oletools
oletools copied to clipboard
decalage2
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
I came across some files where this XML was named `[Content_Types].xmla`. It's strange suffix, MS Word does not open it and `ftguess` crashes with `KeyError`. Have you ever seen such...
ms-msdt links are currently being exploitet. Should not be too hard to find them, I am investigating the possibility to extend msodde to do that (generalizing it to a more...
Fix unittests and problem for olevba in python 2.7
When the code of a VBA macro contains non-ASCII characters, olevba triggers a UnicodeEncodeError when the console output is redirected to a file, on Windows 10 with Python 3. The...
**Affected tool:** tests **Describe the bug** Multiple tests are failing: - `test_macros`: `AssertionError` - `test_empty_behaviour`, `test_rtf_behaviour`, `test_text_behaviour`, `test_xlm`: AssertionError due to a correct syntax warning (`is` must not be used...
Following the question initially done in #201, I'd like to discuss it further. After checking my sample RTF against VirusTotal, although harmless, it does trigger around 8 engines (due to...
**Affected tool:** mraptor **Describe the bug** mraptor 0.56.2 can' find the Macro mraptor 0.56dev5 can find the Macro **File/Malware sample to reproduce the bug** Please attach the file in a...
Currently running pip install oletools[full] on Python 2.x fails, because XLMMacroDeobfuscator only supports Python 3.x.
See https://blog.didierstevens.com/2022/05/05/update-oledump-py-version-0-0-66/
The output always display garbage code when use oleobj command to detect and extract the ole file. Actually they are in Chinese. I use Python 2.7.
