PyMeta is a Python3 rewrite of the tool PowerMeta, created by dafthack in PowerShell. It uses specially crafted search queries to identify and download the following file types (pdf, xls, xlsx, csv, doc, docx, ppt, pptx) from a given domain using Google and Bing scraping.
Once downloaded, metadata is extracted from these files using Phil Harvey's exiftool and added to a .csv
report. Alternatively, Pymeta can be pointed at a directory to extract metadata from files manually downloaded using the -dir
command line argument. See the Usage, or All Options section for more information.
Metadata is a common place for penetration testers and red teamers to find: domains, user accounts, naming conventions, software/version numbers, and more!
Still not convinced? Checkout - Hacking Organizations One Document at a Time With Metadata
Exiftool is required and can be installed with:
Ubuntu/Kali - apt-get install exiftool -y
Mac OS - brew install exiftool
git clone https://github.com/m8sec/pymeta
cd pymeta
python3 setup.py install
-
Search Google and Bing for files within example.com and extract metadata to a csv report:
pymeta -d example.com
-
Extract metadata from files within the given directory and create csv report:
pymeta -dir Downloads/
Target Options:
-d DOMAIN Target domain
-dir FILE_DIR Pre-existing directory of files
Search Options:
-s {google,bing,all} Search engine(s) to scrape (Default: all)
-m MAX_RESULTS Max results per file type, per search engine (Default: 50)
-j JITTER Seconds between search requests (Default: 2)
Output Options:
-o OUTPUT_DIR Path to store PyMeta's download folder (Default: ./)
-f FILENAME Custom report path/name.csv (Optional)
--debug Show links as they are collected during scraping
- Beau Bullock (@dafthack) - https://github.com/dafthack/PowerMeta
- Phil Harvey - https://exiftool.org/