This new version brings an update to the statistics in file 1768.json.
1768_v0_0_8.zip (https)MD5: C410C38FC2B5F0B2C3104D7FC1D35C58
SHA256: 9374650575E0F15331CE05ACFD2BFA4CD6EBEB1497207B9B6D4B1F7A0214457D
Monday 11 October 2021
Update: 1768.py Version 0.0.8
MD5: C410C38FC2B5F0B2C3104D7FC1D35C58
SHA256: 9374650575E0F15331CE05ACFD2BFA4CD6EBEB1497207B9B6D4B1F7A0214457D
Wednesday 29 September 2021
Update: base64dump.py Version 0.0.17
This new version of base64dump brings 2 new features:
- support for ASCII85 encoding: a85
- selecting of the largest result: -s L
MD5: B535A0B9E73D068380078FC5006756E8
SHA256: DDC67BEBC5C3407213673C0228E84796E6816294A029997542BA7DD9AF659C4E
Wednesday 22 September 2021
Update: re-search.py Version 0.0.18
This version has some Python3/Linux/MacOS fixes.
re-search_V0_0_18.zip (https)MD5: 1BCA3B59B719FAFD6016D2F9F32F1A05
SHA256: 9E4807D3CE0EC320028AC760D3915F4FC0CBF6EC6E20FC9B2C91C54E74E6F548
Saturday 21 August 2021
Update: AnalyzePESig Version 0.0.0.8
This new version of AnalyzePESig, my tool to analyze the digital signature of PE files, brings some major updates:
- Support for UNICODE filenames
- Reintroduction of the capability to verify the signature of non-PE files, like .MSI files
And several bug fixes.
MD5: C14A2C8AA91D34F534B4F76E7014E3A9
SHA256: BCCF90BF6E4C26C33BF16DA20CF220DAE8D748B942224659DC720B35BB8EFE86
Friday 20 August 2021
Update: pdf-parser.py Version 0.7.5
This is a bug fix version.
pdf-parser_V0_7_5.zip (https)MD5: D39E98981E6FEA48BF61CA2F78ED0B09
SHA256: 5D970AFAC501A71D4FDDEECBD63060062226BF1D587A6A74702DDA79B5C2D3FB
Update: pdfid.py Version 0.2.8
This is a bug fix version
pdfid_v0_2_8.zip (https)MD5: 9DDE1D9010D860303B03F3317DAF07B4
SHA256: 0D0AA12592FA29BC5E7A9C3CFA0AAEBB711CEF373A0AE0AD523723C64C9D02B4
Tuesday 17 August 2021
Update: oledump.py Version 0.0.62
This new version brings a bug fix and an update to plugin_biff’s XOR deobfuscation.
oledump_V0_0_62.zip (https)MD5: F16DB945970B49A60155443ED82CDE29
SHA256: 4AE5DF2CC8E8F5A395027A8056B1A33B8F05C0AB6FC18D56D46DC151BB4302FB
Saturday 17 July 2021
Update: base64dump.py Version 0.0.16
This new version of base64dump.py brings bug fixes and support for BASE85 RFC 1924 encoding.
If you want to know how I go about adding a new decoding to base64dump.py, watch this video:
Here is version 0.0.0.15, with bug fixes but without base85:
base64dump_V0_0_15.zip (https)MD5: 95C78B0DC830C6240F2A56A3BA0C483F
SHA256: F011136B2CF4F54647AB4B699CE7F3575925B2BD09EED409E4BBE34FEB8C570A
And here is version 0.0.0.16 with base85:
base64dump_V0_0_16.zip (https)MD5: 91E283BDF292C463E349DC535EF50535
SHA256: E85345971D209559ED6602F16C6DBBF526816848B2F15B44C06A7DE7B28F2F8C
Tuesday 13 July 2021
Update: FileScanner Version 0.0.0.7
This new version of FileScanner brings bug fixes and new features, like UNICODE filename support and an embedded man page.
MD5: D3294BE258F5E2CD9ADF60035D5FB444
SHA256: 8D9349A2056CF400DF55D0407287144A038B6268E40919F248866B4C8BC3FD0A
Sunday 4 July 2021
Update: xmldump.py Version 0.0.7
This update to xmldump.py, a tool to help with viewing XML files, adds option -j (–jsoninput) to handle JSON output produced by zipdump.py.
With this option, shared strings from OOXML spreadsheets will be used with command celltext.
I will explain more in an upcoming blog post.
MD5: 20FBBC1A053B2528AC4200B917637876
SHA256: 0D7850CEEDEB7EFD9E8645CF8DD59F1912E9EB3C135346F98AF3E3A7BAAE2B68
