_t  unknown;	     /* 16: 50000 ??? */
+#     int32_t  cell_bytes;   /* 20: # of bytes for cells per block */
+#     int32_t  block_max;    /* 24: 1000 == max. # of blocks */
+#     int32_t  route_max;    /* 28: 1000 == max. # of routes */
+#     int32_t  used_blocks;  /* 32: 5/45/33/... == # of block entries used! */
+#     int32_t  cell_dim;     /* 36: 10 == cell dimension */
+#     int32_t  clock_tick;   /* 40: 100 == clock ticks */
+# #if	0
+#     struct {		     /* 44: 1000 blocks for 10x10 cells */
+#         int32_t  yoffset;
+#         int32_t  xoffset;
+#         int32_t  posxy;
+#         int32_t  timecode;
+#       }      blocks[ 1000];
+#     char     cells[ 1000* 100]; /* 16044: 1000 10x10 cells */
+#     int16_t  routes[ 1000* 10]; /* 116044: 1000 10-routes */
+# #endif
+#   };
+
+0                lelong =1
+>4               lelong =100
+>>8              lelong =10000
+>>>12            lelong =50
+>>>>16           lelong =50000
+>>>>>20          lelong =100
+>>>>>>24         lelong =1000
+>>>>>>>28        lelong =1000
+>>>>>>>>36       lelong =10
+>>>>>>>>>40      lelong =100
+>>>>>>>>>>32     lelong x       LG robot VR6[234]xx %dm^2 navigation
+>>>>>>>>>>136040 lelong =-1     reuse map data
+>>>>>>>>>>136040 lelong =0      map data
+>>>>>>>>>>136040 lelong >0      spurious map data
+>>>>>>>>>>136040 lelong <-1     spurious map data
+
+
diff --git a/magic/Magdir/varied.out b/magic/Magdir/varied.out
new file mode 100644
index 0000000..01caf07
--- /dev/null
+++ b/magic/Magdir/varied.out
@@ -0,0 +1,46 @@
+
+#------------------------------------------------------------------------------
+# $File: varied.out,v 1.23 2014/04/30 21:41:02 christos Exp $
+# varied.out:  file(1) magic for various USG systems
+#
+#	Herewith many of the object file formats used by USG systems.
+#	Most have been moved to files for a particular processor,
+#	and deleted if they duplicate other entries.
+#
+0	short		0610		Perkin-Elmer executable
+# AMD 29K
+0	beshort		0572		amd 29k coff noprebar executable
+0	beshort		01572		amd 29k coff prebar executable
+0	beshort		0160007		amd 29k coff archive
+# Cray
+6	beshort		0407		unicos (cray) executable
+# Ultrix 4.3
+596	string		\130\337\377\377	Ultrix core file
+>600	string		>\0		from '%s'
+# BeOS and MAcOS PEF executables
+# From: hplus@zilker.net (Jon Watte)
+0	string		Joy!peffpwpc	header for PowerPC PEF executable
+#
+# ava assembler/linker Uros Platise <uros.platise@ijs.si>
+0       string          avaobj  AVR assembler object code
+>7      string          >\0     version '%s'
+# gnu gmon magic From: Eugen Dedu <dedu@ese-metz.fr>
+0	string		gmon		GNU prof performance data
+>4	long		x		- version %d
+# From: Dave Pearson <davep@davep.org>
+# Harbour <URL:http://harbour-project.org/> HRB files.
+0	string		\xc0HRB		Harbour HRB file
+>4	leshort		x		version %d
+# Harbour HBV files
+0	string		\xc0HBV		Harbour variable dump file
+>4	leshort		x		version %d
+
+# From: Alex Beregszaszi <alex@fsn.hu>
+# 0	string		exec 		BugOS executable
+# 0	string		pack		BugOS archive
+
+# From: Jason Spence <jspence@lightconsulting.com>
+# Generated by the "examples" in STM's ST40 devkit, and derived code.
+0	lelong		0x13a9f17e	ST40 component image format
+>4	string		>\0		\b, name '%s'
+
diff --git a/magic/Magdir/varied.script b/magic/Magdir/varied.script
new file mode 100644
index 0000000..74b1b22
--- /dev/null
+++ b/magic/Magdir/varied.script
@@ -0,0 +1,21 @@
+#------------------------------------------------------------------------------
+# $File: varied.script,v 1.15 2022/10/18 13:01:30 christos Exp $
+# varied.script:  file(1) magic for various interpreter scripts
+
+0	string/wt	#!\ 	a
+>&-1	string/T	x	%s script text executable
+!:strength / 3
+
+0	string/wb	#!\ 	a
+>&-1	string/T	x	%s script executable (binary data)
+!:strength / 3
+
+
+# using env
+0	string/wt	#!\ /usr/bin/env		a
+>15	string/T	>\0			%s script text executable
+!:strength / 6
+
+0	string/wb	#!\ /usr/bin/env		a
+>15	string/T	>\0			%s script executable (binary data)
+!:strength / 6
diff --git a/magic/Magdir/vax b/magic/Magdir/vax
new file mode 100644
index 0000000..f3deffa
--- /dev/null
+++ b/magic/Magdir/vax
@@ -0,0 +1,32 @@
+
+#------------------------------------------------------------------------------
+# $File: vax,v 1.10 2019/10/04 18:07:46 christos Exp $
+# vax:  file(1) magic for VAX executable/object and APL workspace
+#
+0	lelong		0101557		VAX single precision APL workspace
+0	lelong		0101556		VAX double precision APL workspace
+
+#
+# VAX a.out (BSD; others collide with 386 and other 32-bit little-endian
+# executables, and are handled in aout)
+#
+0	lelong		0420		a.out VAX demand paged (first page unmapped) pure executable
+>16	lelong		>0		not stripped
+
+#
+# VAX COFF
+#
+# The `versions' were commented out, but have been un-commented out.
+# (Was the problem just one of endianness?)
+#
+0	leshort		0570
+>2	uleshort	<100		VAX COFF executable, sections %d
+>>4	ledate		x		\b, created %s
+>>12	lelong		>0		\b, not stripped
+>>22	leshort		>0		\b, version %d
+
+0	leshort		0575
+>2	uleshort	<100		VAX COFF pure executable, sections %d
+>>4	ledate		x		\b, created %s
+>>12	lelong		>0		\b, not stripped
+>>22	leshort		>0		\b, version %d
diff --git a/magic/Magdir/vicar b/magic/Magdir/vicar
new file mode 100644
index 0000000..59d843d
--- /dev/null
+++ b/magic/Magdir/vicar
@@ -0,0 +1,17 @@
+
+#------------------------------------------------------------------------------
+# $File: vicar,v 1.4 2009/09/19 16:28:13 christos Exp $
+# vicar:  file(1) magic for VICAR files.
+#
+# From: Ossama Othman <othman@astrosun.tn.cornell.edu
+# VICAR is JPL's in-house spacecraft image processing program
+# VICAR image
+0	string	LBLSIZE=	VICAR image data
+>32	string	BYTE		\b, 8 bits  = VAX byte
+>32	string	HALF		\b, 16 bits = VAX word     = Fortran INTEGER*2
+>32	string	FULL		\b, 32 bits = VAX longword = Fortran INTEGER*4
+>32	string	REAL		\b, 32 bits = VAX longword = Fortran REAL*4
+>32	string	DOUB		\b, 64 bits = VAX quadword = Fortran REAL*8
+>32	string	COMPLEX		\b, 64 bits = VAX quadword = Fortran COMPLEX*8
+# VICAR label file
+43	string	SFDU_LABEL	VICAR label file
diff --git a/magic/Magdir/virtual b/magic/Magdir/virtual
new file mode 100644
index 0000000..3372020
--- /dev/null
+++ b/magic/Magdir/virtual
@@ -0,0 +1,307 @@
+
+#------------------------------------------------------------------------------
+# $File: virtual,v 1.17 2022/08/23 08:00:54 christos Exp $
+# From: James Nobis <quel@quelrod.net>
+# Microsoft hard disk images for:
+# Virtual Server
+# Virtual PC
+# VirtualBox
+# URL: http://fileformats.archiveteam.org/wiki/VHD_(Virtual_Hard_Disk)
+# Reference: https://download.microsoft.com/download/f/f/e/ffef50a5-07dd-4cf8-aaa3-442c0673a029/
+# Virtual%20Hard%20Disk%20Format%20Spec_10_18_06.doc
+0	string	conectix	Microsoft Disk Image, Virtual Server or Virtual PC
+# alternative shorter names
+#0	string	conectix	Microsoft Virtual Hard Disk image
+#0	string	conectix	Microsoft Virtual HD image
+!:mime	application/x-virtualbox-vhd
+!:ext   vhd
+# Features is a bit field used to indicate specific feature support
+#>8	ubelong		!0x00000002	\b, Features %#x
+# Reserved. This bit must always be set to 1.
+#>8	ubelong		&0x00000002	\b, Reserved %#x
+# File Format Version for the current specification 0x00010000
+#>12	ubelong		!0x00010000	\b, Version %#8.8x
+# Data Offset only found 0x200
+#>16	ubequad		!0x200		\b, Data Offset %#llx
+#>16	ubequad		x		\b, at %#llx
+# Dynamic Disk Header cookie like cxsparse
+#>(16.Q)	string		x		"%-.8s"
+# This field contains a Unicode string (UTF-16) of the parent hard disk filename
+#>(16.Q+64)	ubequad	x		\b, parent name %#llx
+# Creator Application
+# vpc~Microsoft Virtual PC, vs~Microsoft Virtual Server, vbox~VirtualBox, d2v~disk2vhd
+>28	string		x		\b, Creator %-4.4s
+# Creator Version: 0x00010000~Virtual Server 2004, 0x00050000~Virtual PC 2004
+# holds the major/minor version of the application that created the image
+>32	ubeshort	x		%x
+>34	ubeshort	x		\b.%x
+#>32	ubelong		x		\b, Version %#8.8x
+# Creator Host OS: 0x5769326B~Windows (Wi2k), 0x4D616320~Macintosh (Mac)
+>36	ubelong		x		(
+>>36	ubelong		0x5769326B	\bW2k
+>>36	ubelong		0x4D616320	\bMac
+>>36	default		x		\b0x
+>>>36	ubelong		x		\b%8.8x
+# creation Time in seconds since 1 Jan 2000 UTC~946684800 sec. since Unix Epoch
+>24	bedate+946684800	x	\b) %s
+# Original Size
+#>40	ubequad		x		\b, o.-Size %#llx
+# Current Size is same as original size, but change when disk is expanded
+#>48	ubequad		x		\b, Size %#llx
+>48	ubequad		x		\b, %llu bytes
+# Disk Geometry: cylinder, heads, and sectors/track for hard disk
+#>56	ubeshort	x		\b, Cylinder %#x
+>56	ubeshort	x		\b, CHS %u
+# Heads
+#>58	ubyte		x		\b, Heads %#x
+>58	ubyte		x		\b/%u
+# Sectors per track
+#>59	ubyte		x		\b, Sectors %#x
+>59	ubyte		x		\b/%u
+# Disk Type: 3~Dynamic hard disk
+>60	ubelong		!0x3		\b, type %#x
+# Checksum
+#>64	ubelong		x		\b, cksum %#x
+# universally unique identifier (UUID) to associate a parent with its differencing image
+#>68	ubequad		x		\b, id %#16.16llx
+#>76	ubequad		x		\b-%16.16llx
+# Saved State: 1~Saved State
+>84	ubyte		!0		\b, State %#x
+# Reserved 427 bytes with nils
+#>85	ubequad	!0			\b, Reserved %#16.16llx
+
+# From: Joerg Jenderek
+# URL: https://msdn.microsoft.com/en-us/library/mt740058.aspx
+# Reference: https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/
+# MS-VHDX/[MS-VHDX].pdf
+# Note: extends the VHD format with new capabilities, such as a 16TB maximum size
+# TODO:	find and display values like virtual size, disk size, cluster_size, etc
+#	display id in GUID format
+#
+# VHDX_FILE_IDENTIFIER signature 0x656C696678646876
+0	string			vhdxfile
+# VHDX_HEADER signature. 1 header is stored at offset 64KB and the other at 128KB
+>0x10000	string		head		Microsoft Disk Image eXtended
+#>0x20000	string			head	\b, 2nd header
+#!:mime	application/x-virtualbox-vhdx
+!:ext	vhdx
+# Creator[256] like "QEMU v3.0.0", "Microsoft Windows 6.3.9600.18512"
+>>8		lestring16		x	\b, by %.256s
+# The Checksum field is a CRC-32C hash over the entire 4 KB structure
+#>>0x10004	ulelong			x	\b, CRC %#x
+# SequenceNumber
+>>0x10008	ulequad			x	\b, sequence %#llx
+# FileWriteGuid
+#>>0x10010	ubequad			x	\b, file id %#llx
+#>>>0x10018	ubequad			x	\b-%llx
+# DataWriteGuid
+#>>0x10020	ubequad			x	\b, data id %#llx
+#>>>0x10028	ubequad			x	\b-%llx
+# LogGuid. If this field is zero, then the log is empty or has no valid entries 
+>>0x10030	ubequad			>0	\b, log id %#llx
+>>>0x10038	ubequad			x	\b-%llx
+# LogVersion. If not 0 there is a log to replay
+>>0x10040	uleshort		>0	\b, LogVersion %#x
+# Version. This field must be set to 1
+>>0x10042	uleshort		!1	\b, Version %#x
+# LogLength must be multiples of 1 MB
+>>0x10044	ulelong/1048576		>1	\b, LogLength %u MB
+# LogOffset (normally 0x100000 when log direct after header); multiples of 1 MB
+>>0x10048	ulequad			!0x100000 \b, LogOffset %#llx
+# Log Entry Signature must be 0x65676F6C~loge
+>>(0x10048.q)	ulelong			!0x65676F6C \b, NO Log Signature
+>>(0x10048.q)	ulelong			=0x65676F6C	\b; LOG
+# Log Entry Checksum
+#>>>(0x10048.q+4)	ulelong		x	\b, Log CRC %#x
+# Log Entry Length must be a multiple of 4 KB
+>>>(0x10048.q+8)	ulelong/1024	>4	\b, EntryLength %u KB
+# Log Entry Tail must be a multiple of 4 KB
+#>>>(0x10048.q+12)	ulelong		x	\b, Tail %#x
+# Log Entry SequenceNumber
+#>>>(0x10048.q+16)	ulequad		x	\b, # %#llx
+# Log Entry DescriptorCount may be zero. only 4 bytes in other docs instead 8
+#>>>(0x10048.q+24)	ulelong		x	\b, DescriptorCount %#llx
+# Log Entry Reserved must be set to 0
+>>>(0x10048.q+28)	ulelong		!0	\b, Reserved %#x
+# Log Entry LogGuid
+#>>>(0x10048.q+32)	ubequad		x	\b, Log id %#llx
+#>>>(0x10048.q+40)	ubequad		x	\b-%llx
+# Log Entry FlushedFileOffset should VHDX size when entry is written.
+#>>>(0x10048.q+48)	ulequad		x	\b, FlushedFileOffset %llu
+# Log Entry LastFileOffset
+#>>>(0x10048.q+56)	ulequad		x	\b, LastFileOffset %llu
+# filling
+#>>>(0x10048.q+64)	ulequad		>0	\b, filling %llx
+# Reserved[4016]
+#>>0x10050	ulequad			>0	\b, Reserved %#llx
+# VHDX_REGION_TABLE_HEADER Signature 0x69676572~regi at offset 192 KB and 256 KB
+>0x30000	ulelong			!0x69676572 \b, 1st region INVALID
+>0x30000	ulelong			=0x69676572 \b; region
+# region Checksum. CRC-32C hash over the entire 64-KB table
+#>>0x30004	ulelong			x	\b, CRC %#x
+# The EntryCount specifies number of valid entries; Found 2; This must be =< 2047. 
+>>0x30008	ulelong			x	\b, %u entries
+# reserved must be zero
+#>>0x3000C	ulelong			!0	\b, RESERVED %#x
+# Region Table Entry starts with identifier for the object. often BAT id
+>>0x30010	use			vhdx-id
+# FileOffset
+>>0x30020	ulequad		x		\b, at %#llx
+# Length. Specifies the length of the object within the file
+#>>0x30028	ulelong		x		\b, Length %#x
+# 1 means region entry is required. if region not recognized, then REFUSE to load VHDX
+>>0x3002C	ulelong		x		\b, Required %u
+# 2nd region entry often metadata id
+>>0x30030	use			vhdx-id
+# 2nd entry FileOffset
+>>0x30040	ulequad		x		\b, at %#llx
+# 1 means region entry is required. if region not recognized, then REFUSE to load VHDX
+>>0x3004C	ulelong		x		\b, Required %u
+# 2nd region
+>>0x40000	ulelong		!0x69676572	\b, 2nd region INVALID
+# check in vhdx images for known id and show names instead hexadecimal
+0	name		vhdx-id
+# https://www.windowstricks.in/online-windows-guid-converter
+# 2DC27766-F623-4200-9D64-115E9BFD4A08		BAT GUID
+# 6677C22D23F600429D64115E9BFD4A08		BAT ID
+>0	ubequad		=0x6677C22D23F60042
+>>8	ubequad		=0x9D64115E9BFD4A08	\b, id BAT
+# no BAT id
+>>8	default		x
+>>>0	use		vhdx-id-hex
+# 8B7CA206-4790-4B9A-B8FE-575F050F886E		Metadata region GUID
+# 06A27C8B90479A4BB8FE575F050F886E		Metadata region ID
+>0	ubequad		=0x06A27C8B90479A4B
+>>8	ubequad		=0xB8FE575F050F886E	\b, id Metadata
+# no Metadata id
+>>8	default		x
+>>>0	use		vhdx-id-hex
+# 2FA54224-CD1B-4876-B211-5DBED83BF4B8		Virtual Disk Size GUID
+# 2442A52F1BCD7648B2115DBED83BF4B8		Virtual Disk Size ID
+# value "virtual size" can be verified by command `qemu-img info `
+>0	ubequad		=0x2442A52F1BCD7648
+>>8	ubequad		=0xB2115DBED83BF4B8	\b, id vsize
+# no Virtual Disk Size ID
+>>8	default		x
+>>>0	use		vhdx-id-hex
+# other ids
+>0	default		x
+>>0	use		vhdx-id-hex
+# in vhdx images show id as hexadecimal
+0	name		vhdx-id-hex
+>0	ubequad		x			\b, ID %#16.16llx
+>8	ubequad		x			\b-%16.16llx
+#
+# libvirt
+# From: Philipp Hahn <hahn@univention.de>
+0	string	LibvirtQemudSave	Libvirt QEMU Suspend Image
+>0x10	lelong	x	\b, version %u
+>0x14	lelong	x	\b, XML length %u
+>0x18	lelong	1	\b, running
+>0x1c	lelong	1	\b, compressed
+
+0	string	LibvirtQemudPart	Libvirt QEMU partial Suspend Image
+# From: Alex Beregszaszi <alex@fsn.hu>
+0	string/b	COWD		VMWare3
+>4	byte	3		disk image
+>>32	lelong	x		(%d/
+>>36	lelong	x		\b%d/
+>>40	lelong	x		\b%d)
+>4	byte	2		undoable disk image
+>>32	string	>\0		(%s)
+
+0	string/b	VMDK		 VMware4 disk image
+0	string/b	KDMV		 VMware4 disk image
+
+#--------------------------------------------------------------------
+# Qemu Emulator Images
+# Lines written by Friedrich Schwittay (f.schwittay@yousable.de)
+# Updated by Adam Buchbinder (adam.buchbinder@gmail.com)
+# Made by reading sources, reading documentation, and doing trial and error
+# on existing QCOW files
+0	string/b	QFI\xFB	QEMU QCOW Image
+!:mime	application/x-qemu-disk
+
+# Uncomment the following line to display Magic (only used for debugging
+# this magic number)
+#>0	string/b	x	, Magic: %s
+
+# There are currently 2 Versions: "1" and "2".
+# https://www.gnome.org/~markmc/qcow-image-format-version-1.html
+>4	belong		x	(v%d)
+
+# Using the existence of the Backing File Offset to determine whether
+# to read Backing File Information
+>>12	belong	 >0	 \b, has backing file (
+# Note that this isn't a null-terminated string; the length is actually
+# (16.L). Assuming a null-terminated string happens to work usually, but it
+# may spew junk until it reaches a \0 in some cases.
+>>>(12.L)	 string >\0	\bpath %s
+
+# Modification time of the Backing File
+# Really useful if you want to know if your backing
+# file is still usable together with this image
+>>>>20	bedate >0	\b, mtime %s)
+>>>>20	default x	\b)
+
+# Size is stored in bytes in a big-endian u64.
+>>24	bequad	x	 \b, %lld bytes
+
+# 1 for AES encryption, 0 for none.
+>>36	belong	1	\b, AES-encrypted
+
+# https://www.gnome.org/~markmc/qcow-image-format.html
+>4	belong	2	(v2)
+# Using the existence of the Backing File Offset to determine whether
+# to read Backing File Information
+>>8	bequad  >0	 \b, has backing file
+# Note that this isn't a null-terminated string; the length is actually
+# (16.L). Assuming a null-terminated string happens to work usually, but it
+# may spew junk until it reaches a \0 in some cases. Also, since there's no
+# .Q modifier, we just use the bottom four bytes as an offset. Note that if
+# the file is over 4G, and the backing file path is stored after the first 4G,
+# the wrong filename will be printed. (This should be (8.Q), when that syntax
+# is introduced.)
+>>>(12.L)	 string >\0	(path %s)
+>>24	bequad	x	\b, %lld bytes
+>>32	belong	1	\b, AES-encrypted
+
+>4	belong	3	(v3)
+# Using the existence of the Backing File Offset to determine whether
+# to read Backing File Information
+>>8	bequad  >0	 \b, has backing file
+# Note that this isn't a null-terminated string; the length is actually
+# (16.L). Assuming a null-terminated string happens to work usually, but it
+# may spew junk until it reaches a \0 in some cases. Also, since there's no
+# .Q modifier, we just use the bottom four bytes as an offset. Note that if
+# the file is over 4G, and the backing file path is stored after the first 4G,
+# the wrong filename will be printed. (This should be (8.Q), when that syntax
+# is introduced.)
+>>>(12.L)	 string >\0	(path %s)
+>>24	bequad	x	\b, %lld bytes
+>>32	belong	1	\b, AES-encrypted
+
+>4	default x	(unknown version)
+
+0	string/b	QEVM		QEMU suspend to disk image
+
+# QEMU QED Image
+# https://wiki.qemu.org/Features/QED/Specification
+0	string/b	QED\0		QEMU QED Image
+
+# VDI Image
+# Sun xVM VirtualBox Disk Image
+# From: Richard W.M. Jones <rich@annexia.org>
+# VirtualBox Disk Image
+0x40	ulelong		0xbeda107f	VirtualBox Disk Image
+>0x44	uleshort	>0		\b, major %u
+>0x46	uleshort	>0		\b, minor %u
+>0	string		>\0		(%s)
+>368	lequad		x		 \b, %lld bytes
+
+0	string/b	Bochs\ Virtual\ HD\ Image	Bochs disk image,
+>32	string	x				type %s,
+>48	string	x				subtype %s
+
+0	lelong	0x02468ace			Bochs Sparse disk image
+
diff --git a/magic/Magdir/virtutech b/magic/Magdir/virtutech
new file mode 100644
index 0000000..410ab9e
--- /dev/null
+++ b/magic/Magdir/virtutech
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: virtutech,v 1.4 2009/09/19 16:28:13 christos Exp $
+# Virtutech Compressed Random Access File Format
+#
+# From <gustav@virtutech.com>
+0      string          \211\277\036\203        Virtutech CRAFF
+>4     belong          x               v%d
+>20    belong          0               uncompressed
+>20    belong          1               bzipp2ed
+>20    belong          2               gzipped
+>24    belong          0               not clean
diff --git a/magic/Magdir/visx b/magic/Magdir/visx
new file mode 100644
index 0000000..fe5c827
--- /dev/null
+++ b/magic/Magdir/visx
@@ -0,0 +1,32 @@
+
+#------------------------------------------------------------------------------
+# $File: visx,v 1.5 2009/09/19 16:28:13 christos Exp $
+# visx:  file(1) magic for Visx format files
+#
+0	short		0x5555		VISX image file
+>2	byte		0		(zero)
+>2	byte		1		(unsigned char)
+>2	byte		2		(short integer)
+>2	byte		3		(float 32)
+>2	byte		4		(float 64)
+>2	byte		5		(signed char)
+>2	byte		6		(bit-plane)
+>2	byte		7		(classes)
+>2	byte		8		(statistics)
+>2	byte		10		(ascii text)
+>2	byte		15		(image segments)
+>2	byte		100		(image set)
+>2	byte		101		(unsigned char vector)
+>2	byte		102		(short integer vector)
+>2	byte		103		(float 32 vector)
+>2	byte		104		(float 64 vector)
+>2	byte		105		(signed char vector)
+>2	byte		106		(bit plane vector)
+>2	byte		121		(feature vector)
+>2	byte		122		(feature vector library)
+>2	byte		124		(chain code)
+>2	byte		126		(bit vector)
+>2	byte		130		(graph)
+>2	byte		131		(adjacency graph)
+>2	byte		132		(adjacency graph library)
+>2	string		.VISIX		(ascii text)
diff --git a/magic/Magdir/vms b/magic/Magdir/vms
new file mode 100644
index 0000000..56d57ae
--- /dev/null
+++ b/magic/Magdir/vms
@@ -0,0 +1,30 @@
+
+#------------------------------------------------------------------------------
+# $File: vms,v 1.10 2017/03/17 21:35:28 christos Exp $
+# vms:  file(1) magic for VMS executables (experimental)
+#
+# VMS .exe formats, both VAX and AXP (Greg Roelofs, newt@uchicago.edu)
+
+# GRR 950122:  I'm just guessing on these, based on inspection of the headers
+# of three executables each for Alpha and VAX architectures.  The VAX files
+# all had headers similar to this:
+#
+#   00000  b0 00 30 00 44 00 60 00  00 00 00 00 30 32 30 35  ..0.D.`.....0205
+#   00010  01 01 00 00 ff ff ff ff  ff ff ff ff 00 00 00 00  ................
