Home.html
3.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
<p>python-oletools v0.12 documentation</p>
<p>===================================</p>
<p>This is the home page of the documentation for python-oletools. The latest version can be found</p>
<p><a href="https://bitbucket.org/decalage/oletools/wiki">online</a>, otherwise a copy is provided in the doc subfolder of the package.</p>
<p><a href="http://www.decalage.info/python/oletools">python-oletools</a> is a package of python tools to analyze</p>
<p><a href="http://en.wikipedia.org/wiki/Compound_File_Binary_Format">Microsoft OLE2 files</a></p>
<p>(also called Structured Storage, Compound File Binary Format or Compound Document File Format),</p>
<p>such as Microsoft Office documents or Outlook messages, mainly for malware analysis, forensics and debugging.</p>
<p>It is based on the <a href="http://www.decalage.info/olefile">olefile</a> parser.</p>
<p>See <a href="http://www.decalage.info/python/oletools">http://www.decalage.info/python/oletools</a> for more info.</p>
<p><strong>Quick links:</strong> <a href="http://www.decalage.info/python/oletools">Home page</a> -</p>
<p><a href="https://bitbucket.org/decalage/oletools/wiki/Install">Download/Install</a> -</p>
<p><a href="https://bitbucket.org/decalage/oletools/wiki">Documentation</a> -</p>
<p><a href="https://bitbucket.org/decalage/oletools/issues?status=new&status=open">Report Issues/Suggestions/Questions</a> -</p>
<p><a href="http://decalage.info/contact">Contact the author</a> -</p>
<p><a href="https://bitbucket.org/decalage/oletools">Repository</a> -</p>
<p><a href="https://twitter.com/decalage2">Updates on Twitter</a></p>
<p>Note: python-oletools is not related to OLETools published by BeCubed Software.</p>
<p>Tools in python-oletools:</p>
<hr />
<ul>
<li><strong><a href="olebrowse.html">olebrowse</a></strong>: A simple GUI to browse OLE files (e.g. MS Word, Excel, Powerpoint documents), to</li>
</ul>
<p>view and extract individual data streams.</p>
<ul>
<li><p><strong><a href="oleid.html">oleid</a></strong>: a tool to analyze OLE files to detect specific characteristics usually found in malicious files.</p></li>
<li><p><strong><a href="olemeta.html">olemeta</a></strong>: a tool to extract all standard properties (metadata) from OLE files.</p></li>
<li><p><strong><a href="oletimes.html">oletimes</a></strong>: a tool to extract creation and modification timestamps of all streams and storages.</p></li>
<li><p><strong><a href="olevba.html">olevba</a></strong>: a tool to extract and analyze VBA Macro source code from MS Office documents (OLE and OpenXML).</p></li>
<li><p><strong><a href="pyxswf.html">pyxswf</a></strong>: a tool to detect, extract and analyze Flash objects (SWF) that may</p></li>
</ul>
<p>be embedded in files such as MS Office documents (e.g. Word, Excel) and RTF,</p>
<p>which is especially useful for malware analysis.</p>
<ul>
<li><p><strong><a href="rtfobj.html">rtfobj</a></strong>: a tool and python module to extract embedded objects from RTF files.</p></li>
<li><p>and a few others (coming soon)</p></li>
</ul>
<hr />
<p>python-oletools documentation</p>
<hr />
<ul>
<li><p><a href="Home.html">Home</a></p></li>
<li><p><a href="License.html">License</a></p></li>
<li><p><a href="Install.html">Install</a></p></li>
<li><p><a href="Contribute.html">Contribute</a>, Suggest Improvements or Report Issues</p></li>
<li><p>Tools:</p>
<ul>
<li><p><a href="olebrowse.html">olebrowse</a></p></li>
<li><p><a href="oleid.html">oleid</a></p></li>
<li><p><a href="olemeta.html">olemeta</a></p></li>
<li><p><a href="oletimes.html">oletimes</a></p></li>
<li><p><a href="olevba.html">olevba</a></p></li>
<li><p><a href="pyxswf.html">pyxswf</a></p></li>
<li><p><a href="rtfobj.html">rtfobj</a></p></li>
</ul></li>
</ul>