I recently had to complete some work with inspecting a PDF file for malicious content. This was an interesting experience so I thought I’d share the approach I took to review the file from a sandboxed environment:
3. Use an Adobe PDF meta dataÂ applicationÂ to inspect the file. Here are some I used that were quite helpful:
peepdf.py -Â PeePDF is a Python based tool to explore PDF files
pdf-parser.py – PDF-Parser is a Python based tool toÂ parse a PDF document andÂ identify the fundamental elements used in the file.
- Checking a PDF for exploits
- Viewing PDF objects
- PDF Tools fromÂ Didier Stevens
- Best tool tool for inspecting PDF files?
- PDF malware analysis