+#
+0	string	\xb0\0\x30\0	VMS VAX executable
+>44032	string	PK\003\004	\b, Info-ZIP SFX archive v5.12 w/decryption
+#
+# The AXP files all looked like this, except that the byte at offset 0x22
+# was 06 in some of them and 07 in others:
+#
+#   00000  03 00 00 00 00 00 00 00  ec 02 00 00 10 01 00 00  ................
+#   00010  68 00 00 00 98 00 00 00  b8 00 00 00 00 00 00 00  h...............
+#   00020  00 00 07 00 00 00 00 00  00 00 00 00 00 00 00 00  ................
+#   00030  00 00 00 00 01 00 00 00  00 00 00 00 00 00 00 00  ................
+#   00040  00 00 00 00 ff ff ff ff  ff ff ff ff 02 00 00 00  ................
+#
+# GRR this test is still too general as it catches example adressen.dbt
+0	belong	0x03000000
+>8	ubelong	0xec020000	VMS Alpha executable
+>>75264	string	PK\003\004	\b, Info-ZIP SFX archive v5.12 w/decryption
diff --git a/magic/Magdir/vmware b/magic/Magdir/vmware
new file mode 100644
index 0000000..cd1a9d9
--- /dev/null
+++ b/magic/Magdir/vmware
@@ -0,0 +1,6 @@
+
+#------------------------------------------------------------------------------
+# $File: vmware,v 1.8 2017/03/17 21:35:28 christos Exp $
+# VMware specific files (deducted from version 1.1 and log file entries)
+# Anthon van der Neut (anthon@mnt.org)
+0	belong	0x4d52564e	VMware nvram
diff --git a/magic/Magdir/vorbis b/magic/Magdir/vorbis
new file mode 100644
index 0000000..49e75cb
--- /dev/null
+++ b/magic/Magdir/vorbis
@@ -0,0 +1,155 @@
+
+#------------------------------------------------------------------------------
+# $File: vorbis,v 1.26 2020/08/22 18:30:55 christos Exp $
+# vorbis:  file(1) magic for Ogg/Vorbis files
+#
+# From Felix von Leitner <leitner@fefe.de>
+# Extended by Beni Cherniavsky <cben@crosswinds.net>
+# Further extended by Greg Wooledge <greg@wooledge.org>
+#
+# Most (everything but the number of channels and bitrate) is commented
+# out with `##' as it's not interesting to the average user.  The most
+# probable things advanced users would want to uncomment are probably
+# the number of comments and the encoder version.
+#
+# FIXME: The first match has been made a search, so that it can skip
+# over prepended ID3 tags. This will work for MIME type detection, but
+# won't work for detecting other properties of the file (they all need
+# to be made relative to the search). In any case, if the file has ID3
+# tags, the ID3 information will be printed, not the Ogg information,
+# so until that's fixed, this doesn't matter.
+# FIXME[2]: Disable the above for now, since search assumes text mode.
+#
+# --- Ogg Framing ---
+#0		search/1000	OggS		Ogg data
+0		string	OggS		Ogg data
+>4		byte		!0		UNKNOWN REVISION %u
+##>4		byte		0		revision 0
+>4		byte		0
+##>>14		lelong		x		(Serial %lX)
+# non-Vorbis content: FLAC (Free Lossless Audio Codec, http://flac.sourceforge.net)
+>>28		string		\x7fFLAC	\b, FLAC audio
+# non-Vorbis content: Theora
+!:mime		audio/ogg
+>>28		string		\x80theora	\b, Theora video
+!:mime		video/ogg
+# non-Vorbis content: Kate
+>>28		string		\x80kate\0\0\0\0	\b, Kate (Karaoke and Text)
+!:mime		application/ogg
+>>>37		ubyte		x		v%u
+>>>38		ubyte		x		\b.%u,
+>>>40		byte		0		utf8 encoding,
+>>>40		byte		!0		unknown character encoding,
+>>>60		string		>\0		language %s,
+>>>60		string		\0		no language set,
+>>>76		string		>\0		category %s
+>>>76		string		\0		no category set
+# non-Vorbis content: Skeleton
+>>28		string		fishead\0	\b, Skeleton
+!:mime		video/ogg
+>>>36		leshort		x		v%u
+>>>40		leshort		x		\b.%u
+# non-Vorbis content: Speex
+>>28		string		Speex\ \ \ 	\b, Speex audio
+!:mime		audio/ogg
+# non-Vorbis content: OGM
+>>28		string		\x01video\0\0\0	\b, OGM video
+!:mime		video/ogg
+>>>37		string/c	div3		(DivX 3)
+>>>37		string/c	divx		(DivX 4)
+>>>37		string/c	dx50		(DivX 5)
+>>>37		string/c	xvid		(XviD)
+# --- First vorbis packet - general header ---
+>>28		string		\x01vorbis	\b, Vorbis audio,
+!:mime		audio/ogg
+>>>35		lelong		!0		UNKNOWN VERSION %u,
+##>>>35		lelong		0		version 0,
+>>>35		lelong		0
+>>>>39		ubyte		1		mono,
+>>>>39		ubyte		2		stereo,
+>>>>39		ubyte		>2		%u channels,
+>>>>40		lelong		x		%u Hz
+# Minimal, nominal and maximal bitrates specified when encoding
+>>>>48		string		<\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff	\b,
+# The above tests if at least one of these is specified:
+>>>>>52		lelong		!-1
+# Vorbis RC2 has a bug which puts -1000 in the min/max bitrate fields
+# instead of -1.
+# Vorbis 1.0 uses 0 instead of -1.
+>>>>>>52	lelong		!0
+>>>>>>>52	lelong		!-1000
+>>>>>>>>52	lelong		x		<%u
+>>>>>48		lelong		!-1
+>>>>>>48	lelong		x		~%u
+>>>>>44		lelong		!-1
+>>>>>>44	lelong		!-1000
+>>>>>>>44	lelong		!0
+>>>>>>>>44	lelong		x		>%u
+>>>>>48		string		<\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff	bps
+# -- Second vorbis header packet - the comments
+# A kludge to read the vendor string.  It's a counted string, not a
+# zero-terminated one, so file(1) can't read it in a generic way.
+# libVorbis is the only one existing currently, so I detect specifically
+# it.  The interesting value is the cvs date (8 digits decimal).
+# Post-RC1 Ogg files have the second header packet (and thus the version)
+# in a different place, so we must use an indirect offset.
+>>>(84.b+85)		string		\x03vorbis
+>>>>(84.b+96)		string/c	Xiphophorus\ libVorbis\ I	\b, created by: Xiphophorus libVorbis I
+>>>>>(84.b+120)		string		>00000000
+# Map to beta version numbers:
+>>>>>>(84.b+120)	string		<20000508	(<beta1, prepublic)
+>>>>>>(84.b+120)	string		20000508	(1.0 beta 1 or beta 2)
+>>>>>>(84.b+120)	string		>20000508
+>>>>>>>(84.b+120)	string		<20001031	(beta2-3)
+>>>>>>(84.b+120)	string		20001031	(1.0 beta 3)
+>>>>>>(84.b+120)	string		>20001031
+>>>>>>>(84.b+120)	string		<20010225	(beta3-4)
+>>>>>>(84.b+120)	string		20010225	(1.0 beta 4)
+>>>>>>(84.b+120)	string		>20010225
+>>>>>>>(84.b+120)	string		<20010615	(beta4-RC1)
+>>>>>>(84.b+120)	string		20010615	(1.0 RC1)
+>>>>>>(84.b+120)	string		20010813	(1.0 RC2)
+>>>>>>(84.b+120)	string		20010816	(RC2 - Garf tuned v1)
+>>>>>>(84.b+120)	string		20011014	(RC2 - Garf tuned v2)
+>>>>>>(84.b+120)	string		20011217	(1.0 RC3)
+>>>>>>(84.b+120)	string		20011231	(1.0 RC3)
+# Some pre-1.0 CVS snapshots still had "Xiphphorus"...
+>>>>>>(84.b+120)	string		>20011231	(pre-1.0 CVS)
+# For the 1.0 release, Xiphophorus is replaced by Xiph.Org
+>>>>(84.b+96)		string/c	Xiph.Org\ libVorbis\ I	\b, created by: Xiph.Org libVorbis I
+>>>>>(84.b+117)		string		>00000000
+>>>>>>(84.b+117)	string		<20020717	(pre-1.0 CVS)
+>>>>>>(84.b+117)	string		20020717	(1.0)
+>>>>>>(84.b+117)	string		20030909	(1.0.1)
+>>>>>>(84.b+117)	string		20040629	(1.1.0 RC1)
+>>>>>>(84.b+117)	string		20050304	(1.1.2)
+>>>>>>(84.b+117)	string		20070622	(1.2.0)
+>>>>>>(84.b+117)	string		20090624	(1.2.2)
+>>>>>>(84.b+117)	string		20090709	(1.2.3)
+>>>>>>(84.b+117)	string		20100325	(1.3.1)
+>>>>>>(84.b+117)	string		20101101	(1.3.2)
+>>>>>>(84.b+117)	string		20120203	(1.3.3)
+>>>>>>(84.b+117)	string		20140122	(1.3.4)
+>>>>>>(84.b+117)	string		20150105	(1.3.5)
+
+# non-Vorbis content: Opus https://tools.ietf.org/html/rfc7845#section-5
+>>28		string		OpusHead	\b, Opus audio,
+!:mime		audio/ogg
+>>>36		ubyte		>0x0F		UNKNOWN VERSION %u,
+>>>36		ubyte&0x0F	!0		version 0.%u,
+>>>>46		ubyte		>1
+>>>>>46		ubyte		!255		unknown channel mapping family %u,
+>>>>>37		ubyte		x		%u channels
+>>>>46		ubyte		0
+>>>>>37		ubyte		1		mono
+>>>>>37		ubyte		2		stereo
+>>>>46		ubyte		1
+>>>>>37		ubyte		1		mono
+>>>>>37		ubyte		2		stereo
+>>>>>37		ubyte		3		linear surround
+>>>>>37		ubyte		4		quadraphonic
+>>>>>37		ubyte		5		5.0 surround
+>>>>>37		ubyte		6		5.1 surround
+>>>>>37		ubyte		7		6.1 surround
+>>>>>37		ubyte		8		7.1 surround
+>>>>40		lelong		!0		\b, %u Hz (Input Sample Rate)
+\ No newline at end of file
diff --git a/magic/Magdir/vxl b/magic/Magdir/vxl
new file mode 100644
index 0000000..0fdc68a
--- /dev/null
+++ b/magic/Magdir/vxl
@@ -0,0 +1,14 @@
+
+#------------------------------------------------------------------------------
+# $File: vxl,v 1.4 2009/09/19 16:28:13 christos Exp $
+# VXL: file(1) magic for VXL binary IO data files
+#
+# from Ian Scott <scottim@sf.net>
+#
+# VXL is a collection of C++ libraries for Computer Vision.
+# See the vsl chapter in the VXL Book for more info
+# http://www.isbe.man.ac.uk/public_vxl_doc/books/vxl/book.html
+# http:/vxl.sf.net
+
+2	lelong	0x472b2c4e	VXL data file,
+>0	leshort	>0		schema version no %d
diff --git a/magic/Magdir/warc b/magic/Magdir/warc
new file mode 100644
index 0000000..5942867
--- /dev/null
+++ b/magic/Magdir/warc
@@ -0,0 +1,16 @@
+
+#------------------------------------------------------------------------------
+# $File: warc,v 1.4 2019/04/19 00:42:27 christos Exp $
+# warc:  file(1) magic for WARC files
+
+0	string	WARC/	WARC Archive
+>5	string	x	version %.4s
+!:mime application/warc
+
+#------------------------------------------------------------------------------
+# Arc File Format from Internet Archive
+# see https://www.archive.org/web/researcher/ArcFileFormat.php
+0      string          filedesc://     Internet Archive File
+!:mime application/x-ia-arc
+>11    search/256      \x0A    \b
+>>&0   ubyte   >0      \b version %c
diff --git a/magic/Magdir/weak b/magic/Magdir/weak
new file mode 100644
index 0000000..6dc1793
--- /dev/null
+++ b/magic/Magdir/weak
@@ -0,0 +1,16 @@
+
+#------------------------------------------------------------------------------
+# weak:  file(1) magic for very weak magic entries, disabled by default
+#
+# These entries are so weak that they might interfere identification of
+# other formats. Example include:
+# - Only identify for 1 or 2 bytes
+# - Match against very wide range of values
+# - Match against generic word in some spoken languages (e.g. English)
+
+# Summary: Computer Graphics Metafile
+# Extension: .cgm
+#0	beshort&0xffe0	0x0020		binary Computer Graphics Metafile
+#0	beshort		0x3020		character Computer Graphics Metafile
+
+#0	string		=!!		Bennet Yee's "face" format
diff --git a/magic/Magdir/web b/magic/Magdir/web
new file mode 100644
index 0000000..a0d26e6
--- /dev/null
+++ b/magic/Magdir/web
@@ -0,0 +1,18 @@
+
+#------------------------------------------------------------------------------
+# $File: web,v 1.2 2022/10/29 16:02:37 christos Exp $
+
+# http://www.rdfhdt.org/
+# From Christoph Biedl
+# http://www.rdfhdt.org/hdt-internals/
+# https://github.com/rdfhdt/hdt-cpp
+
+0	string	$HDT\x01 HDT file (binary compressed indexed RDF triples) type 1
+!:mime application/vnd.hdt
+!:ext hdt
+
+0	string		[Adblock\040Plus	Adblock Plus
+>&1	regex		[0-9.]+			%s
+>1	string		x			rules file
+>10	search/100	Version:
+>>&1	regex		[0-9]+			\b, version %s
diff --git a/magic/Magdir/webassembly b/magic/Magdir/webassembly
new file mode 100644
index 0000000..469b45e
--- /dev/null
+++ b/magic/Magdir/webassembly
@@ -0,0 +1,17 @@
+#------------------------------------------------------------------------------
+# $File: webassembly,v 1.4 2022/08/16 11:16:39 christos Exp $
+# webassembly:  file(1) magic for WebAssembly modules
+#
+# WebAssembly is a virtual architecture developed by a W3C Community
+# Group at https://webassembly.org/. The file extension is .wasm, and
+# the MIME type is application/wasm.
+#
+# https://webassembly.org/docs/binary-encoding/ is the main
+# document describing the binary format.
+# From: Pip Cet <pipcet@gmail.com> and Joel Martin
+
+0	string	\0asm	WebAssembly (wasm) binary module
+>4	lelong	=1	version %#x (MVP)
+!:mime  application/wasm
+!:ext   wasm
+>4	lelong	>1	version %#x
diff --git a/magic/Magdir/windows b/magic/Magdir/windows
new file mode 100644
index 0000000..f58ce3e
--- /dev/null
+++ b/magic/Magdir/windows
@@ -0,0 +1,1822 @@
+
+#------------------------------------------------------------------------------
+# $File: windows,v 1.63 2023/07/17 16:56:13 christos Exp $
+# windows:  file(1) magic for Microsoft Windows
+#
+# This file is mainly reserved for files where programs
+# using them are run almost always on MS Windows 3.x or
+# above, or files only used exclusively in Windows OS,
+# where there is no better category to allocate for.
+# For example, even though WinZIP almost run on Windows
+# only, it is better to treat them as "archive" instead.
+# For format usable in DOS, such as generic executable
+# format, please specify under "msdos" file.
+#
+
+
+# Summary: Outlook Express DBX file
+# Created by: Christophe Monniez
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Outlook_Express_Database
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/d/dbx.trid.xml
+#		https://sourceforge.net/projects/ol2mbox/files/LibDBX/
+#		v1.0.4/libdbx_1.0.4.tar.gz/FILE-FORMAT 
+# Note:		called "Outlook Express Database" by TrID and DROID via PUID fmt/838 fmt/839
+#		and partly verified by `undbx --verbosity 4 Posteingang.dbx`
+0	string	\xCF\xAD\x12\xFE
+# skip DROID fmt-838-signature-id-1193.dbx fmt-839-signature-id-1194.dbx by check for valid file size
+>0x7C	ulelong	>0			MS Outlook Express DBX file
+#!:mime		application/octet-stream
+#!:mime		application/vnd.ms-outlook
+!:mime		application/x-ms-dbx
+!:ext	dbx
+>>4	byte	=0xC5			\b, message database
+>>4	byte	=0xC6			\b, folder database
+>>4	byte	=0xC7			\b, account information
+>>4	byte	=0x30			\b, offline database
+# version like: 5.2 5.5 (typical)
+>>20	ulequad	!0x0000000500000005	\b, version
+# major version
+>>>24	ulelong	x			%u
+# minor version
+>>>20	ulelong	x			\b.%u
+# CLSID: 6F74FDC5-E366-11d1-9A4E-00C04FA309D4~Message 6F74FDC6-E366-11D1-9A4E-00C04FA309D4~Folder
+# 26FE9D30-1A8F-11D2-AABF-006097D474C4~offline
+#>>4	guid	x			\b, CLSID %s
+# file size; total size of file; sometimes real size a little bit higher
+>>0x7C	ulelong	x			\b, ~ %u bytes
+# highest Email ID; the next email will have a number one higher than this
+>>0x5c	ulelong	x			\b, highest ID %#x
+# item count; number of items stored in this DBX file
+>>0xC4	ulelong	x			\b, %u item
+# plural s
+>>0xC4	ulelong	!1			\bs
+# index pointer; file offset pointing to a page of Data Indexes
+>>0xE4	ulelong	>0			\b, index pointer %#x
+
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Nickfile
+#		https://www.nirsoft.net/utils/outlook_nk2_edit.html
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/n/nk2.trid.xml
+#		https://github.com/libyal/libnk2/blob/main/documentation
+#		Nickfile%20(NK2)%20format.asciidoc
+# Note:		called "Outlook Nickfile" by TrID & TestDisk and
+#		"Outlook Nickname File" by Microsoft Outlook and
+#		"Outlook AutoComplete File" by Nirsoft NK2Edit
+#		partly verfied by NK2Edit Raw Text Edit Mode
+0	ubelong		0x0DF0ADBA	MS Outlook Nickfile
+#!:mime		application/octet-stream
+#!:mime		application/vnd.ms-outlook
+!:mime		application/x-ms-nickfile
+!:ext	nk2/dat/bak
+# nick is used by "older" Outlook; dat is used by "newer" Outlook (probably 2010 - 2016); bak is used for backup
+#!:ext	nick/nk2/dat/bak
+# Unknown; probably a version indicator like: 0000000Ah 0000000Ch 
+>4	ulelong		x		\b, probably version %u
+# Unknown2; probably a version indicator like: 1 0
+>8	ulelong		x		\b.%u
+# number of rows (nickname or alias items) in file
+>12	ulelong		x		\b, %u items
+# number of item entries/columns/properties value like: 17h
+>16	ulelong		x		\b, %u entries
+# value type/property tag: 001Fh~4 bytes for data size of UTF-16 LE string
+>20	uleshort	x		\b, value type %#4.4x
+# entry type/property identifier: 6001h~PR_DOTSTUFF_STATE/PR_NICK_NAME_W
+>22	uleshort	x		\b, entry type %#4.4x
+# Reserved like: 0013FD90h
+#>24	ulelong		x		\b, reserved %#8.8x
+# value data array/Irrelevant Union like: 0000000004E31A80h
+#>28	ulequad		x		\b, data %#16.16llx
+# UTF-16
+>20	uleshort	=0x001F
+# unicode string bytes like: 2Ch
+>>36	ulelong		x		\b, %u bytes
+# unicode string value PT_UNICODE like: janesmith@contoso.org
+>>40	lestring16	x		"%s"
+
+# Summary: Windows crash dump
+# Created by: Andreas Schuster (https://computer.forensikblog.de/)
+#		https://web.archive.org/web/20101125060849/https://computer.forensikblog.de/en/2008/02/64bit_magic.html
+# Modified by (1): Abel Cheung (Avoid match with first 4 bytes only)
+# Modified by (2): Joerg Jenderek (addtional fields, extension, URL)
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/d/dmp.trid.xml
+#		https://gitlab.com/qemu-project/qemu/-/blob/master/include/qemu/win_dump_defs.h
+# Note:		called "Windows memory dump" by TrID
+#		and verified by like Windows Kit `Dumpchk.exe 043022-18703-01.dmp`
+#		and partly by NirSoft `BlueScreenView.exe 043022-18703-01.dmp`
+# char Signature[4]
+0	string		PAGE
+# char ValidDump[4]
+>4	string		DUMP		MS Windows 32bit crash dump
+#!:mime	application/octet-stream
+!:mime	application/x-ms-dmp
+# like: Mini111013-01.dmp
+!:ext	dmp
+# major version like: 15
+>>8	ulelong		x		\b, version %u
+# minor version like: 2600
+>>12	ulelong		x		\b.%u
+# DirectoryTableBase like: 709000
+#>>16	ulelong		x		\b, DirectoryTableBase %#x
+# PfnDatabase like: 805620c8
+#>>20	ulelong		x		\b, PfnDatabase %#x
+# PsLoadedModuleList like: 8055d720
+#>>24	ulelong		x		\b, PsLoadedModuleList %#x
+# PsActiveProcessHead like:805638b8 
+#>>28	ulelong		x		\b, PsActiveProcessHead %#x
+# MachineImageType like: 14c (intel x86)
+>>32	ulelong		!0x14c		\b, MachineImageType %#x
+# NumberProcessors like: 2
+>>36	ulelong		x		\b, %u processors
+# BugcheckCode like: e2
+#>>40	ulelong		x		\b, BugcheckCode %#x
+# BugcheckParameter1 like: 0
+#>>44	ulelong		x		\b, BugcheckParameter1 %#x
+# BugcheckParameter2 like: 0
+#>>48	ulelong		x		\b, BugcheckParameter2 %#x
+# BugcheckParameter3 like: 0
+#>>52	ulelong		x		\b, BugcheckParameter3 %#x
+# BugcheckParameter4 like: 0
+#>>56	ulelong		x		\b, BugcheckParameter4 %#x
+# VersionUser[32]; like  "PAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGE" ""
+#>>60	string		x		\b, VersionUser "%.32s"
+# uint32_t reserved0 like: 45474101
+#>>92	ulelong		x		\b, reserved0 %#x
+>>0x05c	byte            0		\b, no PAE
+>>0x05c	byte            1		\b, PAE
+# KdDebuggerDataBlock like: 8054d2e0
+#>>96	ulelong		x		\b, KdDebuggerDataBlock %#x
+# uint8_t PhysicalMemoryBlockBuffer[700]
+# WinDumpPhyMemDesc32 NumberOfRuns like: 45474150
+#>>100	ulelong		x		\b, NumberOfRuns %#x
+# WinDumpPhyMemDesc32 uint32_t NumberOfPages like: 1162297680
+#>>104	ulelong		x		\b, NumberOfPages %#x
+# WinDumpPhyMemRun32 Run[86]; 688 bytes
+#>>108	ulelong		x		\b, BasePage %#x
+#>>112	ulelong		x		\b, PageCount %#x
+# uint8_t reserved1[3200]
+#>>800	string		x		\b, reserved "%s"
+#>>4000	ulelong		x		\b, RequiredDumpSpace %#x
+# uint8_t reserved2[92];
+#>>4004	string		x		\b, reserved2 "%s"
+>>0xf88	lelong		1		\b, full dump
+>>0xf88	lelong		2		\b, kernel dump
+>>0xf88	lelong		3		\b, small dump
+# like: 4
+>>0xf88	lelong		>3		\b, dump type (%#x)
+# WinDumpPhyMemDesc32 uint32_t NumberOfPages like: 1162297680
+# GRR: IS THIS TRUE? VALUE IS SOMETIMES VERY HIGH!
