Malicious-Pdf - Generate A Bunch Of Malicious Pdf Files With Phone-Home Functionality

Generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh Used for penetration testing and/or red-teaming etc. I created this tool because i needed a third party tool to generate a bunch of PDF files with various links. Usage python3 malicious-pdf.py burp-collaborator-url Output will be written as: test1.pdf, test2.pdf, test3.pdf etc in the current directory. Do not use the https:// etc prefix on the url argument. Purpose Test web pages/services accepting PDF-files Test security products Test PDF readers Test PDF converters Credits Insecure features in PDFs Burp Suite UploadScanner Bad-Pdf A Curious Exploration of Malicious PDF Documents "Portable Document Flaws 101" talk at Black Hat USA 2020 Adobe Reader - PDF callback via XSLT stylesheet in XFA Foxit PDF Reader PoC, DoHyun Lee Eicar test file by Stas Yakobov Download Malicious-Pdf

Malicious-Pdf -  Generate A Bunch Of Malicious Pdf Files With Phone-Home Functionality


Generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Used for penetration testing and/or red-teaming etc. I created this tool because i needed a third party tool to generate a bunch of PDF files with various links.


Usage

python3 malicious-pdf.py burp-collaborator-url

Output will be written as: test1.pdf, test2.pdf, test3.pdf etc in the current directory.

Do not use the https:// etc prefix on the url argument.

Purpose

  • Test web pages/services accepting PDF-files
  • Test security products
  • Test PDF readers
  • Test PDF converters

Credits