enferex / pdfresurrect
Licence: GPL-3.0 license
Analyze and help extract older "hidden" versions of a pdf from the current pdf.
Stars: ✭ 40
Programming Languages
Labels
Projects that are alternatives of or similar to pdfresurrect
btrfscue
Recover files from damaged BTRFS filesystems
Stars: ✭ 28 (-30%)
Mutual labels: forensic-analysis
vframe
VFRAME: Visual Forensics and Metadata Extraction
Stars: ✭ 41 (+2.5%)
Mutual labels: forensic-analysis
btrForensics
Forensic Analysis Tool for Btrfs File System.
Stars: ✭ 15 (-62.5%)
Mutual labels: forensic-analysis
Palmprint-Recognition-in-the-Wild
No description or website provided.
Stars: ✭ 22 (-45%)
Mutual labels: forensic-analysis
Judge-Jury-and-Executable
A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+65%)
Mutual labels: forensic-analysis
Awesome Forensics
A curated list of awesome forensic analysis tools and resources
Stars: ✭ 1,775 (+4337.5%)
Mutual labels: forensic-analysis
dcfldd
Enhanced version of dd for forensics and security
Stars: ✭ 27 (-32.5%)
Mutual labels: forensic-analysis
hashlookup-forensic-analyser
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/
Stars: ✭ 43 (+7.5%)
Mutual labels: forensic-analysis
pyaff4
The Python implementation of the AFF4 standard.
Stars: ✭ 37 (-7.5%)
Mutual labels: forensic-analysis
ForensicsTools
A list of free and open forensics analysis tools and other resources
Stars: ✭ 392 (+880%)
Mutual labels: forensic-analysis
pdfresurrect
------------
PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows
for previous document changes to be retained in a more recent version of the
document, thereby creating a running history of changes for the document. This
tool attempts to modify the PDF so that a reading utility will be presented with
the previous versions of the PDF. The modified "versions" will be generated
as new files leaving the original PDF unmodified.
Notes
-----
The scrubbing feature (-s) should not be trusted for any serious security
uses. After using this experimental feature, please verify that it in fact
zero'd all of the objects that were of concern (those objects that were to be
zero'd). Currently this feature will likely not render a working pdf.
This tool relies on the application reading the pdfresurrect extracted versions
to treat the last xref table as the most recent in the document. This should
typically be the case.
The verbose output, which tries to deduce the PDF object type (e.g. stream,
page), is not always accurate, and the object counts might not be 100%
accurate. However, this should not prevent the extraction of the versions.
This output is merely to provide a hint for the user as to what might be
different between the documents.
Object counts might appear off in linearized PDF documents. That is not truly
the case, the reason for this is that each version of the PDF consists of the
objects that compose the linear portion of the PDF plus all of the objects that
compose the version in question. Suppose there is a linearized PDF with 59
objects in its linear portion, and suppose the PDF has a second version that
consists of 21 objects. The total number of objects in "version 2"
would be 59 + 21 or 80 objects.
Building
--------
From the top-level directory of pdfresurrect run:
./configure
make
To install/uninstall the resulting binary to a specific path
the '--prefix=' flag can be used:
./configure --prefix=/my/desired/path/
Debugging mode can be enabled when configuring by using the following option:
./configure --enable-debug
The resulting binary can be placed anywhere, however it can also be
installed/uninstalled to the configured path automatically. If no path was
specified at configure time, the default is /usr/local/bin
To install/uninstall:
make install
or
make uninstall
Thanks
------
The rest of the 757/757Labs crew.
GNU (www.gnu.org).
All of the contributors: See AUTHORS file.
Contact / Project URL
---------------------
[email protected]
https://github.com/enferex/pdfresurrect
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].