RSS Feed

Please wait while my feed loads

See more posts...

Newsletter

Subscribe to either one of our two newsletters for regular updates and information

Downloads newsletter

This is a weekly newsletter with download news, updates and other information

This is a monthly newsletter with software store information, offers and deals

FOCA Free 3.0

Make sure your website documents aren't giving away important information in their metadata

by Mike Williams

Our Rating:
Your Rating:
Login to rate
Based on 0 ratings
License: Freeware
Operating Systems: Windows 7 (32 bit), Windows 7 (64 bit), Windows Server, Windows Vista (32 bit), Windows Vista (64 bit), Windows XP
Requirements:

 

Languages: English
Software Cost: Free
Date Updated: 28 October 2011
Watchlist: Add download to my watchlist
Downloads To Date: 30639
Developer: Informatica 64
RSS News Feed: http://twitter.com/statuses/user_timeline/101166742.rss
Back in stock! Buy Malwarebytes Anti-Malware Premium v2 with a 1-PC LIFETIME license, only $24.95, from store.downloadcrew.com
FOCA Free 3.0
Make sure your website documents aren't giving away important information in their metadata

FOCA is an interesting penetration testing tool that allows you to find out more about a website by (amongst other things) analysing the metadata in any documents it makes available.

The process is surprisingly easy. Simply create a new document pointing FOCA at your website, click the Search All button, and FOCA will display all the PDF, Microsoft Office, Open Office and other documents on the site that have been indexed by Google, Bing and Exalead. (Which can be useful in itself, as you might discover you're exposing documents that were never intended for public view.)

Then, in a couple of clicks, you can have FOCA download these documents, extract their metadata, and summarise the results in a simple report. Exactly what might be exposed depends on the documents, what's been used to create them, and how well they've been cleaned, but commonly you'll see user names, network folders, printer names, email addresses, details on the software that's been used to create the files, and more - all very useful for hackers who might be looking to discover more about a particular target.

If you find your documents give away more information than you'd like, then check the creating software for tools that might be useful (search for keywords like Document Inspector or "metadata" in Office 2010, say).

Or, if you run your own IIS-based server, the FOCA authors also produce a program that may be of interest: MetaShield Protector. This cleans documents before they're sent to the client, so there's never any danger of information leaks.

Verdict:

A quick and easy way to analyse the metadata found in any website's documents

Your Comments & Opinion
 
Related Download Articles
 
Exif Pilot 4.7.1

Exif Pilot 4.7.2

Freeware

View and edit image EXIF, IPTC, and XMP tags

FileBot 4.5.6 for Windows

FileBot 4.5.6

Open Source

An essential tool for renaming digital TV, movies and music
 

BatchPurifier 5.0.2

BatchPurifier LITE 5.0.2

Freeware

Remove metadata from JPEGs with a click

JPEG & PNG Stripper 1.5.7.70

JPEG & PNG Stripper 1.5.7.70

Freeware

Quickly strip metadata from JPGs and PNGs

Other Download Articles From This Category
WIPE

WIPE 2015.03

Free, for personal-use only

Protect your privacy by clearing program and Windows' logs

RogueKiller 10.5.8

RogueKiller 10.5.8

Freeware

Quickly detect and remove malicious processes (and a few others, probably)

AdwCleaner 4.200

AdwCleaner 4.200

Freeware

A small but powerful browser toolbar remover

TunnelBear 2.3.10

TunnelBear 2.3.10

Freeware

The easy way to maintain your browsing privacy

From Softwarecrew

Please wait while my feed loads

See more posts...

Our Price: $29.95
RRP: $89.95
Saving 67%
Buy Now
Offer Ends In:
 

Spotlight: Free Full Software

Unreal Engine 4.7.2.0

Free Full Commercial Software

Unreal Engine is Epic Games' game engine, a powerful suite of tools for developing anything from basic 2D games to professional RPGs, first person shooters and whatever else you like.

Wide standards support - DirectX, OpenGL, JavaScript/ WebGL - means your projects can be targeted to almost any platform: consoles, iOS, Android, Windows, OS X, Linux, HTML5 browsers and more.

There's a vast amount to learn, of course, and that's even before you start building your game. But there's plenty of documentation, tutorials, demos and sample projects to point you in the right direction.

The package is now entirely free, too - no annoying limitations, nag screens or anything else. Epic now only requires that you pay a 5% royalty after the first $3,000 of revenue per product per quarter. And even then, you "pay no royalty for film projects, contracting and consulting projects such as architecture, simulation and visualization."

[...]
Value:
Free
Rating: