olevba.py

This post is part of a series of posts categorized as “Wiki” that contain basic how-to information. The intent is to create a reference repository for myself, but I’m not selfish so if anyone else can also benefit from it then I’m happy to share the knowledge!

  • OS: Linux/Windows
  • Description: Parse Microsoft Office files and extract macros
Helpful Options:
 -a        only analysis, no macro code
 -c        only macro code, no analysis
 --decode  display obfuscated strings and decode
 --reveal  replace obfuscated strings in macro code
           with decoded strings