Update: rtfdump.py Version 0.0.15
Didier Stevens announced on 21 February 2026 the release of rtfdump.py version 0.0.15. The update specifically fixes a bug in the –yarastrings option, restoring reliable extraction of YARA strings from RTF files. The release package is available for download and includes MD5 and SHA‑256 hashes for integrity verification. rtfdump.py remains a core component of Stevens’ forensic toolkit used by security analysts worldwide.
Overview of Content Published in January
Didier Stevens published a concise January roundup highlighting two Python tool updates—zipdump.py 0.0.33 and hash.py 0.0.14—and three SANS Internet Storm Center diary entries covering a basic geography quiz, the release of Wireshark 4.6.3, and YARA‑X 1.11.0’s new hash function warnings....
Update: hash.py Version 0.0.14
Didier Stevens released hash.py version 0.0.14 on 17 January 2026. The update is labeled a bug‑fix release and is available as a zip archive. The post provides both MD5 (66A205915A280CC474541053739B8EDD) and SHA‑256 (C459B75F132BB4AA394D8EA27A79F409C446AAA67536946673EC824EA9219F9F) checksums for verification. No additional features are announced, emphasizing stability...
Overview of Content Published in 2025
In 2025 Didier Stevens published an extensive series of blog entries, delivering more than 70 incremental updates to his open‑source forensic utilities such as strings.py, oledump.py, pdf‑parser.py, and xorsearch.py. The posts also include quick‑takes on power consumption, hardware testing, and...
