Some extra information when signature is found.
1768_v0_0_19.zip (http)MD5: FCF07B2AEDDBB4911520152531C5F107
SHA256: 5EE73B9311578D202246011FAF3216674387894833E759148F6C5356B646686F
Saturday 7 October 2023
Update: 1768.py Version 0.0.19
MD5: FCF07B2AEDDBB4911520152531C5F107
SHA256: 5EE73B9311578D202246011FAF3216674387894833E759148F6C5356B646686F
Friday 6 October 2023
Update: simple_listener.py Version 0.1.4
This update adds ZIP support for binary files, and a –prompt option.
When this option is used, the user is prompted after each request, and processing of new requests is suspended until the user reacts to the prompt.
simple_listener_v0_1_4.zip (http)MD5: 85A9E47B6243CD860D20E483F162DEA0
SHA256: 72FB2E7783315BFD21D74829BAECC1364A404A2B3853DBFD9B29DB2A9322F20B
Thursday 5 October 2023
Update: python-per-line.py Version 0.0.11
This update adds option –group: with this option, all lines are stored as a list in variable lines, and the Python expression is evaluated just once after each file is processed.
python-per-line_V0_0_11.zip (http)MD5: B35187DFEA8970BFFFBA33E8DC36B31E
SHA256: 2EFC172F48BB9D5A7EFF87737D81F15F473EEFB4B9899A09571E7892FF15BAD1
Wednesday 4 October 2023
Update: myjson-filter.py Version 0.0.5
This new version adds YARA support.
myjson-filter_V0_0_5.zip (http)MD5: CA8EAB44E283C2BFE0674CCDA1EE35EE
SHA256: A1E133E5BBB0F129156058E0E8DBD3834A23CEC6173BAFF0ADB79E46BDF48AAB
Tuesday 3 October 2023
Update: pecheck.py Version 0.7.16
This new version adds two new values for option -l.
One could already use option -l P to locate all PE files inside an arbitrary binary file.
Option -l PE also adds entries for the extra (E) data, e.g., the data in between found PE files.
Option -l PO is like PE, but adds some more information for the other (O) files: the magic header (hex & ASCII).
pecheck-v0_7_16.zip (http)MD5: FBC115DDC2C0EDFBA9612B00DE6692DB
SHA256: CA9E6D06A7DA9E6CD6B585423F854030364F1936702B5A0A14B7F90722824A7C
Monday 2 October 2023
Update: xor-kpa.py Version 0.0.8
This is just a small update to my XOR known-plaintext attack tool, with some improvements on the algorithm.
xor-kpa_V0_0_8.zip (http)MD5: EB6397FC81C920DF4E1753A4A31DA9B4
SHA256: 9706979A4B1FBC6E318F6015C69ED2759ADC871632FDB9034615A4488DAC32E0
Sunday 1 October 2023
Update: simple_listener.py Version 0.1.3
This updates changes the THP_READALL logic, and adds THP_ECHO_THIS and THP_ALLOW_LIST.
simple_listener_v0_1_3.zip (http)MD5: 6C90E789D4C10B6EF5E918306A7A58E7
SHA256: 16E55E8983E4208151CB407F72238537C7631396FFFECC431230F7879AFAC664
Saturday 30 September 2023
Update: hash.py Version 0.0.10
This new versions adds 2 new features:
Option -H adds a human hash for each hash:
Option -r renames a file to its hash (hash) or to its hash with extension .vir (vir).
When more that one hash algorithm is used (default: md5, sha1, sha256), the last hash algorithm is used for the rename operation.
MD5: 95CD153E3DFD9922D6AD279D1E19CDDD
SHA256: 221B6B4476B0CBD820D696BD63E83DE1F67045C54F343E475447CF66CF4F181E
Update: zipdump.py Version 0.0.28
This update of zipdump.py adds parsing for external attributes and DOSDATE and DOSTIME fields when options -f and -E are used.
MD5: 482DEB681C17243B03A699BD6B55D11D
SHA256: 9D89DCAF531621E33A0A36D1EA519A62F1004A762C0789C857976033A32E7F8A
Update: file-magic.py Version 0.0.7
This update is just a definition update to detect MSO (ActiveMime files).
file-magic_V0_0_7.zip (http)MD5: 6EFF124D3D0854F62034E05DAE20AFD4
SHA256: A13ADD0A3F840FF535193CD07BF6218FF77164EB803E9004A0B66A4AC66183F9
Didier Stevens 