Decalage | Articles et outils à propos de Python, Sécurité Informatique, etc.

Articles et outils à propos de Python, Sécurité Informatique, etc.

user warning: UPDATE command denied to user 'decalaged'@'10.0.155.185' for table 'cache_filter' query: UPDATE cache_filter SET data = 'Here is the list of open-source Python projects that I am maintaining or contributing to.\n', created = 1369416460, expire = 1369502860, headers = '', serialized = 0 WHERE cid = '1:856fb11d06948f0632f2502350e5ee55' in /homez.14/decalaged/www/drupal/includes/cache.inc on line 109.
user warning: UPDATE command denied to user 'decalaged'@'10.0.155.185' for table 'cache_filter' query: UPDATE cache_filter SET data = 'Voici une liste de tous les articles et présentations que j\'ai publiés jusqu\'ici dans le domaine de la sécurité informatique.\n', created = 1369416460, expire = 1369502860, headers = '', serialized = 0 WHERE cid = '1:d8049be7feb67a3e92ea6f2cd1ab0263' in /homez.14/decalaged/www/drupal/includes/cache.inc on line 109.
user warning: UPDATE command denied to user 'decalaged'@'10.0.155.185' for table 'cache_filter' query: UPDATE cache_filter SET data = 'pyxswf is a script to detect, extract and analyze Flash objects (SWF files) that may be embedded in files such as MS Office documents (e.g. Word, Excel) and RTF, which is especially useful for malware analysis. It is part of the <a href=\"oletools\">oletools </a>package. pyxswf is an extension of <a href=\"http://hooked-on-mnemonics.blogspot.nl/2011/12/xxxswfpy.html\">xxxswf.py</a> published by Alexander Hanel.\n', created = 1369416460, expire = 1369502860, headers = '', serialized = 0 WHERE cid = '1:7dcc78a81cc4e465896b192d8d875e58' in /homez.14/decalaged/www/drupal/includes/cache.inc on line 109.
user warning: UPDATE command denied to user 'decalaged'@'10.0.155.185' for table 'cache_filter' query: UPDATE cache_filter SET data = '<a href=\"../../../../../../python/oletools\">python-oletools</a> is a package of python tools to analyze <a href=\"http://en.wikipedia.org/wiki/Compound_File_Binary_Format\">Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format)</a>, such as Microsoft Office documents or Outlook messages, mainly for malware analysis and debugging. It is based on the <a href=\"../../../../../../python/olefileio\">OleFileIO_PL</a> parser. \n', created = 1369416460, expire = 1369502860, headers = '', serialized = 0 WHERE cid = '1:13a6dbc252cc6586ffde782fbe5c0e63' in /homez.14/decalaged/www/drupal/includes/cache.inc on line 109.
user warning: UPDATE command denied to user 'decalaged'@'10.0.155.185' for table 'cache_filter' query: UPDATE cache_filter SET data = 'OleFileIO_PL is a Python module to read <a href=\"http://en.wikipedia.org/wiki/Compound_File_Binary_Format\">Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format)</a>, such as Microsoft Office documents, Image Composer and FlashPix files, Outlook messages, ... This my improved version of the OleFileIO module from <a href=\"http://www.pythonware.com/products/pil/index.htm\">PIL</a>, the excellent Python Imaging Library, created and maintained by Fredrik Lundh. The API is still compatible with PIL, but I have improved the internal implementation significantly, with many bugfixes and a more robust design.\n', created = 1369416460, expire = 1369502860, headers = '', serialized = 0 WHERE cid = in /homez.14/decalaged/www/drupal/includes/cache.inc on line 109.
user warning: UPDATE command denied to user 'decalaged'@'10.0.155.185' for table 'cache_filter' query: UPDATE cache_filter SET data = 'rtfobj is a Python module to extract embedded objects from RTF files, such as OLE ojects. It can be used as a Python library or a command-line tool. It is part of the <a href=\"../../../../../../en/python/oletools\">oletools </a>package. \n', created = 1369416460, expire = 1369502860, headers = '', serialized = 0 WHERE cid = '1:c13d199824eb9fd8b23ecbc592c82338' in /homez.14/decalaged/www/drupal/includes/cache.inc on line 109.
user warning: UPDATE command denied to user 'decalaged'@'10.0.155.185' for table 'cache_filter' query: UPDATE cache_filter SET data = 'This article describes the Microsoft Office legacy/binary file formats (doc, xls, ppt), related security issues and useful resources. [WORK IN PROGRESS]\n', created = 1369416460, expire = 1369502860, headers = '', serialized = 0 WHERE cid = '1:21f43a34ec5e462886168e1715614bcb' in /homez.14/decalaged/www/drupal/includes/cache.inc on line 109.
user warning: UPDATE command denied to user 'decalaged'@'10.0.155.185' for table 'cache_filter' query: UPDATE cache_filter SET data = 'oleid is a script to analyze OLE files such as MS Office documents (e.g. Word, Excel), to detect specific characteristics that could potentially indicate that the file is suspicious or malicious, in terms of security (e.g. malware). For example it can detect VBA macros, embedded Flash objects, fragmentation. It is part of the <a href=\"../../../../../../en/python/oletools\">oletools </a>package. \n', created = 1369416461, expire = 1369502861, headers = '', serialized = 0 WHERE cid = '1:ce49a7fb233c73461ad0ec952532cfc8' in /homez.14/decalaged/www/drupal/includes/cache.inc on line 109.
user warning: UPDATE command denied to user 'decalaged'@'10.0.155.185' for table 'cache_filter' query: UPDATE cache_filter SET data = 'olebrowse is a simple GUI to browse OLE files (e.g. MS Word, Excel, Powerpoint documents), to view and extract individual data streams. It is part of the <a href=\"../../../../../../en/python/oletools\">oletools </a>package.\n', created = 1369416461, expire = 1369502861, headers = '', serialized = 0 WHERE cid = '1:57f2c306753f0b4d67a4ddb87201c9d2' in /homez.14/decalaged/www/drupal/includes/cache.inc on line 109.
warning: array_map() [function.array-map]: Argument #2 should be an array in /homez.14/decalaged/www/drupal/modules/system/system.module on line 1015.
warning: array_keys() [function.array-keys]: The first argument should be an array in /homez.14/decalaged/www/drupal/includes/theme.inc on line 1817.
warning: Invalid argument supplied for foreach() in /homez.14/decalaged/www/drupal/includes/theme.inc on line 1817.

