Metagoofil
Metagoofil is an information gathering tool for extracting metadata from public documents belonging to a target company. It searches Google to identify and download files like PDF, DOC, XLS, and PPT.
Description
Metagoofil is designed for extracting metadata of public documents (pdf, doc, xls, ppt, docx, pptx, xlsx) from a target company. It performs searches on Google to find and download these documents to the local disk, aiding in reconnaissance and information gathering during security assessments.
Use cases include passive reconnaissance where metadata such as author names, software versions, usernames, and paths can reveal sensitive internal information without direct interaction with the target. The tool limits searches and downloads to avoid detection and respects delays to prevent IP blocking by Google.
Note that current versions no longer extract metadata directly; users should refer to /usr/share/doc/metagoofil/README.md.gz for extraction methods.
How It Works
Metagoofil queries Google for specific file types from a given domain, using parameters like search limits and delays between requests to avoid rate limiting. It downloads a specified number of matching files to a local directory and can save HTML links to a file. Metadata extraction is no longer handled by the tool itself.
Installation
sudo apt install metagoofilFlags
Examples
metagoofil -d kali.org -t pdf -l 100 -n 25 -o kalipdf -f kalipdf.htmlmetagoofil -d example.com -t pdf,doc -l 200 -n 50 -o docsmetagoofil -d target.org -t xls -l 50 -n 10 -f links.htmlmetagoofil -d company.com -t ppt -l 100 -o presentationsmetagoofil -d site.net -t pdf -l 100 -n 20 -e 60metagoofil -h