+#>>104	ulelong		x		\b, NumberOfPages %#x
+>>0x068	lelong		x		\b, %d pages
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/d/dmp-64.trid.xml113o
+# Note:		called "Windows 64bit Memory Dump" by TrID
+# char ValidDump[4]
+>4	string		DU64		MS Windows 64bit crash dump
+#!:mime	application/octet-stream
+!:mime	application/x-ms-dmp
+# like: c:\Windows\Minidump\020322-18890-01.dmp c:\Windows\MEMORY.DMP
+!:ext	dmp
+# major version like: 15
+>>8	ulelong		x		\b, version %u
+# minor version like: 9600 19041 22621
+>>12	ulelong		x		\b.%u
+# DirectoryTableBase like: 001ab000
+#>>16	ulequad		x		\b, DirectoryTableBase %#llx
+# PfnDatabase like: fffffa8000000000
+#>>24	ulequad		x		\b, PfnDatabase %#llx
+# PsLoadedModuleList like: fffff800c553f650
+#>>32	ulequad		x		\b, PsLoadedModuleList %#llx
+# PsActiveProcessHead like: fffff800c5525400
+#>>40	ulequad		x		\b, PsActiveProcessHead %#llx
+# MachineImageType like: 00008664
+>>48	ulelong		!0x8664		\b, MachineImageType %#x
+# NumberProcessors like: 2 4
+>>52	ulelong		x		\b, %u processors
+# BugcheckCode like: 1000007e
+#>>56	ulelong		x		\b, BugcheckCode %#x
+# unused0
+#>>60	ulelong		x		\b, unused0 %#x
+# BugcheckParameter1 like: ffffffffc0000005
+#>>64	ulequad		x		\b, BugcheckParameter1 %#llx
+# BugcheckParameter2 like: fffff801abb2158f
+#>>72	ulequad		x		\b, BugcheckParameter2 %#llx
+# BugcheckParameter3 like: ffffd000290d4288
+#>>80	ulequad		x		\b, BugcheckParameter3 %#llx
+# BugcheckParameter4 like: ffffd000290d3aa0
+#>>88	ulequad		x		\b, BugcheckParameter4 %#llx
+# VersionUser[32]; like "" "PAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGE" ""
+#>>96	string		x		\b, VersionUser "%.32s"
+# KdDebuggerDataBlock like: fffff800c550c530
+#>>128	ulequad		x		\b, KdDebuggerDataBlock %#llx
+# uint8_t PhysicalMemoryBlockBuffer[704]
+# WinDumpPhyMemDesc64 NumberOfRuns like: 6 7 0x45474150
+#>>136	ulelong		x		\b, NumberOfRuns %#x
+# WinDumpPhyMemDesc64 unused like: 0 0x45474150
+#>>140	ulelong		x		\b, unused %#x
+# WinDumpPhyMemRun64 Run[43] BasePage like: 1
+#>>152	ulequad		x		\b, BasePage %#llx
+# WinDumpPhyMemRun64 Run[43] PageCount like: 57h
+#>>160	ulequad		x		\b, PageCount %#llx
+# uint8_t ContextBuffer[3000] like: "" "\001" "\0207J\266\001\340\377\377&8\007\312"
+#>>840	string		x		\b, ContextBuffer "%s"
+# WinDumpExceptionRecord ExceptionCode
+#>>3840	ulelong		x		\b, ExceptionCode %#x
+# WinDumpExceptionRecord ExceptionFlags
+#>>3844	ulelong		x		\b, ExceptionFlags %#x
+# WinDumpExceptionRecord ExceptionRecord
+#>>3848	ulequad		x		\b, ExceptionRecord %#llx
+# WinDumpExceptionRecord ExceptionAddress
+#>>3856	ulequad		x		\b, ExceptionAddress %#llx
+# WinDumpExceptionRecord NumberParameters
+#>>3864	ulelong		x		\b, NumberParameters %#x
+# WinDumpExceptionRecord unused
+#>>3868	ulelong		x		\b, unsed %#x
+# WinDumpExceptionRecord ExceptionInformation[15]
+#>>3872	ulequad		x		\b, ExceptionInformation[0] %#llx
+# https://learn.microsoft.com/en-us/troubleshoot/windows-server/performance/memory-dump-file-options
+# but DumpType like: 4~small 5~full (MEMORY.DMP) 6~kernel (MEMORY.DMP)
+>>0xf98 ulelong	x		\b,
+>>>0xf98	lelong		5		full dump
+>>>0xf98	lelong		6		kernel dump
+>>>0xf98	lelong		4		small dump
+# This probably never occur
+>>>0xf98	default		x		DumpType
+>>>>0xf98 	ulelong		x		(%#x)
+# WinDumpPhyMemDesc64 uint64_t NumberOfPages like: 3142425 8341923 8366500 1162297680 4992030524978970960
+# GRR: IS THIS TRUE? VALUE IS SOMETIMES VERY HIGH!
+>>0x090	lequad		x		\b, %lld pages
+
+# Summary: Vista Event Log
+# Created by: Andreas Schuster (https://computer.forensikblog.de/)
+# Update:	Joerg Jenderek
+# URL:		https://github.com/libyal/libevtx/blob/main/documentation/Windows%20XML%20Event%20Log%20(EVTX).asciidoc
+# Reference (1): https://web.archive.org/web/20110803085000/
+#		https://computer.forensikblog.de/en/2007/05/some_magic.html
+#		http://mark0.net/download/triddefs_xml.7z/defs/e/evtx.trid.xml
+# Note:		called "Vista Event Log" by TrID and "Event Log" by Windows
+# 		verified partly by `wevtutil.exe gli /lf:true dumpfile.evtx`
+0	string		ElfFile\0	MS Windows
+#!:mime		application/octet-stream
+!:mime		application/x-ms-evtx
+!:ext		evtx
+# Major+Minor format version: 3.1~Vista and later 3.2~Windows 10 (2004) and later 
+>0x24	ulelong		=0x00030001	Vista-8.1 Event Log
+>0x24	ulelong		!0x00030001	10-11 Event Log, version 
+>>0x26	uleshort	x		%u
+>>0x24	uleshort	x		\b.%u
+>0x2a	leshort		x		\b, %d chunks
+>>0x10	lelong		x		\b (no. %d in use)
+>0x18	lelong		>1		\b, next record no. %d
+>0x18	lelong		=1		\b, empty
+>0x78	lelong		&1		\b, DIRTY
+>0x78	lelong		&2		\b, FULL
+
+# Summary:	Windows Event Trace Log
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/ETL
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/e/etl.trid.xml
+#		https://www.geoffchappell.com/studies/windows/km/ntoskrnl/api/etw/tracelog/trace_logfile_header.htm
+# Note:		called "Window tracing/diagnostic binary log" by TrID
+# 		verified by `tracerpt.EXE Wifi.etl -of EVTX`
+#		and by etl-parser `etl2xml --input AMSITrace.etl --output AMSITrace.xml`
+# Every ETL file begins with a WMI_BUFFER_HEADER, a SYSTEM_TRACE_HEADER and a TRACE_LOGFILE_HEADER
+0	ubyte			0
+# look for corresponding encoded as UTF-16 file name extension like in: boot_BASE+CSWITCH_1.etl
+>0	search/0x699087/b	.\0e\0t\0l\0\0\0
+# GRR: line above only works if in ../../src/file.h FILE_BYTES_MAX is raised above 699086h (6,59 MiB)
+>>0	use			trace-etl
+# display information of Windows Performance Analyzer Trace File (file name)
+0	name		trace-etl
+>0	ubyte			x		Windows Event Trace Log
+#!:mime		application/x-ms-etl
+# http://extension.nirsoft.net/etl
+!:mime		application/etl
+!:ext		etl
+# look for DOS drive letter part of log file name like: PhotosAppTracing_startedInBGMode.etl
+>0	search/0x2b4/sb	:\0\x5c\0	
+# like: "c:\Windows\Logs\NetSetup\service.0.etl" "C:\Windows\System32\LogFiles\WMI\Wifi.etl"
+>>&-2	lestring16		x		"%s"
+
+# Summary: Windows System Deployment Image
+# Created by: Joerg Jenderek
+# URL: http://en.wikipedia.org/wiki/System_Deployment_Image
+# Reference: http://skolk.livejournal.com/1320.html
+0	string			$SDI
+>4	string			0001		System Deployment Image
+!:mime	application/x-ms-sdi
+#!:mime	application/octet-stream
+# \Boot\boot.sdi
+!:ext	sdi
+# MDBtype: 0~Unspecified 1~RAM 2~ROM
+>>8	ulequad			!0		\b, MDBtype %#llx
+# BootCodeOffset
+>>16	ulequad			!0		\b, BootCodeOffset %#llx
+# BootCodeSize
+>>24	ulequad			!0		\b, BootCodeSize %#llx
+# VendorID
+>>32	ulequad			!0		\b, VendorID %#llx
+# DeviceID
+>>40	ulequad			!0		\b, DeviceID %#llx
+# DeviceModel
+>>48	ulequad			!0		\b, DeviceModel %#llx
+>>>56	ulequad			!0		\b%llx
+# DeviceRole
+>>64	ulequad			!0		\b, DeviceRole %#llx
+# Reserved1; reserved fields and gaps between BLOBs are padded with \0
+#>>72	ulequad			!0		\b, Reserved1 %#llx
+# RuntimeGUID
+>>80	ulequad			!0		\b, RuntimeGUID %#llx
+>>>88	ulequad			!0		\b%llx
+# RuntimeOEMrev
+>>96	ulequad			!0		\b, RuntimeOEMrev %#llx
+# Reserved2
+#>>104	ulequad			!0		\b, Reserved2 %#llx
+# BLOB alignment value in pages, as specified in sdimgr /pack: 1~4K 2~8k
+>>112	ulequad			!0		\b, PageAlignment %llu
+# Reserved3[48]
+#>>120	ulequad			!0		\b, Reserved3 %#llx
+# SDI checksum 39h
+>>0x1f8	ulequad			x		\b, checksum %#llx
+# BLOBtype[8] \0-padded: PART, WIM , BOOT, LOAD, DISK
+>>0x400	string			>\0		\b, type %-3.8s
+# 0~non-filesystem 7~NTFS 6~BIGFAT
+>>>0x420	ulequad		!0		(%#llx)
+# ATTRibutes
+>>>0x408	ulequad		!0		%#llx attributes
+# Offset
+>>>0x410	ulequad		x		at %#llx
+# print 1 space after size and then handles NTFS boot sector by ./filesystems
+>>>0x418	ulequad		>0		%llu bytes 
+>>>>(0x410.l)	indirect	x
+# 2nd BLOB: WIM
+>>0x440		string		>\0		\b, type %-3.8s
+>>>0x428	ulequad		!0		(%#llx)
+# ATTRibutes
+>>>0x448	ulequad		!0		%#llx attributes
+# Offset
+>>>0x450	ulequad		x		at %#llx
+>>>0x458	ulequad		>0		%llu bytes 
+>>>>(0x450.l)	indirect	x
+# 3rd BLOB
+>>0x480		string		>\0		\b, type %-3.8s
+
+# Summary:	Windows boot status log BOOTSTAT.DAT
+# From:		Joerg Jenderek
+# Reference:	https://www.geoffchappell.com/notes/windows/boot/bsd.htm
+# Note:		mainly refers to older Windows Vista, sometimes
+#		BOOTSTAT.DAT only contains nulls or invalid data
+# checking for valid version below 5
+0		ulelong		<5
+# skip many ISO images by checking for valid 64 KiB file size
+>8		ulelong		=0x00010000
+>>0		use		bootstat-dat
+# display information of BOOTSTAT.DAT
+0	name		bootstat-dat
+>0		ulelong		x		Windows boot log
+#!:mime	application/octet-stream
+!:mime	application/x-ms-dat
+# BOOTSTAT.DAT in BOOT subdirectory
+!:ext	dat
+# apparently a version number: 2 for older like Vista, 3, 4 Windows 10
+>0		ulelong		>2		\b, version %u
+# apparently the size of the header: often 10h in older Windows, 14h, 18h
+>4		ulelong		!0x10		\b, header size %#x
+#>4		ulelong		!0x10		\b, header size %u
+# apparently the size of the file: always 0x00010000~64KiB
+# the file is acceptable to BOOTMGR only if it is exactly 64 KiB
+>8		ulelong		!0x00010000	\b, file size %#x
+# size of valid data, in bytes: C8h 50h 172h 5D5Ch
+>0xc		ulelong		x		\b, %#x valid bytes
+# skip header and jump to first bootstat entry and display information
+>(0x4.l-1)	ubyte		x
+>>&0		use		bootstat-entry
+# jump to first entry again because pointer are bad after "use"
+>(0x4.l-1)	ubyte		x
+# by 1st entry size jump to 2nd entry and display information
+>>&(&0x18.l-1)	ubyte		x
+>>>&0		use		bootstat-entry
+# jump to possible 3rd boot entry and display information
+# >(0x4.l-1)	ubyte		x
+# >>&(&0x18.l-1)	ubyte		x
+# >>>&(&0x18.l-1)	ubyte		x
+# >>>>&0		use		bootstat-entry
+#	display BOOTSTAT.DAT entry
+0	name		bootstat-entry
+#>0x00		ubequad		x		\b, ENTRY %16.16llx
+# size of entry, in bytes: 40h(init) 78h(launced) 9Ch
+#>0x18		ulelong		x		\b; entry size %u
+>0x18		ulelong		x		\b; entry size %#x
+# time stamp, in seconds 
+>0x00		ulelong		x		\b, %#x seconds
+# always zero, significance unknown
+>0x04		ulelong		!0		\b, not null %u
+# GUID of event source; but empty if event source is BOOTMGR 
+>0x08		ubequad		!0		\b, GUID %#16.16llx
+>>0x10		ubequad		x		\b%16.16llx
+# severity code: 1~informational 3~errors
+>0x1C		ulelong		!1		\b, severity %#x
+# apparently a version number: 2 
+>0x20		ulelong		!2		\b, version %u
+# event identifier 1~log file initialised 11h~boot application launched 
+#>0x24		ulelong		x		\b, event %#x
+>0x24		ulelong		!1
+>>0x24		ulelong		!0x11		\b, event %#x
+# entry data; size depends on event identifier  
+#>0x28		ubequad		x		\b, data %#16.16llx
+>0x24		ulelong		=0x1		\b, Init
+# always 0, significance unknown 
+>>0x34		uleshort	!0		\b, not null %u
+# always 7, significance unknown 
+>>0x36		uleshort	!7		\b, not seven %u
+# year
+>>0x28		uleshort	x		%u
+# month
+>>0x2A		uleshort	x		\b-%u
+# day
+>>0x2C		uleshort	x		\b-%u
+# hour
+>>0x2E		uleshort	x		%u
+# minute
+>>0x30		uleshort	x		\b:%u
+# second
+>>0x32		uleshort	x		\b:%u
+# boot application launched
+>0x24		ulelong		=0x11		\b, launched
+# type of start: 0 normally, 1 or 2 maybe in a recovery sequence
+>>0x38		uleshort	!0		\b, type %u
+# pathname of boot application, as null-terminated Unicode string; typically
+# \Windows\system32\winload.exe \Windows\system32\winload.efi
+>>0x3C		lestring16	x		%s
+
+# Summary:	Windows Error Report text files
+# URL:		https://en.wikipedia.org/wiki/Windows_Error_Reporting
+# Reference:	https://www.nirsoft.net/utils/app_crash_view.html
+# Created by:	Joerg Jenderek
+# Note:		in directories	%ProgramData%\Microsoft\Windows\WER\{ReportArchive,ReportQueue}
+#				%LOCALAPPDATA%\Microsoft\Windows\WER\{ReportArchive,ReportQueue}
+0	lestring16	Version=	
+>22	lestring16	EventType	Windows Error Report
+!:mime	text/plain
+# Report.wer
+!:ext	wer
+
+# Summary: Windows 3.1 group files
+# Extension: .grp
+# Created by: unknown
+0	string		\120\115\103\103	MS Windows 3.1 group files
+
+
+# Summary: Old format help files
+# URL: https://en.wikipedia.org/wiki/WinHelp
+# Reference: https://www.oocities.org/mwinterhoff/helpfile.htm
+# Update: Joerg Jenderek
+# Created by: Dirk Jagdmann <doj@cubic.org>
+#
+# check and then display version and date inside MS Windows HeLP file fragment
+0	name				help-ver-date
+# look for Magic of SYSTEMHEADER
+>0	leshort		0x036C
+# version Major		1 for right file fragment
+>>4	leshort		1		Windows
+# print non empty string above to avoid error message
+# Warning: Current entry does not yet have a description for adding a MIME type
+!:mime	application/winhelp
+!:ext	hlp
+# version Minor of help file format is hint for windows version
+>>>2	leshort		0x0F		3.x
+>>>2	leshort		0x15		3.0
+>>>2	leshort		0x21		3.1
+>>>2	leshort		0x27		x.y
+>>>2	leshort		0x33		95
+>>>2	default		x		y.z
+>>>>2	leshort		x		%#x
+# to complete message string like "MS Windows 3.x help file"
+>>>2	leshort		x		help
+# GenDate often older than file creation date
+>>>6	ldate		x		\b, %s
+#
+# Magic for HeLP files
+0	lelong		0x00035f3f
+# ./windows (version 5.25) labeled the entry as "MS Windows 3.x help file"
+# file header magic 0x293B at DirectoryStart+9
+>(4.l+9)	uleshort	0x293B		MS
+# look for @VERSION	bmf.. like IBMAVW.ANN
+>>0xD4		string	=\x62\x6D\x66\x01\x00	Windows help annotation
+!:mime	application/x-winhelp
+!:ext	ann
+>>0xD4		string	!\x62\x6D\x66\x01\x00
+# "GID Help index" by TrID
+>>>(4.l+0x65)	string	=|Pete			Windows help Global Index
+!:mime	application/x-winhelp
+!:ext	gid
+# HeLP Bookmark or
+# "Windows HELP File" by TrID
+>>>(4.l+0x65)		string		!|Pete
+# maybe there exist a cleaner way to detect HeLP fragments
+# brute search for Magic 0x036C with matching Major maximal 7 iterations
+# discapp.hlp
+>>>>16			search/0x49AF/s	\x6c\x03
+>>>>>&0			use 		help-ver-date
+>>>>>&4			leshort		!1
+# putty.hlp
+>>>>>>&0		search/0x69AF/s	\x6c\x03
+>>>>>>>&0		use 		help-ver-date
+>>>>>>>&4		leshort		!1
+>>>>>>>>&0		search/0x49AF/s	\x6c\x03
+>>>>>>>>>&0		use 		help-ver-date
+>>>>>>>>>&4		leshort		!1
+>>>>>>>>>>&0		search/0x49AF/s	\x6c\x03
+>>>>>>>>>>>&0		use 		help-ver-date
+>>>>>>>>>>>&4		leshort		!1
+>>>>>>>>>>>>&0		search/0x49AF/s	\x6c\x03
+>>>>>>>>>>>>>&0		use 		help-ver-date
+>>>>>>>>>>>>>&4		leshort		!1
+>>>>>>>>>>>>>>&0	search/0x49AF/s	\x6c\x03
+>>>>>>>>>>>>>>>&0	use 		help-ver-date
+>>>>>>>>>>>>>>>&4	leshort		!1
+>>>>>>>>>>>>>>>>&0	search/0x49AF/s	\x6c\x03
+# GCC.HLP is detected after 7 iterations
+>>>>>>>>>>>>>>>>>&0	use 		help-ver-date
+# this only happens if bigger hlp file is detected after used search iterations
+>>>>>>>>>>>>>>>>>&4	leshort		!1		Windows y.z help
+!:mime	application/winhelp
+!:ext	hlp
+# repeat search again or following default line does not work
+>>>>16			search/0x49AF/s	\x6c\x03
+# remaining files should be HeLP Bookmark WinHlp32.BMK (XP 32-bit) or WinHlp32 (Windows 8.1 64-bit)
+>>>>16	default				x	Windows help Bookmark
+!:mime	application/x-winhelp
+!:ext	bmk
+## FirstFreeBlock normally FFFFFFFFh 10h for *ANN
+##>>8	lelong			x		\b, FirstFreeBlock %#8.8x
+# EntireFileSize
+>>12	lelong			x		\b, %d bytes
+## ReservedSpace normally 042Fh AFh for *.ANN
+#>>(4.l)	lelong		x		\b, ReservedSpace %#8.8x
+## UsedSpace normally 0426h A6h for *.ANN
+#>>(4.l+4)	lelong		x		\b, UsedSpace %#8.8x
+## FileFlags normally 04...
