• Scoring PDFs Based on Malicious Filter

    by  • December 8, 2010

    Using the filter I created in the previous postings, I decided to port it over to something more useful. Having a SQL statement is fine on database data, but it is not the most practical method of scanning when doing ad-hoc queries. I needed to le...

    Read more →

    Adobe X with Armor. Now to Find the Cracks.

    by  • December 7, 2010

    I finally got a chance to sit down and spend some time reading about Adobe X and their newly introduced sandbox. After finishing the 4 part series, FAQ and guide sections, I had to applaud the efforts put forth by Adobe and couldn't help but think...

    Read more →

    Generic Filter May Be Specific

    by  • December 5, 2010

    In my last post I highlighted what I felt to be interesting characteristics on malicious PDF files compared to my random dataset. Towards the end of the post I mentioned the following potential filter based on the identified information: A file ma...

    Read more →

    Malware Statistic Summary

    by  • December 5, 2010

    While waiting for approval to release certain statistics, I figured I would release some high level information I found interesting from my malware dataset. To help put things into perspective I will list some comparisons to the random dataset I c...

    Read more →

    Interactive 15K Random Results with Filtering

    by  • December 3, 2010

    A few days ago I posted the 15K dump of PDF statistic data that you could download and import. I figured most people just want to mess around and see the data, so I wrote a quick web front that will allow you to filter down results based on PDF si...

    Read more →

    Bighands and Dirtyhands

    by  • December 2, 2010

    I needed a quick way to get PDF data local to my machine without having to go and individually look for documents. I decided the best way to get the data (hoping that it was mostly clean) was to use the Google AJAX Search API to randomly query for...

    Read more →