Scan Maldoc

scan.tylabs.com

Document+PDF Malware Analysis



QuickSand Framework

QuickSand is a Python-based analysis framework to analyze suspected malware documents to identify exploits in streams of different encodings or compressions. QuickSand supports documents, PDFs, Mime/Email, Postscript and other common formats. It is available for download github.com/tylabs/quicksand.

QuickSand supports scanning using Yara signatures within the decoded streams of documents and PDFs to identify exploits or high risk active content.

Features

Risky content