Author Topic: PDF Dissector  (Read 3755 times)

0 Members and 1 Guest are viewing this topic.

July 22, 2010, 09:32:50 am
Read 3755 times

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Ruining the bad guy's day

July 23, 2010, 03:07:55 am
Reply #1

WIEx

  • Jr. Member

  • Offline
  • **

  • 34
    • Security

August 05, 2010, 10:07:11 am
Reply #2

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
PDF Dissector 1.5.0 released
http://blog.zynamics.com/2010/08/05/pdf-dissector-1-5-0-released/


Quote
The first cool new feature is that PDF Dissector now supports the decryption of RC4-encoded strings and streams. This is very useful because there are a few PDF malware samples in the wild that encrypt their strings and streams using RC4 (a standard PDF format feature). In the past, PDF Dissector was not able to analyze these PDF files. From now on, PDF Dissector can be used on those samples too.

The second cool new feature is an improvement to the plugin API that allows plugins to extend the context menu of PDF file nodes in the PDF browsing tree. This was inspired by a customer who asked for a way to generate reports with PDF Dissector. I implemented a small report generator as a Python plugin to make sure that all customers who want to generate reports can easily modify the content and the layout of the generated report.

Ruining the bad guy's day