I added option –verbose to visualize generated YARA rules.
xorsearch_v0_0_3.zip (http)MD5: 394557EDD88EF9862ACC97D15A2308A3
SHA256: D8FE6914F25FEC4E589A3F3EF7C30F8281C0B918D9254B8AEB2322D2BB8DAE36
Tuesday 15 April 2025
Update: xorsearch.py Version 0.0.3
MD5: 394557EDD88EF9862ACC97D15A2308A3
SHA256: D8FE6914F25FEC4E589A3F3EF7C30F8281C0B918D9254B8AEB2322D2BB8DAE36
Monday 14 April 2025
Update: xorsearch.py Version 0.0.2
This is a rewrite of xorsearch.py, an implementation of XORsearch.exe in Python.
xorsearch_v0_0_2.zip (http)MD5: 4AA44E14060B461405AD670AE20D4AAC
SHA256: F452BC239664A1516070D79596C2FC5238963833440C66CD77DC8892C30A3D0D
Saturday 15 March 2025
Update: zipdump.py Version 0.0.31
This is a bug fix version.
zipdump_v0_0_31.zip (http)MD5: 8EA7D6DBC2877C0E8F3635F06F6E5639
SHA256: C063421D1A87E1DB08205948D481CD733F1F170398D990711F92F4F5921134A4
Monday 10 March 2025
Update: xmldump.py Version 0.0.10
This is a bugfix version.
xmldump_V0_0_10.zip (http)MD5: 8A42C57B10E9D41CCD4D48C2C618431B
SHA256: F0E37F1B61D065A92E2F2C3A678CDE101413BE6099A89AA81FB7C80F18965966
Sunday 9 March 2025
Update: pdf-parser.py Version 0.7.11
This is a bugfix version.
pdf-parser_V0_7_11.zip (http)MD5: 54425CBB5E3E88D931AE7A627105947E
SHA256: 4B550F11DBEA5EE3CF10C842AC1C290407E6BD2A60ECFA2EE192E2D3663227B9
Saturday 8 March 2025
Update: pdfid.py Version 0.2.10
This is a bugfix version.
pdfid_v0_2_10.zip (http)MD5: E2F369B34D7148BE4D5C4C02430E7983
SHA256: A677336B1CF51386E35DBDED8FDB79F27368FD5D5ECC3FC5C8DA020A029CB6B6
Friday 7 March 2025
Update: 1768.py Version 0.0.23
This is an update with new stats.
1768_v0_0_23.zip (http)MD5: 04641D1CCDABDD16FB303B89235AAC53
SHA256: 708D849F11D6614B55AAF0154445CEEC12AC7ADBE02260D8FF567FC4A02C193E
Thursday 6 March 2025
Update: oledump.py Version 0.0.79
This is a bug fix version.
oledump_V0_0_79.zip (http)MD5: 5463B7660B15EA1AE4C9F2792CECB512
SHA256: EA56C4A4C261C499ECE5C19EB0E53607E497253110953F6050177516C0728E02
Wednesday 5 March 2025
Update: zoneidentifier.exe Version 0.0.2
zoneidentifier.exe, my tool to manage MoTW (ADS Zone.Identifier) data received a small update.
A new option, -show, can be used to display the Zone.Identifier data.
zoneidentifier_V0_0_2.zip (http)MD5: AD0A127384EA8C0D85CC2701B6CA7739
SHA256: C1CFD764F4345ACE924F0449F89337E57A648B2D75226E467E0366A6EF22C96E
Wednesday 12 February 2025
Update: cs-decrypt-metadata.py VersionĀ 0.0.5
This is a bugfix version.
cs-decrypt-metadata_V0_0_5.zip (http)MD5: 3C37C994709AAE7F56FEC8C8A35F6A61
SHA256: A47616A8C7A484A70D011EA4B8189097CF6FD61358DAEA883760C208BEDE2075
Didier Stevens 