Monday 2 March 2026
Overview of Content Published in February
Saturday 21 February 2026
Update: rtfdump.py Version 0.0.15
This is a fix for option –yarastrings.
rtfdump_V0_0_15.zip (http)MD5: C70F327DDC11B549A399B2F85B2B9607
SHA256: 9EFDEB5978372BD93065BCDAB6486DAECA4CB7E2EDA15DD5BD4C98AF69FB19A7
Friday 20 February 2026
Update: rtfdump.py Version 0.0.14
This update adds option -C (–combinations). When this option is used together with -j (–jsonoutput), 2 extra versions of each stream are added. One with option -H enabled, and one with option -H and -S enabled.
rtfdump_V0_0_14.zip (http)MD5: D9BBA8F83E04D4FD25268E7A2BB4653E
SHA256: DB852CEDA1AE368FF32C1D12951A02BD7A4E36C74632D0D1F790C700FB298689
Sunday 1 February 2026
Overview of Content Published in January
Sunday 18 January 2026
Update: zipdump.py Version 0.0.33
This update adds pseudo-field sha256 which can be used to calculate the sha256 hash of the content (compressed or decompressed):
-E sha256:data
-E sha256:data:decompress
-E sha256:decompress
-E sha256:extra
MD5: ABF2AC037D2CB7E26664D28B109E9293
SHA256: A80E956072E9C4E3051992EA3E551444585854747EFE2A997A232E6F5B94E8E4
Saturday 17 January 2026
Update: hash.py Version 0.0.14
This is a bug fix version.
hash_V0_0_14.zip (http)MD5: 66A205915A280CC474541053739B8EDD
SHA256: C459B75F132BB4AA394D8EA27A79F409C446AAA67536946673EC824EA9219F9F
Saturday 3 January 2026
Overview of Content Published in 2025
Blog posts:
- Update: strings.py Version 0.0.11
- Quickpost: Electrical Power & Mining
- Update: Python Templates Version 0.0.12
- Update: cs-decrypt-metadata.py Version?0.0.5
- Update: zoneidentifier.exe Version 0.0.2
- Update: oledump.py Version 0.0.79
- Update: 1768.py Version 0.0.23
- Update: pdfid.py Version 0.2.10
- Update: pdf-parser.py Version 0.7.11
- Update: xmldump.py Version 0.0.10
- Update: zipdump.py Version 0.0.31
- Quickpost: Electrical Power & Mining: Dissipated Heat
- Update: xorsearch.py Version 0.0.2
- Update: xorsearch.py Version 0.0.3
- Quickpost: Testing The Capacity Of My New Power Bank
- Update: xorsearch.py Version 0.0.4
- Update: basedump64.py Version 0.0.28
- Update: emldump.py Version 0.0.15
- Update: pecheck.py Version 0.7.17
- Update: rtfdump.py Version 0.0.13
- Update: zipdump.py Version 0.0.32
- Update: oledump.py Version 0.0.80
- Update: pdf-parser.py Version 0.7.2
- Update: re-search.py Version 0.0.23
- Update: xorsearch.py Version 0.0.5
- Update: myjson-filter.py Version 0.0.7
- Update: oledump.py Version 0.0.81
- Update: process-binary-file.py Version 0.0.11
- Quickpost: Airplanes & Radiation
- Update: oledump.py Version 0.0.82
- Update: myjson-filter.py Version 0.0.8
- Update: myjson-transform.py Version 0.0.2
- Update: search-for-compression.py Version 0.0.4
- Quickpost: Firefox Profiles and Multiple Instances
- Quickpost: emldump Bulk Extraction
- DSS_DEFAULT_HASH_ALGORITHMS
- Python Requirements for Didier Stevens Suite
- Quickpost: USB-C Couplers
- Update: pngdump.py Version 0.0.7
- My Fridge & My Portable Power Station
- Update: pecheck.py Version 0.7.18
- Update: search-for-compression.py 0.0.5
- Update: myjson-filter.py Version 0.0.9
- Update: virustotal-search.py Version 0.1.9
- New Tool: myipaddress.py
- Update: teeplus.py Version 0.0.2
- Quickpost: Doorbell & Condensation
- Quickpost: 12V Portable Power Station
- Update: pdf-parser.py Version 0.7.13
- Quickpost: PEP 515 ? Underscores in Numeric Literals
- Update: dnsresolver.py Version 0.0.4
- Bytes over DNS Tools
- Update: cs-parse-traffic.py Version 0.0.6
- Update: numbers-to-hex.py Version 0.0.4
