oletools
🔬 Digital Forensics · Python
Oletools is a Python library for analyzing OLE and Microsoft Office files, focusing on detecting VBA macros, embedded objects, and other potentially malicious content. It facilitates the examination of document structures and identifies threats hidden within complex file formats. Oletools is widely used for malware analysis and reverse engineering of suspicious documents, providing a comprehensive suite of utilities for assessing document security.
Tags
Details
- Category
- 🔬 Digital Forensics
- Language
- Python
- Repository
- decalage2/oletools
- Platforms
- 🐧linux🍎macos🪟windows
Links
More in Digital Forensics
Volatility 3
PythonAdvanced memory forensics framework. Extracts artifacts from RAM dumps — processes, network connections, registry.
Autopsy
JavaDigital forensics platform with GUI. Disk image analysis, timeline analysis, keyword search, hash filtering.
Ghidra
JavaNSA's reverse engineering framework. Disassembly, decompilation, graphing, and scripting for binary analysis.
Binwalk
PythonFirmware analysis tool. Searches binary images for embedded files, executables, and file systems.
YARA
CPattern matching swiss knife for malware researchers. Create rules to identify and classify malware samples.
Velociraptor
GoEndpoint visibility and collection tool. Hunt for artifacts across thousands of endpoints simultaneously.