Video: PDF/XDP Malware Reversing

Since I don’t have time to write many articles, this is my first video tutorial. 🙂 This video is based on my 2016 article on cerbero-blog.com.

If you like it and want to see more, let me know!

Edit: since I was asked to share the comments in the disassembly, here’s a small snippet to add them. You can run the snippet by pressing Ctrl+Alt+R (make sure that the disassembly view is focused when running it).

PDF Insider Demo

A small, on the fly video presentation of my new utility.



The emphasis of this application stands on parsing correctly the PDF format, if it can’t because the PDF is malformed (very common among malicious PDFs), then it provides the tools to read the objects nonetheless. I tested it on many PDF (also malicious ones) and it handles all of them very well.

As I have written this application in five days, there are still some small features I’d like to add, but most of the code is already there. I started the development of it quite some time ago on a weekend while I was sick at home and have found only now the time to finish it.

I have no plans about how and when to release it yet, but some friends of mine will start using it in real world scenarios.

P.S. Thanks to Alessandro Gario for the throughout testing.