# Fingerprinting with FOCA ![](/files/c22399c1474c4b08cbf0c9a6b26beb6dc5bd89cf) On this occasion we are going to do a scan with the tool called **FOCA** **(Fingerprinting Organizations with Collected Archives).** For this practice I will use `www.globant.com` as the initial target to learn a bit about `FOCA` and its use. Then we will use some other target to see cases where there is `metadata` exposed. ## Basic use of FOCA As a first step we configure the project and the `domain` target: ![](https://i.imgur.com/7WDBhIv.png) Once ready, we select the `file extensions` that we want to be taken into account by `FOCA` when performing the scan: ![](https://i.imgur.com/ApPFnjP.png) Once ready, we `click` on `Search All` to start the `scan`. Once `FOCA` it starts detecting files we see them listed below the selection of file extensions: ![](https://i.imgur.com/c5KFCUh.png) Once we have results available, we can `right-click` on any of the listed files and give it `click` on `Download` to download it and see what information we can obtain from it: ![](https://i.imgur.com/vrwKjsg.png) Once the document is downloaded it appears listed in the `tree view` and we can observe some details about it. ![](https://i.imgur.com/IMPrHDU.png) To see the details of the `metadata` of the file we need to return to the file list and then `right-click` to the desired file and `click` on `Extract All metadata` and then `Analyze all metadata`. ![](https://i.imgur.com/0aBI0tA.png) In this case we do not obtain important information since these documents were already sanitized before being published. But in case some important detail is obtained from the `metadata` of them, `FOCA` it will list the different types of information in the `tree view` so that we can review them: ![](https://i.imgur.com/HbxOuPA.png) ## Analysis of Exposed Metadata with FOCA If we see an example of a file that does expose certain data in its **`metadata`** we will see how this information is presented in **`FOCA`**: ![](https://i.imgur.com/07H0uXR.png) We see that among the results we obtain: * The server's IP address * The Software used to create the File * The User used when creating the file Each scanned file can expose different pieces of information that allow us to obtain a more complete picture of the target during the reconnaissance phase. In this other example we see that a **PDF** from the UTN campus reveals different details when analyzed: ![](https://i.imgur.com/gQILptw.png) In this case we obtain some `folders`(Folders), some `emails` and the `version of the software` used in the creation of the document. Some documents reveal much more information: ![](https://i.imgur.com/EIj4Wi3.png) In this case we can see that the **`metadata`** extracted from certain documents expose user accounts, emails, printers, folders, even other servers. Clearly sanitizing documents before sharing them is key to preventing external agents from obtaining potentially sensitive details with tools like **`FOCA`**. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://tzero86.gitbook.io/tzero86/footprinting-and-reconnaissance/fingerprinting-with-foca.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.