Loading DS_Store Viewer...
Analyze hidden macOS .DS_Store files to extract directory metadata and uncover stored folder information. This lightweight web tool helps security researchers and developers inspect invisible system files that may contain valuable structural data from macOS environments.
Drop .DS_Store file here
or click to select
What is a .DS_Store file used for?
A .DS_Store file is automatically generated by macOS Finder to store folder-specific settings such as icon positions, view preferences, background images, sorting options, and layout configuration. These files are normally hidden on macOS, but they may accidentally appear when a folder is uploaded to a website, repository, or shared archive.
What can a .DS_Store file reveal?
A .DS_Store file can reveal filenames, folder names, directory structure, backup files, hidden resources, old assets, admin paths, source folders, and other internal references. Even when the actual files are not directly listed on a website, the .DS_Store metadata may still expose their names.
Why analyze .DS_Store files in security testing?
In penetration testing and bug bounty recon, exposed .DS_Store files can help identify hidden paths, forgotten files, sensitive references, and misconfigured directories. Reviewing them can uncover information that is not visible through normal browsing or standard file enumeration.
Is this .DS_Store viewer safe to use?
This tool processes the .DS_Store file locally in your browser using PyScript and the ds-store parser. The file is not intentionally uploaded to a backend server, making it suitable for quick inspection of metadata during authorized testing or cleanup.
Who should use a .DS_Store analyzer?
Security researchers, penetration testers, bug bounty hunters, forensic analysts, web developers, and system administrators can use a .DS_Store analyzer to inspect leaked macOS metadata and understand what directory information may have been exposed.
How do .DS_Store files get exposed online?
These files are often exposed when developers upload folders from macOS directly to a web server, commit them to a public repository, include them in zip archives, or deploy static assets without filtering hidden system files.
How can I prevent .DS_Store file exposure?
Add .DS_Store to your .gitignore file, remove existing .DS_Store files before deployment, block access to them at the web server level, and scan public directories or build artifacts for hidden macOS metadata files.