Introduction to PDF Attacks
PDF attacks offer us as penetration testers a very wide attack surface. Within this introductory PDF Attack learning module we will cover the basic PDF document specification, some of the Adobe Reader internal methods available to us, object obfuscation techniques, and close by looking at a few tools we can utilize to construct custom PDF documents. This introductory lab is the precursor to a whole series of learning modules focused specifically on PDF based attacks. Using the obfuscation techniques discussed in this module we will be able to craft custom PDF documents that are capable of evading IDS/IPS, Spam Filters, and Antivirus software. In future learning modules it is these obfuscation techniques that will hide our true intentions and help to ensure our social engineering attacks stay under the detection radar.