oledump.py

This post is part of a series of posts categorized as “Wiki” that contain basic how-to information. The intent is to create a reference repository for myself, but I’m not selfish so if anyone else can also benefit from it then I’m happy to share the knowledge!

  • OS: Linux/Windows
  • Description: Explore Microsoft Office file contents and identify and dump streams with macros
Helpful Options:
  -d          perform raw dump
  -x          perform hex dump
  -a          perform ascii dump (default)
  -s          select stream
  -S          perform strings dump
  -v          decompress VBA
  -r          read raw file (use with options -v or -p)
  -e          extract OLE embedded file
  -p PLUGINS  plugins to load 
  -M          display meta data

Pluggins:
 plugin_http_heuristics