8000 GitHub - interprobe/CoDeRedlight: A simple CDR software for disarming malicious contents contained in documents.
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

interprobe/CoDeRedlight

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
CoDeRedlight.py
CoDeRedlight.py
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

CoDeRedlight


A simple CDR software for disarming malicious contents contained in documents.

With CoDeRedlight you can:

  • Gather information from document files.
  • Extract IoC data.
  • Disarming C2 URL's and anohter malicious contents.

Updates

  • Bug fixes.
  • Added Excel support. Now you can clear malicious contents from your file. (Effective againts embedded Equation Editor exploits)
  • Malicious URL finding capability is improved. Now you can clear Emotet/Heodo documents easily.

Usage

python3 CoDeRedlight.py <target_file>

Setup

pip3 install -r requirements.txt

PoC

cdrPOC.mp4

TODO

  • Add PDF and CDFv2 support.
  • Improve disarming capabilities.

About

A simple CDR software for disarming malicious contents contained in documents.

Topics

excel word python3 malware-analysis malware-research security-tools content-disarm-reconstruct

Resources

Readme

License

GPL-3.0 license
Activity

Stars

10 stars

Watchers

1 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages
0