unixfreak0037 / officeparser
Extract embedded files and macros from office documents.
☆178Updated 11 months ago
Related projects ⓘ
Alternatives and complementary repositories for officeparser
- Static analysis tools for Microsoft Office Open XML files and documents☆68Updated 7 years ago
- Lazy Office Analyzer☆118Updated 7 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆106Updated 3 years ago
- Reconstruct process trees from event logs☆146Updated 4 years ago
- Smart DLL execution for malware analysis in sandbox systems☆141Updated 9 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆115Updated 5 months ago
- Various Yara signatures (possibly to be included in a release later).☆84Updated 5 years ago
- Parse evtx files and detect use of the DanderSpritz eventlogedit module☆147Updated 6 years ago
- Python script to decode common encoded PowerShell scripts☆215Updated 6 years ago
- Command line tool for scanning streams within office documents plus xor db attack☆126Updated last year
- PE Import Hash Generator☆74Updated 7 years ago
- Yet another registry parser☆129Updated 2 years ago
- VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls☆144Updated 8 years ago
- Python script for extracting USB information from Windows registry hives☆126Updated 5 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆189Updated 4 years ago
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆274Updated 2 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆218Updated 4 years ago
- Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …☆278Updated 7 years ago
- Extract common Windows artifacts from source images and VSCs☆65Updated 3 years ago
- Tools for DFIR☆117Updated 6 years ago
- ☆273Updated last year
- Tools from WFA 4/e, timeline tools, etc.☆132Updated 8 months ago
- A modern Python-3-based alternative to RegRipper☆187Updated this week
- A better strings utility!☆120Updated last year
- ☆81Updated 5 years ago
- Detects DLL hijacking in running processes on Windows systems☆151Updated 9 years ago
- Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.☆105Updated 3 months ago
- zer0m0n driver for cuckoo sandbox☆87Updated 8 years ago
- Windows DPAPI laboratory☆86Updated 6 years ago