FOCA is an interesting penetration testing
tool that allows you to find out more about a website by (amongst other things)
analyzing the metadata in any documents it makes available.
FOCA means seal in Spanish language. FOCA or
Fingerprinting Organizations with Collected Archives is a tool to discover
files on target website and extract metadata from it. FOCA is a Windows based
tool for the metadata extraction. It provides a GUI for easy usage. FOCA
basically uses search engines for the purpose of discovering files and extracts
metadata from them. This tool will
help you grab metadata like .doc, ppt,
pps, xls, docx, pptx, ppsx, xlsx, sxw, sxc, sxi, odt, ods, odg, odp, pdf and
wpd files from perticular website.
Steps to use FOCA:
Step 1:- Open
FOCA
Step 2:- Go to
"project" option and choose "new project"
Step 3:- Enter
Project name, Domain names, and create the project.
Step 4:- Now just
select the file extensions which you want to search for. And click on "Search
all " option.
Step 5:- Then, in a couple of minutes it will
show you the files which grabbed from that website, you can download these documents, extract their
metadata.