unixfreak0037 / officeparserLinks
Extract embedded files and macros from office documents.
☆184Updated last year
Alternatives and similar repositories for officeparser
Users that are interested in officeparser are comparing it to the libraries listed below
Sorting:
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆108Updated 4 years ago
- VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls☆149Updated 9 years ago
- Smart DLL execution for malware analysis in sandbox systems☆144Updated 10 years ago
- Reconstruct process trees from event logs☆146Updated 4 years ago
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆277Updated 3 years ago
- Static analysis tools for Microsoft Office Open XML files and documents☆70Updated 7 years ago
- Lazy Office Analyzer☆122Updated 8 years ago
- Pure Python parser for classic Windows Event Log files (.evt)☆50Updated 2 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆119Updated last year
- Various config files obtained during malware analysis☆67Updated 6 years ago
- ☆134Updated 6 years ago
- Command line tool for scanning streams within office documents plus xor db attack☆126Updated last year
- Various Yara signatures (possibly to be included in a release later).☆86Updated 6 years ago
- Small random scripts for various things I find myself needing to repeat/automate☆23Updated 4 years ago
- ☆82Updated 9 years ago
- Windows Shortcut file (LNK) parser☆135Updated 2 years ago
- PE Import Hash Generator☆80Updated 8 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆220Updated 5 years ago
- unXOR will search a XORed file and try to guess the key using known-plaintext attacks.☆143Updated 5 years ago
- Parse evtx files and detect use of the DanderSpritz eventlogedit module☆148Updated 7 years ago
- Malware Repository Framework☆99Updated 7 years ago
- A tool for detecting VBA stomping.☆100Updated 3 years ago
- Ragpicker is a Plugin based malware crawler with pre-analysis and reporting functionalities. Use this tool if you are testing antivirus p…☆93Updated 10 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆86Updated 7 years ago
- This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.☆79Updated 2 years ago
- Automated malware unpacker☆120Updated 9 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆139Updated 2 years ago
- ☆68Updated 8 years ago
- Extract GUIDs from .NET assemblies☆21Updated 9 years ago
- YARA rules for use with ProcFilter☆87Updated 8 years ago