Tool Updated: OfficeMalScanner

2010-06-17T09:51:08Z

Listed in categories: Code Ripping Tools, Data Search and Extraction Tools

Most recent version:
v0.51

Most recent release date:
February 5, 2010

Description:
OfficeMalScanner v0.51 is a Ms Office forensic tool to scan for malicious traces, like shellcode heuristics, PE-files or embedded OLE streams. Found files are being extracted to disk. It supports disassembly and hexview as well as an easy brute force mode to detect encrypted files. Next to this, an office file is being scanned for VB-macro code and if found, it will be extracted for further analysis. The "inflate" feature extracts Ms Office 2007 documents into a directory and marks potentially malicious files. Also included in this package is a tool called MalHost-Setup, some kind of MS Office runtime emulation environment to debug shellcode in malicious documents in realtime.

Tool Added: TMG Ripper Studio

2008-01-10T21:16:26Z

Listed in categories: Code Ripping Tools

Most recent version:
0.03

Most recent release date:
2005

Description:
This is a tool for converting a small part of a program into assemblycode that you could paste into your own sources. The program takes either a fileoffset or a virtual address as input and starts to disassemble from that point. When a conditional jump is reached, it branches and follow both directions. It also follows unconditional jumps and traces calls.

Collaborative RCE Tool Library - Code Ripping Tools (including sub-categories)

Tool Updated: OfficeMalScanner

Tool Added: TMG Ripper Studio