Proofpoint, Inc. offers Security-as-a-Service to companies of medium to large size and is dedicated to protecting sensitive information from outside threats such as malware. They asked our Clinic team to develop a system to detect attacks carried in innocent-seeming files. We constructed a system from existing open-source components that can detect suspicious Microsoft Office and Rich Text Format documents by analyzing files statically. The system examines the files for malformed content and structure, and flags suspicious material for more detailed analysis by a sandboxing system.