python-oletools documentation

This is the home page of the documentation for python-oletools. The latest version can be found online, otherwise a copy is provided in the doc subfolder of the package.

oletools is a package of python tools to analyze Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office 97-2003 documents, MSI files or Outlook messages, mainly for malware analysis, forensics and debugging. It is based on the olefile parser.

It also provides tools to analyze RTF files and files based on the OpenXML format (aka OOXML) such as MS Office 2007+ documents, XPS or MSIX files.

For example, oletools can detect, extract and analyse VBA macros, OLE objects, Excel 4 macros (XLM) and DDE links.

See http://www.decalage.info/python/oletools for more info.

Quick links: Home page - Download/Install - Documentation - Report Issues/Suggestions/Questions - Contact the Author - Repository - Updates on Twitter

Note: python-oletools is not related to OLETools published by BeCubed Software.

Tools in python-oletools:

Tools to analyze malicious documents

Tools to analyze the structure of OLE files


python-oletools documentation