zynamics PDF malware analysis training now available

We are proud to announce that we have added a new training about PDF malware analysis to the list of trainings we offer. This new training focuses on everything you need to know when you are dealing with PDF malware. Participants will learn about the following topics:

  • Useful tools for PDF analysis
  • The physical and logical structure of PDF files
  • An explanation of the most commonly exploited vulnerabilities of the last years
  • The many ways malicious code can be executed from PDF files
  • Common obfuscation techniques used by malware to slow down analysis
  • Automation of PDF analysis if you are dealing with many samples
  • Acrobat Reader internals
  • How to use RTTI, BinDiff, and other means to restore some thousand function names in the Adobe Reader JavaScript engine disassembly
  • Automated extraction of shellcode using dynamic instrumentation

If your organization or company would like to know more about the training, please contact info@zynamics.com.

Here are a few sample slides from the trainings material.

Training overview

Exploited in the Wild

Automated extraction of shellcode using dynamic instrumentation