Metadata

Metadata is data that describes, structures and administers different forms of content.

Gathering site/domain metadata from online sources

Metadata Sites

wget

wget -nd -r -R htm,html,php,asp,aspx,cgi -P
wget -nd -r -A pdf,doc,docx,xls,xlsx -P

metagoofil

Find all files on a domain

metagoofil  -d [domain] -t pdf,docx,txt -o metagoofil -n 50 -l 200

AWS Recon

GitHub - joshlarsen/aws-recon: Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.GitHub

Infoga

Linux and Windows

git clone https://github.com/m4ll0k/Infoga.git
cd Infoga
python setup.py install
python infoga.py

python infoga.py --domain nsa.gov --source all --breach -v 2 --report ../nsa_gov.txt
python infoga.py --info m4ll0k@protonmail.com --breach -v 3 --report ../m4ll0k.txt

VPN Configuration files

OME organizations publicly distribute configuration files and keys for VPN systems.

Cisco profile configuration files (PCFs) contain IPsec VPN client variables, including the following:

• VPN server endpoint addresses

• Plaintext credentials (group name and password)

• Encrypted credentials (an obfuscated group password)

Using google search strings:

Crack / decode the passwords

Cisco VPN Client Password Decoderartemkin.github.io

Cisco VPN Client Password Decoder (unofficial)artemkin.github.io

IFM - Cisco Password Crackerwww.ifm.net.nz

Gathering site/domain metadata from offline sources

Extract metadata from the data we have.

exiftool

exiftool poissonrecon.pdf

Strings

-e >>> for 16 bit big-endian unicode
-el >>> for 16 bit little-endian unicode
-n >>> set minimum caracter length
-a >>> ascii
-u >>> unicode

strings -n 4 test.elf

tesseract

Find text in images

apt install tesseract-ocr
apt-get install tesseract-ocr-LANG
apt-get install tesseract-ocr-all

for x in *.jpg; do tesseract $x stdout -psm 11 -l eng >> tesser.out; done

Music Metadata

https://github.com/mischif/music-metadata-toolsgithub.com

PreviousPassive NextWeb Applications

Last updated 1 year ago