- Quickpost: Power Requirements Of A Keylogger
- Quickpost: CR1225 vs CR1220
- Copy/Paste Delays In Excel Because Of Default Printer
- Quickpost: USB Electric Razor
- Quickpost: USB-C Rechargeable Batteries
- USB Trigger Boards
- Update: pecheck.py Version 0.7.19
- Using a USB-C Trigger Cable To Power An FM Radio
- Wireshark 4.4.3 Released
- Multi-OLE
- Partial ZIP File Downloads
- Crypto Wallet Scam
- Crypto Wallet Scam: Not For Free
- Reminder: 7-Zip & MoW
- Wireshark 4.4.4 Released
- Wireshark 4.4.5 Released
- Mark of the Web: Some Technical Details
- Static Analysis of GUID Encoded Shellcode
- XORsearch: Searching With Regexes
- xorsearch.py: Searching With Regexes
- Wireshark 4.4.6 Released
- xorsearch.py: “Ad Hoc YARA Rules”
- Steganography Analysis With pngdump.py
- Steganography Analysis With pngdump.py: Bitstreams
- Steganography Challenge
- Steganography Challenge: My Solution
- xorsearch.py: Python Functions
- YARA 4.5.3 Release
- Wireshark 4.4.7 Released
- Extracting With pngdump.py
- A JPEG With A Payload
- ADS & Python Tools
- Wireshark 4.4.8 Released
- WinRAR MoTW Propagation Privacy
- Wireshark 4.4.9 Released
- pdf-parser: All Streams
- BASE64 Over DNS
- Web Searches For Archives
- Wireshark 4.4.10 and 4.6.0 Released
- Kaitai Struct WebIDE
- Bytes over DNS
- Honeypot: Requests for (Code) Repositories
- Honeypot: FortiWeb CVE-2025-64446 Exploits
- SANS Holiday Hack Challenge 2025
- Finger.exe & ClickFix
- Decoding Binary Numeric Expressions
- Wireshark 4.4.1 Released
- YARA-X 1.10.0 Release: Fix Warnings
- Wireshark 4.6.2 Released
- DLLs & TLS Callbacks
Friday 2 January 2026
Overview of Content Published in December
Saturday 20 December 2025
Using a USB-C Trigger Cable To Power An FM Radio
The Dutch government is telling people to prepare to be self-sufficient for at least 72 hours in case of a major emergency when many services (electricity, water, internet) could be unavailable. This campaign is called “Denk Vooruit” (Think Ahead). An emergency booklet has been mailed to all inhabitants. The Belgian authorities are voicing similar concerns, but no emergency booklet has been mailed.
The booklet advises people to have a radio in their emergency kit, specifically one that works without mains power, like a battery-powered or hand-crank radio.
I have a battery-powered FM radio, and I wanted to know if I could power it with a USB powerbank and a USB trigger board (I have several high-capacity powerbanks).
It works: the radio has a 12V barrel jack connector, and I can power it with this USB trigger board/cable, without soldering connectors:
I’ll probably still solder a cable with a fixed 12V USB trigger board, because this setup is prone to accidentally pushing the button of the USB trigger board, and delivering 15V or 20V to the radio (a voltage that is too high, and might destroy the radio).
Although this setup is portable, it’s not very handy to carry around when you go away from home. So I looked around on Aliexpress for a small & cheap FM radio and selected a Junus J-555. It can be powered by two alkaline AAA batteries or by its built-in Li-Po battery. That Li-Po battery can be charged via a USB-C connector, and the radio also works while charging. But what is most important: it has a good reception of FM and AM stations when operating inside my home.
Friday 19 December 2025
Update: pecheck.py Version 0.7.19
This is a small fix for an escape sequence warning.
pecheck-v0_7_19.zip (http)MD5: A53F4648119CC9A44FB684EAC2C84C08
SHA256: 67637A257967807800AF04D45E0B8DA8F32D38AA772C3596DAE7E0CD4ECFCE52
Didier Stevens 