ExcelPeek: help investigate potentially malicious Microsoft Excel files

by do son ·

investigate malicious Microsoft Excel

ExcelPeek

ExcelPeek is a tool designed to help investigate potentially malicious Microsoft Excel files.

Install

git clone https://github.com/slaughterjames/excelpeek.git
sudo pip3 install re
sudo pip3 install termcolor
sudo pip3 install openpyxl

Use

Note on Using This Tool

The library that ExcelPeek relies on to interface with a spreadsheet, openpyxl, requires that files be in the “.xlsx” format. For 99% of use-cases, all this means is that if the file is another type of Excel file (“.xls”, “.xlsb”, “.xlsm”, etc.), then all one needs to do is open the file in something like LibreOffice Calc (DO NOT open the file in Excel on a Windows-based system!!!) and save the file as type “.xlsx”. This will still keep any macros intact and allow an investigation to be undertaken.

Source: https://github.com/slaughterjames/

Tags: excelpeek