PDF Changer

What does Forensic Analyzer change?

Frequently asked question for Forensic Analyzer.

Open tool · How-to · Privacy

What does Forensic Analyzer change?

It parses the PDF Info Dictionary, XMP metadata, embedded image EXIF headers, and raw byte patterns. Findings are categorized by severity (critical, high, medium, low) and grouped by type (identity, location, tracking, structure).

What this does not protect

  • Analysis is read-only. It does not modify the PDF in any way — use the scrubber for that.
  • Encrypted or malformed PDFs fall back to byte-level pattern matching. Coverage is reduced but EXIF markers and JavaScript signatures are still detected.
  • Printer tracking dots (Machine Identification Codes) are not detected in the current analyzer. Use the MIC decoder research tool for that — it requires high-resolution page rendering.
  • The analyzer checks PDF metadata and embedded image EXIF. It does not analyze text content for PII (names, addresses in the visible text).
  • It cannot fix compromised devices, accounts, or unsafe sharing channels.