Recent Posts
News•Feb 21, 2026
Update: rtfdump.py Version 0.0.15
Didier Stevens announced on 21 February 2026 the release of rtfdump.py version 0.0.15. The update specifically fixes a bug in the –yarastrings option, restoring reliable extraction of YARA strings from RTF files. The release package is available for download and includes MD5 and SHA‑256 hashes for integrity verification. rtfdump.py remains a core component of Stevens’ forensic toolkit used by security analysts worldwide.
By Didier Stevens’ Blog
News•Feb 1, 2026
Overview of Content Published in January
Didier Stevens published a concise January roundup highlighting two Python tool updates—zipdump.py 0.0.33 and hash.py 0.0.14—and three SANS Internet Storm Center diary entries covering a basic geography quiz, the release of Wireshark 4.6.3, and YARA‑X 1.11.0’s new hash function warnings....
By Didier Stevens’ Blog
News•Jan 17, 2026
Update: hash.py Version 0.0.14
Didier Stevens released hash.py version 0.0.14 on 17 January 2026. The update is labeled a bug‑fix release and is available as a zip archive. The post provides both MD5 (66A205915A280CC474541053739B8EDD) and SHA‑256 (C459B75F132BB4AA394D8EA27A79F409C446AAA67536946673EC824EA9219F9F) checksums for verification. No additional features are announced, emphasizing stability...
By Didier Stevens’ Blog
News•Jan 3, 2026
Overview of Content Published in 2025
In 2025 Didier Stevens published an extensive series of blog entries, delivering more than 70 incremental updates to his open‑source forensic utilities such as strings.py, oledump.py, pdf‑parser.py, and xorsearch.py. The posts also include quick‑takes on power consumption, hardware testing, and...
By Didier Stevens’ Blog