• Stars
    star
    382
  • Rank 112,241 (Top 3 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created over 6 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Pymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.

PyMeta

Β  Β  Β 

PyMeta is a Python3 rewrite of the tool PowerMeta, created by dafthack in PowerShell. It uses specially crafted search queries to identify and download the following file types (pdf, xls, xlsx, csv, doc, docx, ppt, pptx) from a given domain using Google and Bing scraping.

Once downloaded, metadata is extracted from these files using Phil Harvey's exiftool and added to a .csv report. Alternatively, Pymeta can be pointed at a directory to extract metadata from files manually downloaded using the -dir command line argument. See the Usage, or All Options section for more information.

Why?

Metadata is a common place for penetration testers and red teamers to find: domains, user accounts, naming conventions, software/version numbers, and more!

Getting Started

Prerequisites

Exiftool is required and can be installed with:

Β Β Β Β Ubuntu/Kali - apt-get install exiftool -y

Β Β Β Β Mac OS - brew install exiftool

Install:

Install the last stable release from PyPi:

pip3 install pymetasec

Or, install the most recent code from GitHub:

git clone https://github.com/m8sec/pymeta
cd pymeta
python3 setup.py install

Usage

  • Search Google and Bing for files within example.com and extract metadata to a csv report:
    pymeta -d example.com

  • Extract metadata from files within the given directory and create csv report:
    pymeta -dir Downloads/

All Options

options:
  -h, --help            show this help message and exit
  -T MAX_THREADS        Max threads for file download (Default=5)
  -t TIMEOUT            Max timeout per search (Default=8)
  -j JITTER             Jitter between requests (Default=1)

Search Options:
  -s ENGINE, --search ENGINE    Search Engine (Default='google,bing')
  --file-type FILE_TYPE         File types to search (default=pdf,xls,xlsx,csv,doc,docx,ppt,pptx)
  -m MAX_RESULTS                Max results per type search

Proxy Options:
  --proxy PROXY         Proxy requests (IP:Port)
  --proxy-file PROXY    Load proxies from file for rotation

Output Options:
  -o DWNLD_DIR          Path to create downloads directory (Default: ./)
  -f REPORT_FILE        Custom report name ("pymeta_report.csv")

Target Options:
  -d DOMAIN             Target domain
  -dir FILE_DIR         Pre-existing directory of file

Credit

More Repositories

1

CrossLinked

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
Python
806
star
2

subscraper

Perform subdomain enumeration through various techniques and retrieve detailed output to aid in further testing.
Python
665
star
3

nullinux

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Python
515
star
4

ActiveReign

A Network Enumeration and Attack Toolset for Windows Active Directory Environments.
Python
239
star
5

enumdb

Relational database brute force and post exploitation tool for MySQL and MSSQL
Python
211
star
6

ldap_search

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Python
91
star
7

taser

Python resource library for creating security related tooling
Python
79
star
8

CVE-2021-34527

PrintNightmare (CVE-2021-34527) PoC Exploit
Python
74
star
9

SubWalker

Simultaneously execute various subdomain enumeration tools and aggregate results.
Shell
33
star
10

OffsecDev

Working repo used to experiment with various languages as it relates to offensive security & evasion.
Python
23
star
11

transportc2

PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
Python
22
star
12

EAPrimer

C# project that Reflectively loads .Net assemblies in memory.
PowerShell
13
star
13

ipparser

Python module to parse IPv4 addresses / target information and return a single list for iteration. Useful when creating security or network related tools.
Python
9
star
14

m8sec.github.io

https://m8sec.dev
HTML
2
star