Update: nsrl.py Version 0.0.3

I use my tool nsrl.py to match a list of hashes with the Reference Data Set of the National Software Reference Library. This is a Python 3 update and small change to support a change in RDS ZIP file structure. nsrl_V0_0_3.zip (https) MD5: A86E3EB076B467C64A520256556EDADA SHA256: 8760B20A918CD135B7D79F7567C240AEF4840325BE9656D684BFD119A017E86F

2h

Update: nsrl.py Version 0.0.3

I use my tool nsrl.py to match a list of hashes with the Reference Data Set of the National Software Reference Library. This is a Python 3 update and small change to support a change in RDS ZIP file structure. nsrl_V0_0_3.zip (https) MD5: A86E3EB076B467C64A520256556EDADA SHA256: 8760B20A918CD135B7D79F7567C240AEF4840325BE9656D684BFD119A017E86F

4h

Overview of Content Published in February

Here is an overview of content I published in February: Blog posts: Update: oledump.py Version 0.0.59 Quickpost: oledump.py plugin_biff.py: Remove Sheet Protection From Spreadsheets Update: re-search.py Version 0.0.16 re-search.py And Custom Validations Update: oledump.py Version 0.0.60 YouTube videos: tshark & Malware Analysis oledump...

5d

Update: oledump.py Version 0.0.60

This new version of oledump.py brings an update to plugin plugin_biff to help with the recovery of protection passwords. oledump_V0_0_60.zip (https) MD5: BC7631059077294223BB225D16FB7186 SHA256: D847E499CB84B034E08BCDDC61ADDADA39B90A5FA2E1ABA0756A05039C0D8BA2

5d

Overview of Content Published in February

Here is an overview of content I published in February: Blog posts: Update: oledump.py Version 0.0.59 Quickpost: oledump.py plugin_biff.py: Remove Sheet Protection From Spreadsheets Update: re-search.py Version 0.0.16 re-search.py And Custom Validations Update: oledump.py Version 0.0.60 YouTube videos: tshark & Malware Analysis oledump...

5d

Update: oledump.py Version 0.0.60

This new version of oledump.py brings an update to plugin plugin_biff to help with the recovery of protection passwords. oledump_V0_0_60.zip (https) MD5: BC7631059077294223BB225D16FB7186 SHA256: D847E499CB84B034E08BCDDC61ADDADA39B90A5FA2E1ABA0756A05039C0D8BA2

5d

re-search.py And Custom Validations

My tool re-search.py is a tool that uses regular expressions to search through files. You can use regular expressions from a small builtin library, or provide your own regular expressions. And these regular expressions can be augmented with extra conditions, like validation with a custom Python function. I’m going to illustrate this here with a regular...

2w

Update: re-search.py Version 0.0.16

This new version of re-search.py, my tool to search files with a builtin library of regular expressions, brings an update to the url and url-domain regexes to match hostnames with underscores (_) and a Python 3 fix. re-search_V0_0_16.zip (https) MD5: 21A7096116F50CCA051A152066B2DB50 SHA256: 4A3AC1B1BED68660316011F14EFC84B344BE3FF7E335CDFA8F1AAA2C0D2D06B0

2w

Quickpost: oledump.py plugin_biff.py: Remove Sheet Protection From Spreadsheets

My new version of plugin_biff.py has a new option: –hexrecord. Here I’ll show how I use this to remove the sheet protection from malicious spreadsheets. If you want to open a malicious spreadsheet (for example with Excel 4 macros) in a sandbox, to inspect its content with Excel, chances are that it is protected. I’m not talking about encryption (this...

4w

Update: oledump.py Version 0.0.59

This new version of oledump.py has a small change in the XML detection logic, and adds options –hexrecord and –xordeobfuscate to plugin plugin_biff.py.   oledump_V0_0_59.zip (https) MD5: 89CC85EDADA0BB6978A75BA37065A65D SHA256: BE62B45AE20D3BF5B3C335742F08067297079F6B8431A5CC82401BF67BFA50F6

4w