+#>>(4.l+5)	lelong		x		\b, FileFlags %#8.8x
+## file header magic 0x293B
+#>>(4.l+9)	uleshort	x		\b, file header magic %#4.4x
+## file header Flags		0x0402
+#>>(4.l+11)	uleshort	x		\b, file header Flags %#4.4x
+## file header PageSize	0400h 80h for *.ANN
+#>>(4.l+13)	uleshort	x		\b, PageSize %#4.4x
+## Structure[16]		z4
+#>>(4.l+15)	string		>\0		\b, Structure_"%-.16s"
+## MustBeZero			0
+#>>(4.l+31)	uleshort	x		\b, MustBeZero %#4.4x
+## PageSplits
+#>>(4.l+33)	uleshort	x		\b, PageSplits %#4.4x
+## RootPage
+#>>(4.l+35)	uleshort	x		\b, RootPage %#4.4x
+## MustBeNegOne			0xffff
+#>>(4.l+37)	uleshort	x		\b, MustBeNegOne %#4.4x
+## TotalPages			1
+#>>(4.l+39)	uleshort	x		\b, TotalPages %#4.4x
+## NLevels			0x0001
+#>>(4.l+41)	uleshort	x		\b, NLevels %#4.4x
+## TotalBtreeEntries
+#>>(4.l+43)	ulelong		x		\b, TotalBtreeEntries %#8.8x
+## pages of the B+ tree
+#>>(4.l+47)	ubequad		x		\b, PageStart %#16.16llx
+
+# start with colon or semicolon for comment line like Back2Life.cnt
+0		regex		\^(:|;)
+# look for first keyword Base
+>0		search/45	:Base
+>>&0				use 		cnt-name
+# only solution to search again from beginning , because relative offsets changes when use is called
+>0		search/45	:Base
+>0		default		x
+# look for other keyword Title like in putty.cnt
+>>0		search/45	:Title
+>>>&0				use 		cnt-name
+#
+# display mime type and name of Windows help Content source
+0	name				cnt-name
+# skip space at beginning
+>0     string		\040
+# name without extension and greater character or name with hlp extension
+>>1	regex/c		\^([^\xd>]*|.*\\.hlp)	MS Windows help file Content, based "%s"
+!:mime	text/plain
+!:apple	????TEXT
+!:ext	cnt
+#
+# Windows creates a full text search from hlp file, if the user clicks the "Find" tab and enables keyword indexing
+0	string		tfMR			MS Windows help Full Text Search index
+!:mime application/x-winhelp-fts
+!:ext	fts
+>16	string		>\0			for "%s"
+
+# Summary: Hyper terminal
+# Created by: unknown
+# Update:	Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/HyperACCESS
+#		https://www.hilgraeve.com/hyperterminal/
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/h/ht.trid.xml
+# Note:		called "HyperTerminal data file" by TrID and "HyperTerminal File" on English Windows
+0	string		HyperTerminal\040
+>14	string		1.0\ --\ HyperTerminal\ data\ file	MS Windows HyperTerminal profile
+#!:mime	application/octet-stream
+!:mime	application/x-ms-ht
+!:ext	ht
+
+# https://ithreats.files.wordpress.com/2009/05/\040
+# lnk_the_windows_shortcut_file_format.pdf
+# Summary: Windows shortcut
+# Created by: unknown
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Windows_Shortcut
+#		https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-shllink/
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/l/lnk-shortcut.trid.xml
+#		https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-SHLLINK/%5bMS-SHLLINK%5d.pdf
+# Note:		called "Windows Shortcut" by TrID, "Microsoft Windows Shortcut" by DROID via PUID x-fmt/428 and "Windows shortcut file" by ./msdos (v 1.158)
+# 		partly verified by command like `lnkinfo AOL.lnk`
+# 'L' + GUUID
+# HeaderSize + LinkCLSID 00021401-0000-0000-C000-000000000046
+0	string		\114\0\0\0\001\024\002\0\0\0\0\0\300\0\0\0\0\0\0\106	MS Windows shortcut
+!:mime	application/x-ms-shortcut
+!:ext	lnk
+# LinkFlags
+# HasLinkTargetIDList; if set a LinkTargetIDList structure MUST follow the ShellLinkHeader; If is not set, structure MUST NOT be present
+>20	lelong&1	1	\b, Item id list present
+# HasLinkInfo; if set a LinkInfo structure MUST follow the ShellLinkHeader or LinkTargetIDList; If is not set, structure MUST NOT be present
+>20	lelong&2	2	\b, Points to a file or directory
+>20	lelong&4	4	\b, Has Description string
+>20	lelong&8	8	\b, Has Relative path
+>20	lelong&16	16	\b, Has Working directory
+>20	lelong&32	32	\b, Has command line arguments
+>20	lelong&64	64	\b, Icon
+# IconIndex
+>>56	lelong		x	\b number=%d
+# IsUnicode; If set then StringData section contains Unicode-encoded strings
+>20	lelong&128	128	\b, Unicoded
+# ForceNoLinkInfo; LinkInfo structure is ignored
+>20	lelong&256	256	\b, NoLinkInfo
+# HasExpString; with an EnvironmentVariableDataBlock
+>20	lelong&512	512	\b, HasEnvironment
+# look for BlockSize 314h and EnvironmentVariableDataBlock BlockSignature A0000001h
+>>76	search/1972		\x14\x03\x00\x00\x01\x00\x00\xa0
+# TargetAnsi (260 bytes); NULL-terminated path to environment variable encoded with system default code page
+#>>>&0	string		x	'%s'
+# TargetUnicode (520 bytes): optional NULL-terminated path to same environment variable Unicode encoded
+# like: "%windir%\system32\calc.exe"
+>>>&260	lestring16	x	"%s"
+# RunInSeparateProcess; run in a separate virtual machine when launching a 16-bit application; no examples found
+>20	lelong&1024	1024	\b, RunInSeparateProcess
+# Unused1; undefined and MUST be ignored
+#>20	lelong&2048	2048	\b, Unused1
+# HasDarwinID; with a DarwinDataBlock
+>20	lelong&4096	4096	\b, HasDarwinID
+# look for BlockSize 314h and DarwinDataBlock BlockSignature A0000006h
+>>76	search/1972		\x14\x03\x00\x00\x06\x00\x00\xa0
+# DarwinDataAnsi (260 bytes); NULL-terminated application identifier encoded with system default code page; SHOULD be ignored
+#>>>&0	string		x	'%s'
+# DarwinDataUnicode (520 bytes); NULL-terminated application identifier Unicode encoded
+>>>&260	lestring16	x	"%s"
+# RunAsUser; target application is run as a different user
+>20	lelong&8192	8192	\b, RunAsUser
+# HasExpIcon; with an IconEnvironmentDataBlock
+>20	lelong&16384	16384	\b, HasExpIcon
+# look for BlockSize 314h and IconEnvironmentDataBlock BlockSignature A0000007h
+>>76	search/1972		\x14\x03\x00\x00\x07\x00\x00\xa0
+# TargetAnsi (260 bytes); NULL-terminated path to environment icon variable encoded with system default code page
+#>>>&0	string		x	'%s'
+# TargetUnicode (520 bytes); optional NULL-terminated path to same icon environment variable Unicode encoded
+# like: "%SystemDrive%\Program Files\YaCy\addon\YaCy.ico"
+>>>&260	lestring16	x	"%s"
+# NoPidlAlias; represented in the shell namespace; no examples found
+>20	lelong&32768	32768	\b, NoPidlAlias
+# Unused2; undefined and MUST be ignored
+#>20	lelong&65536	65536	\b, Unused2
+# RunWithShimLayer; with a ShimDataBlock; no examples found
+>20	lelong&131072	131072	\b, RunWithShimLayer
+# ForceNoLinkTrack; TrackerDataBlock is ignored; no examples found
+>20	lelong&262144	262144	\b, ForceNoLinkTrack
+>20	lelong&262144	0
+# look for BlockSize 60h, TrackerDataBlock BlockSignature A0000003h, it length 58h and Version 0
+>>76	search/1972		\x60\x00\x00\x00\x03\x00\x00\xa0\x58\x00\x00\x00\0\0\0\0
+# MachineID (16 bytes); a NULL-terminated NetBIOS name encoded with system default code page of the machine
+>>>&0	string		x			\b, MachineID %0.16s
+# Droid (32 bytes)
+#
+# DroidBirth (32 bytes)
+#
+# EnableTargetMetadata; collect target properties and store in PropertyStoreDataBlock
+>20	lelong&524288	524288	\b, EnableTargetMetadata
+# look for BlockSize >= Ch, PropertyStoreDataBlock BlockSignature A0000009h
+#>>76	search/1972		\x00\x00\x09\x00\x00\xa0
+# PropertyStore (variable)
+#
+# DisableLinkPathTracking; EnvironmentVariableDataBlock is ignored; no examples found
+>20	lelong&1048576	1048576	\b, DisableLinkPathTracking
+# DisableKnownFolderTracking; SpecialFolderDataBlock and KnownFolderDataBlock are ignored and not saved
+>20	lelong&2097152	2097152	\b, DisableKnownFolderTracking
+>20	lelong&2097152	0
+# look for BlockSize 1Ch and KnownFolderDataBlock BlockSignature A000000Bh
+>>76	search/1972		\x1c\x00\x00\x00\x0B\x00\x00\xa0
+# https://learn.microsoft.com/en-us/dotnet/desktop/winforms/controls/known-folder-guids-for-file-dialog-custom-places
+# KnownFolderID specifies the folder GUID ID
+# ProgramFiles				905E63B6-C1BF-494E-B29C-65B732D3D21A
+# ProgramFilesX86			7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E
+>>>&0	guid	x			KnownFolderID %s
+# DisableKnownFolderAlias; unaliased form of the known folder IDList SHOULD be used; no examples found
+>20	lelong&4194304	4194304	\b, DisableKnownFolderAlias
+# AllowLinkToLink; link that references another link is enabled; no examples found
+>20	lelong&8388608	8388608	\b, AllowLinkToLink
+# UnaliasOnSave; unaliased form of that known folder or the target IDList SHOULD be used; no examples found
+>20	lelong&16777216 16777216	\b, UnaliasOnSave
+# PreferEnvironmentPath; path specified in the EnvironmentVariableDataBlock SHOULD be used
+>20	lelong&33554432	33554432	\b, PreferEnvironmentPath
+# KeepLocalIDListForUNCTarget; UNC name SHOULD be stored in local path IDList in PropertyStoreDataBlock; no examples found
+>20	lelong&67108864	67108864	\b, KeepLocalIDListForUNCTarget
+# FileAttributes
+>24	lelong&1	1	\b, Read-Only
+>24	lelong&2	2	\b, Hidden
+>24	lelong&4	4	\b, System
+# Reserved1; MUST be zero
+>24	lelong&8	8	\b, Reserved1
+>24	lelong&16	16	\b, Directory
+>24	lelong&32	32	\b, Archive
+# Reserved2; MUST be zero
+>24	lelong&64	64	\b, Reserved2
+>24	lelong&128	128	\b, Normal
+>24	lelong&256	256	\b, Temporary
+# no examples found
+>24	lelong&512	512	\b, Sparse
+# no examples found
+>24	lelong&1024	1024	\b, Reparse point
+>24	lelong&2048	2048	\b, Compressed
+>24	lelong&4096	4096	\b, Offline
+# FILE_ATTRIBUTE_NOT_CONTENT_INDEXED; contents need to be indexed
+>24	lelong&8192	8192	\b, NeedIndexed
+# FILE_ATTRIBUTE_ENCRYPTED; file or directory is encrypted
+>24	lelong&16384	16384	\b, Encrypted
+# value zero means there is no time set on the target
+>28	leqwdate	!0	\b, ctime=%s
+# Access time of target in UTC
+>36	leqwdate	!0	\b, atime=%s
+# write time of target in UTC
+>44	leqwdate	!0	\b, mtime=%s
+# FileSize; 32 bit size of target in bytes
+>52	lelong		x	\b, length=%u, window=
+# ShowCommand; 1~SW_SHOWNORMAL 3~SW_SHOWMAXIMIZED HerzlichMEDION.lnk 7~SW_SHOWMINNOACTIVE YaCy.lnk Privoxy.lnk; All other values like 2 MUST be treated as SW_SHOWNORMAL
+#>60	lelong		x	ShowCommand=%#x
+>60	lelong		x
+>>60	lelong		3	\bshowmaximized
+>>60	lelong		7	\bshowminnoactive
+>>60	default		x	\bnormal
+# Hotkey
+>64	uleshort	>0	\b, hot key
+# 41h~A 42h~B ...
+>>64	ubyte		x	%c
+# modifier keys: 0x01~HOTKEYF_SHIFT 0x02~HOTKEYF_CONTROL 0x04~HOTKEYF_ALT
+>>65	ubyte&1		1	\b+SHIFT
+>>65	ubyte&2		2	\b+CONTROL
+>>65	ubyte&4		4	\b+ALT
+# Reserved; MUST be zero
+#>66	uleshort	!0	\b, reserved %#x
+# Reserved2; MUST be zero
+#>68	ulelong		!0	\b, reserved2 %#x
+# Reserved3; MUST be zero
+#>72	ulelong		!0	\b, reserved3 %#x
+# optional LINKTARGET_IDLIST if LinkFlags bit HasLinkTargetIDList is set
+>20	lelong&1	1
+# IDListSize; size of IDList
+>>76	uleshort	x	\b, IDListSize %#4.4x
+# 1st item
+>>78	use		lnk-item
+# 2nd possible item
+>>(78.s+78)	uleshort	>0
+>>>(78.s+78)	use			lnk-item
+# 3rd possible item
+>>>&(&-2.s-2)	uleshort	>0
+>>>>&-2		use			lnk-item
+# 4th possible item
+>>>>&(&-2.s-2)	uleshort	>0
+>>>>>&-2	use			lnk-item
+# Because HasLinkInfo is set, a LinkInfo structure follows
+>20	lelong&2	2
+# if no LINKTARGET_IDLIST (no HasLinkTargetIDList) then direct after header; no example found
+>>20	lelong&1	=0
+>>>76	use			lnk-info
+# if LINKTARGET_IDLIST (HasLinkTargetIDList) then after LINKTARGET_IDLIST by addtional IDListSize bytes 
+>>20	lelong&1	=1
+>>>76	uleshort	>0
+#>>>>(76.s+78)	use		lnk-info
+>>>>(76.s+78)	ubelong	x
+# move pointer to beginnig of LinkInfo structure
+>>>>>&-8	ubelong	x
+#>>>>>>&16	ulelong	x	\b, LocalBasePathOffset=%#8.8x
+>>>>>>&(&16.l) string	x	\b, LocalBasePath "%s"
+# check and then display link item (size,data)
+0	name		lnk-item
+# size value 0x0000 means TerminalID; indicates the end of the item IDs list
+>0	uleshort	>0
+#>>0	uleshort	x	\b, ItemIDSize %#4.4x
+# item Data
+#>>2	ubequad		x	\b, Item data=%#16.16llx
+#>>2	ubyte		x	\b, Item type=%#x
+>>2	ubyte		=0x1f	\b, Root folder
+# like:	"26EE0668-A00A-44D7-9371-BEB064C98683"	Control Panel
+#	"20D04FE0-3AEA-1069-A2D8-08002B30309D"	My Computer
+#	"871C5380-42A0-1069-A2EA-08002B30309D"	Internet Explorer
+>>>4	guid		x	"%s"
+>>2	ubyte		=0x2f	\b, Volume
+# like: "C:\" "D:\"
+>>>3	string		x	"%s"
+# Control panel category
+#>>2	ubyte		foo	\b, Control panel category
+# display LinkInfo structure (size,flags,offsets)
+0	name		lnk-info
+# LinkInfoSize; size of the LinkInfo structure
+>0	ulelong		x	\b, LinkInfoSize %#x
+# LinkInfoHeaderSize; if 1C no optional fields; >=24 optional fields are specified
+>4	ulelong		x	\b, LinkInfoHeaderSize %#x
+# LinkInfoFlags; 
+#>8	ulelong	 	x	\b, LinkInfoFlags=%#x
+>8	ulelong&1 	1	\b, VolumeIDAndLocalBasePath
+# VolumeIDOffset; location of the VolumeID field (VolumeIDSize DriveType DriveSerialNumber VolumeLabelOffset ... ) inside LinkInfo structure
+>>12	ulelong	  	x	\b, VolumeIDOffset %#x
+# LocalBasePathOffset; location of LocalBasePath field like "C:\test\a.txt" inside LinkInfo structure
+>>16	ulelong		x	\b, LocalBasePathOffset %#x
+# LocalBasePathOffsetUnicode; location of the LocalBasePathUnicode field inside LinkInfo structure
+>>4	ulelong		>23
+>>>28	ulelong		x	\b, LocalBasePathOffsetUnicode %#x
+>8	ulelong&2 	2	\b, CommonNetworkRelativeLinkAndPathSuffix
+# CommonNetworkRelativeLinkOffset; location of the CommonNetworkRelativeLink field inside LinkInfo structure
+>>20	ulelong		x	\b, CommonNetworkRelativeLinkOffset %#x
+# CommonPathSuffixOffset; location of CommonPathSuffix field
+>24	ulelong		x	\b, CommonPathSuffixOffset %#x
+# CommonPathSuffixOffsetUnicode; location of CommonPathSuffixUnicode field inside LinkInfo structure
+>4	ulelong		>23
+>>32	ulelong		x	\b, CommonPathSuffixOffsetUnicode %#x
+
+# Summary: Outlook Personal Folders
+# Created by: unknown
+# Update:	Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/Personal_Folder_File
+#		https://en.wikipedia.org/wiki/Personal_Storage_Table
+# Reference:	https://interoperability.blob.core.windows.net/files/MS-PST/%5bMS-PST%5d.pdf
+#		http://mark0.net/download/triddefs_xml.7z/defs/p/pab.trid.xml
+# dwMagic !BDN
+0	lelong		0x4E444221
+# skip DROID x-fmt-75-signature-id-472.pab x-fmt-248-signature-id-260.pst x-fmt-249-signature-id-261.pst
+# by check for existance of bPlatformCreate value
+>14	ubyte	x		Microsoft Outlook
+#!:mime		application/octet-stream
+# NOT official registered !
+!:mime		application/vnd.ms-outlook
+# dwCRCPartial; 32-bit cyclic redundancy check (CRC) value of followin 471 bytes; zero for 64-bit
+#>>4	ulelong		!0			\b, CRC %#x
+# wMagicClient; AB (4142h) is used for PAB files; SM (534Dh) is used for PST files; SO (534Fh) is used for OST files
+#>>8	leshort		x			\b, wMagicClient=%#x
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p/pab.trid.xml
+# Note:		called "Microsoft Personal Address Book" by TrID and
+#		"Microsoft Outlook Personal Address Book" by DROID via x-fmt/75
+>>8	leshort		0x4142			Personal Address Book
+#!:mime	application/x-ms-pab
+!:ext	pab
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p/pst.trid.xml
+#		http://mark0.net/download/triddefs_xml.7z/defs/p/pst-unicode.trid.xml
+# Note:		called "Microsoft OutLook Personal Folder" by TrID and
+#		by DROID via x-fmt/248 for ANSI and via x-fmt/249 for Unicode
+#>>8	leshort		0x4D53			\b, PST~
+# called "Microsoft Outlook email folder" in ./windows version 1.37 and older
+>>8	leshort		0x4D53			Personal Storage
+#!:mime	application/x-ms-pst
+!:ext	pst
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/o/ost.trid.xml
+# Note:		called "Outlook Exchange Offline Storage" by TrID
+>>8	leshort		0x4F53			Offline Storage
+#!:mime	application/x-ms-ost
+!:ext	ost
+# wVer; file format version. 14 or 15 if the file is ANSI; > 21 or 23(=17h) if Unicode; 37 for written by Outlook with WIP
+>>10	uleshort	x			(
+# probably NO intermediate versions exist
+>>10	leshort		<0x10			\b<=2002, ANSI,
+>>10	leshort		>0x14			\b>=2003, Unicode,
+>>10	uleshort	x			version %u)
+# wVerClient; client file format version like: 19 22
+#>>12	uleshort	x			\b, wVerClient=%u
+# bPlatformCreate; This value MUST be set to 1 but also found 2
+>>14	ubyte		>1			\b, bPlatformCreate=%u
+# bPlatformAccess; This value MUST be set to 1 but also found 2
+>>15	ubyte		>1			\b, bPlatformAccess=%u
+# dwReserved1; SHOULD ignore and NOT modify this value; SHOULD initialize to zero
+>>16	ulelong		!0			\b, dwReserved1=%#x
+# dwReserved2; SHOULD ignore and NOT modify this value; SHOULD initialize to zero
+>>20	ulelong		!0			\b, dwReserved2=%#x
+# ANSI 32-bit variant Outlook 1997-2002
+>>10	uleshort	<16
+# bidNextB; next BlockID (ANSI 4 bytes)
+#>>>24		ulelong	!0			\b, bidNextB=%#x
+# bidNextP; Next available back BlockID pointer
+#>>>28		ulelong	!0			\b, bidNextP=%#x
+# dwUnique; value monotonically increased when modifying PST; so CRC is changing
+>>>32		ulelong	!0			\b, dwUnique=%#x
+# rgnid[128]; A fixed array of 32 NodeIDs, each corresponding to one of the 32 possible NID_TYPEs
+#>>>36		ubequad	x			\b, rgnid=%#llx...
+# dwReserved; Implementations SHOULD ignore this value and SHOULD NOT modify it; Initialized zero
+>>>164		ulelong	!0			\b, dwReserved=%#x
+# ibFileEof; the size of the PST file, in bytes (ANSI 4 bytes)
+>>>168		ulelong	x			\b, %u bytes
+# ibAMapLast; offset to the last AMap page
+#>>>172		ulelong	x			\b, ibAMapLast=%#x
+# bSentinel; MUST be set to 0x80
+>>>460		ubyte	!0x80			\b, bSentinel=%#x
+# bCryptMethod: 0~No encryption 1~encryption with permutation 2~encryption with cyclic 16~encryption with Windows Information Protection (WIP)
+>>>461		ubyte	>0			\b, bCryptMethod=%u
+# UNICODE 64-bit variant Outlook 2003-2007
+>>10	uleshort >20
+# bidUnused; Unused 8 bytes padding (Unicode only); sometimes like: 0x0000000100000004
+>>>24		ulequad	!0x0000000100000004	\b, bidUnused=%#16.16llx
+# dwUnique; value monotonically increased when modifying PST; so CRC is changing
+>>>40		ulelong	!0			\b, dwUnique=%#x
+# rgnid[] (128 bytes): A fixed array of 32 NIDs, each corresponding to one of the 32 possible
+#>>>44		ubequad	x			\b, rgnid=%#llx...
