Scribd
Upload
16 views2 pages

2.forensics - 17. Peepdf

Uploaded by

honohoj258
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
16 views2 pages

2.forensics - 17. Peepdf

Uploaded by

honohoj258
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

peepdf Package Description

peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components
that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it’s possible to see all the objects in the
document showing the suspicious elements, supports the most used filters and encodings, it can parse different versions of a file, object streams and
encrypted files. With the installation of PyV8 and Pylibemu it provides Javascript and shellcode analysis wrappers too. Apart of this it is able to create new PDF
files, modify existent ones and obfuscate them.

Source: http://eternal-todo.com/tools/peepdf-pdf-analysis-tool
peepdf Homepage | Kali peepdf Repo

Author: Jose Miguel Esparza


License: GPLv3

Tools included in the peepdf package

peepdf – PDF analysis tool

root@kali:~# peepdf -h
Usage: /usr/bin/peepdf [options] PDF_file

Version: peepdf 0.2 r183

Options:
-h, --help show this help message and exit
-i, --interactive Sets console mode.
-s SCRIPTFILE, --load-script=SCRIPTFILE
Loads the commands stored in the specified file and
execute them.
-f, --force-mode Sets force parsing mode to ignore errors.
-l, --loose-mode Sets loose parsing mode to catch malformed objects.
-u, --update Updates peepdf with the latest files from the
repository.
-g, --grinch-mode Avoids colorized output in the interactive console.
-v, --version Shows program's version number.
-x, --xml Shows the document information in XML format.

peepdf Usage Example

Use XML format (-x) to display information about the PDF file (/usr/share/doc/texmf/fonts/lm/lm-info.pdf):

root@kali:~# peepdf -x /usr/share/doc/texmf/fonts/lm/lm-info.pdf


<peepdf_analysis url="http://peepdf.eternal-todo.com" version="0.2 r183" author="Jose Miguel Esparza">
<date>2014-05-16 12:22</date>
<basic>
<filename>lm-info.pdf</filename>
<md5>26c07d35ad8b5a0e402b2481ae03ffed</md5>
<sha1>4f5284d0a128a53e405e13f9b958ab19dc09be5c</sha1>
<sha256>5907f59e368762a3a2858a6826aab019d0accb367f1b8cc6062d472635579fe6</sha256>
<size>900836</size>
<pdf_version>1.4</pdf_version>
<binary status="true"/>
<linearized status="false"/>
<encrypted status="false"/>
<updates>0</updates>
<num_objects>526</num_objects>
<num_streams>151</num_streams>
<comments>0</comments>
<errors num="0"/>
</basic>
<advanced>
<version num="0" type="original">
<catalog object_id="1"/>
<info object_id="2"/>
<objects num="526">

You might also like