PDF Stream Dumper

Forum for announcements and questions about tools and software.
Post Reply
User avatar
GamingMasteR
Global Moderator
Posts: 228
Joined: Sun Mar 07, 2010 10:52 am

PDF Stream Dumper

Post by GamingMasteR » Wed Dec 15, 2010 12:02 am

This is a free tool for the analysis of malicious PDF documents. It also has some features that can make it useful for pdf vulnerability development.

Has specialized tools for dealing with obsfuscated javascript, low level pdf headers and objects, and shellcode. In terms of shellcode analysis, it has an integrated interface for libemu sctest, an updated build of iDefense sclog, and a shellcode_2_exe feature.

Javascript tools include integration with JS Beautifier for code formatting, the ability to run portions of the script live for live deobsfuscation, toolbox classes to handle extra canned functionality, as well as a pretty stable refactoring engine that will parse a script and replace all the screwy random function and variable names with logical sanitized versions for readability.

Tool also supports unescaping/formatting manipulated pdf headers, as well as being able to decode filter chains (multiple filters applied to the same stream object.)
Image

Image

Image

Image

Image


http://sandsprite.com/blogs/index.php?uid=7&pid=57

User avatar
frank_boldewin
Posts: 115
Joined: Thu Apr 22, 2010 8:59 am
Location: germany
Contact:

Re: PDF Stream Dumper

Post by frank_boldewin » Wed Dec 15, 2010 6:56 am

excellent tool.
looks like a freeware version of zynamics pdf-dissector. ;)

Evilcry
Posts: 135
Joined: Tue Apr 20, 2010 6:10 pm

Re: PDF Stream Dumper

Post by Evilcry » Tue Dec 21, 2010 6:20 am

Nice share :)

While I was working on a private project about pdf analysis discovered this nice open source project.

http://code.google.com/p/opaf/

Regards

Post Reply