LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   What tool can I use to forensically check a single .pdf (https://www.linuxquestions.org/questions/linux-newbie-8/what-tool-can-i-use-to-forensically-check-a-single-pdf-4175601127/)

cyfix 03-05-2017 01:33 PM
What tool can I use to forensically check a single .pdf
 
I usually use Autopsy however, Autopsy only allows me to check logical drives or images.

I would like to check a single .pdf that i think is infected.

what tool allows me to do that and how

smallpond 03-05-2017 01:52 PM
To scan one file you can upload it to virustotal.

cyfix 03-05-2017 02:05 PM
File contains private information I am not allowed to send it outside of the network

I used text editor to check for common terms used in a reverse shell script but I didn't find anything. Still I am not 100% confident.

Habitual 03-05-2017 02:16 PM
https://virustotal.com

dave@burn-it.co.uk 03-06-2017 10:20 AM
Avast command line scanner??

jsbjsb001 03-06-2017 10:33 AM
Quote:
Originally Posted by cyfix (Post 5679467)
I usually use Autopsy however, Autopsy only allows me to check logical drives or images.

I would like to check a single .pdf that i think is infected.

what tool allows me to do that and how
Do you mean to check, if your PDF file is infected with a virus?? As, it's not all that clear, from your question.

If you are talking about viruses, there are a number of apps, that could do that for you (available for Linux).

jamison20000e 03-06-2017 01:14 PM
Another :newbie: on the subject here... :D checking the binary data may be helpful, if you know what to look for? :scratch:

eg:
Okteta
http://virus.wikidot.com/ :confused:


All times are GMT -5. The time now is 02:19 PM.