Thu Apr 1 18:18:27 2010 http://security-labs.org/ Latest news about our projects like fuzzgrind or origami en SL Apr. 1, 2010 http://security-labs.org/origami/#b9 http://security-labs.org/origami/#b9 origami http://code.google.com/p/origami-pdf/downloads/list ]]> Apr. 1, 2010 http://security-labs.org/origami/#b8 http://security-labs.org/origami/#b8 origami Apr. 1, 2010 http://security-labs.org/origami/#b7 http://security-labs.org/origami/#b7 origami Warning: Directory tree has changed. Sources are in the origami folder, and you have to require origami.rb located in the root directory.

• Added a force flag to detect PDF header in the file.
• Support for Flash/RichMedia integration.
• PDF#objects prototype has changed.
• XFA forms.
• Fixed various bugs.
• |walker|: Search feature.

]]> Mar 24, 2010 http://security-labs.org/origami/#b6 http://security-labs.org/origami/#b6 origami http://code.google.com/p/origami-pdf/.
This provide us a pulic mercurial access, a mailing list (origami-pdf(at)googlecode.com), and so many useful features to make origami still better.
A new release will arrive soon. We changed its licence to LGPL. This way, it will be easy to submit scripts and push them in the release.
Stay tuned! ]]> Oct 30, 2009 http://security-labs.org/origami/#b5 http://security-labs.org/origami/#b5 origami Oct 6, 2009 http://security-labs.org/origami/#b4 http://security-labs.org/origami/#b4 origami version 1.0.0-beta1 while at HITB comes up with the ability to forge documents with more graphical contents (such as shapes, colors, gradients...). However, graphical contents modifications from existing documents are not supported. Some templates have been added to quickly create forms widgets. Linearized documents might cause issues during recompilation of existing documents, so a new feature has been added to delinearize a document. A new flag is also present to (syntactically) obfuscate a PDF upon saving, which might be useful to confuse a later analysis. This new version fixes various bugs and slightly improves performance. ]]> Jun 26, 2009 http://security-labs.org/origami/#b3 http://security-labs.org/origami/#b3 origami Is this PDF malicious? dealing with the analysis of a suspicious PDF file. ]]> July 6, 2009 http://security-labs.org/origami/#b2 http://security-labs.org/origami/#b2 origami

sources/scripts/

• scan/pdfscan.rb: a scanner for malicious PDF, or get a quickview of what is going to happen when handling a given PDF.
• antivir/pdfclean.rb: a script to remove all dynamic features from a PDF file.
• metadata: extract metadata from a PDF, that is author, creation date, and some other piece of information.

sources/samples/open/: 4 ways to trigger events when a PDF is opened (see here).

Parser: add support for new objects (XRef streams, Object streams, PNG stream predictor functions).

]]> Jun 26, 2009 http://security-labs.org/origami/#b1 http://security-labs.org/origami/#b1 origami article. It deals with how to trigger an action when a PDF is opened... ]]> Jun 26, 2009 http://security-labs.org//#b2 http://security-labs.org//#b2 SL Jun 19, 2009 http://security-labs.org//#b1 http://security-labs.org//#b1 SL it! ]]>