7-Zip
Overview
Section intitulée « Overview »7-Zip is a powerful, open-source file archiver that provides high compression ratios and strong encryption. The p7zip command-line version is available on Linux and macOS, while 7-Zip GUI runs natively on Windows. It supports multiple formats including its native 7z format, ZIP, GZIP, BZIP2, TAR, XZ, and WIM. Commonly used in forensic analysis, system administration, and incident response for handling compressed archives.
Installation
Section intitulée « Installation »Linux (Debian/Ubuntu)
Section intitulée « Linux (Debian/Ubuntu) »sudo apt-get update
sudo apt-get install p7zip-full
7za --version # Verify installationLinux (RHEL/CentOS/Fedora)
Section intitulée « Linux (RHEL/CentOS/Fedora) »sudo yum install p7zip p7zip-plugins
# Or on newer systems
sudo dnf install p7zip p7zip-pluginsbrew install p7zip
7za --versionDownload the installer from https://www.7-zip.org/ or use package manager:
# Using Chocolatey
choco install 7zip
# Using Scoop
scoop install 7zipCommand Syntax
Section intitulée « Command Syntax »Basic Structure
Section intitulée « Basic Structure »7za <command> [options] <archive> [files]The primary commands are:
a— Add files to archivee— Extract files (preserves paths)x— Extract files (ignores paths)l— List archive contentsd— Delete files from archiveu— Update files in archivet— Test archive integrity
Creating Archives
Section intitulée « Creating Archives »Basic Archive Creation
Section intitulée « Basic Archive Creation »# Create 7z archive (maximum compression)
7za a archive.7z file1.txt file2.txt
# Create ZIP archive
7za a archive.zip file1.txt
# Create TAR archive
7za a archive.tar file1.txt
# Create compressed TAR (TAR.GZ)
7za a archive.tar.gz file1.txtRecursive Directory Archiving
Section intitulée « Recursive Directory Archiving »# Archive entire directory
7za a -r archive.7z /path/to/directory
# Archive with specific filter
7za a -r archive.7z /path/to/directory -x\!*.logCompression Level Options
Section intitulée « Compression Level Options »# Ultra compression (slowest, best ratio)
7za a -mx=9 archive.7z data/
# Maximum compression
7za a -mx=7 archive.7z data/
# Normal compression (default)
7za a -mx=5 archive.7z data/
# Fast compression
7za a -mx=3 archive.7z data/
# Very fast compression
7za a -mx=1 archive.7z data/Solid Archives
Section intitulée « Solid Archives »# Create solid archive for better compression ratio
7za a -ms=on archive.7z directory/
# Disable solid mode
7za a -ms=off archive.7z directory/Encryption and Password Protection
Section intitulée « Encryption and Password Protection »AES-256 Encryption
Section intitulée « AES-256 Encryption »# Add files with AES-256 encryption (7z format only)
7za a -p password -mhe=on archive.7z confidential/
# Encrypt with secure password prompt
7za a -mhe=on archive.7z directory/
# Will prompt: Enter password:
# Double password for extra security
7za a -p -mhe=on archive.7z directory/ZIP Password Protection
Section intitulée « ZIP Password Protection »# ZIP with password (WinZip-compatible AES-256)
7za a -p password archive.zip sensitive_files/
# ZIP with legacy encryption (older compatibility)
7za a -pPassword archive.zip files/Password Options
Section intitulée « Password Options »| Option | Description |
|---|---|
-pPassword | Set password directly (not recommended) |
-p | Prompt for password interactively |
-mhe=on | Hide file list (7z format only) |
-mhe=off | Standard encryption without list hiding |
Extracting Archives
Section intitulée « Extracting Archives »Basic Extraction
Section intitulée « Basic Extraction »# Extract 7z archive
7za e archive.7z
# Extract and recreate directory structure
7za x archive.7z
# Extract to specific directory
7za x archive.7z -o/path/to/extract/
# Extract without directory structure
7za e archive.7z -ooutput_folder/Password-Protected Extraction
