Clik here to view.
Update: base64dump.py Version 0.0.5
This new version supports different encodings besides base64 (but the name remains base64dump). The new encodings are hexadecimal (hex), \u unicode (bu) and %u unicode (pu). Here’s an example with...
View ArticleClik here to view.
Update: pdf-parser Version 0.6.6
This new version of pdf-parser is a bugfix for /FLATEDECODE. pdf-parser_V0_6_6.zip (https) MD5: 47326468E1B5A1AF7BB8AD63688804D9 SHA256: 51C9B25B939B135D9949E51463F58ECEC0BEBEFB9C0EAA0B93326CBFB4D8F061
View ArticleUpdate: pdf-parser.py Version 0.7.5
This is a bug fix version. pdf-parser_V0_7_5.zip (https)MD5: D39E98981E6FEA48BF61CA2F78ED0B09SHA256: 5D970AFAC501A71D4FDDEECBD63060062226BF1D587A6A74702DDA79B5C2D3FB
View ArticleClik here to view.
Update: cs-extract-key.py Version 0.0.3
This update brings a new option: -V –verbose. Verbose output includes an hex/ascii dump of the decrypted data: cs-extract-key_V0_0_3.zip (https)MD5: C40C96B68701369F41EB6731FD83B28BSHA256:...
View ArticleClik here to view.
.ISO Files With Office Maldocs & Protected View in Office 2019 and 2021
We have seen ISO files being used to deliver malicious documents via email. There are different variants of this attack. One of the reasons to do this, is to evade “mark-of-web propagation”. When a...
View ArticleUpdate: sortcanon Version 0.0.2
This new version adds a sort function to sort email addresses by domain first. sortcanon_V0_0_2.zip (http)MD5: ED6DBE384707778E765C9BD6B6880C05SHA256:...
View ArticleOverview of Content Published in October
Here is an overview of content I published in October: Blog posts: Quickpost: Standby Power Consumption Of An Old Linear Power Supply Update: base64dump.py Version 0.0.24 Update: rtfdump.py Version...
View ArticleUpdate: oledump.py Version 0.0.71
A new plugin and an updated plugin. Plugin plugin_dttm is a plugin for Word documents: it searches for Dop structures. They contain DTTM timestamps. And plugin plugin_metadata has been updated to...
View ArticleClik here to view.
Quickpost: Fixing A Duplicate Key
I had a locksmith make a duplicate key of my mailbox lock, and it didn’t work (didn’t open the lock). The cutting looked good, I saw no difference with the original key. Until I noticed this notch:...
View ArticleNew Tool: myjson-transform.py
This tool takes JSON output from tools like oledump, zipdump, base64dump, … via stdin and transforms the data produced by these tools.The transformation function (name Transform) has to be defined in...
View Article
