FOCA : Extracting website Meta data

1.    Metadata is "data about data". It provides info about a certain item's content like for example, an image may include metadata that describes when was the picture clicked,which camera was used to click the image,the resolution etc. A text document's metadata may contain information about how long the document is, who the author is, when the document was written, and a short summary kind of document.Metadata can be useful to Penetration Testers,because it contains information about the system where the file was created, such as Name of users logged into the system,Software that created the document and OS of the system that created the document.This post will introduce to a tool know as FOCA ...that stands for “Fingerprinting Organization with Collected Archives” is an automated tool for downloading documents published in websites, extracting metadata and analyzing data.”FOCA is a security-auditing tool that will examine metadata from domains. One can have FOCA use search engines to find files on domains or use local files.Here I share the link to download and the usage screen shots that are self explanatory in nature...

Download Link : https://www.elevenpaths.com/labs/tools/index.html

Works : Only with Windows OS 

The first thing to do after launching FOCA is create a new project, as shown below : 

Once the project is named and u locate to store the project files, click on the Create button, as shown below :

Next thing to do is save the project file and click on the Search All button so FOCA will use search engines to scan for documents.

Right-click on the file and select the Download option, as shown below:

Right-click on the file and select the Extract Metadata option, as shown below :

Right-click on the file and select the Analyze Metadata option, as shown above :

 One can see the user who created and used this document as seen below :

You can also see what all software’s have been used to create the document.

In many cases, attackers will be able to see much more information and gather intelligence about a target, the network, usernames, etc… by using this tool.Though the tool is available with Kali but with newer versions it is only available with Windows....

DUQU's MICROSOFT LINK!!!

1.   While as on date the security and anti virus teams and experts across the globe are racing to find and unlock the details on DUQU,some useful information on the subject bug has been released by Microsoft,which says that hackers exploited a previously unknown bug in its Windows operating system to infect computers with the Duqu virus."We are working diligently to address this issue and will release a security update for customers," Microsoft said.But on the other hand the odds are that Microsoft won't patch the Windows kernel bug next week that the Duqu remote-access Trojan exploits to plant itself on targeted PCs.

2.   Meanwhile,Symantec researchers said they consider hackers sent the virus to targeted victims via emails with infected Microsoft Word documents attached. If a recipient opened the Word document and infected the PC, the attacker could take control of the machine and reach into an organization's network to propagate itself and hunt for data, Symantec researcher Kevin Haley told Reuters. 

3. Thanks http://itknowledgeexchange.techtarget.com and http://www.computerworld.com