Section intitulée « Password-Protected Extraction »# Extract with password
7za x -p password archive.7z
# Extract with password prompt
7za x archive.7z
# Will prompt: Enter password:
# Extract specific files
7za x archive.7z -p password file1.txt file2.txtSelective Extraction
Section intitulée « Selective Extraction »# Extract only certain file types
7za x archive.7z *.txt
# Extract files matching pattern
7za x archive.7z "*.log" -o/logs/
# Extract excluding certain files
7za x archive.7z -x\!*.tmpListing Archive Contents
Section intitulée « Listing Archive Contents »Basic Listing
Section intitulée « Basic Listing »# List all files in archive
7za l archive.7z
# List with detailed information
7za l -slt archive.7z
# List specific format
7za l archive.zipDetailed Output
Section intitulée « Detailed Output »# Show compression ratio
7za l -ppassword archive.7z
# List encrypted archive
7za l archive.7z -p password
# Show only filenames
7za l archive.7z | grep -E "^-"Archive Verification and Testing
Section intitulée « Archive Verification and Testing »Integrity Testing
Section intitulée « Integrity Testing »# Test archive integrity
7za t archive.7z
# Test encrypted archive
7za t archive.7z -p password
# Test with verbose output
7za t -v archive.7z
# Test all archives in directory
for file in *.7z; do 7za t "$file"; doneRepair Operations
Section intitulée « Repair Operations »# Repair corrupted archive (limited capability)
7za x -aoa archive.7z
# Create recovery record before issues arise
7za a -rr3p archive.7z directory/Archive Splitting
Section intitulée « Archive Splitting »Split Large Archives
Section intitulée « Split Large Archives »# Split archive into 100MB volumes
7za a -v100m archive.7z largefile.iso
# Split into 50MB volumes
7za a -v50m backup.7z /data/
# Split into 1GB volumes
7za a -v1g huge_backup.7z directory/
# Split with custom size
7za a -v2097152k archive.7z directory/ # 2GB volumesExtracting Split Archives
Section intitulée « Extracting Split Archives »# Extract first volume (others detected automatically)
7za x archive.7z.001
# Extract with verification
7za x -v archive.7z.001 -o/extract/path/Excluding and Including Files
Section intitulée « Excluding and Including Files »Exclusion Patterns
Section intitulée « Exclusion Patterns »# Exclude specific file type
7za a -r archive.7z /source/ -x\!*.tmp
# Exclude multiple patterns
7za a -r archive.7z /source/ -x\!*.log -x\!*.cache
# Exclude hidden files (Linux)
7za a -r archive.7z /source/ -x\!.*
# Exclude directories
7za a -r archive.7z /source/ -x\!temp -x\!*.tmpInclusion Patterns
Section intitulée « Inclusion Patterns »# Archive only specific types
7za a archive.7z -r /source/ *.txt *.doc
# Multiple inclusion patterns
7za a archive.7z /source/ -i\!*.pdf -i\!*.xlsxPipe Operations
Section intitulée « Pipe Operations »Compression via Pipes
Section intitulée « Compression via Pipes »# Compress directory on-the-fly
tar -cf - directory/ | 7za a -si archive.tar.7z
# Compress stdin
echo "data" | 7za a -si stdin.7z
# Compress from process
mysqldump database | 7za a -si database_backup.7zDecompression via Pipes
Section intitulée « Decompression via Pipes »# Extract and pipe to stdout
7za x -so archive.7z file.txt | cat
# Extract to process
7za x -so archive.7z script.sh | bash
# Extract and decompress further
7za x -so archive.7z backup.tar.gz | tar -xzf -Performance Tuning
Section intitulée « Performance Tuning »Memory and Threading
Section intitulée « Memory and Threading »# Use multiple threads (default: auto-detect)
7za a -mmt=4 archive.7z directory/
# Single-threaded (lower memory usage)
7za a -mmt=1 archive.7z directory/
# Maximum threads (system-dependent)
7za a -mmt=on archive.7z directory/Compression Algorithms
