From Collaborative RCE Tool Library

Jump to: navigation, search

OfficeMalScanner

Tool name: OfficeMalScanner
Rating: 0.0 (0 votes)
Author: Frank Boldewin                        
Website: http://www.reconstructer.org
Current version: v0.431
Last updated: August 15, 2009
Direct D/L link: Locally archived copy
License type: Free
Description: OfficeMalScanner is a MS office forensic tool to scan for malicious traces, like shellcode heuristics, PE-files or embedded OLE streams. It supports disassembly and hexview as well as an easy brute force mode to detect encrypted files. Next to this, an office file is being scanned for VB-macro code and if found, it will be extracted for further analysis.
Related URLs:
Whitepaper:
http://www.reconstructer.org/papers/Analyzing%20MSOffice%20malware%20with%20OfficeMalScanner.zip
OfficeMalScanner Suite:
http://www.reconstructer.org/code/OfficeMalScanner.zip


RSS feed Feed containing all updates for this tool.

You are welcome to add your own useful notes about this tool, for others to see!

Retrieved from "http://www.woodmann.com/collaborative/tools/index.php/OfficeMalScanner"


If you find that any information for the tool above is missing, outdated or incorrect, please edit it!
(please also edit it if you think it fits well in some additional category, since this can also be controlled)

Views
Category Navigation Tree
RCE Tools
   Categorized by Target Type  (176)
   Categorized by Tool Type  (983)
   Anti Anti Test Tools  (15)
   Assemblers  (15)
   Code Coverage Tools  (12)
   Code Injection Tools  (32)
   Code Ripping Tools  (2)
   Crypto Tools  (5)
   Data Extraction Tools  (19)
   Code Ripping Tools  (2)
   Compressed Archive Tools  (6)
   Data Search and Extraction Tools  (2)
   Disc Image Tools  (1)
   Help File Decompilers  (2)
   Installer Extraction Tools  (3)
   Debuggers  (42)
   Decompilers  (20)
   Deobfuscation Tools  (12)
   Dependency Analyzer Tools  (5)
   Diff Tools  (29)
   Disassemblers  (45)
   Dongle Analysis Tools  (24)
   Exe Analyzers  (31)
   Firefox Extensions  (1)
   GUI Manipulation Tools  (16)
   Hardware Reversing Tools  (24)
   Hex Editors  (12)
   IDA Signature Creation Tools  (5)
   Kernel Tools  (13)
   Memory Data Tracing Tools  (6)
   Memory Patchers  (3)
   Memory Search Tools  (7)
   Monitoring Tools  (110)
   Network Tools  (15)
   PE Executable Editors  (79)
   Packers  (16)
   Patch Packaging Tools  (7)
   Profiler Tools  (10)
   Programming Libraries  (32)
   Regular Expression Tools  (3)
   Resource Editors  (12)
   Reverse Engineering Frameworks  (7)
   Source Code Tools  (11)
   String Finders  (5)
   Symbol Tools  (11)
   System Information Extraction Tools  (7)
   Technical PoC Tools  (7)
   Test and Sandbox Environments  (16)
   Tool Extensions  (137)
   Tool Hiding Tools  (5)
   Tool Signatures  (22)
   Tracers  (17)
   Unpacking Tools  (59)
   Needs New Category  (2)