From abd2bda8e01eea7d982c2d9b58b3bbcddfa9ae2c Mon Sep 17 00:00:00 2001 From: William Desportes Date: Wed, 3 Jul 2024 14:23:34 +0200 Subject: [PATCH] docs: about PDFs --- PDF-SECURITY.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 PDF-SECURITY.md diff --git a/PDF-SECURITY.md b/PDF-SECURITY.md new file mode 100644 index 0000000..dea90e1 --- /dev/null +++ b/PDF-SECURITY.md @@ -0,0 +1,17 @@ +# PDF security + +## Links + +- https://web-in-security.blogspot.com/2021/01/insecure-features-in-pdfs.html +- https://github.com/corkami/pocs/tree/master/pdf +- https://insert-script.blogspot.com/2019/01/adobe-reader-pdf-callback-via-xslt.html +- https://github.com/PortSwigger/portable-data-exfiltration/tree/main +- https://insert-script.blogspot.com/2015/05/pdf-mess-with-web.html +- https://portswigger.net/research/portable-data-exfiltration +- https://github.com/jonaslejon/malicious-pdf/issues/13 +- https://github.com/michelcrypt4d4mus/pdfalyzer/blob/master/pdfalyzer/yara_rules/lprat.static_file_analysis.yara +- https://github.com/michelcrypt4d4mus/pdfalyzer +- https://www.sentinelone.com/blog/malicious-pdfs-revealing-techniques-behind-attacks/ +- https://github.com/pdf-association/safedocs/tree/main/Miscellaneous%20Targeted%20Test%20PDFs +- https://opensource.adobe.com/dc-acrobat-sdk-docs/pdfstandards/PDF32000_2008.pdf +- https://github.com/J-F-Liu/lopdf/issues/142