On 31 Aug 2012, at 20:25, Herndon Elliott <[email protected]> wrote:
> Learning of lots of avenues of intrusion through PDF documents. Embedded > javascript, stego, referenced malware, flash embedding, etc. Does anyone > know of a tool which can evaluate a PDF for questionable content without > opening it in reader? Two words: Didier Stevens. Didier has done loads of great work in this area. Specifically with python tools and a hacked version of Mozilla's Spider Monkey. His blog is at http://didierstevens.com. He released a malicious PDF analysis e-book a while back too which can be found here http://blog.didierstevens.com/2010/09/26/free-malicious-pdf-analysis-e-book/. I also wrote a blog post on solving a PDF challenge set by Didier at http://offensivecoder.com/2011/04/15/solving-the-security-bsides-london-challenge-number-2/ which may be interesting as an introduction to the process. I'd never done it before. Marc _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
