PDF Files

See Didier Stevens PDF Tools when examining a PDF file for malware. Avoid rendering a suspicious PDF file.

See his InfoSec Handlers Diary Blog “Encrypted PDFs” for decrypting PDFs.


One Response to PDF Files

  1. Bill says:

    I haven’t tested virustotal.com’s pdf info section; but, wonder if it’s now doing much of what Steven’s pdf parser does; it does show some of the output that the Steven’s parser shows.
    Example: http://www.virustotal.com/#/file/92b1632dbf817e50a04552e355ede7bff13d61ed836cf30175d865221af138af/details > PDF Info section