DeepSec 2022 Training: Deep Dive Into Malicious Office Documents For Offensive Security Professionals – Didier Stevens
Malicious Office documents have been on the radar for many years now. But do you know how to create and tailor them efficiently to achieve successful red team engagements? This training will first teach you how to analyse MS Office files (both “old” OLE and “new” XML formats) and PDF files, to better understand how to create them and evade detection. MS Office documents that execute code via macros. And we will take a very quick look at PDF too. Didier Stevens will teach you how to use his Python tools to analyse MS Office documents and PDF documents. Then we will move on to the creation of malicious documents, and Didier will teach you how to use his tools for Microsoft Office and PDF creation for offensive security. Several of these tools are