PDF Tools (Black Hat EU 2012 Edition) Released
Didier has released several free open source tools to help with the analysis of (malicious) PDF files. These tools are included in popular Linux distros like BackTrack and REMnux. One of these tools, pdfid, is also running on the number one virus scanning site VirusTotal.
pdf-parser.py v0.3.9 (Download)
This tool will parse a PDF document to identify the fundamental elements used in the analyzed file.
make-pdf tools (Download)
- make-pdf-embedded.py v0.5.0
- mPDF.py v0.1.4
pdfid.py v0.0.12 (Download)
PDFiD will scan a PDF document for a given list of strings and count the occurrences (total and obfuscated) of each word:
PDFTemplate.bt v0.0.12 (Download)
This is a 010 Editor template for the PDF file format. It’s particularly useful for malformed PDF files.
More Information: here
Thank you Didier Stevens 😉