+# ibFileEof; the size of the PST file, in bytes (Unicode 8 bytes)
+>>>184		ulequad	x			\b, %llu bytes
+# bSentinel; MUST be set to 0x80
+>>>512		ubyte	!0x80			\b, bSentinel=%#x
+# bCryptMethod; Encryption type like: 0 1 2 16
+>>>513		ubyte	>0			\b, bCryptMethod=%u
+# dwCRC; 32-bit CRC of the of the previous 516 bytes
+>>>524		ulelong		x		\b, CRC32 %#x
+
+
+# Summary: Windows help cache
+# Created by: unknown
+0	string		\164\146\115\122\012\000\000\000\001\000\000\000	MS Windows help cache
+
+
+# Summary: IE cache file
+# Created by: Christophe Monniez
+0	string	Client\ UrlCache\ MMF 	Internet Explorer cache file
+>20	string	>\0			version %s
+
+
+# Summary: Registry files
+# Created by: unknown
+# Modified by (1): Joerg Jenderek
+0	string		regf		MS Windows registry file, NT/2000 or above
+0	string		CREG		MS Windows 95/98/ME registry file
+0	string		SHCC3		MS Windows 3.1 registry file
+
+
+# Summary: Windows Registry text
+# URL: https://en.wikipedia.org/wiki/Windows_Registry#.REG_files
+# Reference: http://fileformats.archiveteam.org/wiki/Windows_Registry
+# Submitted by: Abel Cheung <abelcheung@gmail.com>
+# Update: Joerg Jenderek
+#		Windows 3-9X variant
+0	string		REGEDIT
+# skip ASCII text like "REGEDITor.txt" but match
+# L1WMAP.REG with only 1 CRNL or org.gnome.gnumeric.reg with 2 NL
+>7	search/3	\n			Windows Registry text
+!:mime	text/x-ms-regedit
+!:ext	reg
+#		Windows 9X variant
+>>0	string		REGEDIT4		(Win95 or above)
+#		Windows 2K ANSI variant
+0	string		Windows\ Registry\ Editor\ 
+>&0	string		Version\ 5.00\r\n\r\n	Windows Registry text (Win2K or above)
+!:mime	text/x-ms-regedit
+!:ext	reg
+#		Windows 2K UTF-16 variant
+2	lestring16	Windows\ Registry\ Editor\ 
+>0x32	lestring16	Version\ 5.00\r\n\r\n	Windows Registry little-endian text (Win2K or above)
+# relative offset not working
+#>&0	lestring16	Version\ 5.00\r\n\r\n	Windows Registry little-endian text (Win2K or above)
+!:mime	text/x-ms-regedit
+!:ext	reg
+#		WINE variant
+# URL: https://en.wikipedia.org/wiki/Wine_(software)
+# Reference: https://www.winehq.org/pipermail/wine-cvs/2005-October/018763.html
+# Note:	WINE use text based registry (system.reg,user.reg,userdef.reg)
+#	instead binary hiv structure like Windows
+0	string	WINE\ REGISTRY\ Version\ 	WINE registry text
+# version 2
+>&0	string	x				\b, version %s
+!:mime	text/x-wine-extension-reg
+!:ext	reg
+
+# Windows *.INF *.INI files updated by Joerg Jenderek at Apr 2013, Feb 2018
+# empty ,comment , section
+# PR/383: remove unicode BOM because it is not portable across regex impls
+#0	regex/s		\\`(\\r\\n|;|[[])
+# empty line CRLF
+0	ubeshort	0x0D0A
+>0	use		ini-file
+# comment line starting with semicolon
+0	string		;
+# look for phrase of Windows policy ADMinistrative template (with starting remark)
+# like: WINDOW_95_CD/TOOLS/RESKIT/netadmin/poledit/conf.adm
+>1	search/3548	END\040CATEGORY
+# ADM with remark (by adm-rem.trid.xml) already done by generic ASCII variant
+# if no Windows policy ADMinistrative template then Windows INItialization
+>1	default		x
+>>0	use		ini-file
+# section line starting with left bracket
+0	string		[
+>0	use		ini-file
+# check and then display Windows INItialization configuration
+0	name		ini-file
+# look for left bracket in section line
+>0	search/8192	[
+# https://en.wikipedia.org/wiki/Autorun.inf
+# https://msdn.microsoft.com/en-us/library/windows/desktop/cc144200.aspx
+# space after right bracket
+# or AutoRun.Amd64 for 64 bit systems
+# or only NL separator
+>>&0	regex/c		\^autorun
+# but sometimes total commander directory tree file "treeinfo.wc" with lines like
+# [AUTORUN]
+# [boot]
+>>>&0	string		=]\r\n[					Total commander directory treeinfo.wc
+!:mime text/plain
+!:ext	wc
+# From: Pal Tamas <folti@balabit.hu>
+# Autorun File
+>>>&0	string		!]\r\n[					Microsoft Windows Autorun file
+!:mime application/x-setupscript
+!:ext	inf
+# https://msdn.microsoft.com/en-us/library/windows/hardware/ff549520(v=vs.85).aspx
+# version strings ASCII coded case-independent for Windows setup information script file
+>>&0	regex/c		\^(version|strings)]				Windows setup INFormation
+!:mime	application/x-setupscript
+#!:mime application/x-wine-extension-inf
+!:ext	inf
+# NETCRC.INF OEMCPL.INF
+>>&0	regex/c		\^(WinsockCRCList|OEMCPL)]			Windows setup INFormation
+!:mime	application/x-setupscript
+!:ext	inf
+# http://www.winfaq.de/faq_html/Content/tip2500/onlinefaq.php?h=tip2653.htm
+# https://msdn.microsoft.com/en-us/library/windows/desktop/cc144102.aspx
+# .ShellClassInfo DeleteOnCopy LocalizedFileNames ASCII coded case-independent
+>>&0	regex/1024c	\^(\\.ShellClassInfo|DeleteOnCopy|LocalizedFileNames)]	Windows desktop.ini
+!:mime application/x-wine-extension-ini
+#!:mime text/plain
+# https://support.microsoft.com/kb/84709/
+>>&0	regex/c		\^don't\ load]					Windows CONTROL.INI
+!:mime application/x-wine-extension-ini
+!:ext	ini
+>>&0	regex/c		\^(ndishlp\\$|protman\\$|NETBEUI\\$)]		Windows PROTOCOL.INI
+!:mime application/x-wine-extension-ini
+!:ext	ini
+# https://technet.microsoft.com/en-us/library/cc722567.aspx
+# http://www.winfaq.de/faq_html/Content/tip0000/onlinefaq.php?h=tip0137.htm
+>>&0	regex/c		\^(windows|Compatibility|embedding)]		Windows WIN.INI
+!:mime application/x-wine-extension-ini
+!:ext	ini
+# https://en.wikipedia.org/wiki/SYSTEM.INI
+>>&0	regex/c		\^(boot|386enh|drivers)]			Windows SYSTEM.INI
+!:mime application/x-wine-extension-ini
+!:ext	ini
+# http://www.mdgx.com/newtip6.htm
+>>&0	regex/c		\^SafeList]					Windows IOS.INI
+!:mime application/x-wine-extension-ini
+!:ext	ini
+# https://en.wikipedia.org/wiki/NTLDR	Windows Boot Loader information
+>>&0	regex/c		\^boot\x20loader]				Windows boot.ini
+!:mime application/x-wine-extension-ini
+!:ext	ini
+# https://en.wikipedia.org/wiki/CONFIG.SYS
+>>&0	regex/c		\^menu]						MS-DOS CONFIG.SYS
+# @CONFIG.UI configuration file of previous DOS version saved by Caldera OPENDOS INSTALL.EXE
+# CONFIG.PSS saved version of file CONFIG.SYS created by %WINDIR%\SYSTEM\MSCONFIG.EXE
+# CONFIG.TSH renamed file CONFIG.SYS.BAT by %WINDIR%\SYSTEM\MSCONFIG.EXE
+# dos and w40 used in dual booting scene
+!:ext	sys/dos/w40
+# https://support.microsoft.com/kb/118579/
+>>&0	regex/c		\^Paths]\r\n					MS-DOS MSDOS.SYS
+!:ext	sys/dos
+# http://chmspec.nongnu.org/latest/INI.html#HHP
+>>&0	regex/c		\^options]\r\n					Microsoft HTML Help Project
+!:mime text/plain
+!:ext	hhp
+# From:		Joerg Jenderek
+# URL:		https://documentation.basis.com/BASISHelp/WebHelp/b3odbc/ODBC_Driver/obdcdriv_character_translation.htm
+# Reference:	https://www.garykessler.net/library/file_sigs.html
+#		http://mark0.net/download/triddefs_xml.7z/defs/c/cpx.trid.xml
+# Note:		stored in directory %WINDIR%\SysWOW64 or %WINDIR%\system
+#		second word often Latin but sometimes Cyrillic like in 12510866.CPX
+>>&0	regex/c		\^Windows\ (Latin|Cyrillic)			Windows codepage translator
+#!:mime	text/plain
+!:mime	text/x-ms-cpx
+# like: 12510866.CPX 
+!:ext	cpx
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/File_Explorer
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/s/scf-exp.trid.xml,scf-exp-old.trid.xml
+# Note:		called "Windows Explorer Command Shell File" by TrID and "File Explorer Command" by Windows via SHCmdFile
+>>&0	regex/c		\^Shell]\r\n					Windows Explorer Shell Command File
+#!:mime	text/plain
+!:mime	text/x-ms-scf
+# like: channels.scf desktop.scf explorer.scf "Desktop anzeigen.scf"
+!:ext	scf
+# look for icon file directive maybe pointing to malicious file
+>>>1		search/128	IconFile=				\b, icon
+>>>>&0		string		x					"%s"
+# From:		Joerg Jenderek
+# URL:		http://en.wikipedia.org/wiki/VIA_Technologies
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/s/scf-via.trid.xml
+# Note:		called "VIA setup configuration file" by TrID
+>>&0	regex/c		\^SCF]\r\n					VIA setup configuration
+#!:mime	text/plain
+!:mime	text/x-via-scf
+# like: SETUP.SCF
+!:ext	scf
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/InstallShield
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/l/lid-is.trid.xml
+# Note:		contain also 3 keywords like: count Default key0
+>>&0	regex/c		\^Languages]					InstallShield Language Identifier
+#!:mime	text/plain
+!:mime	text/x-installshield-lid
+# like: SETUP.LID
+!:ext	lid
+# From:		Joerg Jenderek
+# URL:		https://www.file-extensions.org/tag-file-extension
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/t/taginfo.trid.xml
+# Note:		contain also keywords like: Application Category Company Misc Version
+>>&0	regex/c		\^TagInfo]					TagInfo
+#!:mime	text/plain
+#!:mime	text/prs.lines.tag
+!:mime	text/x-ms-tag
+# like: DATA.TAG
+!:ext	tag
+# URL:		https://en.wikipedia.org/wiki/Flatpak
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/f/flatpakref.trid.xml
+# Note:		called "Flatpack Reference" by TrID
+>>&0	string		Flatpak\ Ref]					Flatpak repository reference
+#!:mime	text/plain
+# https://reposcope.com/mimetype/application/vnd.flatpak.ref
+!:mime	application/vnd.flatpak.ref
+!:ext	flatpakref
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/CloneCD
+# Reference:	https://en.wikipedia.org/wiki/CloneCD_Control_File
+#		http://mark0.net/download/triddefs_xml.7z/defs/c/cdimage-clonecd-cue.trid.xml
+# Note:		called "CloneCD CDImage (description)" by TrID and "CloneCD Control File" by DROID via PUID fmt/1760
+>>&0	string		CloneCD]					CloneCD CD-image Description
+#!:mime	text/plain
+!:mime	text/x-ccd
+!:ext	ccd
+# unknown keyword after opening bracket
+>>&0	default				x
+#>>>&0	string/c			x	UNKNOWN [%s
+# look for left bracket of second section
+>>>&0	search/8192			[
+# version Strings FileIdentification
+>>>>&0	string/c			version				Windows setup INFormation
+!:mime application/x-setupscript
+!:ext	inf
+# From:		Joerg Jenderek
+# URL:		https://cdrtfe.sourceforge.io/
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/c/cfp-cdrtfe.trid.xml
+>>>>&0	string				FileExplorer]			cdrtfe Project
+!:mime	text/x-cfp
+!:ext	cfp
+# https://en.wikipedia.org/wiki/Initialization_file	Windows Initialization File or other
+>>>>&0	default				x
+>>>>>&0	ubyte				x
+# characters, digits, underscore and white space followed by right bracket
+# terminated by CR implies section line to skip BOOTLOG.TXT DETLOG.TXT
+>>>>>>&-1	regex/T			\^([A-Za-z0-9_\(\)\ ]+)\]\r	Generic INItialization configuration [%-.40s
+# NETDEF.INF multiarc.ini 
+#!:mime	application/x-setupscript
+!:mime	application/x-wine-extension-ini
+#!:mime	text/plain
+!:ext	ini/inf
+# samples with only 1 and unknown section name
+# XXX: matches a file containing '[1] 2'
+#>>>&0	default				x				Generic INItialization configuration
+#>>>>0	string				x				\b, 1st line "%s"
+# UTF-16 BOM
+0	ubeshort		=0xFFFE
+# look for phrase of Windows policy ADMinistrative template (UTF-16 by adm-uni.trid.xml)
+# like: wuau.adm
+>2	search/0x384A	E\0N\0D\0\040\0C\0A\0T\0E\0G\0O\0R\0Y\0
+>>0	use		windows-adm
+# if no Windows policy ADMinistrative template then Windows INFormation
+>2	default		x
+# UTF-16 BOM followed by CR~0D00 , comment~semicolon~3B00 , section~bracket~5B00
+>>0	ubelong&0xFFff89FF	=0xFFFE0900
+# look for left bracket in section line
+>>>2	search/8192		[
+# keyword without 1st letter which is maybe up-/down-case
+>>>>&3	lestring16		ersion]			Windows setup INFormation
+!:mime	application/x-setupscript
+# like: hdaudio.inf iscsi.inf spaceport.inf tpm.inf usbhub3.inf UVncVirtualDisplay.inf
+!:ext	inf
+>>>>&3	lestring16		trings]			Windows setup INFormation
+!:mime	application/x-setupscript
+# like: arduino_gemma.inf iis.inf MSM8960.inf
+!:ext	inf
+>>>>&3	lestring16		ourceDisksNames]	Windows setup INFormation
+!:mime	application/x-setupscript
+# like: atiixpag.inf mdmnokia.inf netefe32.inf rdpbus.inf
+!:ext	inf
+# netnwcli.inf start with ;---[ NetNWCli.INX ]
+>>>>&3	default			x
+# look for NL followed by left bracket
+>>>>>&0	search/8192		\x0A\x00\x5b
+# like: defltwk.inf netvwifibus.inf WSDPrint.inf
+>>>>>>&3 lestring16		ersion]			Windows setup INFormation
+!:mime	application/x-setupscript
+!:ext	inf
+
+# Summary:	Windows Policy ADMinistrative template
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Administrative_Template
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/a/adm.trid.xml
+# Note:		typically stored in directory like: %WINDIR%\system32\GroupPolicy\ADM
+# worst case ASCII variant starting with remark line like: inetset.adm
+0	search/0x4E	CLASS\040
+>&0	string		MACHINE
+>>0	use		windows-adm
+>&0	string		USER
+>>0	use		windows-adm
+# display information about Windows policy ADMinistrative template
+0	name		windows-adm	Windows Policy Administrative Template
+!:mime	text/x-ms-adm
+!:ext	adm
+# UTF-16 BOM implies UTF-16 encoded ADM (by adm-uni.trid.xml)
+>0	ubeshort		=0xFFFE
+>>2	lestring16		x		\b, 1st line "%s"
+# look for UTF-16 encoded CarriageReturn LineFeed
+>>>2	search/0x3A		\r\0\n\0
+>>>>&0	lestring16		x		\b, 2nd line "%s"
+# no UTF-16 BOM implies "ASCII" encoded ADM (by adm.trid.xml)
+>0	ubeshort		!0xFFFE
+>>0		string		x		\b, 1st line "%s"
+#>>>&0		ubequad		x		\b, 2ND %16.16llx
+# 2nd line empty
+>>>&2		beshort		=0x0D0A
+>>>>&0		beshort		!0x0D0A		\b, 3th line
+>>>>>&-2	string		x		"%s"
+# 2nd line with content
+>>>&2		beshort		!0x0D0A		\b, 2nd line
+>>>>&-2		string		x		"%s"
+
+# Windows Precompiled INF files *.PNF added by Joerg Jenderek at Mar 2013 of _PNF_HEADER inf.h
+# http://read.pudn.com/downloads3/sourcecode/windows/248345/win2k/private/windows/setup/setupapi/inf.h__.htm
+# URL:		http://fileformats.archiveteam.org/wiki/INF_(Windows)
+# Reference:	http://en.verysource.com/code/10350344_1/inf.h.html
+# Note:		stored in %Windir%\Inf %Windir%\System32\DriverStore\FileRepository
+# check for valid major and minor versions: 101h - 303h 
+0		leshort&0xFcFc	=0x0000
+# GRR: line above (strength 50) is too general as it catches also "PDP-11 UNIX/RT ldp" ./pdp
+>0		leshort&0x0303	!0x0000
+# test for valid InfStyles: 1 2 
+>>2		uleshort	>0
+>>>2		uleshort	<3
+# look for colon in WinDirPath after PNF header
+#>>>>0x59	search/18	:
+# skip few Adobe Photoshop Color swatch ("Mac OS.aco" TRUMATCH-Farben.aco Windows.aco) and some
+# Targa image (money-256.tga XING_B_UCM8.tga x-fmt-367-signature-id-604.tga) with "invalid low section name" \0
+>>>>(20.l)	ubelong		>0x40004000
+>>>>>0	use	PreCompiledInf
+0	name	PreCompiledInf
+>0		uleshort	x	Windows Precompiled iNF
+!:mime	application/x-pnf
+!:ext	pnf
+# major version 1 for older Windows like XP and 3 since about Windows Vista
+# 101h~95-XP; 301h~Windows Vista-7 ; 302h~Windows 10 14393; 303h~Windows 10 18362-Windows11
+>1		ubyte		x		\b, version %u
+>0		ubyte		x		\b.%u
+>0		uleshort	=0x0101		(Windows
+>>4	ulelong&0x00000001	!0x00000001	95-98)
+>>4	ulelong&0x00000001	=0x00000001	XP)
+>0		uleshort	=0x0301		(Windows Vista-8.1)
+>0		uleshort	=0x0302		(Windows 10 older)
+>0		uleshort	=0x0303		(Windows 10-11)
+# 1 ,2 (windows 98 SE)
+>2		uleshort	!2		\b, InfStyle %u
+#	PNF_FLAG_IS_UNICODE		0x00000001
+#	PNF_FLAG_HAS_STRINGS		0x00000002
+#	PNF_FLAG_SRCPATH_IS_URL		0x00000004
+#	PNF_FLAG_HAS_VOLATILE_DIRIDS	0x00000008
+#	PNF_FLAG_INF_VERIFIED		0x00000010
+#	PNF_FLAG_INF_DIGITALLY_SIGNED	0x00000020
+#	UNKNOWN8			0x00000080
+#	UNKNOWN				0x00000100
+#	UNKNOWN1			0x01000000
+#	UNKNOWN2			0x02000000
+>4	ulelong&0x03000180	>0		\b, flags
+>>4	ulelong			x		%#x
+>4	ulelong&0x00000001	0x00000001	\b, unicoded
+>4	ulelong&0x00000002	0x00000002	\b, has strings
+>4	ulelong&0x00000004	0x00000004	\b, src URL
+>4	ulelong&0x00000008	0x00000008	\b, volatile dir ids
+>4	ulelong&0x00000010	0x00000010	\b, verified
+>4	ulelong&0x00000020	0x00000020	\b, digitally signed
+# >4	ulelong&0x00000080	0x00000080	\b, UNKNOWN8
+# >4	ulelong&0x00000100	0x00000100	\b, UNKNOWN
+# >4	ulelong&0x01000000	0x01000000	\b, UNKNOWN1
+# >4	ulelong&0x02000000	0x02000000	\b, UNKNOWN2
+#>8		ulelong		x		\b, InfSubstValueListOffset %#x
+# many 0, 1 lmouusb.PNF, 2 linkfx10.PNF , f webfdr16.PNF
+# , 6 bth.PNF, 9 usbport.PNF, d netnwifi.PNF, 10h nettcpip.PNF
+#>12		uleshort	x		\b, InfSubstValueCount %#x
+# only < 9 found: 8 hcw85b64.PNF
+#>14		uleshort	x		\b, InfVersionDatumCount %#x
+# only found values lower 0x0000ffff ??
+#>16		ulelong		x		\b, InfVersionDataSize %#x
+# only found positive values lower 0x00ffFFff for InfVersionDataOffset
+>20		ulelong		x		\b, at %#x
+>4	ulelong&0x00000001	=0x00000001
+# case independent: CatalogFile Class DriverVer layoutfile LayoutFile SetupClass signature Signature
+>>(20.l)	lestring16	x		"%s"
+>4	ulelong&0x00000001	!0x00000001
+>>(20.l)	string		x		"%s"
+# FILETIME is number of 100-nanosecond intervals since 1 January 1601
+#>24		ulequad		x		\b, InfVersionLastWriteTime %16.16llx
+>24		qwdate		x		\b, InfVersionLastWriteTime %s
+# for Windows 98, XP
+>0		uleshort	<0x0102
+# only found values lower 0x00ffFFff
+# often 70 but also 78h for corelist.PNF
+# >>32		ulelong		x		\b, StringTableBlockOffset %#x
+# >>36		ulelong		x		\b, StringTableBlockSize %#x
+# >>40		ulelong		x		\b, InfSectionCount %#x
+# >>44		ulelong		x		\b, InfSectionBlockOffset %#x
+# >>48		ulelong		x		\b, InfSectionBlockSize %#x
+# >>52		ulelong		x		\b, InfLineBlockOffset %#x
+# >>56		ulelong		x		\b, InfLineBlockSize %#x
+# >>60		ulelong		x		\b, InfValueBlockOffset %#x
+# >>64		ulelong		x		\b, InfValueBlockSize %#x
+# WinDirPathOffset
+# like 58h, which means direct after PNF header
+#>>68		ulelong		x		\b, at %#x
+>>68		ulelong		x
+>>>4	ulelong&0x00000001	=0x00000001
+#>>>>(68.l)	ubequad		=0x43003a005c005700
+# normally unicoded C:\Windows
+#>>>>>(68.l)	lestring16	x		\b, WinDirPath "%s"
+>>>>(68.l)	ubequad		!0x43003a005c005700
+>>>>>(68.l)	lestring16	x		\b, WinDirPath "%s"
+>>>4	ulelong&0x00000001	!0x00000001
+# normally ASCII C:\WINDOWS
+#>>>>(68.l)	string		=C:\\WINDOWS	\b, WinDirPath "%s"
+>>>>(68.l)	string		!C:\\WINDOWS
+>>>>>(68.l)	string		x		\b, WinDirPath "%s"
+# found OsLoaderPathOffset values often 0 , once 70h corelist.PNF, once 68h ASCII machine.PNF
+>>>72		ulelong		>0		\b,
+>>>>4	ulelong&0x00000001	=0x00000001
+>>>>>(72.l)	lestring16	x		OsLoaderPath "%s"
+>>>>4	ulelong&0x00000001	!0x00000001
+# seldom C:\ instead empty
+>>>>>(72.l)	string		x		OsLoaderPath "%s"
+# 1fdh
+#>>>76		uleshort	x		\b, StringTableHashBucketCount %#x
+# https://docs.microsoft.com/en-us/openspecs/office_standards/ms-oe376/6c085406-a698-4e12-9d4d-c3b0ee3dbc4a
+# only 407h found
+>>>78		uleshort	!0x409		\b, LanguageID %x
+#>>>78		uleshort	=0x409		\b, LanguageID %x
+# InfSourcePathOffset often 0
+>>>80		ulelong		>0		\b, at %#x
+>>>>4	ulelong&0x00000001	=0x00000001
+>>>>>(80.l)	lestring16	x		SourcePath "%s"
+>>>>4	ulelong&0x00000001	!0x00000001
+>>>>>(80.l)	string		>\0		SourcePath "%s"
+# OriginalInfNameOffset often 0
+>>>84		ulelong		>0		\b, at %#x
+>>>>4	ulelong&0x00000001	=0x00000001
+>>>>>(84.l)	lestring16	x		InfName "%s"
+>>>>4	ulelong&0x00000001	!0x00000001
+>>>>>(84.l)	string		>\0		InfName "%s"
+
+# for newer Windows like Vista, 7 , 8.1 , 10
+>0		uleshort	>0x0101
+>>80	ulelong			x		\b, at %#x WinDirPath
+>>>4	ulelong&0x00000001	0x00000001
+# normally unicoded C:\Windows
+#>>>>(80.l)	ubequad		=0x43003a005c005700
+#>>>>>(80.l)	lestring16	x		"%s"
+>>>>(80.l)	ubequad		!0x43003a005c005700
+>>>>>(80.l)	lestring16	x		"%s"
+# language id: 0 407h~german 409h~English_US
+>>90		uleshort	!0x409		\b, LanguageID %x
+#>>90		uleshort	=0x409		\b, LanguageID %x
+>>92	ulelong			>0		\b, at %#x
+>>>4	ulelong&0x00000001	0x00000001
+# language string like: de-DE en-US
+>>>>(92.l)	lestring16	x		language %s
+
+# Summary: backup file created with utility like NTBACKUP.EXE shipped with Windows NT/2K/XP/2003
+# Extension: .bkf
+# Created by: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/NTBackup
+# Reference: http://laytongraphics.com/mtf/MTF_100a.PDF
+# Descriptor BloCK name of Microsoft Tape Format
+0	string			TAPE
+# Format Logical Address is zero
+>20	ulequad			0
+# Reserved for MBC is zero
+>>28	uleshort		0
+# Control Block ID is zero
+>>>36	ulelong			0
+# BIT4-BIT15, BIT18-BIT31 of block attributes are unused
+>>>>4	ulelong&0xFFfcFFe0	0		Windows NTbackup archive
+#!:mime application/x-ntbackup
+!:ext bkf
+# OS ID
+>>>>>10	ubyte			1		\b NetWare
+>>>>>10	ubyte			13		\b NetWare SMS
+>>>>>10	ubyte			14		\b NT
+>>>>>10	ubyte			24		\b 3
+>>>>>10	ubyte			25		\b OS/2
+>>>>>10	ubyte			26		\b 95
+>>>>>10	ubyte			27		\b Macintosh
+>>>>>10	ubyte			28		\b UNIX
+# OS Version (2)
+#>>>>>11	ubyte			x		OS V=%x
+# MTF_CONTINUATION	Media Sequence Number > 1
+#>>>>>4	ulelong&0x00000001	!0		\b, continued
+# MTF_COMPRESSION
+>>>>>4	ulelong&0x00000004	!0		\b, compressed
+# MTF_EOS_AT_EOM	End Of Medium was hit during end of set processing
+>>>>>4	ulelong&0x00000008	!0		\b, End Of Medium hit
+>>>>>4	ulelong&0x00020000	0
+# MTF_SET_MAP_EXISTS	A Media Based Catalog Set Map may exist on tape
+>>>>>>4	ulelong&0x00010000	!0		\b, with catalog
+# MTF_FDD_ALLOWED	However File/Directory Detail can only exist if a Set Map is also present
+>>>>>4	ulelong&0x00020000	!0		\b, with file catalog
+# Offset To First Event 238h,240h,28Ch
+#>>>>>8	uleshort		x		\b, event offset %4.4x
+# Displayable Size (20e0230h 20e024ch 20e0224h)
+#>>>>>8	ulequad			x		dis. size %16.16llx
+# Media Family ID (455288C4h 4570BD1Ah 45708F2Fh 4570BBF5h)
+#>>>>>52	ulelong			x		family ID %8.8x
+# TAPE Attributes (3)
+#>>>>>56	ulelong			x		TAPE %8.8x
+# Media Sequence Number
+>>>>>60	uleshort		>1		\b, sequence %u
+# Password Encryption Algorithm (3)
+>>>>>62	uleshort		>0		\b, %#x encrypted
+# Soft Filemark Block Size * 512 (2)
+#>>>>>64	uleshort		=2		\b, soft size %u*512
+>>>>>64	uleshort		!2		\b, soft size %u*512
+# Media Based Catalog Type (1,2)
+#>>>>>66	uleshort		x		\b, catalog type %4.4x
+# size of Media Name (66,68,6Eh)
+>>>>>68	uleshort		>0
+# offset of Media Name (5Eh)
+>>>>>>70	uleshort	>0
+# 0~, 1~ANSI, 2~UNICODE
+>>>>>>>48	ubyte		1
+# size terminated ansi coded string normally followed by "MTF Media Label"
+>>>>>>>>(70.s)	string		>\0		\b, name: %s
+>>>>>>>48	ubyte		2
+# Not null, but size terminated unicoded string
+>>>>>>>>(70.s)	lestring16	x		\b, name: %s
+# size of Media Label (104h)
+>>>>>72	uleshort		>0
+# offset of Media Label (C4h,C6h,CCh)
+>>>>>74		uleshort	>0
+>>>>>>48	ubyte		1
+#Tag|Version|Vendor|Vendor ID|Creation Time Stamp|Cartridge Label|Side|Media ID|Media Domain ID|Vendor Specific fields
+>>>>>>>(74.s)	string		>\0		\b, label: %s
+>>>>>>48	ubyte		2
+>>>>>>>(74.s)	lestring16	x		\b, label: %s
+# size of password name (0,1Ch)
+#>>>>>76	uleshort		>0		\b, password size %4.4x
+# Software Vendor ID (CBEh)
+>>>>>86	uleshort		x		\b, software (%#x)
+# size of Software Name (6Eh)
+>>>>>80	uleshort		>0
+# offset of Software Name (1C8h,1CAh,1D0h)
+>>>>>>82	uleshort	>0
+# 1~ANSI, 2~UNICODE
+>>>>>>>48	ubyte		1
+>>>>>>>>(82.s)	string		>\0		\b: %s
+>>>>>>>48	ubyte		2
+# size terminated unicoded coded string normally followed by "SPAD"
+>>>>>>>>(82.s)	lestring16	x		\b: %s
+# Format Logical Block Size (512,1024)
+#>>>>>84	uleshort		=1024		\b, block size %u
+>>>>>84	uleshort		!1024		\b, block size %u
+# Media Date of MTF_DATE_TIME type with 5 bytes
+#>>>>>>88	ubequad			x		DATE %16.16llx
+# MTF Major Version (1)
+#>>>>>>93	ubyte		x		\b, MFT version %x
+#
+
+# URL: https://en.wikipedia.org/wiki/PaintShop_Pro
+# Reference: https://www.cryer.co.uk/file-types/p/pal.htm
+# Created by: Joerg Jenderek
+# Note: there exist other color palette formats also with .pal extension
+0	string	JASC-PAL\r\n	PaintShop Pro color palette
+#!:mime	text/plain
+# PspPalette extension is used by newer (probably 8) PaintShopPro versions
+!:ext	pal/PspPalette
+# 2nd line contains palette file version. For example "0100"
+>10	string	!0100		\b, version %.4s
+# third line contains the number of colours: 16 256 ...
