PDF Stream Dumper
Am Sunday, 20. Nov 2011 im Topic 'Malware Search'
This is a free tool for the analysis of malicious PDF documents. It also has some features that can make it useful for pdf vulnerability development.
Has specialized tools for dealing with obsfuscated javascript, low level pdf headers and objects, and shellcode. In terms of shellcode analysis, it has an integrated interface for libemu sctest, an updated build of iDefense sclog, and a shellcode_2_exe feature.
Javascript tools include integration with JS Beautifier for code formatting, the ability to run portions of the script live for live deobsfuscation, toolbox classes to handle extra canned functionality, as well as a pretty stable refactoring engine that will parse a script and replace all the screwy random function and variable names with logical sanitized versions for readability.
Tool also supports unescaping/formatting manipulated pdf headers, as well as being able to decode filter chains (multiple filters applied to the same stream object.)
Download incl. full vb6 source
http://sandsprite.com/CodeStuff/PDFStreamDumper_Setup.exe
Has specialized tools for dealing with obsfuscated javascript, low level pdf headers and objects, and shellcode. In terms of shellcode analysis, it has an integrated interface for libemu sctest, an updated build of iDefense sclog, and a shellcode_2_exe feature.
Javascript tools include integration with JS Beautifier for code formatting, the ability to run portions of the script live for live deobsfuscation, toolbox classes to handle extra canned functionality, as well as a pretty stable refactoring engine that will parse a script and replace all the screwy random function and variable names with logical sanitized versions for readability.
Tool also supports unescaping/formatting manipulated pdf headers, as well as being able to decode filter chains (multiple filters applied to the same stream object.)
Download incl. full vb6 source
http://sandsprite.com/CodeStuff/PDFStreamDumper_Setup.exe
