js2shellcode
Language: PythonPublication date: 2009-06-02Description: Little script to obtain a printable (C style) shellcode from the escaped Javascript code. It also writes to shellcode.out the resulted...
View Articleshellcode2js
Language: PythonPublication date: 2009-04-29Description: Little script to obtain an escaped Javascript shellcode from a C style shellcode or a binary file containing the shellcode.Download it! Usage...
View Articlepeepdf - PDF Analysis Tool
Whats is this?UsageHow does it work?More infoReleasesGitHub projectDownload it!Follow peepdf on Twitter! What is this?peepdf is a Python tool to explore PDF files in order to find out if the file can...
View ArticleAnalysing the Honeynet Project challenge PDF file with peepdf (I)
In past November The Honeynet Project published a new challenge, this time related to PDF files. Although it's quite old I'm going to analyse it with my tool because I think it has some interesting...
View ArticleAnalysing the Honeynet Project challenge PDF file with peepdf (II)
After the "useless" analysis of the fake objects now we can focus on the objects which will be parsed by the PDF reader:/Catalog (27) dictionary (28) dictionary (22) dictionary (23) dictionary (22)...
View ArticleClik here to view.
BlackHole leading to Feodo: Bank of America account frozen
I've received a Christmas gift some hours ago. In fact there were two gifts but only one has survived the trip. They are from Russia...with love. Of course I'm talking about two e-mails I've received...
View ArticleHow to extract streams and shellcodes from a PDF, the easy way
Maybe it was not evident enough or not well documented, but until the moment there was a way of extracting streams, Javascript code, shellcodes and any type of information shown in the console output....
View ArticleClik here to view.
New version of peepdf (v0.1 r92 - Black Hat Europe Arsenal 2012)
Last week I presented the last version of peepdf in the Black Hat Europe Arsenal. It was a really good experience that I hope I can continue doing in the future ;) Since the very first version, almost...
View ArticleClik here to view.
New peepdf v0.2 (Black Hat Vegas version)
Last week I was in Vegas presenting the new release of peepdf, version 0.2. Since my release at Black Hat Amsterdam some months ago I hadn't created a new package so it was time to do it. You can now...
View ArticleClik here to view.
Released peepdf v0.3
P { margin-bottom: 0.1cm; }A:link { }After some time without releasing any new version here is peepdf v0.3. It is not that I was not working in the project, but since the option to update the tool from...
View ArticleClik here to view.
Quick analysis of the CVE-2013-2729 obfuscated exploits
Some months ago I analyzed some PDF exploits that I received via SPAM mails. They contained the vulnerability CVE-2013-2729 leading to a ZeuS-P2P / Gameover sample. Back in June I received more PDF...
View ArticleClik here to view.
Black Hat Arsenal peepdf challenge solution
p { margin-bottom: 0.21cm; }a:link { }One week before my demo at the Black Hat Arsenal I released a peepdf challenge. The idea was solving the challenge using just peepdf, of course ;) This post will...
View ArticleClik here to view.
Dridex spam campaign using PDF as infection vector
p { margin-bottom: 0.21cm; }a:link { }During this month a Dridex spam campaign using PDF documents as infection vector was spotted. I also received a couple of e-mails in my personal inbox attaching...
View Article
