In this video I show how to extract a malicious URL from a PDF without opening it, how to spot a weaponized Office document, and a method to quickly de-obfuscate PowerShell. Enjoy! Links: - REMnux: - PDF: # - Macro-enabled doc: === My SANS Courses: - SEC450 - Blue Team Fundamentals: - MGT551 - Building and Leading Security Operations Centers: PDF Guide to Security Operations: Blueprint Podcast: Twitter: