Metadata Analysis

Metadata analysis tools in passive reconnaissance are designed to extract and analyze the metadata from various file types, which can inadvertently contain sensitive information about the organization, such as software versions, system information, user names, and more. Here are some tools commonly used for metadata analysis:

FoCA (Fingerprinting Organizations with Collected Archives)

FOCA (Fingerprinting Organizations with Collected Archives)

FOCA is a tool used to find metadata and hidden information in the documents it scans. These documents may be on web pages, and can be downloaded and analyzed with FOCA.

Resources:

ExifTool

ExifTool

ExifTool is a platform-independent Perl library plus a command-line application for reading, writing, and editing meta information in a wide variety of files. It supports many file types including, but not limited to, images, audio, and documents.

Resources:

Metagoofil

Metagoofil

Metagoofil is a command-line tool that extracts metadata of public documents (.pdf, .doc, .xls, .ppt, .odp, .ods) available in the target websites. It then outputs the results in a file that can be used for analysis.

Resources:

Other Tools

Other Tools

Belkasoft Evidence Center

  • Used for digital forensic investigations, it can also analyze and recover various types of metadata.

PDF Stream Dumper

PDF-extract

  • An open-source tool specifically designed for extracting various elements from PDFs, including metadata.

DocFetcher

  • A desktop search application that can index and search for documents based on their metadata.

Apache Tika

  • A content analysis toolkit that can identify and extract metadata and text from over a thousand different file types.

Metadata Extraction Tool

  • Developed by the National Library of New Zealand, it extracts preservation-related metadata from a range of file formats.

Last updated