+>16	string	x		\b, %.3s colors
+
+# URL: https://en.wikipedia.org/wiki/Innosetup
+# Reference: https://github.com/jrsoftware/issrc/blob/master/Projects/Undo.pas
+# Created by: Joerg Jenderek
+# Note:	created by like "InnoSetup self-extracting archive" inside ./msdos
+# TrID labeles the entry as "Inno Setup Uninstall Log"
+#	TUninstallLogID
+0	string	Inno\ Setup\ Uninstall\ Log\ (b)	InnoSetup Log
+!:mime	application/x-innosetup
+# unins000.dat, unins001.dat, ...
+!:ext	dat
+# " 64-bit" variant
+>0x1c	string		>\0				\b%.7s
+# AppName[0x80] like "Minimal SYStem", ClamWin Free Antivirus , ...
+>0xc0	string		x				%s
+# AppId[0x80] is similar to AppName or
+# GUID like {4BB0DCDC-BC24-49EC-8937-72956C33A470} start with left brace
+>0x40	ubyte		0x7b
+>>0x40	string		x				%-.38s
+# do not know how this log version correlates to program version
+>0x140	ulelong		x				\b, version %#x
+# NumRecs
+#>0x144	ulelong		x				\b, %#4.4x records
+# EndOffset means files size
+>0x148	ulelong		x				\b, %u bytes
+# Flags 5 25h 35h
+#>0x14c	ulelong		x				\b, flags %8.8x
+# Reserved: array[0..26] of Longint
+# the non Unicode HighestSupportedVersion may never become greater than or equal to 1000
+>0x140	ulelong		<1000
+# hostname
+>>0x1d6	pstring		x				\b, %s
+# user name
+>>>&0	pstring		x				\b\%s
+# directory like C:\Program Files (x86)\GnuWin32
+>>>>&0	pstring		x				\b, "%s"
+# version 1000 or higher implies unicode
+>0x140	ulelong		>999
+# hostname
+>>0x1db	lestring16	x				\b, %-.9s
+# utf string variant with prepending fe??ffFFff
+>>0x1db	search/43	\xFF\xFF\xFF			
+# user name
+>>>&0	lestring16	x				\b\%-.9s
+>>>&0	search/43	\xFF\xFF\xFF			
+# directory like C:\Program Files\GIMP 2
+>>>>&0	lestring16	x				\b, %-.42s
+
+# URL:      https://jrsoftware.org/ishelp/index.php?topic=setup_signeduninstaller
+# Reference:https://github.com/jrsoftware/issrc/blob/main/Projects/Struct.pas
+# From:     Joerg Jenderek
+0	string	Inno\ Setup\ Messages\ (
+# null padded til 0x40 boundary
+>0x38	quad		0				InnoSetup messages
+!:mime	application/x-innosetup-msg
+# unins000.msg, unins001.msg, ...
+!:ext	msg
+# version like 5.1.1 5.1.11 5.5.0 5.5.3 6.0.0
+>>0x15	string		x				\b, version %.5s
+# look for 6th char of version string or terminating right parentheses
+>>>0x1a	ubyte		!0x29				\b%c
+# NumMessages
+>>0x40	ulelong		x				\b, %u messages
+# TotalSize: Cardinal;
+#>>0x44	ulelong		x				\b, TotalSize %u
+# NotTotalSize: Cardinal;
+#>>0x48	ulelong		x				\b, NotTotalSize %u
+# CRCMessages: Longint;
+#>>0x4C	ulelong		x				\b, CRC %#x
+>>0x40	ulelong		x
+# (u) after version means unicoded messages
+>>>0x1c	search/2	(u)				(UTF-16),
+>>>>0x50 lestring16	x				%s
+# ASCII coded message
+>>>0x1c	default		x				(ASCII),
+>>>>0x50 string		x				%s
+
+# Windows Imaging (WIM) Image
+# Update: Joerg Jenderek at Mar 2019, 2021
+# URL: https://en.wikipedia.org/wiki/Windows_Imaging_Format
+#      http://fileformats.archiveteam.org/wiki/Windows_Imaging_Format
+# Reference: https://download.microsoft.com/download/f/e/f/
+# fefdc36e-392d-4678-9e4e-771ffa2692ab/Windows%20Imaging%20File%20Format.rtf
+# Note: verified by like `7z t boot.wim` `wiminfo install.esd --header`
+0	string		MSWIM\000\000\000
+>0	use		wim-archive
+# https://wimlib.net/man1/wimoptimize.html
+0	string		WLPWM\000\000\000
+>0	use		wim-archive
+0	name		wim-archive
+# _WIMHEADER_V1_PACKED ImageTag[8]
+>0	string		x			Windows imaging
+!:mime	application/x-ms-wim
+# TO avoid in file version 5.36 error like
+# Magdir/windows, 760: Warning: Current entry does not yet have a description
+# file: could not find any valid magic files! (No error)
+# split WIM
+>16	ulelong		&0x00000008		(SWM
+!:ext	swm
+# usPartNumber; 1, unless the file was split into multiple parts
+>>40	uleshort	x			\b %u
+# usTotalParts; The total number of WIM file parts in a spanned set
+>>42	uleshort	x			\b of %u) image
+# non split WIM
+>16	ulelong		^0x00000008
+# https://wimlib.net/man1/wimmount.html
+# solid WIMs; version 3584; usually contain LZMS-compressed and the .esd extension
+>>12	ulelong		3584			(ESD) image
+!:ext	esd
+>>12	ulelong		!3584			(
+# look for archive member RunTime.xml like in Microsoft.Windows.Cosa.Desktop.Client.ppkg
+>>>156	search/68233/s		RunTime.xml	\bWindows provisioning package)
+!:ext	ppkg
+# if is is not a Windows provisioning package, then it is a WIM
+>>>156	default			x		\bWIM) image
+# second disk image part created by Microsoft's RecoveryDrive.exe has name Reconstruct.WIM2
+!:ext	wim/wim2
+>0	string/b	WLPWM\000\000\000	\b, wimlib pipable format
+# cbSize size of the WIM header in bytes like 208
+#>8	ulelong		x			\b, headersize %u
+# dwVersion version of the WIM file 00010d00h~1.13 00000e00h~0.14
+>14	uleshort	x			v%u
+>13	ubyte		x			\b.%u
+# dwImageCount; The number of images contained in the WIM file
+>44	ulelong		>1			\b, %u images
+# dwBootIndex
+# 1-based index of the bootable image of the WIM, or 0 if no image is bootable
+>0x78	ulelong		>0			\b, bootable no. %u
+# dwFlags
+#>16	ulelong		x			\b, flags %#8.8x
+#define FLAG_HEADER_COMPRESSION		0x00000002
+#define FLAG_HEADER_READONLY            0x00000004
+#define FLAG_HEADER_SPANNED		0x00000008
+#define FLAG_HEADER_RESOURCE_ONLY       0x00000010
+#define FLAG_HEADER_METADATA_ONLY       0x00000020
+#define FLAG_HEADER_WRITE_IN_PROGRESS   0x00000040
+#define FLAG_HEADER_RP_FIX		0x00000080 reparse point fixup
+#define FLAG_HEADER_COMPRESS_RESERVED   0x00010000
+#define FLAG_HEADER_COMPRESS_XPRESS     0x00020000
+#define FLAG_HEADER_COMPRESS_LZX	0x00040000
+#define FLAG_HEADER_COMPRESS_LZMS	0x00080000
+#define FLAG_HEADER_COMPRESS_XPRESS2    0x00100000 wimlib-1.13.0\include\wimlib\header.h 
+# XPRESS, with small chunk size
+>16	ulelong		&0x00100000		\b, XPRESS2
+>16	ulelong		&0x00080000		\b, LZMS
+>16	ulelong		&0x00040000		\b, LZX
+>16	ulelong		&0x00020000		\b, XPRESS
+>16	ulelong		&0x00000002		compressed
+>16	ulelong		&0x00000004		\b, read only
+>16	ulelong		&0x00000010		\b, resource only
+>16	ulelong		&0x00000020		\b, metadata only
+>16	ulelong		&0x00000080		\b, reparse point fixup
+#>16	ulelong		&0x00010000		\b, RESERVED
+# dwCompressionSize; Uncompressed chunk size for resources or 0 if uncompressed
+#>20	ulelong		>0			\b, chunk size %u bytes
+# gWIMGuid
+#>24	ubequad		x			\b, GUID %#16.16llx
+#>>32	ubequad		x			\b%16.16llx
+# rhOffsetTable; the location of the resource lookup table
+# wim_reshdr_disk[24]= u8 size_in_wim[7] + u8 flags + le64 offset_in_wim + le64 uncompressed_size
+#>48	ubequad		x			\b, rhOffsetTable %#16.16llx
+# rhXmlData; the location of the XML data
+#>0x50	ulelong		x			\b, at %#8.8x
+# NOT WORKING \xff\xfe<\0W\0I\0M\0
+#>(0x50.l)	ubequad	x			\b, xml=%16.16llx
+# rhBootMetadata; the location of the metadata resource
+#>0x60	ubequad		x			\b, rhBootMetadata %#16.16llx
+# rhIntegrity; the location of integrity table used to verify files
+#>0x7c	ubequad		x			\b, rhIntegrity %#16.16llx
+# Unused[60]
+#>148	ubequad		!0			\b,unused %#16.16llx
+#
+
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Windows_Easy_Transfer
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/m/mig.trid.xml
+# Note:		called "Windows Easy Transfer migration data" by TrID,
+#		"Migration Store" or "EasyTransfer file" by Microsoft
+0		string		1giM	Windows Easy Transfer migration data
+#!:mime		application/octet-stream
+!:mime		application/x-ms-mig
+!:ext		mig
+>0x18		string		=MRTS	without password
+# data offset with 1 space at end
+>>0x1c		ulelong+0x38	x	\b, at %#x 
+# look for zlib compressed data by ./compress
+>>(0x1c.l+0x38)	ubyte		x
+>>>&-1	indirect	x
+# in password protected examples MRTS comes some bytes further
+>0x18		string		!MRTS	with password
+# look for first MRTS tag
+>0x18		search/29/b	MRTS
+# probably first file name length like 178, ...
+#>>&0		ulelong		x	\b, 1st length %u
+# URL like File\C:\Users\nutzer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
+>>&20		lestring16	x	\b, 1st %-s
+
+# Microsoft SYLK
+# https://en.wikipedia.org/wiki/SYmbolic_LinK_(SYLK)
+# https://outflank.nl/upload/sylksum.txt
+0	string	ID;P	Microsoft SYLK program
+>4	string	>0	\b, created by %s
+!:ext	slk/sylk
+
+# Summary:	Windows Performance Monitor Alert
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/Performance_Monitor
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p/pma.trid.xml
+# Note:		called "Windows Performance Monitor Alert" by TrID
+0	ubelong			=0xDC058340
+>4	ubyte			=0		Windows Performance Monitor Alert
+#!:mime		application/octet-stream
+# https://www.thoughtco.com/mime-types-by-content-type-3469108
+# https://filext.com/file-extension/PAM
+!:mime		application/x-perfmon 
+#!:mime		application/x-ms-pma
+!:ext		pma
+# metric type like: "BrowserMetrics" "CrashpadMetrics" "SetupMetrics"
+>>80	string			x		\b, "%s"
+
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/InstallShield
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/i/ins.trid.xml
+# Note:		contain also keywords like: BATCH_INSTALL ISVERSION LOGHANDLE SRCDIR SRCDISK WINDIR WINSYSDISK 
+0	ubelong	0xB8C90C00	InstallShield Script
+#!:mime	application/octet-stream
+!:mime	application/x-installshield-ins
+# like test.ins Setup.ins
+!:ext	ins
+# UNKNOWN like: 160034121de07e00 1600341260befe00 16003412e0783700
+# 5000010021083f00 50000100b0335600 50000100cbfdf800 50000100dfbc4700
+#>4	ubequad		x		\b, at 4 %#16.16llx
+# copyright text like:	"Stirling Technologies, Inc.  (c) 1990-1994"
+#			"InstallSHIELD Software Corporation  (c) 1990-1997"
+>13	pstring/h	x		"%s"
+# look for specific ASCII variable names
+>1	search/0x121/s	SRCDIR	\b, variable names:
+# 1st like: SRCDIR
+>>&-4		leshort		x	#%u
+>>&-2		pstring/h	x	%s
+# 2nd like: SRCDISK
+>>>&0		leshort		x	#%u
+>>>&2		pstring/h	x	%s
+# 3rd like: TARGETDISK
+>>>>&0		leshort		x	#%u
+>>>>&2		pstring/h	x	%s
+# 4th like: TARGETDIR
+#>>>>>&0		leshort		x	#%u
+#>>>>>&2		pstring/h	x	%s
+# 5th like: WINDIR
+#>>>>>>&0	leshort		x	#%u
+#>>>>>>&2	pstring/h	x	%s
+# 6th like: WINDISK
+#>>>>>>>&0	leshort		x	#%u
+#>>>>>>>&2	pstring/h	x	%s
+# 7th like: WINSYSDIR
+#>>>>>>>>&0	leshort		x	#%u
+#>>>>>>>>&2	pstring/h	x	%s
+# ... LOGHANDLE
+>0		ubelong		x	...
+#
+
+# Summary:	Microsoft Remote Desktop Protocol connection
+# From:		Joerg Jenderek
+# URL:		https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/rdp-files
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/r/rdp.trid.xml
+# Note:		called "Remote Desktop Connection Settings" by TrID
+0	string		screen\040mode\040id:i:	Remote Desktop Protocol connection
+#!:mime	text/plain
+!:mime	text/x-ms-rdp
+!:ext	rdp
+# Screen mode: 1~session appear in a window 2~session appear full screen
+>17	string		1			\b, window mode
+>17	string		2			\b, full screen mode
+
+0	guid	7B5C52E4-D88C-4DA7-AEB1-5378D02996D3	Microsoft OneNote
+!:ext one
+!:mime	application/onenote
+0	guid	43FF2FA1-EFD9-4C76-9EE2-10EA5722765F	Microsoft OneNote Revision Store File
+
+# Microsoft XAML Binary Format
+# From: Alexandre Iooss <erdnaxe@crans.org>
+# URL: https://github.com/WalkingCat/XbfDump/blob/8832d2ffcaa738434d803fefa2ba99d3af37ed29/xbf_data.h
+0	string	XBF\0
+>12	ulelong	<0xFF
+>>16	ulelong	<0xFF	Microsoft XAML Binary Format
+!:ext xbf
+>>>12	ulelong	x	%d
+>>>16	ulelong	x	\b.%d
+>>>4	ulelong	x	\b, metadata size: %d bytes
+>>>8	ulelong	x	\b, node size: %d bytes
+
+# Metaswitch MetaView Service Assurance Server exports
+0	string	MetaView\x20Service\x20Assurance\x20Export\x20File	MetaView SAS export
+>39     string  Version\x20
+>>47    byte    x                                                       \b, version %c
+
+# Active Directory Group Policy Registry Policy File Format
+# From: Yuuta Liang <yuuta@yuuta.moe>
+# URL: https://learn.microsoft.com/en-us/previous-versions/windows/desktop/policy/registry-policy-file-format
+0	string	PReg
+>4	lelong	x	Group Policy Registry Policy, Version=%d
diff --git a/magic/Magdir/wireless b/magic/Magdir/wireless
new file mode 100644
index 0000000..badb73b
--- /dev/null
+++ b/magic/Magdir/wireless
@@ -0,0 +1,7 @@
+
+#------------------------------------------------------------------------------
+# $File: wireless,v 1.2 2009/09/19 16:28:13 christos Exp $
+# wireless-regdb:        file(1) magic for CRDA wireless-regdb file format
+#
+0	string	RGDB	CRDA wireless regulatory database file
+>4	belong	19	(Version 1)
diff --git a/magic/Magdir/wordprocessors b/magic/Magdir/wordprocessors
new file mode 100644
index 0000000..3a2e1ce
--- /dev/null
+++ b/magic/Magdir/wordprocessors
@@ -0,0 +1,630 @@
+
+#------------------------------------------------------------------------------
+# $File: wordprocessors,v 1.34 2023/01/24 20:13:40 christos Exp $
+# wordprocessors:  file(1) magic fo word processors.
+#
+####### PWP file format used on Smith Corona Personal Word Processors:
+2	string	\040\040\040\040\040\040\040\040\040\040\040ML4D\040'92	Smith Corona PWP
+>24	byte	2	\b, single spaced
+>24	byte	3	\b, 1.5 spaced
+>24	byte	4	\b, double spaced
+>25	byte	0x42	\b, letter
+>25	byte	0x54	\b, legal
+>26	byte	0x46	\b, A4
+
+# URL:	http://fileformats.archiveteam.org/wiki/Microsoft_Works_Word_Processor
+# reference:	http://mark0.net/download/triddefs_xml.7z
+#		/defs/w/wps-works-dos.trid.xml
+# From:	Joerg Jenderek
+# Note:	older non OLE 2 Compound based versions
+0	ubeshort	=0x01FE
+>112	ubeshort	=0x0100		Microsoft Works 1-3 (DOS) or 2 (Windows) document
+# title like THE GREAT KHAN GAME
+>>0x100	string		x		%s
+!:mime	application/vnd-ms-works
+#!:mime	application/x-msworks
+# https://www.macdisk.com/macsigen.php
+!:apple	????AWWP
+!:ext	wps
+
+# Corel/WordPerfect
+# URL:		https://en.wikipedia.org/wiki/WordPerfect
+# Reference:	https://github.com/OneWingedShark/WordPerfect/blob/master/doc/SDK_Help/FileFormats/WPFF_DocumentStructure.htm
+#		http://mark0.net/download/triddefs_xml.7z/defs/w/wp-generic.trid.xml
+0	string	\xffWPC
+# WordPerfect
+>8	byte	1
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/w/wpm-macro.trid.xml
+# Note:		there exist other macro variants
+>>9	byte	1	WordPerfect macro
+#!:mime		application/octet-stream
+!:mime		application/x-wordperfect-wpm
+# like: ALTD.WPM ENDFOOT.WPM FOOTEND.WPM LABELS.WPM REVEALTX.WPM
+!:ext		wpm
+# Note:		used in WordPerfect 5.1; there exist other FIL variants
+>>9	byte	2	WordPerfect help file
+#!:mime		application/octet-stream
+!:mime		application/x-wordperfect-help
+# like: WPHELP.FIL
+!:ext		fil
+# pointer to document area like: 10h
+>>>4		ulelong	!0x10	\b, at %#x document area
+>>9	byte	3	WordPerfect keyboard file
+#!:mime		application/octet-stream
+!:mime		application/x-wordperfect-keyboard
+!:ext		wpk
+# no document area, so point to end of file; so this is file size like: 23381 2978 32835 3355 3775 919
+>>>4		ulelong	x	\b, %u bytes
+>>9	byte	4	WordPerfect VAX keyboard definition
+#!:mime	application/octet-stream
+!:mime	application/x-wordperfect-keyboard
+#!:ext	foo
+# URL:		http://fileformats.archiveteam.org/wiki/WordPerfect
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/w/wpd-doc-gen.trid.xml
+>>9	byte	10	WordPerfect document
+# https://www.iana.org/assignments/media-types/application/vnd.wordperfect
+!:mime		application/vnd.wordperfect
+#!:apple		????WPC2
+# TODO: distinguish different suffix
+!:ext		wpd/wpt/wkb/icr/tut/sty/tst/crs
+>>9	byte	11	WordPerfect dictionary
+>>9	byte	12	WordPerfect thesaurus
+>>9	byte	13	WordPerfect block
+>>9	byte	14	WordPerfect rectangular block
+>>9	byte	15	WordPerfect column block
+>>9	byte	16	WordPerfect printer data
+#!:mime		application/octet-stream
+!:mime		application/x-wordperfect-prs
+# like: STANDARD.PRS WORKBOOK.PRS
+!:ext		prs
+# like: "Standard Printer" "Workbook Printer"
+>>>0x64		pstring/B	>A	"%s"
+#>>9	byte	18	WordPerfect Prefix information file
+# printer resource .ALL
+>>9	byte	19	WordPerfect printer data
+#!:mime		application/octet-stream
+!:mime		application/x-wordperfect-all
+!:ext		all
+# display Resource
+>>9	byte	20	WordPerfect driver resource data
+#!:mime		application/octet-stream
+!:mime		application/x-wordperfect-drs
+# like: WPSMALL.DRS
+!:ext		drs
+# pointer to index area with string "smalldrs" like: 46h
+>>>4		uleshort	!0x46	\b, at %#x index area
+>>9	byte	21	WordPerfect Overlay file
+#!:mime		application/octet-stream
+!:mime		application/x-wordperfect-fil
+# like: WP.FIL
+!:ext		fil
+# URL:		http://fileformats.archiveteam.org/wiki/WordPerfect_Graphics
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/b/bitmap-wpg.trid.xml
+# Note:		called "WordPerfect Graphics bitmap" by TrID and
+#		"WordPerfect Graphics Metafile" by DROID via x-fmt/395 fmt/1042
+#		"WPG (Word Perfect Graphics)" by ImageMagick `identify -verbose BUTTRFLY.WPG`
+>>9	byte	22	WordPerfect graphic image
+# TODO: skip DROID x-fmt-395-signature-id-132.wpg by check for existing document area
+#>>>4		ulelong	>15	WordPerfect_graphic_OK
+#!:mime		application/octet-stream
+# http://extension.nirsoft.net/wpg
+!:mime		image/x-wordperfect-graphics
+# https://reposcope.com/mimetype/application/x-wpg
+#!:mime		application/x-wpg
+# like: BUTTRFLY.WPG STAR-5.WPG input.wpg WORDPFCT.WPG
+!:ext		wpg
+# pointer to document area like: 10h 1Ah
+>>>4		ulelong		!0x1A	\b, at %#x document area
+>>9	byte	23	WordPerfect hyphenation code
+>>9	byte	24	WordPerfect hyphenation data
+>>9	byte	25	WordPerfect macro resource data
+#!:mime		application/octet-stream
+!:mime		application/x-wordperfect-mrs
+# like: WP.MRS
+!:ext		mrs
+>>9	byte	27	WordPerfect hyphenation lex
+>>9	byte	29	WordPerfect wordlist
+>>9	byte	30	WordPerfect equation resource data
+#!:mime		application/octet-stream
+!:mime		application/x-wordperfect-qrs
+# like: WQ.QRS wpDE.qrs wpen.qrs
+!:ext		qrs
+# jump to document area with some marker and equation
+>>>(4.l)	ubyte	x
+# equation like: "Fraction:  x OVER y"
+>>>>&1		string	>A	(...%-.19s...)
