Skip to content
/ pdf-xss-checker Public

pdf-xss-checker is a Node.js tool designed to scan PDF files for potential Cross-Site Scripting (XSS) vulnerabilities. It analyzes embedded scripts, forms and suspicious content to help identify security risks in PDFs before they're distributed or displayed in browsers.

www.npmjs.com/package/pdf-xss-checker

License

MIT license
6 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DhanushNehru/pdf-xss-checker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.github
.github
 
 
bin
bin
 
 
examples
examples
 
 
src
src
 
 
test
test
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
test.js
test.js
 
 

Repository files navigation

PDF XSS Checker

A Node.js package to verify if PDFs contain XSS (Cross-Site Scripting) vulnerabilities.

Installation

npm install pdf-xss-checker

Features

  • PDF Content Extraction: Extracts and analyzes text content from PDF files
  • XSS Detection: Identifies potential XSS vulnerabilities using pattern matching
  • JavaScript Injection Detection: Detects JavaScript code that could lead to security issues
  • Form Injection Detection: Identifies form-based attack vectors
  • Simple API: Easy-to-use API for both file and buffer inputs
  • Detailed Reporting: Comprehensive vulnerability reports with location information
  • Command-line Interface: Scan PDFs directly from the terminal
  • Configurable Security Rules: Adjust detection thresholds based on your security needs

Usage

API Usage

const pdfXssChecker = require('pdf-xss-checker');

// Scan a PDF file
async function checkPdf() {
  try {
    const results = await pdfXssChecker.scanPdf('./document.pdf');
    
    if (results.success) {
      console.log(`Safe to use: ${results.safeToUse ? 'Yes' : 'No'}`);
      console.log(`Found ${results.vulnerabilities.length} potential vulnerabilities`);
      
      // Print vulnerabilities
      results.vulnerabilities.forEach(vuln => {
        console.log(`- ${vuln.name}: ${vuln.description} (${vuln.severity})`);
      });
    } else {
      console.error(`Error: ${results.error}`);
    }
  } catch (error) {
    console.error('Error scanning PDF:', error);
  }
}

// Scan a PDF buffer
async function checkBuffer(buffer) {
  try {
    const results = await pdfXssChecker.scanBuffer(buffer);
    console.log(`PDF is safe to use: ${results.safeToUse}`);
    return results;
  } catch (error) {
    console.error('Error scanning buffer:', error);
  }
}

Advanced Options

const options = {
  threshold: 'medium', // Severity threshold: 'low', 'medium', 'high', 'critical'
  detectors: ['xss', 'js', 'form'], // Which detectors to use
  includeRawContent: false, // Include raw PDF content in results
  maxContentLength: 10000000 // Maximum content length to analyze (10MB)
};

const results = await pdfXssChecker.scanPdf('./document.pdf', options);

Command-line Usage

# Basic usage
npx pdf-xss-check document.pdf

# With options
npx pdf-xss-check document.pdf --threshold low --verbose --output results.json

# Help
npx pdf-xss-check --help

CLI Options

Usage: pdf-xss-check [options] <file>

Check PDF files for XSS vulnerabilities

Arguments:
  file                     PDF file to scan

Options:
  -V, --version            output the version number
  -t, --threshold <level>  Detection threshold (low, medium, high, critical) (default: "medium")
  -v, --verbose           Show detailed output (default: false)
  -j, --json              Output results as JSON (default: false)
  -o, --output <file>     Write results to file
  --include-content       Include raw content in the report (may be large) (default: false)
  --include-grouped       Include grouped vulnerabilities in the report (default: false)
  -h, --help             display help for command

Detection Patterns

The package checks for various XSS and injection patterns, including:

  • Script tags (<script>)
  • JavaScript protocol usage (javascript:)
  • Event handlers (onclick, etc.)
  • iFrame elements
  • Document manipulation functions
  • JavaScript execution functions (eval, etc.)
  • Form injection vectors
  • PDF-specific JavaScript API calls

Results Format

The scan results include:

{
  success: true,
  summary: {
    fileName: 'document.pdf',
    timestamp: '2025-01-01T12:00:00.000Z',
    pageCount: 5,
    vulnerabilityCount: 3,
    riskLevel: 'medium',
    safeToUse: false,
    severityCounts: { medium: 2, high: 1 },
    typeCounts: { xss: 2, 'js-injection': 1 }
  },
  metadata: {
    info: { /* PDF metadata */ },
    pageCount: 5,
    contentLength: 12345
  },
  vulnerabilities: [
    {
      type: 'xss',
      name: 'Script Tag',
      description: 'Found <script> tags that may execute JavaScript',
      severity: 'high',
      matchedText: '<script>alert("XSS")</script>',
      location: {
        startIndex: 1234,
        endIndex: 1260,
        line: 42,
        column: 10
      },
      context: '...text before <script>alert("XSS")</script> text after...'
    },
    // More vulnerabilities...
  ]
}

License

MIT

About

pdf-xss-checker is a Node.js tool designed to scan PDF files for potential Cross-Site Scripting (XSS) vulnerabilities. It analyzes embedded scripts, forms and suspicious content to help identify security risks in PDFs before they're distributed or displayed in browsers.

www.npmjs.com/package/pdf-xss-checker

Topics

pdf security security-audit scanner xss vulnerability xss-vulnerability pdf-document xss-scanner xss-detection xss-attacks xss-filter securitytools

Resources

Readme

License

MIT license
Activity

Stars

6 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases

No releases published

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

No packages published

Languages