Fingerprinting Organizations with Collected Archives (FOCA)

From EverybodyWiki Bios & Wiki

Fingerprinting Organizations with Collected Archives (FOCA)[edit]


Fingerprinting Organizations with Collected Archives (FOCA) is a software tool used to uncover and analyze metadata within documents using open source search techniques. The program was designed by Eleven Paths and is a Windows based application.[1] FOCA utilizes Google, Bing, and DuckDuckGo to uncover documents in various file types from the searched domain name. FOCA can discover any document that is publicly available on the searched webpage.[2] The user can then choose which documents they want to download and extract the metadata for analysis. Currently FOCA supports DOC, XLS, PPT, PPS, DOCX, PPTX, PPSX, XLSX, SWX, ODT, ODS, ODP, PDF, and WPD file formats.[1] Files can also be directly imported from the user's computer for metadata extraction and analysis by dragging and dropping them into the program.[2]

After searching several databases FOCA will provide a list of identified machines withing the network, as well as organize the retrieved files by type. The user can then pick all or selected files for metadata analysis. Types of metadata that can be found include:[3]

  • Users
    • Creators
    • Modifiers
    • Users in document paths
  • Operating Systems
  • Printers
    • local and remote
  • Paths
    • Local and remote
  • Network Information
    • Shared printers
    • Shared folders
    • Access Control Lists
  • Internal Servers
    • NetBIOS Name
    • Domain Name
    • IP Address
  • Database Structures
    • Table Names
    • Column Names
  • Devices Information
    • Mobile details
    • photo details
  • Personal Data
  • History of Use
  • Software Versions


FOCA's metadata analysis can be utilized for network reconnaissance and identifying network weak points hackers could exploit.[4] Metadata in retrieved files may give insight into user IDs, Operating Systems, email addresses or details needed for social engineering. Other features of FOCA include:[5]

  • DNS Snooping
  • Juicy Files search
  • Proxies searching
  • technology identification
  • backup searches
  • error forcing
  • open directories search

Additional plugins available on FOCA's GitHub add features such as searching HaveIBeenPwned with emails found in metadata, detection of SQL Injection vulnerabilities, and search for hidden GIT files on websites.

This article "Fingerprinting Organizations with Collected Archives (FOCA)" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Fingerprinting Organizations with Collected Archives (FOCA). Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.

  1. 1.0 1.1 "Fingerprinting Networks" (PDF).
  2. 2.0 2.1 Bazzell, Michael. (2018). Open source intelligence techniques : resources for searching and analyzing online information. []. ISBN 9781984201577. OCLC 1039634203. Search this book on Logo.png
  3. Chema Alonso (2010-10-15). "FOCA 2.5.5 Training".
  4. "5. The FOCA - Nine must-have OSINT tools". Retrieved 2019-04-23.
  5. "Hack Like a Pro: How to Extract Metadata from Websites Using FOCA for Windows". WonderHowTo. Retrieved 2019-04-19.