Articles and tools about Python, Cyber Security and more.
rtfobj is a Python module to extract embedded objects from RTF files, such as OLE ojects. It can be used as a Python library or a command-line tool. It is part of the oletools package.
oleid is a script to analyze OLE files such as MS Office documents (e.g. Word, Excel), to detect specific characteristics that could potentially indicate that the file is suspicious or malicious, in terms of security (e.g. malware). For example it can detect VBA macros, embedded Flash objects, fragmentation. It is part of the oletools package.
olebrowse is a simple GUI to browse OLE files (e.g. MS Word, Excel, Powerpoint documents), to view and extract individual data streams. It is part of the oletools package.
pywordform is a python module to parse Microsoft Word forms in docx format, and extract all field values with their tags into a python dictionary.
This article describes solutions to create a single executable file containing a Python application/script and the Python interpreter DLL with all necessary libraries. The executable file can then be launched on any system even if Python is not installed.
CherryProxy is a simple HTTP proxy written in Python 2.x, based on the CherryPy WSGI server and httplib, extensible for content analysis and filtering.
This article lists solutions to create network servers in Python for different standard protocols: HTTP, FTP, SMTP, SOAP, syslog, WebDAV, ...
ExeFilter is an open-source tool and python framework to filter file formats in e-mails, web pages or files. It detects many common file formats and can remove active content (scripts, macros, etc) according to a configurable policy.
tempfilemgr is a Python 2.x module to easily create temporary files and directories, and to make sure that all of them are deleted after use. It adds several useful features to the standard tempfile module.
This is a presentation at the CanSecWest08 conference about ExeFilter, an open-source tool and framework to filter files and active content.