• Posts Tagged ‘malpdfobj’

    Changes in the MalPdfObj Format

    by  • March 9, 2011 • Uncategorized

    Behind the scenes I have been workoing on improving the creation, information stored and parsing of the malpdfobj format. In its current state there is duplication in a couple areas. I found this to be annoying when parsing the data as it felt nat...

    Read more →

    Visualizing Malicious PDF Entropy

    by  • February 11, 2011 • Uncategorized

    A couple months back I remember reading a post from Symantec about visualizing entropy to identify infected Microsoft documents. At the time it didn't really dawn upon me to visualize the PDF samples I had, but I did take a brief look into how ent...

    Read more →

    Updates, Reflections and More Plans

    by  • February 9, 2011 • Uncategorized

    In my last post I mentioned that I wanted to put together an API for my malpdfobj tool, so sharing could be easier. The good news is that I have the RESTful API functioning complete with interactive API documentation, python interfaces and the abi...

    Read more →