cryptam
The Cryptam command line tool is used to analyze documents for embedded executables, to scan for known exploits and identify suspicious elements of new threats. Embedded executables and dropped clean documents are extracted if detected. Document formats commonly used and supported are MS Office .doc/.ppt/.xls, PDF, RTF and Open XML formats such as .docx/pptx/xlsx. Both Windows and Mac OS X executables are detected and extracted.
For our latest document analysis tool, check out QuickSand
Get Cryptam on GitHub