| 2019-03-23 | Didier Stevens | "VelvetSweatshop" Maldocs |
| 2019-03-17 | Didier Stevens | Video: Maldoc Analysis: Excel 4.0 Macro |
| 2019-03-16 | Didier Stevens | Maldoc: Excel 4.0 Macros |
| 2019-02-27 | Didier Stevens | Maldoc Analysis by a Reader |
| 2019-02-17 | Didier Stevens | Video: Finding Property Values in Office Documents |
| 2019-02-16 | Didier Stevens | Finding Property Values in Office Documents |
| 2019-02-11 | Didier Stevens | Have You Seen an Email Virus Recently? |
| 2019-02-10 | Didier Stevens | Video: Maldoc Analysis of the Weekend |
| 2019-02-09 | Didier Stevens | Maldoc Analysis of the Weekend |
| 2019-01-26 | Didier Stevens | Video: Analyzing Encrypted Malicious Office Documents |
| 2019-01-11 | Didier Stevens | Quick Maldoc Analysis |
| 2019-01-07 | Didier Stevens | Analyzing Encrypted Malicious Office Documents |
| 2019-01-02 | Didier Stevens | Maldoc with Nonfunctional Shellcode |
| 2018-12-29 | Didier Stevens | Video: De-DOSfuscation Example |
| 2018-12-17 | Didier Stevens | Password Protected ZIP with Maldoc |
| 2018-12-12 | Didier Stevens | Yet Another DOSfuscation Sample |
| 2018-12-03 | Didier Stevens | Word maldoc: yet another place to hide a command |
| 2018-11-26 | Russ McRee | ViperMonkey: VBA maldoc deobfuscation |
| 2018-11-23 | Didier Stevens | Video: Dissecting a CVE-2017-11882 Exploit |
| 2018-11-10 | Didier Stevens | Video: CyberChef: BASE64/XOR Recipe |
| 2018-11-02 | Didier Stevens | TriJklcj2HIUCheDES decryption failed? |
| 2018-10-16 | Didier Stevens | CyberChef: BASE64/XOR Recipe |
| 2018-10-13 | Didier Stevens | Maldoc: Once More It's XOR |
| 2018-10-01 | Didier Stevens | Decoding Custom Substitution Encodings with translate.py |
| 2018-09-30 | Didier Stevens | When DOSfuscation Helps... |
| 2018-08-25 | Didier Stevens | Microsoft Publisher malware: static analysis |
| 2018-08-05 | Didier Stevens | Video: Maldoc analysis with standard Linux tools |
| 2018-07-30 | Didier Stevens | Malicious Word documents using DOSfuscation |
| 2018-06-17 | Didier Stevens | Encrypted Office Documents |
| 2018-02-18 | Didier Stevens | Finding VBA signatures in .docm files |
| 2018-02-12 | Didier Stevens | Analyzing compressed shellcode |
| 2018-02-11 | Didier Stevens | Finding VBA signatures in Word documents |
| 2018-02-09 | Didier Stevens | An autograph from the Dridex gang |
| 2018-02-02 | Xavier Mertens | Simple but Effective Malicious XLS Sheet |
| 2018-01-28 | Didier Stevens | Is this a pentest? |
| 2018-01-20 | Didier Stevens | An RTF phish |
| 2018-01-15 | Didier Stevens | Decrypting malicious PDFs with the key |
| 2018-01-14 | Didier Stevens | Peeking into Excel files |
| 2018-01-02 | Didier Stevens | PDF documents & URLs: video |
| 2017-12-31 | Didier Stevens | Analyzing TNEF files |
| 2017-12-25 | Didier Stevens | Dealing with obfuscated RTF files |
| 2017-12-24 | Didier Stevens | PDF documents & URLs: update |
| 2017-12-23 | Didier Stevens | Encrypted PDFs |
