Binary File Change Monitor in Python

fmod.py

"""
Detect exactly which bytes have changed in a file.
Useful for binary reverse engineering:
    - Start script
    - Save file from program, changing one attribute
    - See which byte(s) have changed
"""

import os
import traceback
import time
import struct
import sys
from watchdog.observers import Observer
from watchdog.events import FileSystemEventHandler

target = sys.argv[1]

last_fmod = 0
last_data = open(target).read()


def do():
    try:
        global last_data
        data = open(target).read()
        for i in xrange(0, len(data)):
            if last_data[i] != data[i]:
                print "Change at 0x%08X: 0x%02X -> 0x%02X" % \
                      (i, struct.unpack("<b", last_data[i])[0], struct.unpack("<b", data[i])[0])
        last_data = data
    except:
        print "nope!"
        print traceback.format_exc()
    print "----"


class Handler(FileSystemEventHandler):
    def on_any_event(self, event):
        global last_fmod
        if last_fmod < os.path.getmtime(target):
            last_fmod = os.path.getmtime(target)
            do()

handler = Handler()
observer = Observer()
observer.schedule(handler, path=os.path.dirname(target))
observer.start()

try:
    while True:
        time.sleep(0.1)
except KeyboardInterrupt:
    observer.stop()
observer.join()