FOCA presented at CONfidenceTwo 2010

by Chema Alonso,

Summary : FOCA is a tool for extracting information in footprinting and fingerprinting phases during a penetration test. It helps auditors to extract and analyze information from metadata, hidden info and lost data in published files. This new release of FOCA, version 2.5, adds automatic tools for scanning internal domains using PTR Scanning, Serach Engines, DNS Cache Snooping, Software recognition through SHODAN, etc… It allows in detecting remotely AV installed, vulnerable sw to evilgrade and to prepare a targeted attack externally. The idea of FOCA is to give as much info as can be discovered automatically starting from a public domain name… and just clicking 1 button.

Chema Alonso: Chema Alonso is a Computer Engineer by the Rey Juan Carlos University and System Engineer by the Politecnica University of Madrid. He has been working as security consultant last six years and had been awarded as Microsoft Most Valuable Professional since 2005 to present time. He is a Microsoft frequent speaker in Security Conferences. He writes monthly in several Spanish Technical Magazines. He is currently working on his PhD thesis about Blind Techniques. Recently spoke in BH Europe 2008 about LDAP Injection & Blind LDAP Injection attacks, in Defcon 16 about Time-Based Blind SQL Injection using heavy Queries, in Toorcon X about RFD (Remote File Downloading) and in DeepSec 2k8 in Austria. Currently has been selected to be presenting in HackCon#4 in Norway and in SchmooCon 2k9 in Washington DC, BlackHat Europe 2k9 and Defcon 17.