Hi! During last Black Hat Europe I released a new version of peepdf. If you don't know it, it's a tool to analyze PDF documents, supporting encryption, compressed objects, Javascript and shellcode emulation, etc. You can also modify PDF documents, remove filters, obfuscate them, etc. All of that with a powerful console.
In summary these are the main changes: - Improved PDF filters like LZWDecode, ASCII85Decode and predictor parameters for FlateDecode / LZWDecode. - Monitorization of new vulnerabilities like CVE-2011-2462 or CVE-2011-4369. - Added update process - Javascript beautifier - New command to hash objects, streams, etc. - Added an easy way to extract information (>, >>) - New commands to perform XOR operations and searches for patterns in the result of XOR brute-forcing. - XML output You have the full blog post here: http://eternal-todo.com/blog/peepdf-black-hat-arsenal-2012 And you can download it here: http://peepdf.googlecode.com/files/peepdf-BlackHatEU12.zip I want to deal with the next points in the next steps: - AES 256 encryption - Automatic analysis of embedded PDF documents - Support for the rest of filters - Improving modification capabilities - ... I hope these new changes can be useful to you and I would appreciate any kind of feedback, bugs, etc. Thanks! Jose -- Jose Miguel Esparza @EternalTodo http://eternal-todo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/