• Include anything related to website on public Internet which cause to disclose information
  • Hackers use these information in footprint process or social engineering attacks

Public source Examples

  • Search engine such as Google and Bing
  • Company website including contacts , job posting …
  • Robots.txt
  • View source or comments in HTML contents
  • , can view history of archived website
  • Social media websites like blogs and LinkedIn
  • Trusting fake websites and people (fake opening job in LinkedIn)
  • Geo location and addresses  (used with wireless attacks)
  • , search engine help for system banners
  • Google hacking , review my whitepaper “Maximizing SharePoint Security”
  • Google Hacking Database (GHDB) , search engine help in find vulnerabilities and exploits by search queries
  • Document’s metadata , contains information like name of users , OS created the document …

FOCA tool

How to use it

Create new project


Fill the fields and click Create


Click Search All


It will show list of files found it for this domain and metadata of these documents , you can then right click to Analyze Metadata in Metadata Summary node



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s