MBot Posted December 3, 2019 Posted December 3, 2019 Main changes in oletools v0.55: olevba: added support for SLK files and XLM macro extraction from SLK VBA Stomping detection integrated pcodedmp to extract and disassemble P-code detection of suspicious keywords and IOCs in P-code new option --pcode to display P-code disassembly improved detection of auto execution triggers rtfobj: added URL carver for CVE-2017-0199 better handling of unicode for systems with locale that does not support UTF-8, e.g. LANG=C (PR #365) tests: test files can now be encrypted, to avoid antivirus alerts (PR #217, issue #215) tests that trigger antivirus alerts have been temporarily disabled (issue #215) How to install with pip: https://github.com/decalage2/oletools/wiki/InstallDownload
Recommended Posts
Archived
This topic is now archived and is closed to further replies.