+# pointer to document area like: 17C4h
+>>>4		ulelong	x	\b, at %#x document area
+#>>9	byte	31	reserved
+#>>9	byte	32	WordPerfect VAX .SET
+>>9	byte	33	WordPerfect spell rules
+>>9	byte	34	WordPerfect dictionary rules
+#>>9	byte	35	reserved
+# video resource device driver
+# Note:		 filetype 26 for VRS and filetype 36 for WPD apparently is wrong
+>>9	byte	36	WordPerfect Video Resource
+#!:mime		application/octet-stream
+!:mime		application/x-wordperfect-vrs
+# like: STANDARD.VRS
+!:ext		vrs
+# like: "IBM CGA (& compatibles)"
+>>>0x20		string	>A	"%.23s"
+>>9	byte	39	WordPerfect spell rules (Microlytics)
+#>>9	byte	40	reserved
+>>9	byte	41	WordPerfect Install options
+#!:mime		application/octet-stream
+!:mime		application/x-wordperfect-ins
+# like: WP51.INS
+!:ext		ins
+# probably default directory name like: "C:\WP51\"
+>>>0x12		string	>A	"%.8s"
+# maybe mouse driver for WP5.1
+>>9	byte	42	WordPerfect Resource
+#!:mime		application/octet-stream
+!:mime		application/x-wordperfect-irs
+# like: STANDARD.IRS
+!:ext		irs
+# like: "Mouse Driver (MOUSE.COM)"
+>>>0x28		string	>A	"%.24s"
+>>9	byte	43	WordPerfect settings file
+# maybe Macintosh WP2.0 document
+>>9	byte	44	WordPerfect 3.5 document
+!:mime		application/vnd.wordperfect
+!:apple		????WPD3
+# like: WP3.wpd
+!:ext		wpd
+>>9	byte	45	WordPerfect 4.2 document
+# External spell code module (WP5.1)
+#>>9	byte	46	WordPerfect external spell 
+# external spell dictionary .LEX
+#>>9	byte	47	WordPerfect external spell dictionary
+# Macintosh SOFT graphics file (SOFT (Sequential Object Format)
+#>>9	byte	48	WordPerfect SOFT graphics
+#>>9	byte	49	reserved
+#>>9	byte	50	reserved
+# WPWin 5.1 Application Resource Library added for WPWin 5.1
+#>>9	byte	51	WordPerfect application resource library
+>>9	byte	69	WordPerfect dialog file
+# From:		Joerg Jenderek
+# Note:		found in sub directory WritingTools inside WordPerfect 2021 program directory
+>>9	byte	70	WordPerfect Writing Tools
+#!:mime	application/octet-stream
+!:mime	application/x-wordperfect-cbt
+# like: Wt13cbede.cbt Wt13cbeit.cbt Wt13cbefr.cbt WT21cbede.cbt Wt13cbeEN.CBD WT21cbeEN.CBD
+!:ext	cbd/cbt
+>>9	byte	76	WordPerfect button bar
+>>9	default x
+>>>9	byte	x	Corel WordPerfect: Unknown filetype %d
+# Corel Shell
+>8	byte	2
+>>9	byte	1	Corel shell macro
+>>9	byte	10	Corel shell definition
+>>9	default x
+>>>9	byte	x	Corel Shell: Unknown filetype %d
+# Corel Notebook
+>8	byte	3
+>>9	byte	1	Corel Notebook macro
+>>9	byte	2	Corel Notebook help file
+>>9	byte	3	Corel Notebook keyboard file
+>>9	byte	10	Corel Notebook definition
+>>9	default	x
+>>>9	byte	x	Corel Notebook: Unknown filetype %d
+# Corel Calculator
+>8	byte	4
+>>9	byte	2	Corel Calculator help file
+>>9	default	x
+>>>9	byte	x	Corel Calculator: Unknown filetype %d
+# Corel File Manager
+>8	byte	5
+>>9	default	x
+>>>9	byte	x	Corel File Manager: Unknown filetype %d
+# Corel Calendar
+>8	byte	6
+>>9	byte 	2	Corel Calendar help file
+>>9	byte 	10	Corel Calendar data file
+>>9	default	x
+>>>9	byte	x	Corel Calendar: Unknown filetype %d
+# Corel Program Editor/Ed Editor
+>8	byte	7
+>>9	byte	1	Corel Editor macro
+>>9	byte	2	Corel Editor help file
+>>9	byte	3	Corel Editor keyboard file
+>>9	byte	25	Corel Editor macro resource file
+>>9	default	x
+>>>9	byte	x	Corel Program Editor/Ed Editor: Unknown filetype %d
+# Corel Macro Editor
+>8	byte	8
+>>9	byte 	1	Corel Macro editor macro
+>>9	byte 	2	Corel Macro editor help file
+>>9	byte	3	Corel Macro editor keyboard file
+>>9	default	x
+>>>9	byte	x	Corel Macro Editor: Unknown filetype %d
+# Corel Plan Perfect
+>8	byte	9
+>>9	default	x
+>>>9	byte	x	Corel Plan Perfect: Unknown filetype %d
+# Corel DataPerfect
+>8	byte	10
+# CHECK: Don't these belong into product 9?
+>>9	byte	1	Corel PlanPerfect macro
+>>9	byte	2	Corel PlanPerfect help file
+>>9	byte	3	Corel PlanPerfect keyboard file
+>>9	byte	10	Corel PlanPerfect worksheet
+>>9	byte	15	Corel PlanPerfect printer definition
+>>9	byte	18	Corel PlanPerfect graphic definition
+>>9	byte	19	Corel PlanPerfect data
+>>9	byte	20	Corel PlanPerfect temporary printer
+>>9	byte	25	Corel PlanPerfect macro resource data
+>>9	default	x
+>>>9	byte	x	Corel DataPerfect: Unknown filetype %d
+# Corel Mail
+>8	byte	11
+>>9	byte	2	Corel Mail help file
+>>9	byte	5	Corel Mail distribution list
+>>9	byte	10	Corel Mail out box
+>>9	byte	11	Corel Mail in box
+>>9	byte	20	Corel Mail users archived mailbox
+>>9	byte	21	Corel Mail archived message database
+>>9	byte	22	Corel Mail archived attachments
+>>9	default	x
+>>>9	byte	x	Corel Mail: Unknown filetype %d
+# Corel Printer
+>8	byte	12
+>>9	byte	11	Corel Printer temporary file
+>>9	default	x
+>>>9	byte	x	Corel Printer: Unknown filetype %d
+# Corel Scheduler
+>8	byte	13
+>>9	byte	2	Corel Scheduler help file
+>>9	byte	10	Corel Scheduler in file
+>>9	byte	11	Corel Scheduler out file
+>>9	default	x
+>>>9	byte	x	Corel Scheduler: Unknown filetype %d
+# Corel WordPerfect Office
+>8	byte	14
+>>9	byte	10	Corel GroupWise settings file
+>>9	byte	17	Corel GroupWise directory services
+>>9	byte	43	Corel GroupWise settings file
+>>9	default	x
+>>>9	byte	x	Corel WordPerfect Office: Unknown filetype %d
+# Corel DrawPerfect
+# URL:		http://fileformats.archiveteam.org/wiki/Corel_Presentations
+# Update:	Joerg Jenderek
+>8	byte	15
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/s/shw-wp-2.trid.xml
+# Note:		called "WordPerfect Presentations (v2)" by TrID and
+#		"Corel Presentation" with version "7-8-9" by DROID via PUID fmt/877
+>>9	byte	10	WordPerfect Presentation
+#!:mime		application/octet-stream
+#!:mime		application/vnd.wordperfect
+!:mime		application/x-drawperfect-shw
+# like: BENEFITS.SHW chartbar.shw chartbul.shw chartgal.shw chartorg.shw fig-demo.shw figurgal.shw mastrgal.shw scuba.shw tutorial.shw
+!:ext		shw
+# pointer to document area like: 10h
+>>>4	ulelong	!0x10	\b, at %#x document area
+# according to TrID this is nil
+>>>12	ulelong	!0	\b, at 0xC %#x
+# search for embedded WP file like in tutorial.shw
+#>>>16	search/638/sb	\xffWPC	WPC_MAGIC_FOUND
+# GRR: indirect call leads to recursion! WHY?
+#>>>>&0	indirect	x	\b; contains
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/s/shw-wp-3.trid.xml
+# Note:		called "WordPerfect/Corel Presentations (v3)" by TrID and
+#		"Corel Presentation" with version "3" by DROID via PUID fmt/878
+>>9	byte	15	Corel Presentation
+#!:mime		application/octet-stream
+#!:mime		application/vnd.wordperfect
+!:mime		application/x-drawperfect-shw
+# like: FIG_ANIM.SHW presenta.shw
+!:ext		shw
+# pointer to document area like: 1ah
+>>>4	ulelong	!0x1a	\b, at %#x document area
+# according to TrID this is nil
+>>>12	ulelong	!0	\b, at 0xC %#x
+# reserved like: 3
+>>>16	ulelong	!0x3	\b, at 0x10 %#x
+# file size, not including pad characters at EOF
+>>>0x14	ulelong x	\b, %u bytes
+# search for embedded WP file like in foo
+#>>>24	search/638/sb	\xffWPC	WPC_MAGIC_FOUND
+# GRR: indirect call leads to recursion! WHY?
+#>>>>&0	indirect	x	\b; contains
+# embedded inside Compound Document variant handled by ./ole2compounddocs
+>>9	byte	16	Corel Presentation (embeded)
+#!:mime		application/octet-stream
+#!:mime		application/vnd.wordperfect
+!:mime		application/x-corelpresentations
+# like: PerfectOffice_MAIN
+!:ext		/
+# pointer to document area like: 1ah
+>>>4	ulelong	!0x1a	\b, at %#x document area
+>>>12	ulelong	!0	\b, at 0xC %#x
+# reserved like: 3
+>>>16	ulelong	!0x3	\b, at 0x10 %#x
+# file size, not including pad characters at EOF
+>>>0x14	ulelong x	\b, %u bytes
+# search for embedded WP file
+#>>>24	search/638/sb	\xffWPC	WPC_MAGIC_FOUND
+# GRR: indirect call leads to recursion! WHY?
+#>>>>&0	indirect	x	\b; contains
+>>9	default	x
+>>>9	byte	x	Corel DrawPerfect: Unknown filetype %d
+# Corel LetterPerfect
+>8	byte	16
+>>9	default	x
+>>>9	byte	x	Corel LetterPerfect: Unknown filetype %d
+# Corel Terminal
+>8	byte	17
+>>9	byte	10	Corel Terminal resource data
+>>9	byte	11	Corel Terminal resource data
+>>9	byte	43	Corel Terminal resource data
+>>9	default	x
+>>>9	byte	x	Corel Terminal: Unknown filetype %d
+# Corel loadable file
+>8	byte	18
+>>9	byte	10	Corel loadable file
+>>9	byte	11	Corel GUI loadable text
+>>9	byte	12	Corel graphics resource data
+>>9	byte	13	Corel printer settings file
+>>9	byte	14	Corel port definition file
+>>9	byte	15	Corel print queue parameters
+>>9	byte	16	Corel compressed file
+>>9	default	x
+>>>9	byte	x	Corel loadable file: Unknown filetype %d
+>>15	byte	0	\b, optimized for Intel
+>>15	byte	1	\b, optimized for Non-Intel
+# Network service
+>8	byte	20
+>>9	byte	10	Corel Network service msg file
+>>9	byte	11	Corel Network service msg file
+>>9	byte	12	Corel Async gateway login msg
+>>9	byte	14	Corel GroupWise message file
+>>9	default	x
+>>>9	byte	x	Corel Network service: Unknown filetype %d
+# GroupWise
+>8	byte	31
+>>9	byte	20	GroupWise admin domain database
+>>9	byte	21	GroupWise admin host database
+>>9	byte	23	GroupWise admin remote host database
+>>9	byte	24	GroupWise admin ADS deferment data file
+>>9	default	x
+>>>9	byte	x	GroupWise: Unknown filetype %d
+# Corel Writing Tools WT*.*
+# From:		Joerg Jenderek
+# URL:		https://support.corel.com/hc/en-us/articles/215876258-Writing-Tools-Spell-Check-Dictionary-does-not-work-in-WordPerfect-X5
+#		http://wordperfect.helpmax.net/en/editing-and-formatting-documents/using-the-writing-tools/working-with-user-word-lists/
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/u/uwl-wp.trid.xml
+>8	byte	32
+>>9	byte	10	Corel Writing Tools User Word List
+#!:mime	application/octet-stream
+!:mime	application/x-wordperfect-wordlist
+# personal user word list UWL under user directory like: WTDE.UWL WTUS.UWL WT21DE.UWL WT21US.UWL WT13DE.UWL ...
+# and "template" SAV/HWL variant under program directory like: wt13en.hwl Wt13de.sav Wt13it.sav wt13ru.sav WT21us.sav Wtcz.sav ...
+!:ext	uwl/hwl/sav
+# jump to document area with some marker and word list
+>>>(4.l)	ubyte	x
+# look for beginning of word list starting mostly with letter a as UTF-16 like: Wt13es.sav
+# but not found in russian wt13ru.sav
+>>>>&0	search/91/sb	a\0
+# word list starting like: "acsesory\022accessory.\001\026acomodate\026accommodate4\001"
+>>>>>&0		lestring16	x	(...%-.33s...)
+# pointer to document area like: 200h
+>>>4	ulelong	!0x200	\b, at %#x document area
+# file size, not including pad characters at EOF
+>>>0x14	uleshort x	\b, %u bytes
+# IntelliTAG
+>8	byte	33
+>>9	byte	10	IntelliTAG (SGML) compiled DTD
+>>9	default	x
+>>>9	byte	x	IntelliTAG: Unknown filetype %d
+# Summary:	Corel WordPerfect WritingTools advise part
+# From:		Joerg Jenderek
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/a/adv-wp.trid.xml
+>8	byte	34
+>>9	byte	11	Corel WordPerfect dictionary advise
+#!:mime	application/octet-stream
+!:mime	application/x-wordperfect-adv
+#!:mime	application/vnd.wordperfect.adv
+# like: WT21de.adv Wt13de.adv Wt13es.adv Wt13fr.adv wt13us.adv
+!:ext	adv
+# advise text part often start with tag like: 580A
+#>>>(16.s)	ubequad	x	ADVISE PART %#llx
+# part of advise text like: "This is too informal for most writing."
+>>>(16.s+16)	string	x	(...%-.33s...)
+# everything else
+>8	default x
+>>8	byte	x	Unknown Corel/Wordperfect product %d,
+>>>9	byte	x	file type %d
+>10	byte	0	\b, v5.
+# version of WP file; 2.1~WP 8.0
+# major version of WP file like: 1 2
+>10	byte	!0	\b, v%d.
+# minor version of WP file like: 0 1
+>11	byte	x	\b%d
+
+# Hancom HWP (Hangul Word Processor)
+# Hangul Word Processor 3.0 through 97 used HWP 3.0 format.
+# URL: https://www.hancom.com/etc/hwpDownload.do
+0	string	HWP\ Document\ File     Hancom HWP (Hangul Word Processor) file, version 3.0
+!:ext	hwp
+
+# CosmicBook, from Benoit Rouits
+0       string  CSBK    Ted Neslson's CosmicBook hypertext file
+
+2       string  EYWR    AmigaWriter file
+
+# chi:  file(1) magic for ChiWriter files
+0       string          \\1cw\          ChiWriter file
+>5      string          >\0             version %s
+0       string          \\1cw           ChiWriter file
+
+# Quark Express from https://www.garykessler.net/library/file_sigs.html
+2	string	IIXPR3			Intel Quark Express Document (English)
+2	string	IIXPRa			Intel Quark Express Document (Korean)
+2	string	MMXPR3			Motorola Quark Express Document (English)
+!:mime	application/x-quark-xpress-3
+2	string	MMXPRa			Motorola Quark Express Document (Korean)
+
+# From:		Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/PageMaker
+#		https://en.wikipedia.org/wiki/Adobe_PageMaker
+# Reference:	http://mark0.net/download/triddefs_xml.7z/defs/p
+#		pm4-pagemaker.trid.xml
+#		pm5-pagemaker.trid.xml
+# Note:		since version 6 in 1995 called Adobe PageMaker and
+#		embedded in Compound Document handled by ./ole2compounddocs
+#		mainly tested little endian variant
+4	ubelong		=0x0000FF99
+>0	use		PageMaker
+# big endian variant
+4	ubelong		=0x000099FF
+>0	use		\^PageMaker
+#	display information of Aldus/Adobe PageMaker document/publication
+0	name		PageMaker
+>110	uleshort	<0x0600			Aldus
+>110	uleshort	>0x05FF			Adobe
+>110	uleshort	x			PageMaker
+# "MP" marker for newer version 4 and above according to TrID
+#>108	string		x			\b, MARKER "%.2s"
+# http://www.nationalarchives.gov.uk/pronom/fmt/876
+!:mime		application/vnd.pagemaker	
+#!:mime		application/x-pagemaker
+# different file name extensions are used depending on version
+# older version like 3
+>110	uleshort/256	=0			document
+# https://www.macdisk.com/macsigen.php
+!:apple	ALB3ALD3
+# PT3 for template and no example for PageMaker document/publication with PM3 extension
+!:ext	pm3/pt3
+>110	uleshort/256	=4			document
+!:apple	ALD4ALB4
+# no example for PT4 template
+!:ext	pm4/pt4
+>110	uleshort/256	=5			document
+!:apple	ALD5ALB5
+# no example for PT5 template
+!:ext	pm5/pt5
+>110	uleshort	=0x0600			document
+!:apple	ALD6ALB6
+# PT6 for template
+!:ext	pm6/pt6
+# HOWTO to distinguish version 7 from 6.5 ?
+>110	uleshort	=0x0632			document
+!:apple	AD65AB65
+# no example for T65 template
+!:ext	p65/t65/pmd/pmt
+# version 7 with PMT extension for template
+#!:ext	pmd/pmt
+#!:apple	????PUBF
+# endian marker FF 99 for little endian
+>6	ubyte	=0xFF			\b, little-endian
+>6	ubyte	=0x99			\b, big-endian
+# newer numeric version like: 4 5 6 6.50
+#>110	uleshort	x			\b, VERSION=%#x
+>110	uleshort	>0x03FF
+>>110	uleshort/256	x			\b, version %u
+>>110	uleshort%256	>0			\b.%u
+# older version like 3
+>110	uleshort	<0x0400			\b, maybe version 3
+
+# adobe indesign (document, whatever...) from querkan
+0	belong	0x0606edf5		Adobe InDesign
+>16	string	DOCUMENT		Document
+
+#------------------------------------------------------------------------------
+# ichitaro456: file(1) magic for Just System Word Processor Ichitaro
+#
+# Contributor kenzo-:
+# Reversed-engineered JS Ichitaro magic numbers
+#
+
+0	string		DOC
+>43	byte		0x14	Just System Word Processor Ichitaro v4
+!:mime	application/x-ichitaro4
+>144	string	JDASH		application/x-ichitaro4
+
+0	string		DOC
+>43	byte		0x15	Just System Word Processor Ichitaro v5
+!:mime	application/x-ichitaro5
+
+0	string		DOC
+>43	byte		0x16	Just System Word Processor Ichitaro v6
+!:mime	application/x-ichitaro6
+
+# Type: Freemind mindmap documents
+# From: Jamie Thompson <debian-bugs@jamie-thompson.co.uk>
+0	string/w	\<map\ version	Freemind document
+!:mime	application/x-freemind
+
+# Type: Freeplane mindmap documents
+# From: Felix Natter <fnatter@gmx.net>
+0       string/w        \<map\ version="freeplane  Freeplane document
+!:mime  application/x-freeplane
+
+# Type:        Scribus
+# From:        Werner Fink <werner@suse.de>
+0	string	\<SCRIBUSUTF8\ Version		Scribus Document
+0	string	\<SCRIBUSUTF8NEW\ Version	Scribus Document
+!:mime	application/x-scribus
+
+# help files .hlp compiled from html and used by gfxboot added by Joerg Jenderek
+# markups page=0x04,label=0x12, followed by strings like "opt" or "main" and title=0x14
+0	ulelong&0x8080FFFF	0x00001204	gfxboot compiled html help file
+
+# From:		Joerg Jenderek
+# URL:		https://en.wikipedia.org/wiki/StarOffice
+# Reference:	http://mark0.net/download/triddefs_xml.7z
+#		/defs/t/thm-staroffice.trid.xml
+# Note:		used in Star-, Open- and Libre-Office
+# named as soffice.StarConfigFile.6 or OpenOffice.org configuration by others
+0		ubeshort	0x0400
+# non nil gap
+#>(2.s+8)	ubequad		x		\b, gap %#16.16llx
+# test for null value in gap after theme name maybe unreliable
+#>(2.s+9)	ubyte		0		\b, 0-byte
+# look for keyword GALRESRV near the end
+# "C:\Program Files (x86)\StarOffice6.0\share\gallery\sg27.thm" Navigation, 238 objects
+#>0		search/8415	GALRESRV	\b, GALRESRV found
+# "neues thema6.thm" MorePictures, 315 objects
+#>0		search/19299	GALRESRV	\b, GALRESRV FOUND
+#>2		uleshort	x		\b, name length %u
+# skip file2147.chk by check for positive name length like for sg16.thm "3D"
+>2		uleshort	>0
+# skip dBase printer form T6.PRF with misidentified gallery 
+# name :\DBASE\IV\T6.txts by check for 1st object name or RESRV keyword
+# https://www.clicketyclick.dk/databases/xbase/xbase/dbase_ex.zip
+# template/t6/with_data/T6.PRF
+# by first char of object name or RESRV part of keyword GALRESRV
+>>(2.s+13)	ubyte		>0x1F		StarOffice Gallery theme
+!:mime		application/x-stargallery-thm
+# thm is also used for JPEG thumbnail images
+!:ext		thm
+# gallery name often 1 word like: 3D sounds Diagrams Flussdiagramme Fotos
+# or like private://gallery/hidden/imgppt "Cisco - WAN - LAN"
+>>>2		pstring/h	x		%s
+# number of objects
+>>>(2.s+4)	ulelong		x		\b, %u object
+# plural s
+>>>(2.s+4)	ulelong		!1		\bs
+# if available then display first object name 
+>>>(2.s+4)	ulelong		>0
+# partial file name, URL or internal name like "dd2*" of 1st object or RESRV
+>>>>(2.s+11)	pstring/h	x		\b, 1st %s
+
+# From:	Joerg Jenderek
+# URL:	http://fileformats.archiveteam.org/wiki/StarOffice_Gallery
+# Note:	used in Star-, Open- and Libre-Office and found in directories like
+#	%APPDATA%\Roaming\LibreOffice\4\user\gallery
+#	$HOME/.config/libreoffice/4/user/gallery
+0	string		SGA3	StarOffice Gallery thumbnails
+# Unknown like 0x04000?0001000142
+#>4	ubequad		x	\b, UNKNOWN %#16.16llx
+#!:mime	application/x-sdg
+!:mime	application/x-stargallery-sdg
+!:ext	sdg
+# display image magic for debugging purpose like 'BM'
+# looking like PC bitmap, Windows 3.x format with unknown compression
+#>11	string		x	\b, image magic '%-.2s'
+# inspect 1st GALLERY thumbnail magic by ./images with 1 space at end
+#>11	indirect	x	\b; contains 
+
diff --git a/magic/Magdir/wsdl b/magic/Magdir/wsdl
new file mode 100644
index 0000000..1c9e60a
--- /dev/null
+++ b/magic/Magdir/wsdl
@@ -0,0 +1,23 @@
+
+#------------------------------------------------------------------------------
+# $File: wsdl,v 1.6 2021/04/26 15:56:00 christos Exp $
+# wsdl: PHP WSDL Cache, https://www.php.net/manual/en/book.soap.php
+# Cache format extracted from source:
+# https://svn.php.net/viewvc/php/php-src/trunk/ext/soap/php_sdl.c?revision=HEAD&view=markup
+# Requires file >= 5.05
+# By Elan Ruusamae <glen@delfi.ee>, Patryk Zawadzki <patrys@pld-linux.org>, 2010-2011
+0		string		wsdl		PHP WSDL cache,
+>4		byte		x		version %#02x
+>6		ledate		x		\b, created %s
+
+# uri
+>10		lelong		<0x7fffffff
+>>10		pstring/l	x		\b, uri: "%s"
+
+# source
+>>>&0		lelong		<0x7fffffff
+>>>>&-4		pstring/l	x		\b, source: "%s"
+
+# target_ns
+>>>>>&0		lelong		<0x7fffffff
+>>>>>>&-4	pstring/l	x		\b, target_ns: "%s"
diff --git a/magic/Magdir/x68000 b/magic/Magdir/x68000
new file mode 100644
index 0000000..927b96d
--- /dev/null
+++ b/magic/Magdir/x68000
@@ -0,0 +1,25 @@
+#------------------------------------------------------------------------------
+# x68000:  file(1) magic for the Sharp Home Computer
+# v1.0
+# Fabio R. Schmidlin <sd-snatcher@users.sourceforge.net>
+
+# Yanagisawa PIC picture
+0	string		PIC
+>3	search/0x200	\x1A
+>>&0	search/0x200	\x0
+>>>&0	ubyte		0		Yanagisawa PIC image file,
+>>>>&0	ubyte&15	0		model: X68000,
+>>>>&0	ubyte&15	1		model: PC-88VA,
+>>>>&0	ubyte&15	2		model: FM-TOWNS,
+>>>>&0	ubyte&15	3		model: MAC,
+>>>>&0	ubyte&15	15		model: Generic,
+>>>>&3	ubeshort	x		%dx
+>>>>&5	ubeshort	x		\b%d,
+>>>>&1	ubeshort	4		colors: 16
+>>>>&1	ubeshort	8		colors: 256
+>>>>&1	ubeshort	12		colors: 4096
+>>>>&1	ubeshort	15		colors: 32768
+>>>>&1	ubeshort	16		colors: 65536
+>>>>&1	ubeshort	>16		colors: %d-bit
+
+
diff --git a/magic/Magdir/xdelta b/magic/Magdir/xdelta
new file mode 100644
index 0000000..fde1d26
--- /dev/null
+++ b/magic/Magdir/xdelta
@@ -0,0 +1,13 @@
+
+#------------------------------------------------------------------------------
+# $File: xdelta,v 1.5 2011/08/08 09:01:05 christos Exp $
+# file(1) magic(5) data for xdelta  Josh MacDonald <jmacd@CS.Berkeley.EDU>
+#
+0	string	%XDELTA%	XDelta binary patch file 0.14
+0	string	%XDZ000%	XDelta binary patch file 0.18
+0	string	%XDZ001%	XDelta binary patch file 0.20
+0	string	%XDZ002%	XDelta binary patch file 1.0
+0	string	%XDZ003%	XDelta binary patch file 1.0.4
+0	string	%XDZ004%	XDelta binary patch file 1.1
+
+0	string \xD6\xC3\xC4\x00	VCDIFF binary diff
diff --git a/magic/Magdir/xenix b/magic/Magdir/xenix
new file mode 100644
index 0000000..fc8027b
--- /dev/null
+++ b/magic/Magdir/xenix
@@ -0,0 +1,106 @@
+
+#------------------------------------------------------------------------------
+# $File: xenix,v 1.15 2022/10/19 20:15:16 christos Exp $
+# xenix:  file(1) magic for Microsoft Xenix
+#
+# "Middle model" stuff, and "Xenix 8086 relocatable or 80286 small
+# model" lifted from "magic.xenix", with comment "derived empirically;
+# treat as folklore until proven"
+#
+# "small model", "large model", "huge model" stuff lifted from XXX
+#
+# XXX - "x.out" collides with PDP-11 archives
+#
+0	string		core		core file (Xenix)
+# URL: http://www.polarhome.com/service/man/?qf=86rel&tf=2&of=Xenix
+#      http://fileformats.archiveteam.org/wiki/OMF
+# Reference: http://www.azillionmonkeys.com/qed/Omfg.pdf
+# Update: Joerg Jenderek
+# recordtype~TranslatorHEADerRecord
+0	byte		0x80
+# GRR: line above is too general as it catches also Extensible storage engine DataBase,
+# all lif files like forth.lif hpcc88.lif lex90b.lif ( See ./lif)
+# and all compressed DEGAS low-res bitmaps like: MUNCHIE.PC1 PIDER1.PC1
+# skip examples like GENA.SND Switch.Snd by looking for record length maximal 1024-3
+>1	uleshort	<1022
+# skip examples like GAME.PICTURE Strange.Pic by looking for positive record length
+>>1	uleshort	>0
+# skip examples like Xtable.Data FRACTAL.GEN SHR.VIEW by looking for positive string length
+>>>3	ubyte		>0
+# skip examples like OMBRE.6 with "UUUUUU" name by looking for valid high second record type
+>>>>(1.s+3)	ubyte	>0x6D
+# skip few Atari DEGAS bitmap TPDEMO.PC2 RECIPE.PC2 with invalid "high" second record type FEh FFh
+>>>>>(1.s+3)	ubyte	<0xF2	8086 relocatable (Microsoft)
+#!:mime	application/octet-stream
+!:mime	application/x-object
+!:ext	obj/o/a
+# T-module name often source name like "hello.c" or "jmppm32.asm" in JMPPM32.OBJ or
+# "kbhit" in KBHITS.OBJ or "CAUSEWAY_KERNAL" in CWAPI.OBJ
+>>>>>>3	pstring		x		\b, "%s"
+# data length probably lower 256 according to TrID obj_omf.trid.xml
+>>>>>>1	uleshort	x		\b, 1st record data length %u
+# checksum
+#>>>>>>(3.b+4)	ubyte	x		\b, checksum %#2.2x
+# second recordtype: 96h~LNAMES 88h~COMENT 8CH~EXTDEF
+# highest F1h~Library End Record
+>>>>>>(1.s+3)	ubyte	x		\b, 2nd record type %#x
+>>>>>>(1.s+4)	uleshort x		\b, 2nd record data length %u
+0	leshort		0xff65		x.out
+>2	string		__.SYMDEF	 randomized
+>0	byte		x		archive
+0	leshort		0x206		Microsoft a.out
+>8	leshort		1		Middle model
+>0x1e	leshort		&0x10		overlay
+>0x1e	leshort		&0x2		separate
+>0x1e	leshort		&0x4		pure
+>0x1e	leshort		&0x800		segmented
+>0x1e	leshort		&0x400		standalone
+>0x1e	leshort		&0x8		fixed-stack
+>0x1c	byte		&0x80		byte-swapped
+>0x1c	byte		&0x40		word-swapped
+>0x10	lelong		>0		not-stripped
+>0x1e	leshort		^0xc000		pre-SysV
+>0x1e	leshort		&0x4000		V2.3
+>0x1e	leshort		&0x8000		V3.0
+>0x1c	byte		&0x4		86
+>0x1c	byte		&0xb		186
+>0x1c	byte		&0x9		286
+>0x1c	byte		&0xa		386
+>0x1f	byte		<0x040		small model
+>0x1f	byte		=0x048		large model
+>0x1f	byte		=0x049		huge model
+>0x1e	leshort		&0x1		executable
+>0x1e	leshort		^0x1		object file
+>0x1e	leshort		&0x40		Large Text
+>0x1e	leshort		&0x20		Large Data
+>0x1e	leshort		&0x120		Huge Objects Enabled
+>0x10	lelong		>0		not stripped
+
+0	leshort		0x140		old Microsoft 8086 x.out
+>0x3	byte		&0x4		separate
+>0x3	byte		&0x2		pure
+>0	byte		&0x1		executable
+>0	byte		^0x1		relocatable
+>0x14	lelong		>0		not stripped
+
+0	lelong		0x206		b.out
+>0x1e	leshort		&0x10		overlay
+>0x1e	leshort		&0x2		separate
+>0x1e	leshort		&0x4		pure
+>0x1e	leshort		&0x800		segmented
+>0x1e	leshort		&0x400		standalone
+>0x1e	leshort		&0x1		executable
+>0x1e	leshort		^0x1		object file
+>0x1e	leshort		&0x4000		V2.3
+>0x1e	leshort		&0x8000		V3.0
+>0x1c	byte		&0x4		86
+>0x1c	byte		&0xb		186
+>0x1c	byte		&0x9		286
+>0x1c	byte		&0x29		286
+>0x1c	byte		&0xa		386
+>0x1e	leshort		&0x4		Large Text
+>0x1e	leshort		&0x2		Large Data
+>0x1e	leshort		&0x102		Huge Objects Enabled
+
+0	leshort		0x580		XENIX 8086 relocatable or 80286 small model
+# GRR: line above is too general as it catches also all 8086 relocatable (Microsoft) with 1st record data length 5 C0M.OBJ C0T.OBJ C0S.OBJ
diff --git a/magic/Magdir/xilinx b/magic/Magdir/xilinx
new file mode 100644
index 0000000..fd14678
--- /dev/null
+++ b/magic/Magdir/xilinx
@@ -0,0 +1,58 @@
+
+#------------------------------------------------------------------------------
+# $File: xilinx,v 1.10 2022/12/18 14:59:32 christos Exp $
+# This is Aaron's attempt at a MAGIC file for Xilinx .bit files.
