loading
Loading content
loading
Metadata analysis pulls the data that files carry but rarely display. A PDF or Office document records the author, the editing software and version, creation and modification times, and sometimes the network path it was saved to. Photos store EXIF fields including GPS coordinates, camera model, and timestamps. None of it appears on screen, yet it leaks straight from public downloads.
The technique pays off in reconnaissance because it maps people and infrastructure without touching the target. Author fields reveal a naming convention you can fold into a username list. Software versions hint at patch levels worth probing. An internal UNC path or a printer name exposes hostnames and directory structure that scanning alone would miss. Tools like exiftool and FOCA automate the extraction across large document sets.
Metadata analysis is one strand of OSINT and a quiet, low-risk part of recon. The output feeds the next step: usernames seed credential attacks, and recovered paths or comments may surface alongside secrets scanning and content discovery.
In a Trickest workflow you can crawl a domain for public documents, run extraction across the batch, and aggregate authors, software, and paths into a single dataset that downstream nodes consume.
Related terms