Notifications
Clear all

Pdf Analysis

4 Posts
3 Users
2 Likes
7,718 Views
(@liguoroa)
Posts: 43
Estimable Member
Topic starter
 

Dear All,
I would like to compare the structure of some pdf file because 2 of them could have been generated or modified by a malware.

I'm completely new to pdf analysis. Do you suggest any reference? Which tool you suggest to see
the structure of pdf files?

Free or inexpensive software are welcomed 🙂 

Thank you in advance,
Best Regards
Andrea Liguoro

 
Posted : 09/12/2022 8:12 am
(@tecleo)
Posts: 8
Active Member
 
Hi Andrea,  below is a list of PDF tools + tutorials that may guide you in the right direction.

## ExifTool by Phil Harvey

## PdfStream Dumper
Designed to allow you to parse and analyze PDF files in their raw format.

## QPDF
A C++ library and set of programs that inspect and manipulate the structure of PDF files. It can encrypt and linearize files, expose the internals of a PDF file, and do many other operations useful to end users and PDF developers

## Pdf parser

## XpdfReader
A free PDF viewer and toolkit, including a text extractor, image converter, HTML converter, and more. Most of the tools are available as open source.

## Binwalk
For searching a given binary image for embedded files and executable code.

## PDF CanOpener 💰
An Adobe Acrobat Plug-In for detailed analysis and COS level manipulation of PDF documents. It provides instant access to information about drawn objects (fonts, color spaces, page location, etc.) as well as a COS level tree view for analysis and manipulation of the internal object structure

## PDFResurrect
A tool aimed at analyzing PDF documents.  The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document.  This tool attempts to modify the PDF so that a reading utility will be presented with the previous versions of the PDF.  The modified "versions" will be generated as new files leaving the original PDF unmodified.

## JEB2 PDF Analysis Plugin 💰
Analyze malicious Adobe™ PDF files

## pdfminer.six
A tool for extracting information from PDF documents. It focuses on getting and analyzing text data. Pdfminer.six extracts the text from a page directly from the sourcecode of the PDF. It can also be used to get the exact location, font or color of the text.

## pdfxplr
Extract hidden data from pdf files.

# Recommended Reading
## 13Cubed Juicy PDFs
## Didier Stevens - PDF Tools
Here is a set of free YouTube videos showing how to use my tools: Malicious PDF Analysis Workshop.
### Malicious PDF Analysis Workshop
Didier Stevens
### Analyzing a Phishing PDF with /ObjStm
##  Explore Annotations in a PDF Document
## Navigate the Internal Structure of a PDF Document
This post was modified 1 year ago 2 times by Tecleo
 
Posted : 12/12/2022 6:44 am
urq82 and TuckerHST reacted
TuckerHST
(@tuckerhst)
Posts: 175
Estimable Member
 

Great list.

 
Posted : 14/12/2022 9:24 pm
(@liguoroa)
Posts: 43
Estimable Member
Topic starter
 

@tecleo Thank you very much!

 
Posted : 16/12/2022 9:34 am
Share: