Tool to help analyze PDF files
Python Shell
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
extras Initial push Dec 4, 2013 making life easier Jan 6, 2014 Fixed Readme May 22, 2014
pdf_rules.yara needs tuning so weight is lowered for the time being Dec 5, 2013 Initial push Dec 4, 2013

Analyzes PDF files by looking at their characteristics in order to add some intelligence into the determination of them being malicious or benign.


* pdfid
* pdfinfo
* yara


$ [-h] [-m MOVE] [-y YARARULES] Path

Prouces a high level overview of a PDF to quickly determine if further
analysis is needed based on it's characteristics

positional arguments:
Path                  Path to directory/file(s) to be scanned

optional arguments:
-h, --help            show this help message and exit
-m MOVE, --move MOVE  Directory to move files triggering YARA hits to
                        Path to YARA rules. Rules should contain a weighted
                        score in the metadata section. (i.e. weight = 3)                    


Free to use for non-commercial. Give credit where credit is due.