Home

Awesome

AnalyzePDF.py

Analyzes PDF files by looking at their characteristics in order to add some intelligence into the determination of them being malicious or benign.

Requirements

* pdfid
* pdfinfo
* yara

Usage

$ AnalyzePDF.py [-h] [-m MOVE] [-y YARARULES] Path

Prouces a high level overview of a PDF to quickly determine if further
analysis is needed based on it's characteristics

positional arguments:
Path                  Path to directory/file(s) to be scanned

optional arguments:
-h, --help            show this help message and exit
-m MOVE, --move MOVE  Directory to move files triggering YARA hits to
-y YARARULES, --yararules YARARULES
						Path to YARA rules. Rules should contain a weighted
						score in the metadata section. (i.e. weight = 3)					

Restrictions

Free to use for non-commercial. Give credit where credit is due.