Gallus is a web-based malware detection service to extract and analyze suspected malicious PDF documents. It is a free service designed to help security researchers and the public to detect exploits and gain other useful information contained in PDF documents.

Gallus allows sample submission via two methods, file submission and URL submission. Upon submitting your file, Gallus will extract and run various analyses to identify the content of the file. Throughout the analyses process, Gallus will gather useful information such as the exploits used, malicious JavaScript code, and any potential malware URL and shellcode behaviour. At the end of analyses process, a report will be generated containing all the information gathered in the analyses process as well as the status of the PDF document, whether it is malicious, suspicious or benign.

To use Gallus or obtain more information about this service, please click here

Figure1 Uploading a PDF file using Gallus