Tools: oledump.py
Blog post: oledump Indicators
my software
Decrypting With translate.py
Tools: base64dump.py, translate.py
Blog post: Decrypting With translate.py
ISC diary entry: Decrypting PowerShell Payloads (video)
Example script: https://pastebin.com/QUGiWTHj
strings.py: Pascal Strings
oledump.py: plugin_msg_summary
Tools: oledump.py
Blog post: Update: oledump.py Version 0.0.54
ISC Diary Entry: Analyzing MSG Files With plugin_msg_summary
Cracking Maldoc VBA Project Passwords
Tools: oledump.py
Blog post: Cracking VBA Project Passwords
ISC Diary Entry: Cracking Maldoc VBA Project Passwords
SANS@MIC – Maldocs: a bit of blue, a bit of red
zipdump.py: Malformed .docm File
Tools: zipdump.py
Blog post: Analyzing Malformed ZIP Files
Sample: c36e0ef657bc2137d4ee13a97528e7a12d2ffe7b8dc2b54c92f123b3f61845a6
ISC Diary Entry: Obfuscated with a Simple 0x0A
Didier Stevens Videos 