Tuesday, November 11, 2008

Looking what's happening within malicous PDF's...

During Infosec.nl as blogged before(my former posting) I will talk about the virus analyst's daily work. One nice tool which could fit in is one of the tools created by Didier Stevens, a friend blogger.
On his blog he describes how he can reconstruct by use of this tool the trial-and-error process of the malware writer by looking at the incremental updates and metadata within the malicous pdf.
Nice reading at this link:
http://blog.didierstevens.com/2008/11/10/shoulder-surfing-a-malicious-pdf-author/