analyzing-pdf-malware-with-pdfid

Installation
SKILL.md

Analyzing PDF Malware with PDFiD

When to Use

  • A suspicious PDF attachment has been flagged by email security or reported by a user
  • You need to determine if a PDF contains embedded JavaScript, shellcode, or exploit code
  • Triaging PDF documents before opening them in a sandbox or analysis environment
  • Extracting embedded executables, scripts, or URLs from malicious PDF objects
  • Analyzing PDF exploit kits targeting Adobe Reader or other PDF viewer vulnerabilities

Do not use for analyzing the rendered visual content of a PDF; this is for structural analysis of the PDF file format for malicious objects.

Prerequisites

Installs
199
GitHub Stars
24.2K
First Seen
Mar 15, 2026
analyzing-pdf-malware-with-pdfid — mukul975/anthropic-cybersecurity-skills