Thursday, September 6, 2007


This tool is oriented to the extraction of metadata from files published in the domains of the target. It looks into the following type of files : PDF, PPT, DOC, XLS and MDB, and looks into different relevant fields, like "Author" or "Last Saved by".

The idea is to look into fields that may be used to get information about users, so can be used for brute-force attacks. This information can also provide windows domain users, or the methodology used by the company to generate user names.

Once the docs are identified, they are downloaded and analyzed. The information is presented in an HTML document. Please feel free to use this tool and don´t heasitate to send us your feedback.

Download: metagoofil-1.2.tar

Wfuzz 2.2.0 released

I'm pleased to announce a new version of WFuzz! Wfuzz has been created to facilitate the task in web applications assessments and it...