Office document and PDF malware analysis
SCAN COMING SOON
QuickSand is an analysis framework to analyze suspected malware documents to identify exploits in streams of different encodings or compressions. QuickSand supports documents, PDFs, Mime, Postscript and other common formats.
QuickSand is a specialized tool for detecting malicious and high-risk documents or PDFs. Unlike antivirus which will not decompress all the embedded streams, QuickSand will do a through analysis for potential risky content or known exploits. Dynamic sandbox technologies require specific versions of document viewers to detect exploitation, QuickSand works statically
QuickSand supports Yara signatures within the decoded streams of documents and PDFs.