SKLABs 2012

Malicious PDF file analysis

  Lab name  

Malicious PDF file analysis

  Lab level  


  Lab description  

We will show the attendees a real scenario of using malicious PDF for targeted attacks. We will explain malicious PDF analysis:
• Extracting embedded JavaScript from the PDF.
• De-obfuscating JavaScript.
• Extracting shellcode.
• Creating and analyzing shellcode executable.

  Prerequisites for students  

• Basic information security concepts.
• Laptop with VMplayer installed.

  Number of slots
(Slot=1.5 hr)

1 slot

  Instructor Name  

Mohamed Abdel-Latief and Ghareeb Saad Eldin

Mohamed Abdel-Latief Ghareeb Saad Eldin

Instructor Credentials
  Company Name  

Egyptian CERT

  Company Description /Products/contact    

EG-CERT was established as part of the National Telecom Regulatory Authority (NTRA).
EG-CERT is charged with providing computer and information security incident response, support, defense and analysis against cyber-attacks and collaboration with government, financial entities and any other critical information infrastructure sectors scoped to Egypt.
Our mission is to provide an early warning system against malware spreading and massive attacks against the Egyptian critical information infrastructure.







© 2012
Security Kaizen Labs 2012