One very important part of any pentest is the gathering of information of the target network that will be attack and on area that is gaining a lot of traction is the enumeration thru metadata. A tool I recently learned about by listening to the great podcast Exotic Liability where they mentioned the FOCA tool by Informatica64 when talking about their presentation at Blackhat Europe 09 you can either download the FOCA tool or you can use the webpage to summit your document for analysis. I do prefer to do most of my analysis locally since on almost all pentests I have conducted all information is confidential and the sharing of information with third parties is not permitted . This tool will analyze metadata from Microsoft Office Documents, PDF files, Open Office Files and Word Perfect files, EXIF Metadata out of images and the best part is that you can add the files you collected manually or found and downloaded thru web searches using Google and Live Search witch makes it extremely flexible for pentests. it will enumerate Users, Folders, Printers, Emails and the version of Software used to create the file. This tool will run on Windows XP and Windows Vista, I found it to be really unstable in Windows 7 Beta.After downloading run the setup executable and the tool will be available in the start menu under programs…. I will definitely be adding this tool to my toolbox and making it part of my methodology when executing target enumeration during pentetst. I hope you find this information useful and special thanks to the Exotic Liability team for mentioning this tool.
Source : Metadata Enumeration with FOCA