Recently I had to pull apart a PDF to investigate if it contained malware. I wanted to record a few of the sites that I visited and gathered information from to accomplish the task.
The homepage and download location for the peepdf tool is located at the current time here:
http://eternal-todo.com/tools/peepdf-pdf-analysis-tool#releases
Here is a walkthrough of some of the commands:
http://eternal-todo.com/tools/peepdf-pdf-analysis-tool#usage
This entry is how to save to an external file javascript, shellcode or other information out of the PDF file:
http://eternal-todo.com/blog/extract-streams-shellcode-peepdf
Other resources that I happened upon:
https://zeltser.com/peepdf-malicious-pdf-analysis/
http://www.insinuator.net/2014/02/analyzing-a-cve-2013-3346cve-2013-5065-exploit-with-peepdf/
Subscribe to:
Post Comments (Atom)
-
Here is a quick walk through of GetBoo. The first item that I found was you can harvest the usernames of the existing users that are regist... -
As I was glancing through the logs of my honeypots I spent some time to look at the following logs. In the past I have just overlooked them... -
I thought I would work through a few of these web applications provided by OWASP on their broken web applications VM. The first one I th... -
Today looking at the logs of the honeypots, I became curious based on the whois of the IP Addresses attempting to login to SSH which country...
-
Recently I was doing some scanning with a tool that is available on github called masscan. The tool allows you to configure a configuration...
No comments:
Post a Comment