Commit 2939f491c23168d4238aa0d0601f779b92471809
1 parent
2575a66f
updated readme
Showing
1 changed file
with
28 additions
and
13 deletions
README.md
| ... | ... | @@ -2,7 +2,8 @@ python-oletools |
| 2 | 2 | =============== |
| 3 | 3 | |
| 4 | 4 | [python-oletools](http://www.decalage.info/python/oletools) is a package of python tools to analyze |
| 5 | -[Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format)](http://en.wikipedia.org/wiki/Compound_File_Binary_Format), | |
| 5 | +[Microsoft OLE2 files](http://en.wikipedia.org/wiki/Compound_File_Binary_Format) | |
| 6 | +(also called Structured Storage, Compound File Binary Format or Compound Document File Format), | |
| 6 | 7 | such as Microsoft Office documents or Outlook messages, mainly for malware analysis, forensics and debugging. |
| 7 | 8 | It is based on the [olefile](http://www.decalage.info/olefile) parser. |
| 8 | 9 | See [http://www.decalage.info/python/oletools](http://www.decalage.info/python/oletools) for more info. |
| ... | ... | @@ -21,9 +22,13 @@ Note: python-oletools is not related to OLETools published by BeCubed Software. |
| 21 | 22 | News |
| 22 | 23 | ---- |
| 23 | 24 | |
| 24 | -- 2014-11-29 v0.07 alpha: upgraded OleFileIO_PL to olefile v0.41 | |
| 25 | -- **2014-08-28 v0.06**: added [olevba](https://bitbucket.org/decalage/oletools/wiki/olevba), a new tool to extract VBA Macro source code from MS Office documents (97-2003 and 2007+). Improved [documentation](https://bitbucket.org/decalage/oletools/wiki) | |
| 26 | -- 2013-07-24 v0.05: added new tools [olemeta](https://bitbucket.org/decalage/oletools/wiki/olemeta) and [oletimes](https://bitbucket.org/decalage/oletools/wiki/oletimes) | |
| 25 | +- **2015-01-03 v0.07**: improved [olevba](https://bitbucket.org/decalage/oletools/wiki/olevba) to detect suspicious | |
| 26 | +keywords and IOCs in VBA macros, can now scan several files and open password-protected zip archives, added a Python API, | |
| 27 | +upgraded OleFileIO_PL to olefile v0.41 | |
| 28 | +- 2014-08-28 v0.06: added [olevba](https://bitbucket.org/decalage/oletools/wiki/olevba), a new tool to extract VBA Macro | |
| 29 | +source code from MS Office documents (97-2003 and 2007+). Improved [documentation](https://bitbucket.org/decalage/oletools/wiki) | |
| 30 | +- 2013-07-24 v0.05: added new tools [olemeta](https://bitbucket.org/decalage/oletools/wiki/olemeta) and | |
| 31 | +[oletimes](https://bitbucket.org/decalage/oletools/wiki/oletimes) | |
| 27 | 32 | - 2013-04-18 v0.04: fixed bug in rtfobj, added documentation for [rtfobj](https://bitbucket.org/decalage/oletools/wiki/rtfobj) |
| 28 | 33 | - 2012-11-09 v0.03: Improved [pyxswf](https://bitbucket.org/decalage/oletools/wiki/pyxswf) to extract Flash objects from RTF |
| 29 | 34 | - 2012-10-29 v0.02: Added [oleid](https://bitbucket.org/decalage/oletools/wiki/oleid) |
| ... | ... | @@ -39,7 +44,7 @@ Tools in python-oletools: |
| 39 | 44 | - [oleid](https://bitbucket.org/decalage/oletools/wiki/oleid): a tool to analyze OLE files to detect specific characteristics usually found in malicious files. |
| 40 | 45 | - [olemeta](https://bitbucket.org/decalage/oletools/wiki/olemeta): a tool to extract all standard properties (metadata) from OLE files. |
| 41 | 46 | - [oletimes](https://bitbucket.org/decalage/oletools/wiki/oletimes): a tool to extract creation and modification timestamps of all streams and storages. |
| 42 | -- [olevba](https://bitbucket.org/decalage/oletools/wiki/olevba) (new): a tool to extract VBA Macro source code from MS Office documents (OLE and OpenXML). | |
| 47 | +- [olevba](https://bitbucket.org/decalage/oletools/wiki/olevba): a tool to extract and analyze VBA Macro source code from MS Office documents (OLE and OpenXML). | |
| 43 | 48 | - [pyxswf](https://bitbucket.org/decalage/oletools/wiki/pyxswf): a tool to detect, extract and analyze Flash objects (SWF) that may |
| 44 | 49 | be embedded in files such as MS Office documents (e.g. Word, Excel) and RTF, |
| 45 | 50 | which is especially useful for malware analysis. |
