Recent posts

TypePostAuthorRepliesLast updated
StoryUsing VBA Emulation to Analyze Obfuscated Macros decalage01 day 10 hours ago
PageMalware Search decalage05 weeks 2 days ago
StoryHow to detect most malicious macros without an antivirus decalage013 weeks 1 day ago
book pagepython-oletools - python tools to analyze OLE and MS Office files decalage015 weeks 6 days ago
StoryAnti-Analysis Tricks in Weaponized RTF decalage024 weeks 2 days ago
book pageWeaponized MS Office 97-2003 legacy/binary formats (doc, xls, ppt, ...) decalage028 weeks 5 days ago
book pageWeaponized PDF decalage028 weeks 5 days ago
book pageWeaponized File Formats decalage028 weeks 5 days ago
Story8KB of malware crammed into a single command line in a macro decalage031 weeks 3 days ago
StoryHow to grill Malicious Macros - SSTIC15 decalage034 weeks 3 days ago
StoryTip: how to find malware samples containing specific strings decalage035 weeks 5 days ago
PageExeFilter - an open-source tool and framework to filter files and active content decalage236 weeks 4 days ago
PageTools to extract VBA Macro source code from MS Office Documents decalage036 weeks 4 days ago
StoryUnmasking Malfunctioning Malicious Documents decalage036 weeks 4 days ago
Pageolefile - a Python module to read/write MS OLE2 files decalage2436 weeks 4 days ago
book pageolevba - a tool to extract VBA Macro source code from MS Office documents (OLE and OpenXML) decalage01 year 33 weeks ago
PageArticles and presentations about Cyber Security decalage01 year 47 weeks ago
book pageolemeta - a tool to extract all standard properties (metadata) from OLE files such as MS Office decalage02 years 4 weeks ago
book pageoletimes - a tool to extract creation and modification timestamps of all streams and storages in OLE files decalage02 years 4 weeks ago
StoryOleFileIO_PL: Experimental write features decalage02 years 8 weeks ago
StoryFile Scanning Frameworks for Malware Analysis and Incident Response decalage02 years 10 weeks ago
PageHow to force urllib2 not to use a proxy decalage22 years 26 weeks ago
StoryHow to convert Signsrch/Clamsrch signatures to Yara decalage02 years 26 weeks ago
PageSSTIC08 - Dynamic Malware Analysis for Dummies decalage02 years 27 weeks ago
book pagertfobj - a python tool to extract embedded objects from RTF files decalage02 years 27 weeks ago