Metagoofil, an information gatherer with the ability to extract metadata from public documents, can be extremely valuable when analyzing a target network.
Peter Giannoulis of The Academy.ca explains how penetration testers can use the tool to assess the security of a website or Web server. Learn how MetaGoofil probes servers for available docs, including PDFs and PowerPoints, and analyzes them for hidden data.
For more information about the tool you've seen here:
About the author: Peter Giannoulis, GSEC, GCIH, GCIA, GCFA, GCFW, GREM, CISSP, is an information security consultant in Toronto, Ontario. He currently maintains www.theacademy.ca, which provides organizations streaming video on how to configure and troubleshoot many of today's top security products. He also serves as a technical director for GIAC.
No problem! Submit your e-mail address below. We'll send you an email containing your password.
Your password has been sent to:
Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.
SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge needed to deal with the increasingly challenging job of keeping their organizations secure.
The Indian government has its work cut out hitting its ambitious target of creating half a million cyber-security professionals, with a shortage of specialized courses in institutions across the country
A British citizen has applied for a judgement against Facebook after it failed to file a defence in a case that will test the right of technology companies to disclose personal data on UK residents to the US National Security Agency