LinuxCommandLibrary

olevba

extracts and analyzes VBA macros

TLDR

Analyze Office document
$ olevba [document.docx]
copy
Show VBA code
$ olevba -c [document.xlsm]
copy
Decode obfuscated strings
$ olevba -d [document.doc]
copy
JSON output
$ olevba --json [document.docm]
copy
Analyze all files in directory
$ olevba [directory/]
copy

SYNOPSIS

olevba [options] file...

DESCRIPTION

olevba extracts and analyzes VBA macros. Detects malicious Office documents.
The tool examines embedded macros. Part of oletools security suite.

PARAMETERS

FILE

Office document(s) to analyze.
-c
Show VBA source code.
-d
Decode obfuscated strings.
--json
JSON output format.
-a
Show all information.
--help
Display help information.

CAVEATS

Security analysis tool. Part of oletools. Python required.

HISTORY

olevba was created as part of oletools for Office document security analysis.

SEE ALSO

oletools(1), mraptor(1), oleid(1)

> TERMINAL_GEAR

Curated for the Linux community

Copied to clipboard