Articles et outils à propos de Python, Sécurité Informatique, etc.

My Python projects

Here is the list of open-source Python projects that I am maintaining or contributing to.

Articles et présentations à propos de Sécurité Informatique

Voici une liste de tous les articles et présentations que j'ai publiés jusqu'ici dans le domaine de la sécurité informatique.

olefile (formerly OleFileIO_PL) - a Python module to read/write MS OLE2 files

olefile (formerly OleFileIO_PL) is a Python module to read/write Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office 97-2003 documents, Image Composer and FlashPix files, Outlook messages, StickyNotes, several Microscopy file formats, McAfee antivirus quarantine files, etc.

MS Office legacy/binary formats security (doc, xls, ppt, ...)

This article describes the Microsoft Office legacy/binary file formats (doc, xls, ppt), related security issues and useful resources.

python-oletools - python tools to analyze OLE files

python-oletools is a package of python tools to analyze Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office documents or Outlook messages, mainly for malware analysis, forensics and debugging. It is based on my OleFileIO_PL parser. 

olevba - a tool to extract VBA Macro source code from MS Office documents (OLE and OpenXML)

olevba is a script to parse OLE and OpenXML files such as MS Office documents (e.g. Word, Excel), to extract VBA Macro code in clear text. It is part of the python-oletools package.

oletimes - a tool to extract creation and modification timestamps of all streams and storages in OLE files

oletimes is a script to parse OLE files such as MS Office documents (e.g. Word, Excel), to extract creation and modification times of all streams and storages in the OLE file. It is part of the python-oletools package.

olemeta - a tool to extract all standard properties (metadata) from OLE files such as MS Office

olemeta is a script to parse OLE files such as MS Office documents (e.g. Word, Excel), to extract all standard properties present in the OLE file. It is part of the python-oletools package.

OleFileIO_PL: Experimental write features

Since version 0.32, OleFileIO_PL comes with experimental write features. For now it is possible to write sectors, and to write over an existing stream. More features will be added over time.

File Scanning Frameworks for Malware Analysis and Incident Response

This article presents several new open source frameworks meant to simplify static file scanning for malware analysis and incident response: MASTIFF, Viper, IRMA and a few others. Their goal is to provide an extensible framework to integrate many existing scanning tools.

Syndiquer le contenu