Rezultati pretraživanja
  1. 27. sij

    olevba and mraptor now detect the new "_OnConnecting" trigger used in some recent malware, thanks to

  2. 30. sij
  3. 27. sij
  4. 20. pro 2019.

    Seriously Google ? Seriously Microsoft ? a malware !!? The tests samples are... tests !!!

  5. 19. pro 2019.

    ♫ On the 19th day of Christmas Philippe Lagadec sent to me oletools, the many ways of peeking into malicious OLE file ♫ t♫ We’re very grateful about the tool! Read the blog:

  6. 5. pro 2019.

    Final slides of my presentation yesterday at Black Hat Europe 2019, about malicious VBA macros and recent advances in the attack & defence sides: Featuring /olevba, ViperMonkey, MacroRaptor, EvilClippy

  7. 4. pro 2019.

    I feel soooo sorry for ole ! He probably wants to win this game so fucking bad and not have the embarrassment of Jose beating him ! But he has the worst team in decades 😭😭😭

  8. 3. pro 2019.

    0.55 is finally out, just in time for ! Main changes: olevba += SLK file parser and XLM macro extraction, VBA stomping detection More info: How to install/update: pip install -U oletools

  9. 27. ruj 2019.

    I’ve written a guide on how to deobfuscate malicious macros with open source tools. Check it out!

  10. 26. ruj 2019.

    In December I'll give a presentation at BlackHat Europe in London about malicious VBA Macros, advanced techniques and the recent/upcoming improvements in my tools to address them ( olevba, mraptor, ViperMonkey)

  11. 19. ruj 2019.

    7 years of development summarized in a strange 7 minutes video found on youtube by accident... Thanks to all the contributors who are helping me on this project!

  12. 26. svi 2019.

    The new 0.55.dev1 integrates with pcodedmp to display VBA P-code when using the option --pcode. The next step will be to detect VBA stomping to counter EvilClippy and adb! cc Install:

  13. 20. pro 2018.

    Thanks to and , v2 now has several plugins leveraging the package.

  14. 9. lis 2018.

    0.54dev2: olevba now detects and shows backspace characters that may be used to hide VBA code on the console, as demonstrated by and at . More info: - Install:

  15. 14. ruj 2018.

    TIL that some people are brave enough to run ViperMonkey in production, to automate the extraction of obfuscated payloads and URLs from VBA macros. This would not be possible without all the contributions from .

  16. 23. srp 2018.
  17. 18. svi 2018.

    New release of inspired me to investigate capability in . Awesome updt. But is it only about cmd? No. You can run any cmd with . In this example, I show how to use to run notepad via . limitation: len(cmd name) <= 8 chars

    Prikaži ovu nit
  18. 26. srp 2017.

    FLARE VM: turn a Windows VM into a malware analysis platform with lots of tools - including

  19. 10. svi 2017.
    Odgovor korisniku/ci

    The cheat sheet is available on the github repository in DOCX and PDF formats:

  20. 11. tra 2017.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.