Awesome

https://github.com/franckferman/MetaDetective/assets/73023545/7b245f87-37e2-40b7-8b3c-88aefecb4e13

📜 Table of Contents

📖 About

MetaDetective: Advanced metadata analysis and web scraping.

Metadata, in the realm of cybersecurity, is more than just embedded information; it's a gateway to insightful perspectives, often unveiling crucial leads in OSINT and pentesting.

As key tools like Metagoofil on Kali Linux shifted their trajectory away from pure metadata analysis, the exigency for a robust alternative took center stage. Enter MetaDetective.

🧠 Tailored Metadata Analysis

Drawing inspiration from the foundational tools like Metagoofil, MetaDetective emerges as a revitalized and improved iteration, dedicated to providing efficient metadata extraction and presentation. It stands out as a comprehensive Python 3 tool, purposely designed to bridge the existing gaps in metadata analysis.

📊 Streamlined Data Presentation

Beyond mere extraction, MetaDetective prides itself on its capability to meticulously categorize and showcase metadata. Whether dealing with an individual file or an array of them, the tool ensures users grasp the entire spectrum of data, both in its breadth and depth.

🌐 Web Scraping

While Metagoofil once leaned on Google searches—a method riddled with IP restrictions and the labyrinth of proxy workarounds—MetaDetective pioneers a path with direct web scraping. By targeting sites directly, it sidesteps disruptions, delivering a dataset that's not just richer, but also more precise, spotlighting potential data leaks.

🔍 Complementary Utility for OSINT and Pentesting

Although it is now independent and offers its own functions, including scraping, MetaDetective isn't just a standalone behemoth. It's crafted for seamless integration and synergy with tools like Metagoofil. A quintessential addition to every pentester's and OSINT researcher's toolkit, MetaDetective magnifies data acquisition prowess and broadens the horizons of analysis.

🚀 Installation

Before diving into the installation process, ensure you meet the following prerequisites.

Prerequisites

1. Python 3: Ensure Python 3 is installed on your system before initiating the installation process.

2. Exiftool: Given its simplicity, MetaDetective doesn't rely on any external dependencies or libraries. However, it does necessitate exiftool. Ensure you have exiftool set up on your system.

⚠️ Note: MetaDetective has been rigorously tested with Python 3.11.4 on Linux alongside exiftool version 12.56. While it may function with other versions, compatibility is guaranteed only with these specific configurations.

Installation methods

1. Git clone the repository:

git clone https://github.com/franckferman/MetaDetective.git

2. Direct download: To skip cloning and directly download the script (designed for simplicity and flexibility, it doesn't depend on any external packages, so if you only need the script, you can also directly download it):

curl -O https://raw.githubusercontent.com/franckferman/MetaDetective/stable/src/MetaDetective/MetaDetective.py

3. Pip Installation:

• Create & Activate a Virtual Environment:

python3 -m venv MetaDetectiveEnv
source MetaDetectiveEnv/bin/activate

• Install MetaDetective:

pip install MetaDetective

4. Docker integration:

For a Docker-based setup, refer to our Docker-specific guide: MetaDetective Docker Setup.

🎮 Usage

Ensure you adapt your command according to how you've set up MetaDetective.

Getting started

Kick off with the built-in help to explore MetaDetective's functionalities:

python3 src/MetaDetective/MetaDetective.py -h

Command examples

🕵️ File analysis:

🔎 Export function:

🌐 Web Scraping:

Additional parameters

🌐 Web Scraping:

To initiate the web scraping mode, use the --scraping flag. Remember, this option doesn't function independently. It requires either a scanning or downloading parameter.

• Activating web scraping mode:

python3 src/MetaDetective/MetaDetective.py --scraping

• Scanning and displaying statistics: Ensure both the URL and --scan flags are used.

python3 src/MetaDetective/MetaDetective.py --scraping --scan --url https://example.com

• Scans for specific file types and displays related statistics: Ensure both the URL and --scan flags are used and use --extensions followed by a list of desired file types (e.g., pdf docx png).

python3 src/MetaDetective/MetaDetective.py --scraping --scan --url https://example.com --extensions pdf docx xlsx pptx

• Downloading web content: Indicate the desired directory using --download-dir and provide the target URL.

