Didier Stevens tools¶

Didier Stevens tools are available under C:\Tools\DidierStevens.

Below is a collection of links to ISC Storm Center that uses the tools in Didier Stevens suite. All the examples can be run in dfirws. I have also added PDFs for offline use.

• String Obfuscation: Character Pair Reversal (PDF)
• zipdump.py
• strings.py
• re-search.py
• python-per-line.py
• Extra: "String Obfuscation: Character Pair Reversal" (PDF)
• strings.py
• python-per-line.py (Reverse and ReverseFind)
• numbers-to-strings.py
• Extracting Multiple Streams From OLE Files (PDF)
• oledump.py
• file-magic.py
• myjson-filter.py
• Uses --jsoninput and --jsonoutput in the pipe
• Another Malicious HTA File Analysis - Part 1 (PDF)
• zipdump.py
• python-per-line.py (--split, --regex, oMatch.groups() and --join)
• Another Malicious HTA File Analysis - Part 2 (PDF)
• zipdump.py
• python-per-line.py (--split, --regex, --join)
• base64dump.py (--jsonoutput)
• myjson-transform.py(--script)
• numbers-to-string.py