PDFception
EasyDigital Forensics
Overview
During a forensic investigation, a suspicious process was caught interacting with a seemingly benign PDF file
Lab Details
Prerequisites & Requirements
- Basic understanding of forensic analysis
- Knowledge of command-line tools in Linux/Unix environments
- Basic understanding of JavaScript
- Familiarity with PDF file structure fundamentals
What will you learn?
- How to analyze suspicious PDF files
- Techniques for extracting hidden content from PDFs
- Understanding PDF streams and their potential for malicious code
- JavaScript deobfuscation techniques
- XOR cipher decryption methods for forensic analysis
Tools
- Basic command-line utilities (strings, grep, exiftool)
- PDF-Parser or similar PDF analysis tools
- PDF Stream Dumper
- JavaScript deobfuscation tools
- Code editor or JavaScript environment for script analysis
Job Positions
Soc Analyst
Tags
File CarvingSteganalysisMetadataDeleted FilesAnti Forensics