📄 Feature

Document Scanning

Scan PDFs and Office documents for malicious macros, embedded threats, phishing links, and obfuscated payloads — before they reach your users, employees, or systems.

Get started free View API docs

Scoring

Every scan produces a risk score (0–100) and a verdict:

Verdict	Score range	Meaning
OK	85–100	Low risk — safe to proceed
Warn	70–84	Elevated risk — manual review recommended
Block	0–69	High-confidence threat — do not open

A hard block (score forced below 60) is triggered when a virus is detected by the Cloudmersive antivirus engine or the file contains a known-bad URL.

PDF threat detection

PDFs are normalized with qpdf to strip obfuscation layers before analysis, exposing hidden JavaScript, embedded files, and redirect chains that evade traditional antivirus tools. Every PDF also runs through the Cloudmersive AV engine for virus and malware detection.

Signal	Detail
Embedded JavaScript	JS that executes on open in vulnerable PDF readers
Embedded files	Hidden payloads attached inside the PDF container
Suspicious URLs	Links checked against phishing and malware databases
Phishing indicators	Brand impersonation, lookalike domains, redirect chains
Obfuscation techniques	Content decoded and normalized before scanning

Office document threat detection

Word, Excel, and PowerPoint files are extracted and analyzed for macro code, external references, and embedded objects. Macro analysis covers both legacy .doc/.xls/.ppt formats and modern OOXML formats. All Office files also pass through the Cloudmersive AV engine.

Signal	Detail
Malicious macros & VBA	Auto-executing macros, obfuscated VBA, and suspicious shell calls
DDE / external data links	Dynamic Data Exchange attacks that execute commands on open
Embedded OLE objects	Executable payloads hidden inside Office containers
Suspicious URLs	Links in document body, headers, and comments
Template injection	Remote template references that download payloads at open time
Obfuscated content	Encoded strings and hidden text used to bypass scanners
XML external entities (XXE)	References that can exfiltrate data or trigger server-side requests on open
Unsafe archive content	Compressed payloads hidden inside document containers

Supported formats

📄

PDF

Adobe PDF

📝

DOCX / DOC

Microsoft Word

📊

XLSX / XLS

Microsoft Excel

📋

PPTX / PPT

Microsoft PowerPoint

How to scan

Web interface

Upload a file directly from the dashboard. Results appear immediately with a verdict, flagged elements, and severity breakdown.

API

POST the file as multipart/form-data to /api/scan/document. Receive a structured JSON verdict synchronously.

Credit usage

Each document scan costs 20 credits regardless of format. Credits are shared across your workspace.

Ready to get started?

Start scanning documents in minutes. No setup required.

Get started free