Home > Security Tips > Network Security Tactics > Screencast: Collecting metadata with Metagoofil
Security Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

NETWORK SECURITY TACTICS

Screencast: Collecting metadata with Metagoofil


Peter Giannoulis, Contributor
11.25.2008
Rating: -5.00- (out of 5)


Network Security Tactics
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


Metagoofil, an information gatherer with the ability to extract metadata from public documents, can be extremely valuable when analyzing a target network.

Peter Giannoulis of The Academy.ca explains how penetration testers can use the tool to assess the security of a website or Web server. Learn how MetaGoofil probes servers for available docs, including PDFs and PowerPoints, and analyzes them for hidden data.

#ilrContainerLogin, ilrContainerRegister { width: 430px; margin: 0; } .ilrLoginRed { padding-left:3px; padding-top:15px; padding-bottom:15px; } #ilrFormWrapper { width:428px; margin:0px; border:1px solid #d4d4d4; } #ilrFormHeaderBack { background-image: url('http://media.techtarget.com/digitalguide/images/Misc/ilr_header_background.gif'); background-repeat: no-repeat; height:34px; } .ilrFormHeader { padding:5px 5px 5px 35px; font-size: 16px; font-family: arial, helvetica, sans-serif; color:#787878; } #ilrFormBody { background-color:#ffffd4; } .ilrFormBodyHeader { padding-top:15px; padding-left:12px; padding-right:12px; padding-bottom:20px; } .ilrFormBodyHeaderLogin { padding-top:15px; padding-left:9px; padding-right:8px; padding-bottom:20px; } .ilrFormBodyFooter { padding-top:15px; padding-left:12px; padding-right:40px; padding-bottom:20px; } form.ilr { margin: 0; padding: 0; min-width: 428px; max-width: 428px; width: 428px; } form.ilrLogin { margin: 0; padding: 0; min-width: 428px; max-width: 428px; width: 428px; } form.ilr label { display: block; float: left; width: 140px; margin: 5px 0 0; text-align: left; } form.ilrLogin label { display: block; float: left; width: 65px; margin: 5px 0 0; text-align: left; } form.ilr br { clear:left; } form.ilrLogin br { clear:left; } form.ilr input, form.ilr option, form.ilr select { width:auto; margin:4px 5px 0 0px; } form.ilrLogin input, form.ilrLogin option, form.ilrLogin select { width:auto; margin:4px 5px 0 0px; } .inputImage { padding-left:150px; padding-bottom:15px; } .inputImageLogin { padding-left:175px; padding-bottom:15px; } .formFieldsPadding { padding-left:35px; }

642" height="519">

For more information about the tool you've seen here:

  • Learn how some penetration testers are using tools like Maltego and Metagoofil, which put the Web's seemingly boundless stores of information to use.
  • Peter Giannoulis demonstrates how to use the freely available Wikto tool for Web server assessment.
  • Get the latest news and expert advice on penetration testing and ethical hacking.

    Want more screencasts? Make sure to check out our other demonstrations of today's security tools.

    About the author:
    Peter Giannoulis, GSEC, GCIH, GCIA, GCFA, GCFW, GREM, CISSP, is an information security consultant in Toronto, Ontario. He currently maintains www.theacademy.ca, which provides organizations streaming video on how to configure and troubleshoot many of today's top security products. He also serves as a technical director for GIAC.

    Rate this Tip
    To rate tips, you must be a member of SearchSecurity.com.
    Register now to start rating these tips. Log in if you are already a member.




    BROWSE BY TAG
    Network Security Tactics,   Application and Platform Security,   Enterprise Vulnerability Management,   Security Testing and Ethical Hacking,   VIEW ALL TAGS

    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


    RELATED CONTENT
    Network Security Tactics
    Screencast: Samurai offers pen-testing nirvana
    Firewall rule management best practices
    Chained Exploits: How to prevent phishing attacks from corporate spies
    Rootkit Hunter demo: Detect and remove Linux rootkits
    Enterprise UTM security: The best threat management solution?
    Making the case for network security configuration management
    An inside look at security log management forensics investigations
    How to find sensitive information on the endpoint
    How to perform Microsoft Baseline Security Analyzer (MBSA) scans
    How to spot attacks through Apache Web server log analysis

    Security Testing and Ethical Hacking
    Screencast: Samurai offers pen-testing nirvana
    McAfee to acquire Solidcore Systems for whitelisting
    The Pipe Dream of No More Free Bugs
    How to perform Microsoft Baseline Security Analyzer (MBSA) scans
    Free HP SWFScan tool detects Adobe Flash flaws
    Flaw disclosure debate polarizes SOURCE Boston panel
    L0phtCrack returns
    Information security book excerpts and reviews
    Should static analysis be a part of the software development process?
    Cracks in WPA? How to continue protecting Wi-Fi networks

    RELATED GLOSSARY TERMS
    Terms from Whatis.com − the technology online dictionary
    Cyber Storm  (SearchSecurity.com)
    ethical hacker  (SearchSecurity.com)
    ethical worm  (SearchSecurity.com)
    gray hat  (SearchSecurity.com)
    honey pot  (SearchSecurity.com)
    honeynet  (SearchSecurity.com)
    war dialer  (SearchSecurity.com)
    white hat  (SearchSecurity.com)

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary

    DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



    • Research Solutions for Network Security, Access Control and Security Threats
    More Security Resources for Resellers, VARs and OEMs
    TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Site Map




    All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts