🎆Cheat Ole tools

Cheat Ole tools.

1. mraptor - detect malicious vba macro without AV.

mraptor file.doc

mraptor <name_file in zip>.zip -z <password>

mraptor "path/"

2. rtfobj - extract embeded object stored in RTF file.

rtfobj -s 0

3.olebrowse- gui anaylsis.

4.oledir -show directory embeded

5.oleid - show all malicious by id.

6.olemap -show where OLE contain in assembly

7.olemeta -detail

8.oleobj - extract data ole file

9.oletimes -check detail for any modifiation

10. olevba -- main tools. usefull and detail . suitable for deep invetigation.

olevba <file.name> --decode = show obsufucate

olevba <filename> -- reveal = show macro source