Commit f1cefbd416cfdcb17ee26050be6e7c5b79a3744b
1 parent
57ec6e29
updated readme for v0.40
Showing
3 changed files
with
22 additions
and
3 deletions
README.md
| ... | ... | @@ -22,7 +22,11 @@ Note: python-oletools is not related to OLETools published by BeCubed Software. |
| 22 | 22 | News |
| 23 | 23 | ---- |
| 24 | 24 | |
| 25 | -- **2015-06-19 v0.12**: [olevba](https://bitbucket.org/decalage/oletools/wiki/olevba) can now deobfuscate VBA | |
| 25 | +- **2015-09-17 v0.40**: Improved macro deobfuscation in [olevba](https://bitbucket.org/decalage/oletools/wiki/olevba), | |
| 26 | +to decode Hex and Base64 within VBA expressions. Display printable deobfuscated strings by | |
| 27 | +default. Improved the VBA_Parser API. Improved performance. | |
| 28 | +Fixed [issue #23](https://bitbucket.org/decalage/oletools/issue/23) with sys.stderr. | |
| 29 | +- 2015-06-19 v0.12: [olevba](https://bitbucket.org/decalage/oletools/wiki/olevba) can now deobfuscate VBA | |
| 26 | 30 | expressions with any combination of Chr, Asc, Val, StrReverse, Environ, +, &, using a VBA parser built with |
| 27 | 31 | [pyparsing](http://pyparsing.wikispaces.com). New options to display only the analysis results or only the macros source code. |
| 28 | 32 | The analysis is now done on all the VBA modules at once. |
| ... | ... | @@ -79,6 +83,9 @@ If you plan to use python-oletools with other Python applications or your own sc |
| 79 | 83 | use "**pip install oletools**" or "**easy_install oletools**" to download and install in one go. Otherwise you may |
| 80 | 84 | download/extract the zip archive and run "**setup.py install**". |
| 81 | 85 | |
| 86 | +**Important: to update oletools** if it is already installed, you must run **"pip install -U oletools"**, otherwise pip | |
| 87 | +will not update it. | |
| 88 | + | |
| 82 | 89 | Documentation: |
| 83 | 90 | -------------- |
| 84 | 91 | ... | ... |
oletools/README.html
| ... | ... | @@ -4,7 +4,8 @@ |
| 4 | 4 | <p>Note: python-oletools is not related to OLETools published by BeCubed Software.</p> |
| 5 | 5 | <h2 id="news">News</h2> |
| 6 | 6 | <ul> |
| 7 | -<li><strong>2015-06-19 v0.12</strong>: <a href="https://bitbucket.org/decalage/oletools/wiki/olevba">olevba</a> can now deobfuscate VBA expressions with any combination of Chr, Asc, Val, StrReverse, Environ, +, &, using a VBA parser built with <a href="http://pyparsing.wikispaces.com">pyparsing</a>. New options to display only the analysis results or only the macros source code. The analysis is now done on all the VBA modules at once.</li> | |
| 7 | +<li><strong>2015-09-17 v0.40</strong>: Improved macro deobfuscation in <a href="https://bitbucket.org/decalage/oletools/wiki/olevba">olevba</a>, to decode Hex and Base64 within VBA expressions. Display printable deobfuscated strings by default. Improved the VBA_Parser API. Improved performance. Fixed <a href="https://bitbucket.org/decalage/oletools/issue/23">issue #23</a> with sys.stderr.</li> | |
| 8 | +<li>2015-06-19 v0.12: <a href="https://bitbucket.org/decalage/oletools/wiki/olevba">olevba</a> can now deobfuscate VBA expressions with any combination of Chr, Asc, Val, StrReverse, Environ, +, &, using a VBA parser built with <a href="http://pyparsing.wikispaces.com">pyparsing</a>. New options to display only the analysis results or only the macros source code. The analysis is now done on all the VBA modules at once.</li> | |
