issues
search
decalage2
/
oletools
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
http://www.decalage.info/python/oletools
Other
2.89k
stars
565
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
ftguess: add XLSB detection
#758
decalage2
closed
2 years ago
0
Failed to detect OOXML XLSX file
#755
randubin
opened
2 years ago
0
XLM not detected in XLSX (OOXML)
#754
randubin
opened
2 years ago
0
XLS with Macro not detected
#753
randubin
opened
2 years ago
2
olevba: improve parsing of XLM macros
#751
decalage2
opened
2 years ago
0
Avoid repeated string join()s in analyze_macros()
#750
Blacksyke
opened
2 years ago
0
String parsing slow with ~100,000+ strings
#749
Blacksyke
opened
2 years ago
1
Olevba: Add switch parameter to choose either XLMMacroDeobfuscator or plugin_biff for XLM-macros analysis
#748
antmaxi
opened
2 years ago
1
Olevba can't parse vsdm (Visio) files anymore
#747
eyaltemps
opened
2 years ago
1
Olevba sometimes extract macros of embedded files
#746
eyaltemps
opened
2 years ago
0
mraptor does not detect Excel4 Macro
#745
gnugnug
opened
2 years ago
2
olevba: add option or sample script to scan an entire PC for macros
#744
decalage2
opened
2 years ago
0
can't detect the macro in the virus xlsb
#742
leezp
opened
2 years ago
1
XLM4 is not detected
#741
randubin
opened
2 years ago
2
OLEVBA do not show xls macro while OLEID indicate it exist
#740
randubin
opened
2 years ago
5
rtfobj: Not a well-formed OLE object
#739
decalage2
opened
2 years ago
0
update oletools description
#738
decalage2
opened
2 years ago
0
olevba: fix sys.argv[1] using xlmdeobfuscator
#737
minanokawari1124
closed
2 years ago
1
rtfobj: detect remote templates
#736
decalage2
opened
2 years ago
1
ftguess: add more OLE formats based on file Magdir
#735
decalage2
opened
2 years ago
0
oleid/ftguess: detect CSV files, use msodde to detect DDE
#734
decalage2
opened
2 years ago
0
mraptor, olevba: add VBA trigger using customUI
#733
decalage2
opened
2 years ago
0
oleobj, oleid: mention MITRE ATT&CK technique for template injection if detected
#732
decalage2
opened
2 years ago
0
olevba: add VBA trigger using a checkbox
#731
decalage2
opened
2 years ago
0
oleobj: add detection for customUI external links
#730
decalage2
opened
2 years ago
1
olevba/ftguess: large MHT file incorrectly identified as OpenXML
#729
decalage2
opened
2 years ago
0
extract_macros (of VBA_PARSER) doesn't extract macrosheet code anymore
#728
eyaltemps
opened
2 years ago
8
Run olebrowse and the following prompt appears. The pthon version is 3.10
#727
xxddx
opened
2 years ago
0
Retrieve Original Filenames of OleObject.bin files
#726
SmithCJ47
closed
2 years ago
5
malware does "ERROR PROJECTNAME_SizeOfProjectName value not in range [1-128]: 131075"
#725
lclevy
closed
8 months ago
1
High RAM usage while find_external_relationships execution
#724
baxitaurus
opened
2 years ago
0
olevba: add projectcompatversion record
#723
kijeong
closed
8 months ago
5
olevba/mraptor: check all samples/keywords from OffensiveVBA repo
#722
decalage2
opened
2 years ago
0
mraptor: detect Excel4 FORMULA and ScriptControl
#721
rsaccani
opened
2 years ago
0
olevba: detect more ActiveX triggers
#720
decalage2
opened
2 years ago
0
olevba: detect VBA referencing
#719
decalage2
opened
2 years ago
1
Test xlm samples
#718
christian-intra2net
closed
2 years ago
2
olevba: detect and extract Excel 4 Macros (XLM/XLF) in XLTM
#717
decalage2
opened
2 years ago
0
Ftguess: more types and tests
#716
christian-intra2net
closed
2 years ago
3
Make ppt_record_parser.IterStream.readinto() always return desired length
#715
adepasquale
opened
3 years ago
0
How to use oletools or mraptor directly from python file instead of command prompt?
#714
Tula-Magar
closed
3 years ago
1
clsid: add Shell.Explorer and Forms.HTML
#713
decalage2
opened
3 years ago
0
RTFObj doesn't work on RTF's containing OLE2LNK objects
#712
tlansec
opened
3 years ago
2
olevba : raises an error with an unknown docx
#711
jcmbs
closed
2 years ago
3
Additional Exit Codes to use the results afterwards
#710
gitnol
opened
3 years ago
0
colorclass dependency causes incompatibility with CPython 3.10
#709
michaelweiser
opened
3 years ago
3
oleobj: check remote template detection with XML obfuscation
#708
decalage2
opened
3 years ago
0
olevba: add info on Conditional Compiler Arguments and References
#707
xlsupport
opened
3 years ago
2
oleword: extract text
#706
decalage2
opened
3 years ago
0
oleobj: zipfile error on hancitor xls
#705
decalage2
opened
3 years ago
0
Previous
Next