Problem solve Get help with specific problems with your technologies, process and projects.

Screencast: Collecting metadata with Metagoofil

Peter Giannoulis explains how Metagoofil, an information gatherer that extracts metadata from public documents, can be extremely valuable when investigating a target network.

Watch in full-screen

View Peter's Metagoofil demo in a larger window.

Metagoofil, an information gatherer with the ability to extract metadata from public documents, can be extremely valuable when analyzing a target network.

Peter Giannoulis of The explains how penetration testers can use the tool to assess the security of a website or Web server. Learn how MetaGoofil probes servers for available docs, including PDFs and PowerPoints, and analyzes them for hidden data.

For more information about the tool you've seen here:

  • Learn how some penetration testers are using tools like Maltego and Metagoofil, which put the Web's seemingly boundless stores of information to use.
  • Peter Giannoulis demonstrates how to use the freely available Wikto tool for Web server assessment.
  • Get the latest news and expert advice on penetration testing and ethical hacking.

    Want more screencasts? Make sure to check out our other demonstrations of today's security tools.

    About the author:
    Peter Giannoulis, GSEC, GCIH, GCIA, GCFA, GCFW, GREM, CISSP, is an information security consultant in Toronto, Ontario. He currently maintains, which provides organizations streaming video on how to configure and troubleshoot many of today's top security products. He also serves as a technical director for GIAC.

  • This was last published in November 2008

    Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.