| ... | ... | @@ -49,33 +54,43 @@ Tools in python-oletools: |
| 49 | 54 | Download and Install: |
| 50 | 55 | --------------------- |
| 51 | 56 | |
| 52 | -To use python-oletools from the command line as analysis tools, you may simply [download the zip archive](https://bitbucket.org/decalage/oletools/downloads) and extract the files in the directory of your choice. | |
| 57 | +To use python-oletools from the command line as analysis tools, you may simply | |
| 58 | +[download the zip archive](https://bitbucket.org/decalage/oletools/downloads) | |
| 59 | +and extract the files in the directory of your choice. | |
| 53 | 60 | |
| 54 | -If you plan to use python-oletools with other Python applications or your own scripts, then the simplest solution is to use "**pip install oletools**" or "**easy_install oletools**" to download and install in one go. Otherwise you may download/extract the zip archive and run "**setup.py install**". | |
| 61 | +If you plan to use python-oletools with other Python applications or your own scripts, then the simplest solution is to | |
| 62 | +use "**pip install oletools**" or "**easy_install oletools**" to download and install in one go. Otherwise you may | |
| 63 | +download/extract the zip archive and run "**setup.py install**". | |
| 55 | 64 | |
| 56 | 65 | Documentation: |
| 57 | 66 | -------------- |
| 58 | 67 | |
| 59 | -The latest version of the documentation can be found [online](https://bitbucket.org/decalage/oletools/wiki), otherwise a copy is provided in the doc subfolder of the package. | |
| 68 | +The latest version of the documentation can be found [online](https://bitbucket.org/decalage/oletools/wiki), otherwise | |
| 69 | +a copy is provided in the doc subfolder of the package. | |
| 60 | 70 | |
| 61 | 71 | |
| 62 | 72 | How to Suggest Improvements, Report Issues or Contribute: |
| 63 | 73 | --------------------------------------------------------- |
| 64 | 74 | |
| 65 | -This is a personal open-source project, developed on my spare time. Any contribution, suggestion, feedback or bug report is welcome. | |
| 75 | +This is a personal open-source project, developed on my spare time. Any contribution, suggestion, feedback or bug | |
| 76 | +report is welcome. | |
| 66 | 77 | |
| 67 | -To suggest improvements, report a bug or any issue, please use the [issue reporting page](https://bitbucket.org/decalage/olefileio_pl/issues?status=new&status=open), providing all the information and files to reproduce the problem. | |
| 78 | +To suggest improvements, report a bug or any issue, please use the | |
| 79 | +[issue reporting page](https://bitbucket.org/decalage/olefileio_pl/issues?status=new&status=open), providing all the | |
| 80 | +information and files to reproduce the problem. | |
| 68 | 81 | |
| 69 | 82 | You may also [contact the author](http://decalage.info/contact) directly to provide feedback. |
| 70 | 83 | |
| 71 | -The code is available in [a Mercurial repository on Bitbucket](https://bitbucket.org/decalage/oletools). You may use it to submit enhancements using forks and pull requests. | |
| 84 | +The code is available in [a Mercurial repository on Bitbucket](https://bitbucket.org/decalage/oletools). You may use it | |
| 85 | +to submit enhancements using forks and pull requests. | |
| 72 | 86 | |
| 73 | 87 | License |
| 74 | 88 | ------- |
| 75 | 89 | |
| 76 | -This license applies to the python-oletools package, apart from the thirdparty folder which contains third-party files published with their own license. | |
| 90 | +This license applies to the python-oletools package, apart from the thirdparty folder which contains third-party files | |
| 91 | +published with their own license. | |
| 77 | 92 | |
| 78 | -The python-oletools package is copyright (c) 2012-2014 Philippe Lagadec (http://www.decalage.info) | |
| 93 | +The python-oletools package is copyright (c) 2012-2015 Philippe Lagadec (http://www.decalage.info) | |
| 79 | 94 | |
| 80 | 95 | All rights reserved. |
| 81 | 96 | ... | ... |