olefile is a Python package to parse, read and write Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office 97-2003 documents, vbaProject.bin in MS Office 2007+ files, Image Composer and FlashPix files, Outlook messages, StickyNotes, several Microscopy file fo…
☆261Oct 28, 2024Updated last year
Alternatives and similar repositories for olefile
Users that are interested in olefile are comparing it to the libraries listed below
Sorting:
- oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware a…☆3,300Feb 14, 2026Updated last month
- ExeFilter is an open-source tool and framework to filter file formats in e-mails, web pages or files. It detects many common file formats…☆71Dec 13, 2021Updated 4 years ago
- The oledump-contrib repository contains plugins and enhancements for the oledump tool published by Didier Stevens.☆58May 5, 2016Updated 9 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,119Jul 10, 2024Updated last year
- Library and tools to access the OLE 2 Compound File (OLECF) format☆74Dec 21, 2025Updated 3 months ago
- Malice PExecutable Plugin☆16Mar 19, 2021Updated 5 years ago
- A reader for OLE Compound Document Files (like OleFileIO, but better)☆30Sep 28, 2018Updated 7 years ago
- A VBA p-code disassembler☆485Jun 12, 2021Updated 4 years ago
- Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain na…☆140Jan 10, 2020Updated 6 years ago
- Extract embedded files and macros from office documents.☆186Nov 23, 2023Updated 2 years ago
- Microsoft Compound File Binary (CFB) file format Python IO☆15Mar 8, 2026Updated 2 weeks ago
- Golang parser for OLE files☆33Dec 4, 2025Updated 3 months ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- officefileinfo is a python script to help analyse the newer Microsoft Office file formats. There are numerous tools for dealing with the …☆16Apr 28, 2016Updated 9 years ago
- Streaming Unexpected Network Byte Sequences with High Probability of Blue Screening or Otherwise Crashing Attacker Command-and-Control No…☆22Jul 14, 2019Updated 6 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Jul 23, 2015Updated 10 years ago
- Parse Manifest.mbdb files from iTunes backup directories☆20Jun 29, 2017Updated 8 years ago
- Windows Shortcut file (LNK) parser☆137Nov 17, 2022Updated 3 years ago
- Dump Windows registry hives as text.☆17Feb 9, 2019Updated 7 years ago
- A framework for easy payloads development and deployment, collection of customizable XSS payloads☆26Feb 20, 2022Updated 4 years ago
- Source code of https://blahcat.github.io☆13Oct 6, 2025Updated 5 months ago
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Aug 17, 2019Updated 6 years ago
- Challenges from past S4 (SCADA Security Scientific Symposium) Capture-the-Flag contests.☆28Aug 19, 2016Updated 9 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆37Mar 15, 2023Updated 3 years ago
- A tool for detecting VBA stomping.☆102Aug 4, 2022Updated 3 years ago
- CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch☆14Aug 11, 2020Updated 5 years ago
- Command line tool for scanning streams within office documents plus xor db attack☆127Sep 23, 2023Updated 2 years ago
- Tool to view and create Microsoft shim database files (SDB).☆119May 11, 2017Updated 8 years ago
- Lightweight Microsoft OLE file parser in pure Python☆20Oct 17, 2019Updated 6 years ago
- VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls☆153Mar 17, 2016Updated 10 years ago
- OfficeBrute - brute force protected word documents☆23Feb 4, 2018Updated 8 years ago
- An NTFS journal parser☆80Mar 3, 2016Updated 10 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆585May 5, 2024Updated last year
- Get USB Devices from Registry hives☆22Nov 15, 2021Updated 4 years ago
- Modular file scanning/analysis framework☆622Oct 8, 2019Updated 6 years ago
- Differential Analysis of Malware in Memory☆216Apr 16, 2017Updated 8 years ago
- A static analyzer for PE executables.☆1,112Mar 11, 2026Updated last week
- Web interface for the Volatility Memory Forensics Framework☆259Nov 21, 2017Updated 8 years ago