Information Security

pdfid – Backtrack 5 – Forensics – PDF Forensics Tools – pdfid

The pdfid script in Backtrack Linux is a PDF forensics tool that will quickly provide you an overview of a PDF files potential threats and pdfid provides a way to disarm those threats. PDFid is written in Python and is located in /pentest/forensics/pdfid/. The current version of pdfid is 0.0.11 and was released April 28th, 2010. Below we describe the basic functionality of pdfid and also explain some of the PDF terminology that will help those not as familiar with a PDF files structure the ability to find value with the Python script.