Blog posts:

Update: oledump.py Version 0.0.54 Quickpost: 4 Bytes To Crash Excel Update: translate.py version 2.5.9 Update: strings.py Version 0.0.5 Pascal Strings Quickpost: VMware OS Version Snapshots

YouTube videos:

oledump.py: plugin_msg_summary strings.py: Pascal strings Measuring a USB Cable – 4-Wire Method

Videoblog posts:

oledump.py: plugin_msg_summary strings.py: Pascal Strings Measuring a USB Cable – 4-Wire Method

SANS ISC Diary entries:

Nmap 7.90 Released Obfuscation and Repetition Open Packaging Conventions Analyzing MSG Files With plugin_msg_summary Nested .MSGs: Turtles All The Way Down File Selection Gaffe Video: Pascal Strings Excel 4 Macros: “Abnormal Sheet Visibility” More File Selection Gaffes

Here is an overview of content I published in September:

Blog posts:

Quickpost: Downloading Files With Windows Defender & User Agent String Quickpost: dig On Windows Quickpost: Ext2explore Quickpost: USB Passive Load “Epic Manchego” And My Tools

SANS ISC Diary entries:

Office: About OLE and ZIP Files Office Documents with Embedded Objects Wireshark 3.2.7 Released Decoding Corrupt BASE64 Strings

NVISO blog posts:

Epic Manchego – atypical maldoc delivery brings flurry of infostealers

Over the last months, I’ve been quite busy working with my colleagues on report “Epic Manchego – atypical maldoc delivery brings flurry of infostealers“: we’ve tracked an actor creating a new type of malicious Office document.

To help with the automatic analysis of all the maldocs produced by this actor (several per day), I added new features to existing tools and created new tools.

I’m releasing this work in the coming months (some has already been published: oledump.py and zipdump.py).