v1.0.0
First tagged release. Captures the state of the project at the time the
CHANGELOG
was introduced.
Highlights
- 67+ PDF generators covering phone-home callbacks, SSRF, XSS, XXE, NTLM
credential theft, and data exfiltration techniques. --obfuscateflag with levels 0–4, including base64 JS payload staging
(level 4) inspired by the April 2026 Adobe Reader 0-day analysis.- Test cases from 2025–2026 CVEs targeting server-side processors
(Apache Tika, LibreOffice, Foxit, Apryse). - CodeQL and Semgrep static-analysis workflows + Dependabot.
SECURITY.mdwith PGP-encrypted private vulnerability reporting.
See CHANGELOG.md
for the full list.