Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,odp,ods) available on the target/victim website.
It will generate a html page with the results of the metadata extracted, plus a list of potential usernames very useful for preparing a bruteforce attack on open services like ftp, pop3,web applications, vpn and so on. Also it will extract a list of disclosed PATHs in the metadata, with this information you can guess OS, network names, shared resources etc.
This new version extracts MAC address from Microsoft Office documents. Now you can have an idea of what kind of hardware they are using.
All this information should not be available on the net, but most of the companies don’t have policies about information leaking… and most of them don’t know this information exists. So you can show them what information an attacker can obtain, with this simple technique.
You can download Metagoofil v1.4 here:
MetaGooFil 1.4 (tar) (20/04/2008)
Or read more here.
- Watcher – Passive Web Application Vulnerability Scanner
- Pentoo – Gentoo Based Penetration Testing Linux LiveCD
- Onapsis Bizploit v1.50 – SAP Penetration Testing Framework
- Metagoofil 1.2 – Metadata Extractor Tool
- The Revisionist – Metadata Retrieval Tool
- PDFResurrect v0.9 Released – PDF Analysis and Scrubbing Utility
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,901,365 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,126,655 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 639,174 views