Didier Stevens has released an update for the zipdump utility, version 0.0.35, which introduces a new forcedecompress option. This feature is specifically designed to be used in conjunction with the -f (filter) and -s (select/search) flags, enhancing the tool's capability to handle complex archive structures.
The update is a response to emerging research into "Zombie Zip" files, identified as CVE-2026-0866. By forcing decompression, analysts can better inspect potentially malicious zip files that utilize specific archive techniques to evade standard detection or extraction methods.
Top comments (0)