Overview
- Include anything related to website on public Internet which cause to disclose information
- Hackers use these information in footprint process or social engineering attacks
Public source Examples
- Search engine such as Google and Bing
- Company website including contacts , job posting …
- Robots.txt
- View source or comments in HTML contents
- http://archive.org , can view history of archived website
- Social media websites like blogs and LinkedIn
- Trusting fake websites and people (fake opening job in LinkedIn)
- Geo location and addresses (used with wireless attacks)
- https://www.shodan.io , search engine help for system banners
- Google hacking , review my whitepaper “Maximizing SharePoint Security” https://gallery.technet.microsoft.com/Maximizing-SharePoint-cf7f7efc
- Google Hacking Database (GHDB) https://www.exploit-db.com/google-hacking-database/ , search engine help in find vulnerabilities and exploits by search queries
- Document’s metadata , contains information like name of users , OS created the document …
FOCA tool
- Use search engines to find files on website and then analyze metadata of these files to find information like users , emails …
- Download it from https://www.elevenpaths.com/labstools/foca/index.html (also included in Kali)
How to use it
Create new project
Fill the fields and click Create
Click Search All
It will show list of files found it for this domain and metadata of these documents , you can then right click to Analyze Metadata in Metadata Summary node