{"id":28234446,"url":"https://github.com/benzoxdev/malicious-pdf","last_synced_at":"2025-10-06T08:46:12.820Z","repository":{"id":293148698,"uuid":"983103508","full_name":"BenzoXdev/malicious-pdf","owner":"BenzoXdev","description":"Malicious PDF Generator is a powerful and flexible toolkit developed by BenzoXdev to generate custom malicious PDF files for security testing. Designed for penetration testers and red teams, it includes multiple payload types, customizable endpoints, and automation support — helping assess PDF-handling vulnerabilities, antivirus evasion, and endpoi","archived":false,"fork":false,"pushed_at":"2025-05-13T22:33:38.000Z","size":1512,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-23T02:42:18.623Z","etag":null,"topics":["hacking-tool","pdf","red-team"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BenzoXdev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-13T22:10:17.000Z","updated_at":"2025-05-14T05:36:21.000Z","dependencies_parsed_at":"2025-05-14T00:09:12.539Z","dependency_job_id":"0fad644c-9a87-4724-b7e3-19a52c9b1fde","html_url":"https://github.com/BenzoXdev/malicious-pdf","commit_stats":null,"previous_names":["benzoxdev/malicious-pdf"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/BenzoXdev/malicious-pdf","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BenzoXdev%2Fmalicious-pdf","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BenzoXdev%2Fmalicious-pdf/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BenzoXdev%2Fmalicious-pdf/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BenzoXdev%2Fmalicious-pdf/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BenzoXdev","download_url":"https://codeload.github.com/BenzoXdev/malicious-pdf/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BenzoXdev%2Fmalicious-pdf/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259541564,"owners_count":22873714,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacking-tool","pdf","red-team"],"created_at":"2025-05-18T22:13:43.565Z","updated_at":"2025-10-06T08:46:07.776Z","avatar_url":"https://github.com/BenzoXdev.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"malicious-pdf.png\" alt=\"Malicious PDF Generator Logo\" width=\"400\"/\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eMalicious PDF Generator\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cstrong\u003eBy BenzoXdev\u003c/strong\u003e\u003cbr\u003e\n  A powerful and versatile tool for generating custom malicious PDFs for testing and research.\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"#license\"\u003e\u003cimg src=\"https://img.shields.io/badge/License-MIT-blue.svg\" alt=\"License\"\u003e\u003c/a\u003e\n  \u003ca href=\"#prerequisites\"\u003e\u003cimg src=\"https://img.shields.io/badge/Python-3.8%2B-blue.svg\" alt=\"Python Version\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n---\n\n## Table of Contents\n1. [Key Features](#key-features)\n2. [Use Cases](#use-cases)\n3. [Prerequisites](#prerequisites)\n4. [Installation](#installation)\n5. [Usage](#usage)\n6. [Examples](#examples)\n7. [Advanced Techniques](#advanced-techniques)\n8. [Security \u0026 Best Practices](#security--best-practices)\n9. [Contributing](#contributing)\n10. [License](#license)\n11. [Contact \u0026 Support](#contact--support)\n\n---\n\n## Key Features\n- ✅ **Multi-vector Payloads**: JavaScript, XFA forms, GoTo/Launch actions, EICAR, and more.\n- ⚙️ **Customizable Host**: Use any IP, domain, or Burp Collaborator instance.\n- ⚡ **Rapid PDF Generation**: One command to create multiple test files.\n- 🧩 **Modular Design**: Easily add or modify payload templates.\n- 🧠 **Documentation \u0026 Examples**: Clear, concise usage instructions.\n\n---\n\n## Use Cases\n- **Antivirus/EDR Testing**: Evaluate endpoint detection and prevention capabilities.\n- **Web App Penetration Testing**: Upload handling, sandbox escapes, and script-based payloads.\n- **Red Team Operations**: Deliver realistic malicious documents during engagements.\n\n---\n\n## Prerequisites\n- **OS**: Windows, macOS, or Linux\n- **Python**: 3.8 or higher\n- **Modules**:  \n  - `validators`  \n  - `ipaddress`  \n  - `bz2`, `base64` (Python built-in)\n\n# Install dependencies:\n```bash\npip install -r exigences.txt\n\n```\n---\n\n# Installation\n```\ngit clone https://github.com/BenzoXdev/malicious-pdf.git\ncd malicious-pdf\npip install -r exigences.txt\n```\n\n---\n\n# Usage\n\nBasic Command\n```\npython malware-pdf.py yourdomain.burpcollaborator.net\n```\nGenerated Files Overview\n\nFile\tDescription\n\ntest1.pdf\tGoToE action (external link)\ntest2.pdf\tXDP-based form submission\ntest3.pdf\tJavaScript app.openDoc call\ntest4.pdf\tXSLT injection using XFA forms\ntest5.pdf\tURI link action\ntest6.pdf\tLaunch action for file execution\ntest7.pdf\tGoToR action with remote PDF reference\ntest8.pdf\tSubmitForm action with HTML flags\ntest9.pdf\tImportData action (data exfiltration)\ntest10.pdf\tmacOS Calculator PoC (CVE-2017-10951)\ntest11.pdf\tEmbedded EICAR antivirus test string\n\n\n\n---\n\n# Examples\n\n# Using a Burp Collaborator instance\n```\npython malware-pdf.py my-collab.burpcollaborator.net\n```\n# Using a direct IP\n```\npython malware-pdf.py 192.168.1.100\n```\n\n---\n\n# Advanced Techniques\n\nExtend Payloads: Add your own create_malpdfX() functions.\n\nFile Hashing: Integrate SHA256 or MD5 checksums.\n\nCI/CD Integration: Use for automated security testing pipelines.\n\nDockerize: Run in isolated, reproducible containers.\n\n\n\n---\n\n# Security \u0026 Best Practices\n\nTest Legally: Only in controlled, non-production environments.\n\nIsolate Network: Use VPNs or segmented test labs.\n\nMonitor Traffic: Log callbacks and requests for analysis.\n\nClean Up: Delete files and disable endpoints after use.\n\n\n\n---\n\n# Contributing\n\nContributions are welcome!\n\n1. Fork this repository.\n\n\n2. Create a feature branch: git checkout -b feature/my-feature.\n\n\n3. Commit your changes: git commit -m \"Add new payload\".\n\n\n4. Push to GitHub: git push origin feature/my-feature.\n\n\n5. Open a Pull Request with a detailed description.\n\n\n\n\n---\n\n# License\n\nThis project is licensed under the MIT License. See the LICENSE file for more information.\n\n\n---\n\n### Contact \u0026 Support\n\nAuthor: BenzoXdev\n\nGitHub: BenzoXdev\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbenzoxdev%2Fmalicious-pdf","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbenzoxdev%2Fmalicious-pdf","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbenzoxdev%2Fmalicious-pdf/lists"}