Forensicsarchivercompressionextractionforensicsfile-analysis

7zip

7-Zip is a file archiver with a high compression ratio supporting multiple formats for packing/unpacking and extraction. It provides strong AES-256 encryption and powerful command line functionality.

Description

7-Zip is a versatile file archiver designed for high compression ratios, particularly in 7z format using LZMA and LZMA2 algorithms. It supports a wide range of formats for both packing/unpacking (7z, XZ, BZIP2, GZIP, TAR, ZIP, WIM) and unpacking only (AR, ARJ, CAB, CHM, CPIO, and many disk image formats like DMG, ISO, VHD, VMDK). This makes it valuable for handling various archive types encountered in forensic analysis and penetration testing.

The tool offers three main binaries: 7z (full-featured with plugins), 7za (major formats only), and 7zr (LZMA-focused minimal executable). It provides superior compression ratios for ZIP and GZIP compared to traditional tools like PKZip and WinZip, along with strong AES-256 encryption for 7z and ZIP formats. Note that RAR support requires the separate non-free 7zip-rar package due to licensing constraints.

Additional packages include p7zip (a wrapper with basic options) and 7zip-standalone (providing 7zz binary without plugins). These variants support common operations like benchmarking, decompression, and hash calculation, making 7zip suitable for automated scripting and batch processing in security workflows.

How It Works

7-Zip utilizes advanced compression algorithms like LZMA and LZMA2 for 7z format, achieving 2-10% better ratios than PKZip/WinZip for ZIP/GZIP. It supports packing/unpacking multiple formats through dedicated handlers and provides AES-256 encryption for secure archives. The tool operates via command-line interface with three binary variants: full 7z with plugin support, stripped 7za for major formats, and minimal 7zr for LZMA-only operations. Hash functions (CRC32, SHA256, etc.) are available for integrity verification during extraction and listing.

Installation

bash
sudo apt install 7zip

Flags

aAdd files to archive
bBenchmark
dDelete files from archive
eExtract files from archive (without using directory names)
hCalculate hash values for files
lList contents of archive
rnRename files in archive
-ao{a|s|t|u}set Overwrite mode
-bb[0-3]set output log level
-bddisable progress indicator
-scrc[CRC32|CRC64|SHA256|*]set hash function for x, e, h commands (7zr/7zz)
-c --stdoutoutput data to stdout (p7zip)
-d --decompressdecompress file (p7zip)
-f --forcedo not ask questions (p7zip)

Examples

Display help and usage information for the full-featured 7z binary
7z -h
Add file.txt to a new 7z archive (implicitly uses current directory if no files specified)
7z a archive.7z file.txt
Extract files from archive without preserving directory structure
7z e archive.7z
List contents of the archive
7z l archive.7z
Calculate hash values for the specified file
7z h file.txt
Show help for 7za (major formats only)
7za -h
Run benchmark test with minimal 7zr binary
7zr b
Decompress archive using p7zip wrapper
p7zip -d archive.7z
Updated 2026-04-16kali.org ↗