Tuesday, April 7, 2015

peepdf - Quick Reference

Recently I had to pull apart a PDF to investigate if it contained malware.  I wanted to record a few of the sites that I visited and gathered information from to accomplish the task.

The homepage and download location for the peepdf tool is located at the current time here:
http://eternal-todo.com/tools/peepdf-pdf-analysis-tool#releases

Here is a walkthrough of some of the commands:
http://eternal-todo.com/tools/peepdf-pdf-analysis-tool#usage

This entry is how to save to an external file javascript, shellcode or other information out of the PDF file:
http://eternal-todo.com/blog/extract-streams-shellcode-peepdf

Other resources that I happened upon:
https://zeltser.com/peepdf-malicious-pdf-analysis/
http://www.insinuator.net/2014/02/analyzing-a-cve-2013-3346cve-2013-5065-exploit-with-peepdf/

No comments:

Post a Comment

Powershell - Gather Mapped Drives from a List of Computer Names

I created the following Powershell script to gather remotely the mapped drives that users had in their profiles.  I had to create the script...