Microsoft Office
Analyze Documents
Analyze OLE2 Structured Storage files
Website: https://www.mitec.cz/ssv.html
Author: Michal Mutl
License: Free to use for private, educational and non-commercial purposes.
Notes: ssview
State File: remnux.tools.ssview
Decrypt a Microsoft Office file with password, intermediate key, or private key which generated its escrow key.
Website: https://github.com/nolze/msoffcrypto-tool
Author: nolze
License: MIT License: https://github.com/nolze/msoffcrypto-tool/blob/master/LICENSE.txt
State File: remnux.python3-packages.msoffcrypto-tool
Disassemble VBA p-code
Website: https://github.com/bontchev/pcodedmp
Author: Vesselin Bontchev: https://twitter.com/bontchev
License: GNU General Public License (GPL) v3: https://github.com/bontchev/pcodedmp/blob/master/LICENSE
State File: remnux.python3-packages.pcodedmp
Decompile VBA macro p-code from Microsoft Office documents
Website: https://github.com/Big5-sec/pcode2code
Author: Nicolas Zilio: https://twitter.com/Big5_sec
License: GNU General Public License (GPL) v3: https://github.com/Big5-sec/pcode2code/blob/master/LICENSE
State File: remnux.python3-packages.pcode2code
Microsoft Office OLE2 compound documents.
Website: http://www.decalage.info/python/oletools
Author: Philippe Lagadec: https://twitter.com/decalage2
License: Free, custom license: https://github.com/decalage2/oletools/blob/master/LICENSE.md
Notes: mraptor, msodde, olebrowse, oledir, oleid, olemap, olemeta, oleobj, oletimes, olevba, pyxswf, rtfobj, ezhexviewer
State File: remnux.python3-packages.oletools
Modify aspects of Microsoft Office documents.
Website: https://github.com/outflanknl/EvilClippy
Author: Stan Hegt: https://twitter.com/StanHacked, with contributions from Carrie Roberts: https://twitter.com/OrOneEqualsOne
License: GNU General Public License (GPL) v3.0: https://github.com/outflanknl/EvilClippy/blob/master/LICENSE.md
Notes: To remove VBA project password protection from the file, use the
evilclippy -uu
command.
State File: remnux.packages.evilclippyDeobfuscate XLM macros (also known as Excel 4.0 macros) from Microsoft Office files.
Website: https://github.com/DissectMalware/XLMMacroDeobfuscator
Author: https://twitter.com/DissectMalware
License: Apache License 2.0: https://github.com/DissectMalware/XLMMacroDeobfuscator/blob/master/LICENSE
Notes: xlmdeobfuscator
State File: remnux.python3-packages.xlmmacrodeobfuscator
A VBA parser and emulation engine to analyze malicious macros.
Website: https://www.decalage.info/en/vba_emulation
Author: Philippe Lagadec: https://twitter.com/decalage2
License: Free, custom license: https://github.com/decalage2/ViperMonkey#license
Notes: vmonkey
State File: remnux.python-packages.vipermonkey
Recover the password of an encrypted Microsoft Office document.
Website: https://blog.didierstevens.com/2018/12/31/new-tool-msoffcrypto-crack-py/
Author: Didier Stevens: https://twitter.com/DidierStevens
License: Public Domain
State File: remnux.scripts.msoffcrypto-crack
Analyze a suspicious RTF file.
Website: https://blog.didierstevens.com/2018/12/10/update-rtfdump-py-version-0-0-9/
Author: Didier Stevens: https://twitter.com/DidierStevens
License: Public Domain
Notes: rtfdump.py
State File: remnux.scripts.rtfdump
Analyze zip-compressed files.
Website: https://blog.didierstevens.com/2020/07/27/update-zipdump-py-version-0-0-20/
Author: Didier Stevens: https://twitter.com/DidierStevens
License: Public Domain
State File: remnux.scripts.zipdump
Extract contents of XML files, in particular OOXML-formatted Microsoft Office documents.
Website: https://blog.didierstevens.com/2017/12/18/new-tool-xmldump-py/
Author: Didier Stevens: https://twitter.com/DidierStevens
License: Public Domain
State File: remnux.scripts.zipdump
Analyze OLE2 Structured Storage files.
Website: https://blog.didierstevens.com/programs/oledump-py/
Author: Didier Stevens: https://twitter.com/DidierStevens
License: Public Domain
Notes: oledump.py
State File: remnux.packages.oledump
Microsoft Office OLE2 compound documents.
Website: https://github.com/libyal/libolecf
Author: Joachim Metz
License: GNU Lesser General Public License (LGPL) v3+: https://github.com/libyal/libolecf/blob/master/COPYING
Notes: olecfexport, olecfinfo, olecfmount, etc.
State File: remnux.packages.libolecf
Encrypt and decrypt OOXML Microsoft Office documents.
Website: https://github.com/herumi/msoffice
Author: Cybozu Labs Inc., Mitsunari Shigeo: https://twitter.com/herumi
License: Free, custom license: https://github.com/herumi/msoffice/blob/master/COPYRIGHT
State File: remnux.packages.msoffice-crypt
View, edit, and carve contents of various binary file types.
Website: https://github.com/vstinner/hachoir
Author: https://hachoir.readthedocs.io/en/latest/authors.html
License: GNU General Public License (GPL) v2: https://github.com/vstinner/hachoir/blob/master/COPYING
Notes: hachoir-grep, hachoir-metadata, hachoir-strip, hachoir-wx
State File: remnux.python3-packages.hachoir
Last modified 1yr ago