Peepdf v0.1 : Analyze Malicious PDF files.

Peepdf v0.1 has been released recently. peepdf is a Python tool to investigate pdf files & detect whether it's harmful or not. The tool provides all the necessary components that a security researcher could need in a PDF analysis. It shows all the objects in the document showing the suspicious elements, supports all the most used filters and encodings, it can parse different versions of a file, object streams and encrypted files.

Creation/Modification:

    * Filters modification
    * Objects modification
    * Basic PDF creation
    * Creation of PDF with Javascript executed wen the document is opened
    * Creation of object streams to compress objects
    * Embedded PDFs
    * Strings and names obfuscation
    * Malformed PDF output: without endobj, garbage in the header, bad header…

Usage: ./peepdf.py [options] PDF_file

Options:

-h, –help            show this help message and exit

-i, –interactive     Sets console mode.

-f, –force-mode      Sets force parsing mode to ignore errors.

-l, –loose-mode      Sets loose parsing mode to catch malformed objects.

-s SCRIPTFILE, –load-script=SCRIPTFILE Load the commands stored in the specified file and execute them.


Dependencies:
-For analysing Javascript code "python-spidermonkey" is needed.
-Sctest

For more information:
http://peepdf.googlecode.com/svn/trunk/README

Download Peepdf:
http://peepdf.googlecode.com/files/peepdf-0.1.zip