Section intitulée « Compression Algorithms »# LZMA2 with specific dictionary size
7za a -md=32m archive.7z directory/
# Smaller dictionary (faster, less compression)
7za a -md=4m archive.7z directory/
# Large dictionary (slower, better compression)
7za a -md=128m archive.7z directory/Forensic Use Cases
Section intitulée « Forensic Use Cases »Forensic Evidence Preservation
Section intitulée « Forensic Evidence Preservation »# Create read-only archive with timestamps preserved
7za a -mta=on -mtc=on -mtp=on evidence.7z /evidence/path/
# Archive with recovery record for integrity verification
7za a -rr10p -v650m evidence.7z /evidence/directory/
# Password-protect forensic data with encryption
7za a -p ForensicPassword -mhe=on evidence.7z /evidence/Chain of Custody
Section intitulée « Chain of Custody »# Verify archive hasn't been modified
7za t -v evidence.7z > chain_of_custody.log
# Compare hashes after extraction
sha256sum file_before > hash_before.txt
7za x evidence.7z
sha256sum extracted_file > hash_after.txt
diff hash_before.txt hash_after.txtMemory Dump Analysis
Section intitulée « Memory Dump Analysis »# Archive large memory dumps with maximum compression
7za a -mx=9 -md=192m memdump.7z memory.bin
# Split for storage/transfer
7za a -mx=9 -v700m memdump.7z memory.bin
# Extract with verification
7za x -t memdump.7z.001Advanced Options Reference
Section intitulée « Advanced Options Reference »| Option | Description |
|---|---|
-a | Add files to archive |
-d | Delete files from archive |
-e | Extract files without paths |
-x | Extract with directory structure |
-l | List archive contents |
-t | Test archive integrity |
-p[password] | Set password |
-mx=9 | Set compression level (1-9) |
-md=32m | Dictionary size |
-mmt=4 | Thread count |
-r | Recurse subdirectories |
-v100m | Create 100MB volumes |
-mhe=on | Hide encrypted file list |
-mta=on | Preserve access time |
-mtc=on | Preserve creation time |
-mtp=on | Preserve modification time |
-so | Extract to stdout |
-si | Read from stdin |
-aoa | Overwrite all files |
-aos | Skip files if exist |
-aou | Auto-rename if exists |
Common Workflows
Section intitulée « Common Workflows »Full System Backup
Section intitulée « Full System Backup »# Create encrypted full backup
7za a -p MyPassword -mx=5 -mhe=on backup_$(date +%Y%m%d).7z \
/home/ /etc/ /opt/ \
-x\!.cache -x\!.tmp -x\!*.log
# Verify backup
7za t -p MyPassword backup_$(date +%Y%m%d).7zMulti-Volume Archive
Section intitulée « Multi-Volume Archive »# Split into DVD-sized volumes
7za a -v4700m -mx=7 data.7z /large/directory/
# Extract from any volume
7za x data.7z.001Secure Data Disposal
Section intitulée « Secure Data Disposal »# Archive and encrypt before deletion
7za a -mhe=on -p SecurePassword confidential.7z sensitive_files/
shred -vfz -n 3 sensitive_files/*
rm -rf sensitive_files/Troubleshooting
Section intitulée « Troubleshooting »Common Issues
Section intitulée « Common Issues »| Issue | Solution |
|---|---|
| Archive corrupted | Use 7za t to test, then 7za x -aoa to recover |
| Out of memory | Reduce -md value or use -mmt=1 |
| Permission denied | Use sudo or check file permissions |
| Wrong password | Verify with 7za l -ppassword archive.7z first |
| Format not recognized | Ensure correct command for file type |
Memory and Performance
Section intitulée « Memory and Performance »# Low-memory systems
7za a -mx=1 -md=2m -mmt=1 archive.7z files/
# High-performance systems
7za a -mx=9 -md=256m -mmt=on archive.7z files/
# Check compression statistics
7za l -slt archive.7z | grep -E "Compressed|Uncompressed"Additional Resources
Section intitulée « Additional Resources »- Official documentation: https://www.7-zip.org/
- p7zip project: http://p7zip.sourceforge.net/
- Compression ratio comparisons across formats available in man pages
- For Windows GUI documentation, consult 7-Zip help menu