footprinting also known as reconnaissance is the technique used for gathering information about computer systems and the entities they belong to to get this information a hacker might use various tools and technologies Foca fingerprinting organizations with collected archives is a tool used mainly to find metadata and hidden information in the documents at scans these documents may be on webpages and can be downloaded and analyzed with Foca it's capable of analyzing a wide variety of documents with the most common being Microsoft Office OpenOffice or PDF files these documents are searched for three possible search engines Google Bing and DuckDuckGo here's how you can download and install Foca you can download Foca from the eleven paths website that is seen on this slide Foca is open source you can download all the sources as well as the executable binary from github com slash eleven path slash Foca however this version requires SQL Server Express installed on the host machine so I prefer to download and use the previous version of Foca which requires dotnet framework version 3.5 only it's a portable version so you don't need to install it download the zip file extract it go to the bin folder and run folk exec file that's it to work with Foca start a new project using project button on the upper left corner give the project a name and to the website and choose the folder to save the results to when you finish filling the fields click the Create button to create a new project after creating a new foe project we can start a Network scan from the tree at the left side select Network node now select the search types the search types listed on the panel are web search you can choose whether Google or Bing DN search dictionary search to perform DNS search using a dictionary IP Bing to serve the domain names hosted on the same ip address show dan and Rob text queries and click the start button to start the scan now we can collect some documents published by the target domain to collect their metadata from the tree at the left side select metadata node you're supposed to see a panel similar to the one which is seen on the slide select the document types you want to collect and click the search all button to start the document search you can see the documents found under metadata node of the tree you should download the documents to be able to extract the metadata right-click the documents you want to download from the menu select download now you can extract the metadata of the downloaded documents you can understand if a document is downloaded from the download column of the table select the documents that you want to collect the metadata right click and select extract metadata from the menu you'll see the results under the metadata node of the tree let's see Foca in action find the 11 paths focal website on the website you see a download button which brings you to the github page of eleven paths you can find the latest release version of Foca under Foca releases folder it requires SQL Server Express installed on the host machine go back to the eleven paths website you can find a link to the previous version of Foca read and accept the EULA and download the folk approach hit file you extract the zip file go to bin folder and run folk exec file on the project menu select new project to create a new project fill the boxes in carefully you and then click create save the project file for further usages now we can start a new scan select the network node from the tree select the search types on the dictionary search panel you have to choose a valid dictionary the default path is probably not valid you can find a valid dictionary inside the dns dictionary folder which is under the bin folder where you found the folk exec file click the start button to start the scan and let the scan continue for a couple of minutes you let's collect the documents from the target website and extract their metadata select the metadata node from the tree select the document types you're interested in and click search all button to find the documents let the search continued for a couple of minutes you select the documents that you want to collect the metadata right-click and select download select the downloaded documents right-click and select extract metadata at this time look at the nodes under the metadata node of the tree and you will see the metadata extracted from other downloaded documents you can examine the metadata of each document one by one you or you can find valuable data summarized under the metadata summary node user names of the owners of the documents operating system where the document is created email address is collected from the metadata of the documents and more