PDF Stream Dumper

Forum for announcements and questions about tools and software.

PDF Stream Dumper

Postby GamingMasteR » Wed Dec 15, 2010 12:02 am

This is a free tool for the analysis of malicious PDF documents. It also has some features that can make it useful for pdf vulnerability development.

Has specialized tools for dealing with obsfuscated javascript, low level pdf headers and objects, and shellcode. In terms of shellcode analysis, it has an integrated interface for libemu sctest, an updated build of iDefense sclog, and a shellcode_2_exe feature.

Javascript tools include integration with JS Beautifier for code formatting, the ability to run portions of the script live for live deobsfuscation, toolbox classes to handle extra canned functionality, as well as a pretty stable refactoring engine that will parse a script and replace all the screwy random function and variable names with logical sanitized versions for readability.

Tool also supports unescaping/formatting manipulated pdf headers, as well as being able to decode filter chains (multiple filters applied to the same stream object.)


Image

Image

Image

Image

Image


http://sandsprite.com/blogs/index.php?uid=7&pid=57
User avatar
GamingMasteR
Global Moderator
 
Posts: 228
Joined: Sun Mar 07, 2010 10:52 am
Reputation point: 78

Re: PDF Stream Dumper

Postby frank_boldewin » Wed Dec 15, 2010 6:56 am

excellent tool.
looks like a freeware version of zynamics pdf-dissector. ;)
User avatar
frank_boldewin
 
Posts: 110
Joined: Thu Apr 22, 2010 8:59 am
Location: germany
Reputation point: 89

Re: PDF Stream Dumper

Postby Evilcry » Tue Dec 21, 2010 6:20 am

Nice share :)

While I was working on a private project about pdf analysis discovered this nice open source project.

http://code.google.com/p/opaf/

Regards
Evilcry
 
Posts: 131
Joined: Tue Apr 20, 2010 6:10 pm
Reputation point: 89


Return to Tools/Software

Who is online

Users browsing this forum: No registered users and 3 guests