Python projects

Tool
Python

Here is the list of open-source Python projects that I am maintaining or contributing to.

Articles et présentations à propos de Sécurité Informatique

Sécurité

Voici une liste de tous les articles et présentations que j'ai publiés jusqu'ici dans le domaine de la sécurité informatique.

pyxswf - a python tool to extract SWF (Flash) objects from documents (improved xxxswf)

Submitted by decalage on mer, 05/08/2013 - 19:24

pyxswf is a script to detect, extract and analyze Flash objects (SWF files) that may be embedded in files such as MS Office documents (e.g. Word, Excel) and RTF, which is especially useful for malware analysis. It is part of the oletools package. pyxswf is an extension of xxxswf.py published by Alexander Hanel.

python-oletools - python tools to analyze OLE files

Submitted by decalage on mer, 05/08/2013 - 19:21

python-oletools is a package of python tools to analyze Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office documents or Outlook messages, mainly for malware analysis and debugging. It is based on the OleFileIO_PL parser.

OleFileIO_PL - a Python module to read MS OLE2 files

Tool
Python

OleFileIO_PL is a Python module to read Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office documents, Image Composer and FlashPix files, Outlook messages, ... This my improved version of the OleFileIO module from PIL, the excellent Python Imaging Library, created and maintained by Fredrik Lundh. The API is still compatible with PIL, but I have improved the internal implementation significantly, with many bugfixes and a more robust design.

rtfobj - a python tool to extract embedded objects from RTF files

Submitted by decalage on ven, 05/03/2013 - 04:56

rtfobj is a Python module to extract embedded objects from RTF files, such as OLE ojects. It can be used as a Python library or a command-line tool. It is part of the oletools package.

MS Office legacy/binary formats security (doc, xls, ppt, ...)

Submitted by decalage on ven, 11/02/2012 - 14:49

Sécurité

This article describes the Microsoft Office legacy/binary file formats (doc, xls, ppt), related security issues and useful resources. [WORK IN PROGRESS]

oleid - a python tool to quickly analyze OLE files

Submitted by decalage on ven, 11/02/2012 - 10:03

oleid is a script to analyze OLE files such as MS Office documents (e.g. Word, Excel), to detect specific characteristics that could potentially indicate that the file is suspicious or malicious, in terms of security (e.g. malware). For example it can detect VBA macros, embedded Flash objects, fragmentation. It is part of the oletools package.

PDF Security Issues

Submitted by decalage on mer, 10/24/2012 - 20:05

Sécurité

This article describes the PDF file format, related security issues and useful resources. [WORK IN PROGRESS]

olebrowse - a simple python GUI to browse OLE files and extract streams

Submitted by decalage on lun, 10/15/2012 - 20:15

olebrowse is a simple GUI to browse OLE files (e.g. MS Word, Excel, Powerpoint documents), to view and extract individual data streams. It is part of the oletools package.