La nueva FOCA 2.7

•Download as PPTX, PDF•

3 likes•843 views

This document summarizes the capabilities of the FOCA tool for extracting metadata and hidden information from files. FOCA can analyze a wide range of file types including documents, images, and PDFs. It is able to uncover personal user data, system information, network details, device information, software versions, and more. The document provides examples of FOCA analyzing files from FBI.gov and its recursive network discovery algorithm. It concludes by noting new features in version 2.7.1 like RDP file analysis and an improved reporting module.

MetadataRisks “Secret” relationships Government & companies Companies & providers Piracy Reputation Social engineering attacks Targeting Malware

FOCA: File types supported ,[object Object]

Adobe Indesign, SVG, SVGZ,[object Object]

Wussten Sie, dass Ihre Paket- bzw. Übertragungsdaten wertvolle und detailierte Einblicke für Ihre gesamte Operational Intelligence liefern? In dieser Session erfahren Sie mehr über die skalierbare Softwarelösung Splunk App for Stream (keine Hardware Taps notwendig), welche bestehende Andwendungsszenarien von Splunk in der IT und im Geschäftsbereich verstärkt und erweitert. In einer Live Demo zeigen wir Ihnen, wie Sie mit Übertragungsdaten zu mehr Operational Intelligence gelangen hinsichtlich: Infrastructure Operations Application Management Security

PRESENTATION of CEH Tools.pptx

AadityaSaxena12

A fresh new look into Information Gathering - OWASP Spain

Christian Martorella

Hacking Fundamentals - Jen Johnson , Miria Grunick

amiable_indian

Reconnaissance & Scanning

amiable_indian

Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...

OpenDNS

Lab-4 Reconnaissance and Information Gathering A hacker.docx

LaticiaGrissomzz

Lab-4: Reconnaissance and Information Gathering A hacker uses many tools and methods to gather information about the target. There are two broad categories of information gathering methods: passive and active. These methods are detailed in the table below. In this lab, you will perform passive information gathering (gray-shaded column). In Lab 5, you will be performing active information gathering. Please review the table before starting this lab. Information Gathering Passive (Reconnaissance and Information Gathering) – This Week Active (Scanning and Enumeration) – Next Week Is the hacker contact with the target directly? No direct contact with the target Direct contact with the target Are the activities logged? No audit records on the target Audit record might be created What kind of tools has been used? Web archives, Whois service, DNS servers, Search Engines Port scanners, network scanners, vulnerability scanners (Nessus, Nmap) What information can a hacker collect? IP addresses, network range, telephone numbers, E-mail addresses, active machines, operating system version, network topology Live hosts on a network, network topology, OS version, open ports on hosts, services running on hosts, running applications and their versions, patching level, vulnerabilities. In passive information gathering, the hacker does not directly contact the target; therefore, no audit logs have been created. Both non-technical (such as employee names, birth dates, e-mail addresses) and technical information (IP addresses, domain names) can be gathered. This information can be used in many ways in the subsequent steps of the attack. For example, the phone numbers or e-mail addresses you discovered can be used in social engineering attacks. DNS records or subdomain names can be used to leverage specific attacks against hosts or URLs. More notes on Reconnaissance and Information Gathering : 1) In this phase, an attacker may collect a lot of information without being noticed. 2) In some cases, an attacker may even discover vulnerabilities. 3) The information collected in this phase can be quite valuable when evaluated together with the information collected in the scanning and enumeration phase. For example, you might find the phone number and name of an employee in this phase, and you may find the computer IP address in the active scanning phase. You can use these two pieces of information together to leverage a social engineering attack. An attacker will increase the chance of gaining trust when s/he calls the victim's name and talk some specific about the victim's computer. 4) Companies should also perform reconnaissance and information gathering against themselves so that they can discover -before hackers- what kind of information the company and company employees disclose. In this lab, you will practice 6 passive methods of Reconnaissance and Information Gathering. You have to use Kali VM in Sections 3, 5, and 6 of the lab. You may use Kali.

