Document Analysis using oledump.py
oledump.py is a document forensic analysis tool developed by Didier Stevens and it is used to analyze OLE files. These files contain streams of data. Oledump allows you to analyze these streams. Many applications use this file format, the best known is MS Office.
In an incident, time is critical to the responder, and they must have the skills and the right tools to perform such an action to be able to quickly timeline the attack.
#note: oledump.py will require olefile.py module to run.
Methods to fix this issue:
1. Download python and install olefile: use pip install olefile
2. Download olefile.py and paste it to olydump.py folder
To use the tool, open command prompt and run the following syntax: oledump.py -h