Tuesday, April 7, 2015

peepdf - Quick Reference

Recently I had to pull apart a PDF to investigate if it contained malware.  I wanted to record a few of the sites that I visited and gathered information from to accomplish the task.

The homepage and download location for the peepdf tool is located at the current time here:
http://eternal-todo.com/tools/peepdf-pdf-analysis-tool#releases

Here is a walkthrough of some of the commands:
http://eternal-todo.com/tools/peepdf-pdf-analysis-tool#usage

This entry is how to save to an external file javascript, shellcode or other information out of the PDF file:
http://eternal-todo.com/blog/extract-streams-shellcode-peepdf

Other resources that I happened upon:
https://zeltser.com/peepdf-malicious-pdf-analysis/
http://www.insinuator.net/2014/02/analyzing-a-cve-2013-3346cve-2013-5065-exploit-with-peepdf/

No comments:

Post a Comment

Test Authentication from Linux Console using python3 pexpect

Working with the IT420 lab, you will discover that we need to discover a vulnerable user account.  The following python3 script uses the pex...