voip_enPierpaolo Palazzoli

Module 2 Foot Printingleminhvuong

Pentesting Android Apps

Abdelhamid Limami

The (in)security of File Hosting ServicesMarco Balduzzi

Toorcon - Purple Haze: The Spear Phishing Experience

Jesse Nebling

La informática se creó en las calles: Microhistorias de Apple y Microsoft

Eventos Creativos

Windows server 2012 para it

Eventos Creativos

Similar to La nueva FOCA 2.7

Pentesting drivenbyfoca slidesBIT Technologies

Foca training hackcon6

Chema Alonso

FOCA 2.5.5 Training

Chema Alonso

Tactical Fingerprinting using metadata, hidden info and lost data

Chema Alonso

Pentesting iOS Applications

jasonhaddix

HoneyNet SOTM 32 - Windows Malware Analysis

Chetan Ganatra

Reconnaissance - For pentesting and user awareness

Leon Teale

technical-information-gathering-slides.pdf

MarceloCunha571649

Splunk Stream - Einblicke in Netzwerk Traffic

Splunk

PRESENTATION of CEH Tools.pptx

AadityaSaxena12

A fresh new look into Information Gathering - OWASP Spain

Christian Martorella

Hacking Fundamentals - Jen Johnson , Miria Grunick

amiable_indian

Reconnaissance & Scanning

amiable_indian

Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...

OpenDNS

Lab-4 Reconnaissance and Information Gathering A hacker.docx

LaticiaGrissomzz

voip_enPierpaolo Palazzoli

Module 2 Foot Printingleminhvuong

Pentesting Android Apps

Abdelhamid Limami

The (in)security of File Hosting ServicesMarco Balduzzi

Toorcon - Purple Haze: The Spear Phishing Experience

Jesse Nebling

Similar to La nueva FOCA 2.7 (20)

Pentesting drivenbyfoca slides

Foca training hackcon6

FOCA 2.5.5 Training

Tactical Fingerprinting using metadata, hidden info and lost data

Pentesting iOS Applications

HoneyNet SOTM 32 - Windows Malware Analysis

Reconnaissance - For pentesting and user awareness

technical-information-gathering-slides.pdf

Splunk Stream - Einblicke in Netzwerk Traffic

PRESENTATION of CEH Tools.pptx

A fresh new look into Information Gathering - OWASP Spain

Hacking Fundamentals - Jen Johnson , Miria Grunick

Reconnaissance & Scanning

Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...

Lab-4 Reconnaissance and Information Gathering A hacker.docx

voip_en

Module 2 Foot Printing

Pentesting Android Apps

The (in)security of File Hosting Services

Toorcon - Purple Haze: The Spear Phishing Experience

Recently uploaded

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Nexer Digital

Assuring Contact Center Experiences for Your Customers With ThousandEyes

ThousandEyes

Quantum Computing: Current Landscape and the Future Role of APIs

Vlad Stirbu

PHP Frameworks: I want to break free (IPC Berlin 2024)

Ralf Eggert

In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development. This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Sri Ambati

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

UiPathCommunity

💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™: See how to accelerate model training and optimize model performance with active learning Learn about the latest enhancements to out-of-the-box document processing – with little to no training required Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath. Speakers: 👨‍🏫 Andras Palfi, Senior Product Manager, UiPath 👩‍🏫 Lenka Dulovicova, Product Program Manager, UiPath

Bits & Pixels using AI for Good.........

Alison B. Lowndes

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

Elevating Tactical DDD Patterns Through Object Calisthenics

Dorra BARTAGUIZ

After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

UiPath Test Automation using UiPath Test Suite series, part 3

DianaGray10

The Future of Platform Engineering

Jemma Hussein Allen

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf

Peter Spielvogel

Building better applications for business users with SAP Fiori. • What is SAP Fiori and why it matters to you • How a better user experience drives measurable business benefits • How to get started with SAP Fiori today • How SAP Fiori elements accelerates application development • How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities • How SAP Fiori paves the way for using AI in SAP apps

Essentials of Automations: Optimizing FME Workflows with Parameters

Safe Software

Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place. Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects. Here’s what you’ll gain: - Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows. - Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy. - Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency. - Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity. We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic. Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

Recently uploaded (20)

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Assuring Contact Center Experiences for Your Customers With ThousandEyes

Quantum Computing: Current Landscape and the Future Role of APIs

PHP Frameworks: I want to break free (IPC Berlin 2024)

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

Bits & Pixels using AI for Good.........

