Commit 58773840d711524d0381cd2dac6e3fe5f1a8acf7
1 parent
46b4b11d
updated setup and doc for oletools 0.11
Showing
8 changed files
with
17 additions
and
8 deletions
README.md
| ... | ... | @@ -22,7 +22,10 @@ Note: python-oletools is not related to OLETools published by BeCubed Software. |
| 22 | 22 | News |
| 23 | 23 | ---- |
| 24 | 24 | |
| 25 | -- **2015-05-06 v0.10**: [olevba](https://bitbucket.org/decalage/oletools/wiki/olevba) now supports Word MHTML files | |
| 25 | +- **2015-05-29 v0.11**: Improved parsing of MHTML and ActiveMime/MSO files in | |
| 26 | +[olevba](https://bitbucket.org/decalage/oletools/wiki/olevba), added several suspicious keywords to VBA scanner | |
| 27 | +(thanks to @ozhermit and Davy Douhine for the suggestions) | |
| 28 | +- 2015-05-06 v0.10: [olevba](https://bitbucket.org/decalage/oletools/wiki/olevba) now supports Word MHTML files | |
| 26 | 29 | with macros, aka "Single File Web Page" (.mht) - see [issue #10](https://bitbucket.org/decalage/oletools/issue/10) for more info |
| 27 | 30 | - 2015-03-23 v0.09: [olevba](https://bitbucket.org/decalage/oletools/wiki/olevba) now supports Word 2003 XML files, |
| 28 | 31 | added anti-sandboxing/VM detection | ... | ... |
oletools/README.html
| ... | ... | @@ -4,7 +4,8 @@ |
| 4 | 4 | <p>Note: python-oletools is not related to OLETools published by BeCubed Software.</p> |
| 5 | 5 | <h2 id="news">News</h2> |
| 6 | 6 | <ul> |
| 7 | -<li><strong>2015-05-06 v0.10</strong>: <a href="https://bitbucket.org/decalage/oletools/wiki/olevba">olevba</a> now supports Word MHTML files with macros, aka "Single File Web Page" (.mht) - see <a href="https://bitbucket.org/decalage/oletools/issue/10">issue #10</a> for more info</li> | |
| 7 | +<li><strong>2015-05-29 v0.11</strong>: Improved parsing of MHTML and ActiveMime/MSO files in <a href="https://bitbucket.org/decalage/oletools/wiki/olevba">olevba</a>, added several suspicious keywords to VBA scanner (thanks to <span class="citation">@ozhermit</span> and Davy Douhine for the suggestions)</li> | |
| 8 | +<li>2015-05-06 v0.10: <a href="https://bitbucket.org/decalage/oletools/wiki/olevba">olevba</a> now supports Word MHTML files with macros, aka "Single File Web Page" (.mht) - see <a href="https://bitbucket.org/decalage/oletools/issue/10">issue #10</a> for more info</li> | |
| 8 | 9 | <li>2015-03-23 v0.09: <a href="https://bitbucket.org/decalage/oletools/wiki/olevba">olevba</a> now supports Word 2003 XML files, added anti-sandboxing/VM detection</li> |
| 9 | 10 | <li>2015-02-08 v0.08: <a href="https://bitbucket.org/decalage/oletools/wiki/olevba">olevba</a> can now decode strings obfuscated with Hex/StrReverse/Base64/Dridex and extract IOCs. Added new triage mode, support for non-western codepages with olefile 0.42, improved API and display, several bugfixes.</li> |
| 10 | 11 | <li>2015-01-05 v0.07: improved <a href="https://bitbucket.org/decalage/oletools/wiki/olevba">olevba</a> to detect suspicious keywords and IOCs in VBA macros, can now scan several files and open password-protected zip archives, added a Python API, upgraded OleFileIO_PL to olefile v0.41</li> | ... | ... |
oletools/README.rst
| ... | ... | @@ -26,7 +26,12 @@ Software. |
| 26 | 26 | News |
| 27 | 27 | ---- |
| 28 | 28 | |
| 29 | -- **2015-05-06 v0.10**: | |
| 29 | +- **2015-05-29 v0.11**: Improved parsing of MHTML and ActiveMime/MSO | |
| 30 | + files in | |
| 31 | + `olevba <https://bitbucket.org/decalage/oletools/wiki/olevba>`__, | |
| 32 | + added several suspicious keywords to VBA scanner (thanks to @ozhermit | |
| 33 | + and Davy Douhine for the suggestions) | |
| 34 | +- 2015-05-06 v0.10: | |
| 30 | 35 | `olevba <https://bitbucket.org/decalage/oletools/wiki/olevba>`__ now |
| 31 | 36 | supports Word MHTML files with macros, aka "Single File Web Page" |
| 32 | 37 | (.mht) - see `issue | ... | ... |
oletools/doc/Home.html
| 1 | -<p>python-oletools v0.10 documentation</p> | |
| 1 | +<p>python-oletools v0.11 documentation</p> | |
| 2 | 2 | <p>===================================</p> |
| 3 | 3 | <p>This is the home page of the documentation for python-oletools. The latest version can be found</p> |
| 4 | 4 | <p><a href="https://bitbucket.org/decalage/oletools/wiki">online</a>, otherwise a copy is provided in the doc subfolder of the package.</p> | ... | ... |
oletools/doc/Home.md
oletools/doc/olevba.html
| ... | ... | @@ -16,7 +16,7 @@ |
| 16 | 16 | <li><p>Word 97-2003 (.doc, .dot)</p></li> |
| 17 | 17 | <li><p>Word 2007+ (.docm, .dotm)</p></li> |
| 18 | 18 | <li><p>Word 2003 XML (.xml)</p></li> |
| 19 | -<li><p>Word MHTML, aka Single File Web Page (.mht)</p></li> | |
| 19 | +<li><p>Word/Excel MHTML, aka Single File Web Page (.mht)</p></li> | |
| 20 | 20 | <li><p>Excel 97-2003 (.xls)</p></li> |
| 21 | 21 | <li><p>Excel 2007+ (.xlsm, .xlsb)</p></li> |
| 22 | 22 | <li><p>PowerPoint 2007+ (.pptm, .ppsm)</p></li> | ... | ... |
oletools/doc/olevba.md
| ... | ... | @@ -21,7 +21,7 @@ by John William Davison, with significant modifications. |
| 21 | 21 | - Word 97-2003 (.doc, .dot) |
| 22 | 22 | - Word 2007+ (.docm, .dotm) |
| 23 | 23 | - Word 2003 XML (.xml) |
| 24 | -- Word MHTML, aka Single File Web Page (.mht) | |
| 24 | +- Word/Excel MHTML, aka Single File Web Page (.mht) | |
| 25 | 25 | - Excel 97-2003 (.xls) |
| 26 | 26 | - Excel 2007+ (.xlsm, .xlsb) |
| 27 | 27 | - PowerPoint 2007+ (.pptm, .ppsm) | ... | ... |
setup.py
| ... | ... | @@ -36,7 +36,7 @@ import sys, os, fnmatch |
| 36 | 36 | #--- METADATA ----------------------------------------------------------------- |
| 37 | 37 | |
| 38 | 38 | name = "oletools" |
| 39 | -version = '0.10.1' | |
| 39 | +version = '0.11' | |
| 40 | 40 | desc = "Python tools to analyze security characteristics of MS Office and OLE files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), for Malware Analysis and Incident Response #DFIR" |
| 41 | 41 | long_desc = open('oletools/README.rst').read() |
| 42 | 42 | author ="Philippe Lagadec" | ... | ... |