This new version of pecheck.py, my tool to analyze PE files, brings some extra information on overlays:

pecheck-v0_7_15.zip (http)
MD5: 8D85E40E4770D9F29C08CBE3D7BE57F0
SHA256: 596848BC8BD03936604212E4CBE9545A03EE629BE6125D08A4E28068F1952961

This new version of base64dump adds decoding of netbios name encoding with lowercase letters.

base64dump_V0_0_21.zip (http)
MD5: 5701B6D9691E366ED5E2EE6D06689012
SHA256: BE939E0225C83319A31A096DA29C1CA9D3C575DCCE9C1795814B335BD0871E92

This new version of oledump.py brings support for user defined properties and an update to plugin plugin_msg_summary.py

Office documents with VSTO applications have user defined properties. These properties can be extracted with my plugin plugin_medata.py, but not with the current version of olefile.
However, the development version of olefile can be used to extract these properties. This new version of oledump checks if the olefile module has a function to extract user defined properties (get_userdefined_properties), and if it does, it calls it when analyzing metadata:

Figure: oledump option -M with olefile supporting get_userdefined_properties Figure: plugin_metadata

I added URL extracting to my plugin plugin_msg_summary, a plugin to summarize the content of an .msg file (Outlook email).

oledump_V0_0_67b.zip (http)
MD5: D6D1748A98AEA3D922D99415E908C609
SHA256: 092A2EA0FBB67357FC5E4D7B8E266B52EA242C147609FD025616754EAA2532E1