Various threat actors are utilizing OneNote docs maliciously; the dev decided to make an Open Source tool capable of analyzing docs before you execute them.

Once executed, OneNoteAnalyzer will extract the Attachments from the OneNoteDocument in the "OneNoteAttachments" folder. Here the Actual Attachment path i.e., the path from where the attachment was been uploaded can be seen in the console along with the extracted filename and size of the attachment.

After providing the file path of the Malicious OneNote document. The OneNoteAnalyzer extracts:

Attachments from OneNote Document along with the Actual Attachment Path, Filename, and size
Page MetaData from OneNote Document - Title, Author, CreationTime, LastModifiedTime
Images from OneNote Document along with the HyperLink URLs, if any
Pagewise Text from OneNote Documents
HyperLinks from OneNote Document along with the overlay text
Converts OneNote Documents to Image Usage

  Download