We have decided to take a look at the awesome Metadata analyzer titled “FOCA”. The FOCA metadata analyzer is an freeware application which you can use to analyze websites and online networks for Metadata and additional information.
The information which is collected by the FOCA tool allows security professionals to harden their online environments and websites against metadata collecting techniques.
Metadata is information which is often included in various files to provide an summary about the file without opening the file directly. Metadata information can provide hackers to insight which they need to perform an successful social engineering attack or malware infection attack. The collected metadata can provide hackers information about the versions and the software’s which are used by the targeted environment.
For example, if the metadata information shows that an outdated version of Adobe is being used, then the hacker or cybercriminal might be able to use an known exploit for that specific Adobe software.
To show you how FOCA works, we have decided to run the FOCA metadata analyzer on the Cyberwarzone.com website.
The first time when you load the FOCA tool, you will have to navigate to the “Project” button and click on the “New project” button.
This step will show you a new window, which requires information about the target.
Once you have provided all the information which is required, you can click on the “Create” button.
The next step which we will take is the “Network” step. Click on the “Network” label which you can find in the left screen. Once you have clicked on the “Network” label, a new screen will be shown. We will click on “Start” to start the Network step in FOCA.
The network scan will provide you information about the clients, servers and domains which are connected to the targeted domain. This will allow security professionals to gain insight in the viewable and public environments which are found via the designated target.
The free Foca Metadata analyzer also uses the ShodanHQ database as an resource. The network scan option in the FOCA metadata analyzer will look up the found IP addresses and Domains in the ShodanHQ database. If a match has been found, the match will be provided and shown in the FOCA results list.
ShodanHQ is an crawler which searches the internet for open and public devices. These devices can be anything:
The Metadata analyzer in the free FOCA tool allows you to scan the designated target for various file extensions like .doc, .ppt and .pdf. Do note that there is a massive file extension list which you can check and use.
If you want to use the Metadata function in the FOCA tool, you will need to click on the “Metadata” label which you can find in the left window.
The FOCA tool is a free application which officially can be downloaded from the Downloadcrew website. The following people have worked on FOCA and they can be considered as official authors and developers of FOCA.