I was watching random defcon lectures and came across one that interested me which was about FOCA. FOCA can be used to extract metadata from within documents and jpgs. Now you may be asking, "what is metadata?", and in crude terms you could think of it as "data within data" or "data about data". Using FOCA you can extract information ranging from the OS and User that created it to the type of device used and its GPS at the time it was taken. You can also use it to spider websites in search of files, as well as using it to assist you in "google hacking" (I.E. using google dorks to find specific information or files). Could be a good assistance in a pentest or something of the sort.
Below you can find a link to where you can download FOCA as well as the lecture that sparked my interest in the first place.
There's also this a website that you can use to extract the metadata from a document on the fly.
Here's the lecture that caught my interest in the first place. It's presented by the developers at defcon and goes into detail about what this tool can do and how to use it.
No comments:
Post a Comment