Can this tool detect files that have been renamed to disguise their type?

Yes. Content-based detection reads the file's internal structure and magic bytes rather than its filename or extension. A ZIP archive renamed to .pdf will be reported as application/zip, not application/pdf.

What happens to files that cannot be identified?

Files that cannot be matched to a known MIME type are reported as application/octet-stream. Empty files are reported as application/x-empty. The tool never silently drops a file from the report.

Is this tool suitable for security auditing of uploaded files?

It is useful as one layer of a file validation strategy. The tool performs best-effort content-based detection and explicitly notes this is not authoritative. For security-critical workflows, treat the report as an input to further validation rather than a definitive verdict.

What is the maximum batch size?

Up to 50 files or 2GB total per batch, whichever limit is reached first. Individual file size limits vary by type — most files including ZIP, JSON, and TAR are limited to 50MB each.

MIME Type Auditing for DevOps and IT Engineers

Files flowing through CI/CD pipelines, artifact stores, or user-facing upload endpoints can't be trusted by name alone — a misconfigured build step or a malicious rename can disguise file types in ways that break deployments or introduce security gaps. Deliteful's File MIME Type Detector audits batches of files using content-based inspection, returning a structured report you can integrate into any validation workflow.

Create free account

DevOps and IT teams regularly handle file artifacts whose provenance is partially or fully external: vendor-supplied assets, user uploads awaiting triage, or files pulled from legacy storage systems. Verifying MIME types at the infrastructure layer — before files are served, stored, or processed — is a standard defense-in-depth practice. Content-based detection is more reliable than trusting the Content-Type header or filename extension, both of which can be trivially spoofed.

The output is a tab-separated .txt report — two columns, filename and mime_type, one row per file — that fits naturally into shell scripts, log ingestion, or an audit trail. Unrecognized files surface explicitly as application/octet-stream rather than being silently skipped, so every file in the batch is accounted for. Batches support up to 50 files or 2GB total.

How it works

1
Create a free account
Sign in with Google in 3 clicks — no credit card or lengthy signup form.
2
Upload the files to audit
Drop in up to 50 files across supported types including ZIP, TAR, TGZ, JSON, PDF, DOCX, images, and spreadsheets.
3
Download the MIME audit report
Receive a tab-separated .txt report listing each filename alongside its content-detected MIME type.

Frequently asked questions

Can this tool detect files that have been renamed to disguise their type?: Yes. Content-based detection reads the file's internal structure and magic bytes rather than its filename or extension. A ZIP archive renamed to .pdf will be reported as application/zip, not application/pdf.
What happens to files that cannot be identified?: Files that cannot be matched to a known MIME type are reported as application/octet-stream. Empty files are reported as application/x-empty. The tool never silently drops a file from the report.
Is this tool suitable for security auditing of uploaded files?: It is useful as one layer of a file validation strategy. The tool performs best-effort content-based detection and explicitly notes this is not authoritative. For security-critical workflows, treat the report as an input to further validation rather than a definitive verdict.
What is the maximum batch size?: Up to 50 files or 2GB total per batch, whichever limit is reached first. Individual file size limits vary by type — most files including ZIP, JSON, and TAR are limited to 50MB each.

Create your free Deliteful account with Google and audit your next batch of infrastructure files for MIME type mismatches in seconds.