| 2017-12-19 | Xavier Mertens | Example of 'MouseOver' Link in a Powerpoint File |
| 2017-12-18 | Didier Stevens | Phish or scam? - Part 2 |
| 2017-12-17 | Didier Stevens | Phish or scam? - Part 1 |
| 2017-12-09 | Didier Stevens | Sometimes it's a dud |
| 2017-11-06 | Didier Stevens | Metasploit's Maldoc |
| 2017-11-05 | Didier Stevens | Extracting the text from PDF documents |
| 2017-11-04 | Didier Stevens | PDF documents & URLs |
| 2017-09-10 | Didier Stevens | It is a resume - Part 3 |
| 2017-08-20 | Didier Stevens | It's Not An Invoice ... |
| 2017-08-17 | Xavier Mertens | Maldoc with auto-updated link |
| 2017-08-10 | Didier Stevens | Maldoc Analysis with ViperMonkey |
| 2017-07-29 | Didier Stevens | Maldoc Submitted and Analyzed |
| 2017-07-28 | Didier Stevens | Static Analysis of Emotet Maldoc |
| 2017-07-15 | Didier Stevens | Office maldoc + .lnk |
| 2017-07-10 | Didier Stevens | Basic Office maldoc analysis |
| 2017-04-28 | Xavier Mertens | Another Day, Another Obfuscation Technique |
| 2017-04-23 | Didier Stevens | Malicious Documents: A Bit Of News |
| 2017-04-21 | Xavier Mertens | Analysis of a Maldoc with Multiple Layers of Obfuscation |
| 2017-03-05 | Didier Stevens | Another example of maldoc string obfuscation, with extra bonus: UAC bypass |
| 2017-02-26 | Didier Stevens | CRA Maldoc Analysis |
| 2016-12-24 | Didier Stevens | Pinging All The Way |
| 2016-12-10 | Didier Stevens | Sleeping VBS Really Wants To Sleep |
| 2016-12-05 | Didier Stevens | Hancitor Maldoc Videos |
| 2016-11-18 | Didier Stevens | VBA Shellcode and Windows 10 |
| 2016-11-12 | Didier Stevens | VBA Shellcode and EMET |
| 2016-10-17 | Didier Stevens | Maldoc VBA Anti-Analysis: Video |
| 2016-10-16 | Didier Stevens | Analyzing Office Maldocs With Decoder.xls |
| 2016-10-15 | Didier Stevens | Maldoc VBA Anti-Analysis |
| 2016-09-26 | Didier Stevens | VBA and P-code |
| 2016-08-06 | Didier Stevens | rtfdump |
| 2016-07-30 | Didier Stevens | rtfobj |
| 2016-07-29 | Didier Stevens | Malicious RTF Files |
| 2016-07-19 | Didier Stevens | Office Maldoc: Let's Focus on the VBA Macros Later... |
| 2016-03-29 | Didier Stevens | VBE: Encoded VBS Script |
| 2016-02-21 | Didier Stevens | Tip: Quick Analysis of Office Maldoc |
| 2016-01-11 | Didier Stevens | BlackEnergy .XLS Dropper |
| 2015-12-26 | Didier Stevens | Malfunctioning Malware |
| 2015-11-21 | Didier Stevens | Maldoc Social Engineering Trick |
| 2015-09-19 | Didier Stevens | Don't launch that file Adobe Reader! |
| 2015-08-26 | Didier Stevens | PDF + maldoc1 = maldoc2 |
| 2015-05-15 | Didier Stevens | Another Maldoc? I'm Afraid So... |
| 2015-05-09 | Didier Stevens | Malicious Word Document: This Time The Maldoc Is A MIME File |
| 2015-04-10 | Didier Stevens | The Kill Chain: Now With Pastebin |
| 2015-03-30 | Didier Stevens | YARA Rules For Shellcode |
| 2015-03-14 | Didier Stevens | Maldoc VBA Sandbox/Virtualization Detection |
