Posts

Showing posts from October, 2016

Identifying internal username, systems, applications in Office documents

Image
Tools such as MetaGooFil, FOCA were published many years ago.   Yet we can still identify many juicy information about targets in many of web sites through their hosted documents.  We believe those information is best utilised by attackers in their crafting of APT-based, phishing exploits.

MetaGooFil - http://tools.kali.org/information-gathering/metagoofil


[email protected]:~# metagoofil -d kali.org -t pdf -l 100 -n 25 -o kalipdf -f kalipdf.html

******************************************************
*     /\/\   ___| |_ __ _  __ _  ___   ___  / _(_) | *
*    /    \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | *
*   / /\/\ \  __/ || (_| | (_| | (_) | (_) |  _| | | *
*   \/    \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| *
*                         |___/                      *
* Metagoofil Ver 2.2                                 *
* Christian Martorella                               *
* Edge-Security.com                                  *
* cmartorella_at_edge-security.com                   *
*******************…