Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Scala

Groovy

HTML

Erlang

Dart

Elixir

C

Julia

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Kotlin

Elixir

Swift

Julia

Objective-C

Zig

Rust

Ruby

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇬🇾 Guyana

🇨🇽 Christmas Island

🇺🇦 Ukraine

🇰🇪 Kenya

🇵🇱 Poland

🇵🇸 Palestine

🇹🇱 Timor-Leste

🇳🇦 Namibia

All Countries Compare Countries

DissectMalware/pyOneNote

Stars
110
Rank 316,770 (Top 7 %)
Language
Python
License
Apache License 2.0
Created almost 2 years ago
Updated 10 months ago

DissectMalware/pyOneNote

DissectMalware

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

A python library to parse OneNote (.one) files

pyOneNote

pyOneNote is a lightweight python library to read OneNote files. The main goal of this parser is to allow cybersecurity analyst to extract useful information from OneNote files.

Installing the parser

Installing the latest development

pip install -U https://github.com/DissectMalware/pyOneNote/archive/master.zip --force

Running the parser

To dump all embedded file in current directory

pyonenote -f example.one

To dump all embedded file in example.one into output_dir

pyonenote -f example.one -o output_dir

To dump all embedded file in example.one into output_dir and add .bin to the end of each filename

pyonenote -f example.one -o output_dir -e bin

Command Line

usage: pyonenote [-h] -f FILE [-o OUTPUT_DIR] [-e EXTENSION]

Note: pyOneNote is under active development

How to Contribute

If you found a bug or would like to suggest an improvement, please create a new issue on the issues page.

Feel free to contribute to the project forking the project and submitting a pull request.

You can reach me (@DissectMlaware) on Twitter via a direct message.

XLMMacroDeobfuscator

Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)

batch_deobfuscator

Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.

MalwareCMDMonitor

Shows command lines used by latest instances analyzed on Hybrid-Analysis

base64_substring

Generate a Yara rule to find base64-encoded files containg a specific keyword

yaradbg-frontend

ClipboardWatcher

Monitor the textual data pasted into Windows clipboard

OfficeForensicTools

A set of tools for collecting forensic information

PySameSame

This is a python version of samesame repo to generate homograph strings

xlrd2

xlrd2 is a variant of xlrd that is actively maintained

yaradbg-backend

WinNativeIO

Using Undocumented NTDLL Functions to Read/Write/Delete File

pyxlsb2

an Excel 2007+ Binary Workbook (xlsb) parser for Python

MDIExtractor

npp-langs-4-sec

Notepad++ Syntax Highlighting for Languages Used by Cyber Security Professionals

IoCMiner

A Framework to Automatically Extract Indicators of Compromise (IoCs) from Twitter

PhishCanary

Given a TLD zone file, PhishCanary extracts International Domain Names (IDNs) that are homoglyphs of specified target domain names.

yaradbg-issues

yaradbg-container

A docker config file to run yaradbg in a container

TLDExtractor

Accurately extract TLD, effective TLD, 2LD, 3LD, ... from a given domain name; by utilizing the Public Suffix List maintained by Mozilla Foundation

document-samples