Let's say you have a PDF that you suspect is suspicious. Here's one way to analyze it. First download Python 2.7, then download these 2 tools (pdfid and pfd-parser) from Didier Stevens.
Then run pdfid against the pdf to get counts of what types of objects are in the pdf.
python.exe pdfid.py badpdf.pdf
python.exe pdf-parser.py -f -w badpdf.pdf > output.txt
Open the output.txt in Notepad++
Time for analysis!!!
Thank you to this great post by Zelster Security group for getting me started on this and these great tools by Didier Stevens.
Copyright © 2015, this post cannot be reproduced or retransmitted in any form without reference to the original post.