5/5/2023 0 Comments Malicious pdf sampleThe plugin scores samples as 1.0 (likely malicious) or 0.00 (clean), and sometimes something in between. PDFIDĪt first, we used a tool by Didier Stevens, PDFID, with the triage plugin. Let’s see what we discovered using these tools. The document automatically runs an executable when opened. In order to test our Dockerized PDF analysis tools, we created a “malicious” PDF document using Metasploit. Using Docker containers, we have portable tools, which can be conveniently configured for use in designated toolchains. One of the goals of the CinCan project is to provide tools that automate the repetitive tasks of malware analysis using practices familiar from continuous integration to enable rapid creation, augmentation, correlation and sharing of analysis and threat intelligence. Blog Analysing malicious PDF documents using Dockerized tools Heli Sutinen
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |