analyzing-pdf-malware-with-pdfid
CommunityAutomated PDF malware triage.
AuthorYukiIto1999
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It enables security teams to triage suspicious PDFs by revealing embedded JavaScript, auto-execution vectors, object streams, and embedded files without executing the document.
Core Features & Use Cases
- Detection and triage of JavaScript and action entries in PDFs (JS, OpenAction, AA) to identify potential exploits.
- Extraction and analysis of JavaScript streams and embedded files, with URLs and IOCs cataloged for incident response.
- Use Case: A SOC analyst receives a phishing PDF; this Skill quickly confirms whether it contains exploit vectors or is limited to benign metadata.
Quick Start
Analyze a suspect PDF with the agent to surface JavaScript, streams, and IOCs.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: analyzing-pdf-malware-with-pdfid Download link: https://github.com/YukiIto1999/ctf-sleuth/archive/main.zip#analyzing-pdf-malware-with-pdfid Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.