+# Xilinx-Magic@RevRagnarok.com
+# Got the info from FPGA-FAQ 0026
+#
+# Rewritten to use pstring/H instead of hardcoded lengths by O. Freyermuth,
+# fixes at least reading of bitfiles from Spartan 2, 3, 6.
+# http://www.fpga-faq.com/FAQ_Pages/0026_Tell_me_about_bit_files.htm
+#
+# First there is the sync header and its length
+0	beshort 0x0009
+>2 	belong	=0x0ff00ff0
+>>&0	belong  =0x0ff00ff0
+>>>&0	byte    =0x00
+>>>&1   beshort =0x0001
+>>>&3	string	a	Xilinx BIT data
+# Next is a Pascal-style string with the NCD name. We want to capture that.
+>>>>&0	   pstring/H	x	- from %s
+# And then 'b'
+>>>>>&1    string b
+# Then the model / part number:
+>>>>>>&0   pstring/H    x       - for %s
+# Then 'c'
+>>>>>>>&1 string c
+# Then the build-date
+>>>>>>>>&0 pstring/H    x       - built %s
+# Then 'd'
+>>>>>>>>>&1   string d
+# Then the build-time
+>>>>>>>>>>&0  pstring/H x        \b(%s)
+# Then 'e'
+>>>>>>>>>>>&1  string e
+# And length of data
+>>>>>>>>>>>>&0 belong x          - data length %#x
+
+# Raw bitstream files
+0      long    0xffffffff
+>&0    belong  0xaa995566      Xilinx RAW bitstream (.BIN)
+
+# AXLF (xclbin) files used by AMD/Xilinx accelerators.
+# The file format is defined by XRT source tree:
+# https://github.com/Xilinx/XRT/blob/master/src/runtime_src/core/include/xclbin.h
+# Display file size, creation date, accelerator shell name, xclbin uuid and
+# number of sections.
+
+0       string      xclbin2     AMD/Xilinx accelerator AXLF (xclbin) file
+>0x130  lequad      x           \b, %lld bytes
+>0x138  leqdate     x           \b, created %s
+>0x160  string      >0          \b, shell "%.64s"
+>0x1a0  ubelong     x           \b, uuid %08x
+>0x1a4  ubeshort    x           \b-%04x
+>0x1a6  ubeshort    x           \b-%04x
+>0x1a8  ubeshort    x           \b-%04x
+>0x1aa  ubelong     x           \b-%08x
+>0x1ae  ubeshort    x           \b%04x
+>0x1c0  lelong      x           \b, %d sections
+\ No newline at end of file
diff --git a/magic/Magdir/xo65 b/magic/Magdir/xo65
new file mode 100644
index 0000000..f7b555f
--- /dev/null
+++ b/magic/Magdir/xo65
@@ -0,0 +1,37 @@
+
+#------------------------------------------------------------------------------
+# $File: xo65,v 1.5 2022/07/17 15:36:20 christos Exp $
+# https://cc65.github.io/doc/sim65.html
+# xo65 object files
+# From: "Ullrich von Bassewitz" <uz@cc65.org>
+#
+0	string		\x55\x7A\x6E\x61	xo65 object,
+>4	leshort		x			version %d,
+>6	leshort&0x0001 =0x0001			with debug info
+>6	leshort&0x0001 =0x0000			no debug info
+
+# xo65 library files
+0	string		\x6E\x61\x55\x7A	xo65 library,
+>4	leshort		x			version %d
+
+# o65 object files
+0	string		\x01\x00\x6F\x36\x35	o65
+>6	leshort&0x1000	=0x0000			executable,
+>6	leshort&0x1000	=0x1000			object,
+>5	byte		x			version %d,
+>6	leshort&0x8000	=0x8000			65816,
+>6	leshort&0x8000	=0x0000			6502,
+>6	leshort&0x2000	=0x2000			32 bit,
+>6	leshort&0x2000	=0x0000			16 bit,
+>6	leshort&0x4000	=0x4000			page reloc,
+>6	leshort&0x4000	=0x0000			byte reloc,
+>6	leshort&0x0003	=0x0000			alignment 1
+>6	leshort&0x0003	=0x0001			alignment 2
+>6	leshort&0x0003	=0x0002			alignment 4
+>6	leshort&0x0003	=0x0003			alignment 256
+
+# sim65 executable files
+0	string		\x73\x69\x6d\x36\x35	sim65 executable,
+>5	byte		x			version %d,
+>6	leshort&0x0000	=0x0000			6502
+>6	leshort&0x0001	=0x0001			65C02
diff --git a/magic/Magdir/xwindows b/magic/Magdir/xwindows
new file mode 100644
index 0000000..d8c08c8
--- /dev/null
+++ b/magic/Magdir/xwindows
@@ -0,0 +1,43 @@
+
+#------------------------------------------------------------------------------
+# $File: xwindows,v 1.13 2022/03/24 15:48:58 christos Exp $
+# xwindows:  file(1) magic for various X/Window system file formats.
+
+# Compiled X Keymap
+# XKM (compiled X keymap) files (including version and byte ordering)
+1	string	mkx				Compiled XKB Keymap: lsb,
+>0	byte	>0				version %d
+>0	byte	=0				obsolete
+0	string	xkm				Compiled XKB Keymap: msb,
+>3	byte	>0				version %d
+>3	byte	=0				obsolete
+
+# xfsdump archive
+0	string	xFSdump0			xfsdump archive
+>8	belong	x	(version %d)
+
+# Jaleo XFS files
+0	long	395726				Jaleo XFS file
+>4	long	x				- version %d
+>8	long	x				- [%d -
+>20	long	x				\b%dx
+>24	long	x				\b%dx
+>28	long	1008				\bYUV422]
+>28	long	1000				\bRGB24]
+
+# Xcursor data
+# X11 mouse cursor format defined in libXcursor, see
+# https://www.x.org/archive/X11R6.8.1/doc/Xcursor.3.html
+# https://cgit.freedesktop.org/xorg/lib/libXcursor/tree/include/X11/Xcursor/Xcursor.h
+0	string		Xcur		Xcursor data
+!:mime	image/x-xcursor
+>10	leshort		x		version %d
+>>8	leshort		x		\b.%d
+
+# X bitmap https://en.wikipedia.org/wiki/X_BitMap
+0	search/2048	#define\040
+>&0	regex		[a-zA-Z0-9]+_width\040	xbm image
+>>&0	regex		[0-9]+			(%sx
+>>>&0	string		\n#define\040
+>>>>&0	regex		[a-zA-Z0-9]+_height\040
+>>>>>&0	regex		[0-9]+			\b%s)
diff --git a/magic/Magdir/yara b/magic/Magdir/yara
new file mode 100644
index 0000000..6156cc6
--- /dev/null
+++ b/magic/Magdir/yara
@@ -0,0 +1,17 @@
+
+
+#------------------------------------------------------------------------------
+# $File: yara,v 1.4 2021/04/26 15:56:00 christos Exp $
+# yara:  file(1) magic for https://virustotal.github.io/yara/
+#
+
+0	string	YARA
+>4	lelong	>2047
+>8	byte	<20	YARA 3.x compiled rule set
+# version
+>>8	clear	x
+>>8	byte	6	created with version 3.3.0
+>>8	byte	8	created with version 3.4.0
+>>8	byte	11	created with version 3.5.0
+>>8	default	x
+>>>8	byte	x	development version %#02x
diff --git a/magic/Magdir/zfs b/magic/Magdir/zfs
new file mode 100644
index 0000000..5cb0fdd
--- /dev/null
+++ b/magic/Magdir/zfs
@@ -0,0 +1,96 @@
+#------------------------------------------------------------------------------
+# zfs:	file(1) magic for ZFS dumps
+#
+# From <rea-fbsd@codelabs.ru>
+# ZFS dump header has the following structure (as per zfs_ioctl.h
+# in FreeBSD with drr_type is set to DRR_BEGIN)
+#
+#   enum {
+#	DRR_BEGIN, DRR_OBJECT, DRR_FREEOBJECTS,
+#	DRR_WRITE, DRR_FREE, DRR_END,
+#   } drr_type;
+#   uint32_t drr_pad;
+#   uint64_t drr_magic;
+#   uint64_t drr_version;
+#   uint64_t drr_creation_time;
+#   dmu_objset_type_t drr_type;
+#   uint32_t drr_pad;
+#   uint64_t drr_toguid;
+#   uint64_t drr_fromguid;
+#   char drr_toname[MAXNAMELEN];
+#
+# Backup magic is 0x00000002f5bacbac (quad word)
+# The drr_type is defined as
+#   typedef enum dmu_objset_type {
+#	  DMU_OST_NONE,
+#	  DMU_OST_META,
+#	  DMU_OST_ZFS,
+#	  DMU_OST_ZVOL,
+#	  DMU_OST_OTHER,		  /* For testing only! */
+#	  DMU_OST_ANY,			  /* Be careful! */
+#	  DMU_OST_NUMTYPES
+#  } dmu_objset_type_t;
+#
+# Almost all uint64_t fields are printed as the 32-bit ones (with high
+# 32 bits zeroed), because there is no simple way to print them as the
+# full 64-bit values.
+
+# Big-endian values
+8	string	\000\000\000\002\365\272\313\254 ZFS snapshot (big-endian machine),
+>20	belong	x	version %u,
+>32	belong	0	type: NONE,
+>32	belong	1	type: META,
+>32	belong	2	type: ZFS,
+>32	belong	3	type: ZVOL,
+>32	belong	4	type: OTHER,
+>32	belong	5	type: ANY,
+>32	belong	>5	type: UNKNOWN (%u),
+>40	byte	x	destination GUID: %02X
+>41	byte	x	%02X
+>42	byte	x	%02X
+>43	byte	x	%02X
+>44	byte	x	%02X
+>45	byte	x	%02X
+>46	byte	x	%02X
+>47	byte	x	%02X,
+>48	ulong	>0
+>>52	ulong	>0
+>>>48	byte	x	source GUID: %02X
+>>>49	byte	x	%02X
+>>>50	byte	x	%02X
+>>>51	byte	x	%02X
+>>>52	byte	x	%02X
+>>>53	byte	x	%02X
+>>>54	byte	x	%02X
+>>>55	byte	x	%02X,
+>56	string	>\0	name: '%s'
+
+# Little-endian values
+8	string	\254\313\272\365\002\000\000\000	ZFS snapshot (little-endian machine),
+>16	lelong	x	version %u,
+>32	lelong	0	type: NONE,
+>32	lelong	1	type: META,
+>32	lelong	2	type: ZFS,
+>32	lelong	3	type: ZVOL,
+>32	lelong	4	type: OTHER,
+>32	lelong	5	type: ANY,
+>32	lelong	>5	type: UNKNOWN (%u),
+>47	byte	x	destination GUID: %02X
+>46	byte	x	%02X
+>45	byte	x	%02X
+>44	byte	x	%02X
+>43	byte	x	%02X
+>42	byte	x	%02X
+>41	byte	x	%02X
+>40	byte	x	%02X,
+>48	ulong	>0
+>>52	ulong	>0
+>>>55	byte	x	source GUID: %02X
+>>>54	byte	x	%02X
+>>>53	byte	x	%02X
+>>>52	byte	x	%02X
+>>>51	byte	x	%02X
+>>>50	byte	x	%02X
+>>>49	byte	x	%02X
+>>>48	byte	x	%02X,
+>56	string	>\0	name: '%s'
diff --git a/magic/Magdir/zilog b/magic/Magdir/zilog
new file mode 100644
index 0000000..1c861fb
--- /dev/null
+++ b/magic/Magdir/zilog
@@ -0,0 +1,12 @@
+
+#------------------------------------------------------------------------------
+# $File: zilog,v 1.7 2009/09/19 16:28:13 christos Exp $
+# zilog:  file(1) magic for Zilog Z8000.
+#
+# Was it big-endian or little-endian?  My Product Specification doesn't
+# say.
+#
+0	long		0xe807		object file (z8000 a.out)
+0	long		0xe808		pure object file (z8000 a.out)
+0	long		0xe809		separate object file (z8000 a.out)
+0	long		0xe805		overlay object file (z8000 a.out)
diff --git a/magic/Magdir/zip b/magic/Magdir/zip
new file mode 100644
index 0000000..abf5284
--- /dev/null
+++ b/magic/Magdir/zip
@@ -0,0 +1,126 @@
+#------------------------------------------------------------------------------
+# $File: zip,v 1.8 2021/10/24 15:53:56 christos Exp $
+# zip:  file(1) magic for zip files; this is not use
+# Note the version of magic in archive is currently stronger, this is
+# just an example until negative offsets are supported better
+# Note:	All fields unless otherwise noted are unsigned!
+
+# Zip Central Directory record
+0	name		zipcd
+>0	string		PK\001\002	Zip archive data
+!:mime	application/zip
+# no "made by" in local file header with PK\3\4 magic
+>>4	leshort		x		\b, made by
+>>4	use		zipversion
+>>4	use		ziphost
+# inside ./archive 1.151 called "at least" zipversion "to extract"
+>>6	leshort		x		\b, extract using at least
+>>6	use		zipversion
+# This is DOS date like: ledate 21:00:48 19 Dec 2001 != DOS 00:00 1 Jan 2010 ~ 0000213C
+>>12	ulelong		x		\b, last modified
+>>14	lemsdosdate	x		\b, last modified %s
+>>12	lemsdostime	x		%s
+# uncompressed size of 1st entry; FFffFFff means real value stored in ZIP64 record
+>>24	ulelong		!0xFFffFFff	\b, uncompressed size %u
+# inside ./archive 1.151 called "compression method="zipcompression
+>>10	leshort		x		\b, method=
+>>10	use		zipcompression
+
+# URL:		https://en.wikipedia.org/wiki/Zip_(file_format)
+# reference:	https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT (Version: 6.3.9)
+# Zip known compressions
+0	name		zipcompression
+>0	leshort		0		\bstore
+>0	leshort		1		\bShrinking
+>0	leshort		6		\bImploding
+>0	leshort		7		\bTokenizing
+>0	leshort		8		\bdeflate
+>0	leshort		9		\bdeflate64
+>0	leshort		10		\bLibrary imploding
+#>0	leshort		11 		\bReserved by PKWARE
+>0	leshort		12		\bbzip2
+#>0	leshort		13 		\bReserved by PKWARE
+>0	leshort		14		\blzma
+#>0	leshort		15 		\bReserved by PKWARE
+>0	leshort		16		\bCMPSC (IBM z/OS)
+#>0	leshort		17 		\bReserved by PKWARE
+>0	leshort		18		\bIBM TERSE
+>0	leshort		19		\bIBM LZ77 (z/Architecture)
+>0	leshort		20		\bZstd (deprecated)
+>0	leshort		93		\bZstd
+>0	leshort		94		\bMP3
+>0	leshort		95		\bxz
+>0	leshort		96		\bJpeg
+>0	leshort		97		\bWavPack
+>0	leshort		98		\bPPMd
+>0	leshort		99		\bAES Encrypted
+>0	default		x
+>>0	leshort		x		\b[%#x]
+
+# Zip known versions
+0	name		zipversion
+# The lower byte indicates the ZIP version of this file. The value/10 indicates
+# the major version number, and the value mod 10 is the minor version number.
+>0	ubyte/10	x		v%u
+>0	ubyte%10	x		\b.%u
+# >0	leshort		0x09		v0.9
+# >0	leshort		0x0a		v1.0
+# >0	leshort		0x0b		v1.1
+# >0	leshort		0x14		v2.0
+# >0	leshort		0x15		v2.1
+# >0	leshort		0x19		v2.5
+# >0	leshort		0x1b		v2.7
+# >0	leshort		0x2d		v4.5
+# >0	leshort		0x2e		v4.6
+# >0	leshort		0x32		v5.0
+# >0	leshort		0x33		v5.1
+# >0	leshort		0x34		v5.2
+# >0	leshort		0x3d		v6.1
+# >0	leshort		0x3e		v6.2
+# >0	leshort		0x3f		v6.3
+# >0	default		x
+# >>0	leshort		x		v?[%#x]
+
+#	display compatible host system name of ZIP archive
+0	name		ziphost
+# The upper byte indicates the compatibility of the file attribute information.
+# If the file is compatible with MS-DOS (v 2.04g) then this value will be zero.
+#>1	ubyte		0		DOS
+>1	ubyte		1 		Amiga
+>1	ubyte		2		OpenVMS
+>1	ubyte		3		UNIX
+>1	ubyte		4		VM/CMS
+>1	ubyte		6		OS/2
+>1	ubyte		7		Macintosh
+>1	ubyte		11		MVS
+>1	ubyte		13		Acorn Risc
+>1	ubyte		16		BeOS
+>1	ubyte		17		Tandem
+# 9 untested
+>1	ubyte		5		Atari ST
+>1	ubyte		8		Z-System
+>1	ubyte		9		CP/M
+>1	ubyte		10		Windows NTFS
+>1	ubyte		12		VSE
+>1	ubyte		14		VFAT
+>1	ubyte		15		alternate MVS
+>1	ubyte		18		OS/400
+>1	ubyte		19		OS X
+# unused
+#>1	ubyte		>19		unused %#x
+
+# Zip End Of Central Directory record
+# GRR: wrong for ZIP with comment archive
+-22	string		PK\005\006
+#>4	uleshort	!0xFFff		\b, %u disks
+#>6	uleshort	!0xFFff		\b, central directory disk %u
+#>8	uleshort	!0xFFff		\b, %u central directories on this disk
+#>10	uleshort	!0xFFff		\b, %u central directories
+#>12	ulelong		!0xFFffFFff	\b, %u central directory bytes
+# offset of central directory
+#>16	ulelong		x		\b, central directory offset %#x
+>(16.l)	use		zipcd
+# archive comment length n
+#>>20	uleshort	>0		\b, comment length %u
+# archive comment
+>>20	pstring/l	>0		\b, %s
diff --git a/magic/Magdir/zyxel b/magic/Magdir/zyxel
new file mode 100644
index 0000000..d3a43e4
--- /dev/null
+++ b/magic/Magdir/zyxel
@@ -0,0 +1,17 @@
+
+#------------------------------------------------------------------------------
+# $File: zyxel,v 1.6 2009/09/19 16:28:13 christos Exp $
+# zyxel:  file(1) magic for ZyXEL modems
+#
+# From <rob@pe1chl.ampr.org>
+# These are the /etc/magic entries to decode datafiles as used for the
+# ZyXEL U-1496E DATA/FAX/VOICE modems.  (This header conforms to a
+# ZyXEL-defined standard)
+
+0	string		ZyXEL\002	ZyXEL voice data
+>10	byte		0		- CELP encoding
+>10	byte&0x0B	1		- ADPCM2 encoding
+>10	byte&0x0B	2		- ADPCM3 encoding
+>10	byte&0x0B	3		- ADPCM4 encoding
+>10	byte&0x0B	8		- New ADPCM3 encoding
+>10	byte&0x04	4		with resync