OleFileIO_PL: Experimental write features
Since version 0.32, OleFileIO_PL comes with experimental write features. For now it is possible to write sectors, and to write over an existing stream. More features will be added over time.en lire plus
View Articleolemeta - a tool to extract all standard properties (metadata) from OLE files...
olemeta is a script to parse OLE files such as MS Office documents (e.g. Word, Excel), to extract all standard properties present in the OLE file. It is part of the python-oletools package.en lire plus
View Articleoletimes - a tool to extract creation and modification timestamps of all...
oletimes is a script to parse OLE files such as MS Office documents (e.g. Word, Excel), to extract creation and modification times of all streams and storages in the OLE file. It is part of the...
View Articleolevba - a tool to extract VBA Macro source code from MS Office documents...
olevba is a script to parse OLE and OpenXML files such as MS Office documents (e.g. Word, Excel), to detect VBA Macros, extract their source code in clear text, decode malware obfuscation...
View ArticleHow to detect most malicious macros without an antivirus
mraptor is a simple tool designed to detect malicious VBA macros in MS Office files, based on characteristics of the VBA code. This article explains how it works, and how it can be used in practice.en...
View Articleolefile - a Python module to read/write MS OLE2 files
olefile (formerly OleFileIO_PL) is a Python package to parse, read and write Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as...
View ArticleTools to extract VBA Macro source code from MS Office Documents
This article presents several tools that can be used to extract VBA Macros source code from MS Office Documents, for malware analysis and forensics. It also provides an overview of how VBA Macros are...
View ArticleMy Python projects
Here is the list of open-source Python projects that I am maintaining or contributing to.en lire plus
View Articleiodeflib - a python library to create, parse and edit IODEF incident reports
iodeflib is a python library to create, parse and edit cyber incident reports using the IODEF v1 XML format (RFC 5070).en lire plus
View Articleoletools - python tools to analyze OLE and MS Office files
python-oletools is a package of python tools to analyze Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office...
View ArticleOleFileIO_PL: Experimental write features
Since version 0.32, OleFileIO_PL comes with experimental write features. For now it is possible to write sectors, and to write over an existing stream. More features will be added over time.en lire plus
View Articleolemeta - a tool to extract all standard properties (metadata) from OLE files...
olemeta is a script to parse OLE files such as MS Office documents (e.g. Word, Excel), to extract all standard properties present in the OLE file. It is part of the python-oletools package.en lire plus
View Articleoletimes - a tool to extract creation and modification timestamps of all...
oletimes is a script to parse OLE files such as MS Office documents (e.g. Word, Excel), to extract creation and modification times of all streams and storages in the OLE file. It is part of the...
View Articleolevba - a tool to extract VBA Macro source code from MS Office documents...
olevba is a script to parse OLE and OpenXML files such as MS Office documents (e.g. Word, Excel), to detect VBA Macros, extract their source code in clear text, decode malware obfuscation...
View ArticleHow to detect most malicious macros without an antivirus
mraptor is a simple tool designed to detect malicious VBA macros in MS Office files, based on characteristics of the VBA code. This article explains how it works, and how it can be used in practice.en...
View ArticleTools to extract VBA Macro source code from MS Office Documents
This article presents several tools that can be used to extract VBA Macros source code from MS Office Documents, for malware analysis and forensics. It also provides an overview of how VBA Macros are...
View ArticleMy Python projects
Here is the list of open-source Python projects that I am maintaining or contributing to.en lire plus
View Articleiodeflib - a python library to create, parse and edit IODEF incident reports
iodeflib is a python library to create, parse and edit cyber incident reports using the IODEF v1 XML format (RFC 5070).en lire plus
View Articleolefile - a Python module to read/write MS OLE2 files
olefile (formerly OleFileIO_PL) is a Python package to parse, read and write Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as...
View Articleoletools - python tools to analyze OLE and MS Office files
python-oletools is a package of python tools to analyze Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office...
View Article
