diff --git a/PDF-SECURITY.md b/PDF-SECURITY.md
new file mode 100644
index 0000000..dea90e1
--- /dev/null
+++ b/PDF-SECURITY.md
@@ -0,0 +1,17 @@
+# PDF security
+
+## Links
+
+- https://web-in-security.blogspot.com/2021/01/insecure-features-in-pdfs.html
+- https://github.com/corkami/pocs/tree/master/pdf
+- https://insert-script.blogspot.com/2019/01/adobe-reader-pdf-callback-via-xslt.html
+- https://github.com/PortSwigger/portable-data-exfiltration/tree/main
+- https://insert-script.blogspot.com/2015/05/pdf-mess-with-web.html
+- https://portswigger.net/research/portable-data-exfiltration
+- https://github.com/jonaslejon/malicious-pdf/issues/13
+- https://github.com/michelcrypt4d4mus/pdfalyzer/blob/master/pdfalyzer/yara_rules/lprat.static_file_analysis.yara
+- https://github.com/michelcrypt4d4mus/pdfalyzer
+- https://www.sentinelone.com/blog/malicious-pdfs-revealing-techniques-behind-attacks/
+- https://github.com/pdf-association/safedocs/tree/main/Miscellaneous%20Targeted%20Test%20PDFs
+- https://opensource.adobe.com/dc-acrobat-sdk-docs/pdfstandards/PDF32000_2008.pdf
+- https://github.com/J-F-Liu/lopdf/issues/142