Scripting of the Week: pylnk
Today let’s talk about pylnk, the Python module for liblnk. Many libraries are available from Joachim Metz and it allow analysts script parsing various artifacts. Using pylnk can provide LNK parsed information in a particular product (JSON or CSV).
Matt is the author of the post “Scripting Saturday: pylnk”, he reveals in his blog about the discovery and extraction of data from LNC files, and is stopped briefly on the output options with this simple script. After installing pylnk, you can import it at any session or Python script, simply by using import pylnk. Matt explains in detail how to work with pylnk.