The Art of the Pitch: WordPress Relationships and Sales

Elevating Tactical DDD Patterns Through Object Calisthenics

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

UiPath Test Automation using UiPath Test Suite series, part 3

The Future of Platform Engineering

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf

Essentials of Automations: Optimizing FME Workflows with Parameters

Epistemic Interaction - tuning interfaces to provide information for AI support

La nueva FOCA 2.7

1. 2.7.1 version Chema Alonso

2. FOCA 0.X

3. MetadataRisks “Secret” relationships Government & companies Companies & providers Piracy Reputation Social engineering attacks Targeting Malware

5. Open Office documents.

6. MS Office documents.

7. PDF Documents.

8. XMP.

9. EPS Documents.

10. Graphic documents.

11. EXIF.

12. XMP.

13.

14. Creators.

15. Modifiers .

16. Users in paths.

17. C:ocuments and settingsfooyfile

18. /home/johnnyf

19. Operating systems.

20. Printers.

21. Local and remote.

22. Paths.

23. Local and remote.

24. Network info.

25. Shared Printers.

26. Shared Folders.

27. ACLS.

28. Internal Servers.

29. NetBIOS Name.

30. Domain Name.

31. IP Address.

32. Database structures.

33. Table names.

34. Colum names.

35. Devices info.

36. Mobiles.

37. Photo cameras.

38. Private Info.

39. Personal data.

40. History of use.

41.

42.

43. Search for documents in Google and Bing

44. Automatic file downloading

45. Capable of extracting Metadata, hidden info and lost data

46. Cluster information

47.

48. Howmaydaysto do thepentesting?

49. Sometimes…a pentesterneedsto be a SuperHero

50.

51. Recursivealgorithm

52. InformationGathering

53. SwRecognition

54. DNS Cache Snooping

55.

56. Network DiscoveryAlgorithm http://apple1.sub.domain.com/~chema/dir/fil.doc http -> Web server GET Banner HTTP domain.com is a domain Search NS, MX, SPF records for domain.com sub.domain.com is a subdomain Search NS, MX, SPF records for sub.domain.com Try allthe non verified servers onall new domains server01.domain.com server01.sub.domain.com Apple1.sub.domain.com is a hostname Try DNS Prediction (apple1) onalldomains Try Google Sets(apple1) onalldomains

57. Network DiscoveryAlgorithm http://apple1.sub.domain.com/~chema/dir/fil.doc 11) Resolve IP Address 12) GetCertificate in https://IP 13) Searchfordomainnames in it 14) Get HTTP Banner of http://IP 15) Use Bing Ip:IPtofindalldomainssharingit 16) Repeatforevery new domain 17) Connecttotheinternal NS (1 orall) 18) Perform a PTR Scansearchingforinternal servers 19) Forevery new IP discovered try Bing IP recursively 20) ~chema-> chemaisprobably a user

58. Network DiscoveryAlgorithm http://apple1.sub.domain.com/~chema/dir/fil.doc 21) / , /~chema/ and /~chema/dir/ are paths 22) Try directorylisting in allthepaths 23) Searchfor PUT, DELETE, TRACE methods in everypath 24) Fingerprint software from 404 error messages 25) Fingerprint software fromapplication error messages 26) Try commonnamesonalldomains (dictionary) 27) Try Zone Transfer onall NS 28) Searchforany URL indexedby web enginesrelatedtothehostname 29) Downloadthe file 30) Extractthemetadata, hiddeninfo and lost data 31) Sortallthisinformationand presentitnicely 32) Forevery new IP/URL startoveragain

59.

60. FOCA 2.5: Exalead

61. Hugedomains case

62. Digital Certificates

63. FOCA 2.5 & Shodan

64. FOCA 2.5 URL Analysis

65. .listing

66. Unsecure Http Methods

67. Search & Upload

68. Searchingfor Server-Side Technologies

69. Fuzzingoptions

70. DNS Cache Snooping