Commits

Show all
Author Commit Message Labels Comments Date
Philippe Lagadec
olevba: display decoded strings which are printable by default, fixed VBA_Scanner.scan to return raw strings instead of repr(strings)
Philippe Lagadec
fixed readme and doc
Philippe Lagadec
updated readme and doc for oletools 0.12
Philippe Lagadec
olevba: improved display during long analysis
Philippe Lagadec
olevba: added options -a, -c, --each, --attr
Philippe Lagadec
olevba: display VBA obfuscation flag in triage mode
Philippe Lagadec
olevba: added pyparsing into thirdparty folder
Philippe Lagadec
olevba: added pyparsing into thirdparty folder
Philippe Lagadec
olevba: added generic VBA expression deobfuscation (chr,asc,etc) using pyparsing
Philippe Lagadec
updated setup and doc for oletools 0.11
Philippe Lagadec
olevba: added suspicious keywords - fixed issue #13
Philippe Lagadec
olevba: added suspicious keywords suggested by Davy Douhine - fixed issue #9
Philippe Lagadec
olevba: added suspicious keyword suggested by @ozhermit
Philippe Lagadec
olevba: improved MSO files parsing, taking into account various data offsets (fixed issue #12) - improved detection of MSO files, avoiding incorrect parsing errors (fixed issue #7)
Philippe Lagadec
olevba: added is_mso_file function
Philippe Lagadec
updated olefile to v0.43 (slight changes in _OleDirectoryEntry)
Philippe Lagadec
updated doc and setup.py
Philippe Lagadec
improved support for MHTML files with modified header: fixed issue #11
Philippe Lagadec
updated readme with link to issue #10
Philippe Lagadec
updated setup.py for v0.10
Philippe Lagadec
updated doc home for v0.10
Philippe Lagadec
updated readme and doc
Philippe Lagadec
added support for Word MHTML files with macros (Single File Web Page), fixed issue #10
Philippe Lagadec
updated readme and doc
Philippe Lagadec
setup.py: added shebang line, chmod +x
Philippe Lagadec
updated setup.py
Philippe Lagadec
olevba: added suspicious keywords for sandboxing and virtualisation detection
Philippe Lagadec
set all scripts as executable on Linux/Unix
Philippe Lagadec
changed line endings from CRLF to LF in all scripts to improve Linux/Unix compatibility
Philippe Lagadec
olevba: changed line endings from CRLF to LF
  1. Prev
  2. Next