PDF Hidden Data


Recently, i became aware of PDF tool written by Didier Stevens: PDFid which is in python. I find it to be great simple tool for security conscious folk. And  in combination with his other sophisticated tool pdfparser.py proves to be a good match for teasing out any hidden malicious code. Below is some text from his blog where the tool is located.

“It will scan a file to look for certain PDF keywords, allowing you to identify PDF documents that contain (for example) JavaScript or execute an action when opened.”

Output from scan of PDF file
Output from scan of PDF file

 

This screenshot shows some output from the pdfid.py tool I used to check a recent PDF file that was transferred to disk. This file appears to be clean and does not contain JavaScript.

Visit Dieder Stevens Blog for more PDF tools and to learn more…

Advertisements