BloomTech’s Downfall: A Long Time Coming

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Phoneypdf - A Virtual PDF Analysis Framework

nullcon via YouTube

Start learning Write review

Overview

This course teaches tools and techniques for analyzing malicious PDF files, focusing on the open-source PDF analysis framework called phoneypdf. Students will learn to leverage the Adobe PDF DOM and XFA for in-depth insights into a PDF's layout, XFA, and JavaScript execution. The teaching method includes presentations on existing work, new techniques, and hands-on examples. This course is intended for individuals interested in cybersecurity, malware analysis, and PDF file analysis.

Syllabus

Intro
Lightning version
Adobe Reader
Code Exec Vulns in Reader
Previous Work
Design
The Parser
Parsing is not fun
Example #1: Raw to Python
Example #2
The Analysis Engine
JavaScript #2
Adobe DOM Emulation
Adobe XML Forms Architecture / X
'Render' the PDF
Handlers
Open Source

Taught by

nullcon

Reviews

Start your review of Phoneypdf - A Virtual PDF Analysis Framework

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.