python3 src/MetaDetective/MetaDetective.py --scraping --download-dir ~ --url https://example.com

• Downloads web content of specific file types: Indicate the desired directory using --download-dir, provide the target URL and desired file types with --extensions.

python3 src/MetaDetective/MetaDetective.py --scraping --download-dir ~ --url https://example.com --extensions pdf docx xlsx pptx

• Adjusting scraping depth: Use the --depth flag to specify how deeply the scraper should navigate through links.

python3 src/MetaDetective/MetaDetective.py --scraping --scan --url https://example.com --depth 1

Additional Flags:

• External link tracking: Use --follow-extern to allow tracking of external links (those outside the base URL). Typically not advised, but might be useful in certain contexts.

• Thread management: Use --threads to specify the number of threads for concurrent operations.

• Rate limiting: Use --rate to control the maximum number of requests per second.

🕵️ File analysis & Metadata Analyzer:

Basic Commands:

To begin analyzing files, you'll use either the -d or -f flag.

• -d or --directory: Select a directory containing one or multiple files.
• -f or --files: Choose a single or multiple specific files.

Analyze the contents of a directory.

python3 src/MetaDetective/MetaDetective.py -d examples

Analyze the contents of a file.

python3 src/MetaDetective/MetaDetective.py -f examples/MetaDetective.docx

Analyze the contents of multiple files.

python3 src/MetaDetective/MetaDetective.py -f examples/MetaDetective-APTX_4869_report.pdf examples/MetaDetective-Kogoro_s_Choice.pdf

Specifying data type

You can filter to analyze specific file types:

Ignoring specific results:

If you want to omit specific keywords from the displayed metadata, use the -i or --ignore flag. For instance, you might want to exclude common usernames like "admin" during the reconnaissance phase of your pentest. Regex patterns are supported, e.g., ^BeginBy.

Display options

Adapt the display of your results to suit your preferences:

Format options

Modify your display further with these:

🔎 Export options

MetaDetective provides flexibility in exporting analysis results.

By default, using the --export or -e option will save your results in an HTML format. This design ensures a visually appealing report for your analysis.

If you prefer a .txt format, that's possible too. Switch between formats using the -e or --export flag followed by the desired format: -e txt or -e pdf.

The export will, by default, use a predefined name appended with a timestamp. To customize this name, you can append a suffix using the -c or --custom flag.

Further, the --out or -o argument lets you specify the directory path for your exported data.

Be aware: The display and format options, as previously discussed, will influence the presentation of your exported document, whether in HTML or TXT format. Data representation might differ between the two formats.

Note: The export format can greatly affect data presentation and accessibility. Opt for the format that aligns with your requirements.

🔧 Troubleshooting

Encountering issues? Don't worry. If you come across any problems or have questions, please don't hesitate to submit a ticket for assistance: Submit an issue on GitHub

🤝 Contributing

We truly appreciate and welcome community involvement. Your contributions, feedback, and suggestions play a crucial role in improving the project for everyone. If you're interested in contributing or have ideas for enhancements, please feel free to open an issue or submit a pull request on our GitHub repository. Every contribution, no matter how big or small, is highly valued and greatly appreciated!

⚖️ Legal Disclaimer

Please be aware that the use of the MetaDetective tool may be subject to specific laws and regulations in your country or region. Before using this tool, it is your responsibility to ensure that its use is in compliance with the laws applicable in your jurisdiction.

The creator of MetaDetective cannot be held responsible for any improper or illegal use of this tool. By using MetaDetective, you acknowledge and agree that you are solely responsible for complying with local laws and regulations.

In some instances, the use of MetaDetective might be justified for legitimate purposes such as protection against authoritarian regimes or for survival matters. However, it is strongly advised to take all necessary measures to protect yourself and to abide by the law.

By using MetaDetective, you acknowledge having read this disclaimer and agree to act accordingly. The creator of MetaDetective does not in any way endorse the use of this tool for illegal or harmful purposes.

🌠 Star Evolution

Explore the star history of this project and see how it has evolved over time:

Your support is greatly appreciated. We're grateful for every star! Your backing fuels our passion. ✨

📚 License

This project is licensed under the GNU Affero General Public License, Version 3.0. For more details, please refer to the LICENSE file in the repository: Read the license on GitHub

📞 Contact