peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. [...]
Tag Archive | "pdf security"
A lot of people have complained about the lack of security in Adobe PDF related products and the fact that the very architecture is insecure. There have been a whole spate of PDF related exploits and vulnerabilities lately – some of them being very serious. It’s good to see Adobe is taking this matter seriously [...]
It was only the start of July when we talked about Adobe Patching PDF Vulnerabilities Being Exploited In The Wild and once again they are suffering a serious vulnerability which allows code execution from a malicious PDF document. This time the vulnerability came out during Black Hat and it seems to be serious as Adobe [...]
At least! Adobe has sorted itself out and released patches for 17 critical vulnerabilities in their Reader and Acrobat applications. We reported back in January about Active Exploitation Of Unpatched PDF Vulnerabilities. The latest slew of vulnerabilities has been actively exploited by hackers for at least the past month as detected in the wild by [...]
Fairly wide-spread attacks based on the latest vulnerability in Adobe PDF Reader have been spotted by Symantec, they appear to be variants on old attacks but still can be very effective. It’s not the first time this has happened, back in February 2009 Hackers targeted a 0-day exploit in PDF Reader. With one variant of [...]
PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. [...]
origami is a Ruby framework designed to parse, analyze, and forge PDF documents. This is NOT a PDF rendering library. It aims at providing a scripting tool to generate and analyze malicious PDF files. As well, it can be used to create on-the-fly customized PDFs, or to inject (evil) code into already existing documents. Features [...]