Macrome – Excel Macro Document Reader/Writer For Red Teamers And Analysts

An Excel Macro Document Reader/Writer for Red Teamers & Analysts. Blog posts describing what this tool actually does can be found here and here. Installation / Building Clone or download this repository, the tool can then be executed using dotnet – for example: dotnet run — build –decoy-document Docsdecoy_document.xls –payload Docspopcalc.bin or deobfuscate –path obfuscated_document.xls”>Read More

BoobSnail – Allows Generating Excel 4.0 XLM Macro

BoobSnail allows generating XLM (Excel 4.0) macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation. Features: various infection techniques; various obfuscation techniques; translation of formulas into languages other than English; can be used as a library – you can easily write your own generator. Building and Running Tested on: PythonRead More

XLMMacroDeobfuscator – Extract And Deobfuscate XLM Macros (A.K.A Excel 4.0 Macros)

XLMMacroDeobfuscator can be used to decode obfuscated XLM macros (also known as Excel 4.0 macros). It utilizes an internal XLM emulator to interpret the macros, without fully performing the code. It supports both xls, xlsm, and xlsb formats. It uses xlrd2, pyxlsb2 and its own parser to extract cells and other information from xls, xlsbRead More

Doctrack – Tool To Manipulate And Insert Tracking Pixels Into Office Open XML Documents (Word, Excel)

Tool to manipulate and insert tracking pixels into Office Open XML documents. Features Insert tracking pixels into Office Open XML documents (Word and Excel) Inject template URL for remote template injection attack Inspect external target URLs and metadata Create Office Open XML documents (#TODO) Installation You will need to download .Net Core SDK for yourRead More

Eviloffice – Inject Macro And DDE Code Into Excel And Word Documents (Reverse Shell)

Win python script to inject Macro and DDE code into Excel and Word documents (reverse shell) Features: Inject malicious Macro on formats: docm, dotm, xlsm, xltm Inject malicious DDE code on formats: doc, docx, dot, xls, xlsx, xlt, xltx Python2/Python3 Compatible Tested: Win10 (MS Office 14.0) Requirements: Microsoft Office (Word/Excel) pywin32: python -m pip installRead More