| 8 | 9 | <li>2015-05-29 v0.11: Improved parsing of MHTML and ActiveMime/MSO files in <a href="https://bitbucket.org/decalage/oletools/wiki/olevba">olevba</a>, added several suspicious keywords to VBA scanner (thanks to <span class="citation">@ozhermit</span> and Davy Douhine for the suggestions)</li> |
| 9 | 10 | <li>2015-05-06 v0.10: <a href="https://bitbucket.org/decalage/oletools/wiki/olevba">olevba</a> now supports Word MHTML files with macros, aka "Single File Web Page" (.mht) - see <a href="https://bitbucket.org/decalage/oletools/issue/10">issue #10</a> for more info</li> |
| 10 | 11 | <li>2015-03-23 v0.09: <a href="https://bitbucket.org/decalage/oletools/wiki/olevba">olevba</a> now supports Word 2003 XML files, added anti-sandboxing/VM detection</li> |
| ... | ... | @@ -33,6 +34,7 @@ |
| 33 | 34 | <p>To use python-oletools from the command line as analysis tools, you may simply <a href="https://bitbucket.org/decalage/oletools/downloads">download the zip archive</a> and extract the files in the directory of your choice.</p> |
| 34 | 35 | <p>To get the latest development version, click on "Download repository" on the <a href="https://bitbucket.org/decalage/oletools/downloads">downloads page</a>, or use mercurial to clone the repository.</p> |
| 35 | 36 | <p>If you plan to use python-oletools with other Python applications or your own scripts, then the simplest solution is to use "<strong>pip install oletools</strong>" or "<strong>easy_install oletools</strong>" to download and install in one go. Otherwise you may download/extract the zip archive and run "<strong>setup.py install</strong>".</p> |
| 37 | +<p><strong>Important: to update oletools</strong> if it is already installed, you must run <strong>"pip install -U oletools"</strong>, otherwise pip will not update it.</p> | |
| 36 | 38 | <h2 id="documentation">Documentation:</h2> |
| 37 | 39 | <p>The latest version of the documentation can be found <a href="https://bitbucket.org/decalage/oletools/wiki">online</a>, otherwise a copy is provided in the doc subfolder of the package.</p> |
| 38 | 40 | <h2 id="how-to-suggest-improvements-report-issues-or-contribute">How to Suggest Improvements, Report Issues or Contribute:</h2> | ... | ... |
oletools/README.rst
| ... | ... | @@ -26,7 +26,14 @@ Software. |
| 26 | 26 | News |
| 27 | 27 | ---- |
| 28 | 28 | |
| 29 | -- **2015-06-19 v0.12**: | |
| 29 | +- **2015-09-17 v0.40**: Improved macro deobfuscation in | |
| 30 | + `olevba <https://bitbucket.org/decalage/oletools/wiki/olevba>`__, to | |
| 31 | + decode Hex and Base64 within VBA expressions. Display printable | |
| 32 | + deobfuscated strings by default. Improved the VBA\_Parser API. | |
| 33 | + Improved performance. Fixed `issue | |
| 34 | + #23 <https://bitbucket.org/decalage/oletools/issue/23>`__ with | |
| 35 | + sys.stderr. | |
| 36 | +- 2015-06-19 v0.12: | |
| 30 | 37 | `olevba <https://bitbucket.org/decalage/oletools/wiki/olevba>`__ can |
| 31 | 38 | now deobfuscate VBA expressions with any combination of Chr, Asc, |
| 32 | 39 | Val, StrReverse, Environ, +, &, using a VBA parser built with |
| ... | ... | @@ -122,6 +129,9 @@ oletools**\ " or "**easy\_install oletools**\ " to download and install |
| 122 | 129 | in one go. Otherwise you may download/extract the zip archive and run |
| 123 | 130 | "**setup.py install**\ ". |
| 124 | 131 | |
| 132 | +**Important: to update oletools** if it is already installed, you must | |
| 133 | +run **"pip install -U oletools"**, otherwise pip will not update it. | |
| 134 | + | |
| 125 | 135 | Documentation: |
| 126 | 136 | -------------- |
| 127 | 137 | ... | ... |