Description

pyxswf is a script to detect, extract and analyze Flash objects (SWF files) that may be embedded in files such as MS Office documents (e.g. Word, Excel), which is especially useful for malware analysis.

For detailed use cases, refer to the official documentation.

Installation

Refer to this section.

Usage

Syntax

usage: pyxswf.py [options] <file.bad>

Options

-h, --help: show this help message and exit

-x, --extract: Extracts the embedded SWF(s), names it MD5HASH.swf & saves it in the working dir. No addition args needed

-y, --yara: Scans the SWF(s) with yara. If the SWF(s) is compressed it will be deflated. No addition args needed

-s, --md5scan: Scans the SWF(s) for MD5 signatures. Please see func checkMD5 to define hashes. No addition args needed

-H, --header: Displays the SWFs file header. No addition args needed

-d, --decompress: Deflates compressed SWFS(s)

-r PATH, --recdir=PATH: Will recursively scan a directory for files that contain SWFs. Must provide path in quotes

-c, --compress: Compresses the SWF using Zlib

-o, --ole: Parse an OLE file (e.g. Word, Excel) to look for SWF in each stream

-f, --rtf: Parse an RTF file to look for SWF in each embedded object

Python-oletools/pyxswf

Contents

Description

Installation

Usage

Syntax

Options

Share your opinion

Navigation menu

Python-oletools/pyxswf

Description

Installation

Usage

Syntax

Options

Share your opinion

Navigation menu

Search