Although you can’t spot metadata when you read some file in a usual way, it doesn’t necessarily mean that there is no metadata in this file. It is hidden inside the file. If an attacker will be able to read it, he/she can find such valuable information as comments, history of changes and much more sensitive information which can be found in metadata. This is called information disclosure via metadata.
How to Extract Metadata
There are a lot of tools you can use in order to extract metadata from files. One of them is a tool called ExifTool which can be installed in Windows and Unix based operating systems. It supports such file formats as doc, docx, pdf, xls etc. We will use this tool in Linux. To install it just type ” sudo apt install exiftool”. Then after installation is finished type: “exiftool -a filename.fileformart” and you will get some table with information like this:
Please note that we used this tool only for an example. There are even some online tools for metadata extracting. Just search for “extract metadata” in google and choose any tool you want.