Unleash Metadata Intelligence with MetaDetective. Your Assistant Beyond Metagoofil.
Project description
MetaDetective
Delving Deep into File Metadata.
Crafted to bridge the gap in metadata extraction and analysis.
Explore the full documentation »
View Demo
.
Report Bug
·
Request Feature
Table of Contents
About
Metadata often holds critical insights in cybersecurity, playing a pivotal role in OSINT and pentesting. With Metagoofil on Kali Linux pivoting away from direct metadata analysis, a gap emerged. Enter MetaDetective: a Python 3 tool adeptly filling this void. It efficiently extracts, categorizes, and displays metadata from single or multiple files, even supporting specific file extensions and result filtering. From author credentials and modification logs to embedded links and software details, and even GPS data, it illuminates potential cybersecurity investigation pathways. While not claiming to be groundbreaking, MetaDetective is undeniably a valuable asset for cybersecurity aficionados.
🚀 Installation
Prerequisites
-
Python 3: Ensure Python 3 is installed on your system before initiating the installation process.
-
Exiftool: Given its simplicity, MetaDetective doesn't rely on any external dependencies or libraries. However, it does necessitate exiftool. Ensure you have exiftool set up on your system.
🔺 Important: MetaDetective has been exclusively tested with Python 3.11.4 on Linux and in conjunction with exiftool version 12.56. While the tool might operate on other Python versions, distributions, or exiftool versions, compatibility are only assured with these specific configurations.
Installation Steps
Clone the Repository:
You have a couple of options to clone the repository:
- Using HTTPS:
git clone https://github.com/franckferman/MetaDetective.git
- Using GitHub CLI:
gh repo clone franckferman/MetaDetective
- If you only need the script, you can also directly download it using curl:
curl -O https://raw.githubusercontent.com/franckferman/MetaDetective/stable/MetaDetective/MetaDetective.py
This will provide you with the necessary project files.
🎮 Usage
Examples of Command Usage:
- Analyzing all files within a directory (with default settings):
python3 MetaDetective.py -d directory
- Analyzing specific files while ignoring certain results and data types:
python3 MetaDetective.py -d directory -i ^admin anonymous -t doc pdf
- Analyzing all types of files within a directory in singular mode display, with a formatted mode type:
python3 MetaDetective.py -d directory -t all -display singular -format formatted
- Analyzing all files within a directory (with default settings) and exporting the results to HTML:
python3 MetaDetective.py -d directory --export MD_Export-Case_1.html
- Getting Started
To begin, you can invoke the help command:
python3 MetaDetective.py -h
- Specifying Files for Analysis
MetaDetective requires at least one file for processing:
python3 MetaDetective.py -f file
For multiple files, use:
python3 MetaDetective.py -f file1 file2 file3
You can also utilize patterns:
python3 MetaDetective.py -f *specificnameforFiles*
Alternatively, specify a directory to process all files within it:
python3 MetaDetective.py -d directory
- Additional Parameters
Ignoring Specific Results
Use -i to exclude non-pertinent results:
python3 MetaDetective.py -d directory -i anonymous
Specify multiple ignore terms:
python3 MetaDetective.py -d directory -i anonymous admin administrateur
Regex is also supported:
python3 MetaDetective.py -d directory -i anonymous ^admin
Specifying Data Type
The -t option lets you specify data types:
python3 MetaDetective.py -d directory -t pdf
Add multiple data types:
python3 MetaDetective.py -d directory -t pdf doc
To include all types:
python3 MetaDetective.py -d directory -t all
Display Options
Use -display to modify the display:
python3 MetaDetective.py -display all
This will show each file with relevant metadata.
For a unique, centralized display without showing each file:
python3 MetaDetective.py -display singular
This option filters and removes duplicates, focusing on singular results.
Format Options
When using -display singular, further modify the display:
Use -format formatted for a stylish display (with dashes):
python3 MetaDetective.py -display all -format formatted
Or use -format concise, for a simpler look:
python3 MetaDetective.py -display all -format concise
Export Options
The -e or --export option provides the ability to export your metadata results. This can be useful for further analysis, sharing, or for maintaining a record of your findings.
The default export format is PDF. However, for those who have a preference or specific need, we also offer the option to export in TXT format.
- PDF Export (Default):
Execute the following command for a default export:
python3 MetaDetective.py -d directory -e
This command will generate a PDF file with the naming pattern: MetaDetective_Export-.pdf.
- TXT Format Export:
If you want your results in TXT format, append the desired format after the --export or -e flag:
python3 MetaDetective.py -d directory --export=txt
Keep in mind that the export format can affect the presentation and usability of the data. Make sure to select the format that aligns with your intended use or preference.
🐳 Docker Integration
MetaDetective offers a Dockerized version for easy setup and consistent execution.
To set up and use MetaDetective with Docker, refer to the Docker-specific documentation available here: MetaDetective Docker Setup.
🔧 Troubleshooting
Encountering issues? Don't worry. If you come across any problems or have questions, please don't hesitate to submit a ticket for assistance: Submit an issue on GitHub
🤝 Contributing
We truly appreciate and welcome community involvement. Your contributions, feedback, and suggestions play a crucial role in improving the project for everyone. If you're interested in contributing or have ideas for enhancements, please feel free to open an issue or submit a pull request on our GitHub repository. Every contribution, no matter how big or small, is highly valued and greatly appreciated!
📚 License
This project is licensed under the GNU Affero General Public License, Version 3.0. For more details, please refer to the LICENSE file in the repository: Read the license on GitHub
Contact
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file MetaDetective-1.0.4.tar.gz.
File metadata
- Download URL: MetaDetective-1.0.4.tar.gz
- Upload date:
- Size: 51.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d49a2cb17098f4b42574ee49cec2ec3eb2bdbdb62c6f92542ea2779d59d413a6
|
|
| MD5 |
1b472395ff1cf794a86cbd6131a591f8
|
|
| BLAKE2b-256 |
16f679c2aac9f2387ab90cbffca9bb811dc10dd953a14b36dbf6ff762e397a2c
|
File details
Details for the file MetaDetective-1.0.4-py3-none-any.whl.
File metadata
- Download URL: MetaDetective-1.0.4-py3-none-any.whl
- Upload date:
- Size: 34.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b86d4b575a4b415ebeda9c097444c9ef99b3c16da1560d7dd3b0ffc1622bc77b
|
|
| MD5 |
098adf30d1e9205c00826bd2ba1ed6f1
|
|
| BLAKE2b-256 |
bb53f89c9c502c1fbeeb382c240a23c073ddc11d10a08b49b5e2ed6648470875
|
