AI Agent Skill HUB
multiAI Summary Pending

ffind

Advanced file finder with type detection and filesystem extraction for analyzing firmware and extracting embedded filesystems. Use when you need to analyze firmware files, identify file types, or extract ext2/3/4 or F2FS filesystems.

231 stars
byaiskillstore
View on GitHubInstallation ↓

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/ffind/SKILL.md --create-dirs "https://raw.githubusercontent.com/aiskillstore/marketplace/main/skills/brownfinesecurity/ffind/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/ffind/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How ffind Compares

Feature / AgentffindStandard Approach
Platform SupportmultiLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Advanced file finder with type detection and filesystem extraction for analyzing firmware and extracting embedded filesystems. Use when you need to analyze firmware files, identify file types, or extract ext2/3/4 or F2FS filesystems.

Which AI agents support this skill?

This skill is compatible with multi.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Ffind - Advanced File Finder with Extraction

You are helping the user find and analyze files with advanced type detection and optional filesystem extraction capabilities using the ffind tool.

## Tool Overview

Ffind analyzes files and directories, identifies file types, and can extract filesystems (ext2/3/4, F2FS) for deeper analysis. It's designed for firmware and IoT device analysis.

## Instructions

When the user asks to analyze files, find specific file types, or extract filesystems:

1. **Understand the target**:
   - Ask what path(s) they want to analyze
   - Determine if they want to extract filesystems or just analyze
   - Ask if they want all file types or just artifact types

2. **Execute the analysis**:
   - Use the ffind command from the iothackbot bin directory
   - Basic usage: `ffind <path> [<path2> ...]`
   - To extract filesystems: `ffind <path> -e`
   - Custom extraction directory: `ffind <path> -e -d /path/to/output`
   - Show all file types: `ffind <path> -a`
   - Verbose output: `ffind <path> -v`

3. **Output formats**:
   - `--format text` (default): Human-readable colored output with type summaries
   - `--format json`: Machine-readable JSON
   - `--format quiet`: Minimal output

4. **Extraction capabilities**:
   - Supports ext2/ext3/ext4 filesystems (requires e2fsprogs)
   - Supports F2FS filesystems (requires f2fs-tools)
   - Requires sudo privileges for extraction
   - Default extraction location: `/tmp/ffind_<timestamp>`

## Examples

Analyze a firmware file to see file types:
```bash
ffind /path/to/firmware.bin
```

Extract all filesystems from a firmware image:
```bash
sudo ffind /path/to/firmware.bin -e
```

Analyze multiple files and show all types:
```bash
ffind /path/to/file1.bin /path/to/file2.bin -a
```

Extract to a custom directory:
```bash
sudo ffind /path/to/firmware.bin -e -d /tmp/my-extraction
```

## Important Notes

- Extraction requires root/sudo privileges
- Requires external tools: e2fsprogs, f2fs-tools, util-linux
- Identifies "artifact" file types relevant to security analysis by default
- Use `-a` flag to see all file types including common formats