OSINT and Sleuthing - Cause you retards LOOOOVE dawksing

[Polentic]

Post your favorite Sleuthing sites and more.

Here's my favorite stuff :

https://epieos.com/ (EMAIL SEARCHER (FREE ACCOUNT)
https://snusbase.com/ (COSTS MONEY)

truepeoplesearch.com (USA People Search FREE)

https://breachdirectory.org/ (FREE WITH HASHES)
https://leakpeek.com/ (NEED ACCOUNT TO MAKE MORE THAN LIKE 5 SEARCHES)
https://intelx.io/ (FREE BUT NEED MONEY FOR THIS TO ACTUALLY BE USEFUL)

https://hashes.com/en/decrypt/hash (DECODE HASHES)

https://whatsmyname.app/ (USERNAME SEARCH)

 

[Azdy]

People search:
familytreenow.com - a recent favorite
fastpeoplesearch.com
Also never hurts to check Bing, Yahoo etc. for stuff Google doesn't have.

 

[KosherFarms.net]

https://whatsmyname.app/ (USERNAME SEARCH)

Using this site feels like using google back when it was actually useful, brought a tear to my eye!

 

[Oh Sugar]

https://osintframework.com/

This site is my go-to starting place for that kind of thing. It has links to a lot of great OSINT resources.

 

[Belisarius Cawl]

Also never hurts to check Bing, Yahoo etc. for stuff Google doesn't have.

A little OP but that also goes for copyrighted stuff. What is possible but tedious with Google has often become trivial using Yandex (where I also often luck out with reverse image search) and DuckDuckGo in my experience.

 

[Don Yagon]

https://github.com/sherlock-project/sherlock - searches a couple hundred sites for username matches. Can have a bunch of false positives so always check resulting links manually (or try searching some random unique string first).

 

[Belisarius Cawl]

These tools seem really useful but also seem to require additional knowledge not directly stated. I did a search on a username I use on a lot of websites other than this one and GitHub immediately stuck out as a means of "dawksing" but that's because I obviously know about the logs. I wonder how straightforward that is for some of these other sites.

 

[Cowboy Kim]

Holehe - searches for sites an email address has been used to sign up for (require CLI and python knowledge.)
WHOIS database archives.
Email Validator - Can be used to find potential email's via usernames.
Picarta - Try to find the location a picture was taken in via A.I (note: data is iffy, be sure to verify its results.)
EXPOSED - haveibeenpwned if it occasionally gave passwords.
SteamID - History of a Steam account (usernames, avatars, friends, etc.)
PimEyes - A.I tool to find other pictures of a person via facial recognition.
Popular tool aggregators include OSINT4ALL, AsINT_Collection, and Bellingcat’s Tools.

https://whatsmyname.app/ (USERNAME SEARCH)

I've used sherlock and a fork of it (maigret), and this still seems the best username search overall.

These tools seem really useful but also seem to require additional knowledge not directly stated.

Very true, a tool is only as good as its user. While I'm far from a professional, this video seems to be pretty good:

Another option is to just observe how others have been doxed/found (e.g., the H.W.N.D.U flag captures) and try to learn from that.

 

[Belisarius Cawl]

Very true, a tool is only as good as its user.

I can't think but help of every thread I've seen where someone was under the impression Kalee Leenooks is a miraculous instant hacking tool that will scrape bobs and vagene pictures from Instagram

Also, is there a book equivalent of the video lecture you can recommend? I don't do well with lectures. I have a few OSINT materials in my archives but was looking for some advice here.

 

[xmpp]

Free Database Lookup tool at breach.vip courtesy of a former very prominent BreachForums user.

Don't bother paying for Dehashed or Snusbase when this is free!

 

[revenge of rebecca]

Free Database Lookup tool at breach.vip courtesy of a former very prominent BreachForums user.

Don't bother paying for Dehashed or Snusbase when this is free!

"breach.vip is the largest Minecraft DB search engine." https://breach.vip/faq

So this is only for Minecraft?

This website seems to require javascript to function. This scares me.

 

[revenge of rebecca]

Anyways,

Mental Outlaw came out with a video relatively recently, where he talks about using the national public data records breach to do local background checks with grep (https://youtu.be/bkpfUKP7T-Y).

However, since I am not a criminal and am tech-illiterate, I do not know how I myself could find, download, and access this data in a safe manner. I would want to do it without exposing myself to javascript that could be malicious (due to breachforums being a fed honeypot), without compromising my own anonymity, and without accidentally downloading malware from a threat actor. I want to do background checks with grep too, but I do not want a virus on my computer! Also, I do not know if the data breach is still publicly accessible at all anymore, and I do not know how to check.

So, if anyone wants to help a girl out (and if it is not against site rules), please advise on how I can proceed! <3

 

[Belisarius Cawl]

"breach.vip is the largest Minecraft DB search engine." https://breach.vip/faq

So this is only for Minecraft?

This website seems to require javascript to function. This scares me.

It's certainly not only for Minecraft because I saw an example of a breach for me on armorgames.com from who knows how long ago. Having said that, I'm reluctant to search for passwords I've used in the past on there without knowing more. A password hash was available for the armorgames.com account but that isn't the same as the password itself.

Anyways,

Mental Outlaw came out with a video relatively recently, where he talks about using the national public data records breach to do local background checks with grep (https://youtu.be/bkpfUKP7T-Y).

However, since I am not a criminal and am tech-illiterate, I do not know how I myself could find, download, and access this data in a safe manner. I would want to do it without exposing myself to javascript that could be malicious (due to breachforums being a fed honeypot), without compromising my own anonymity, and without accidentally downloading malware from a threat actor. I want to do background checks with grep too, but I do not want a virus on my computer! Also, I do not know if the data breach is still publicly accessible at all anymore, and I do not know how to check.

So, if anyone wants to help a girl out (and if it is not against site rules), please advise on how I can proceed! <3

Virtually any website you visit will have JavaScript on it. Here's one of the few websites I can think of with no JavaScript which belonged to the late famous mathematician John Nash:

https://web.math.princeton.edu/jfnj/

It's very Web 1.0. Anyway, obviously something as dynamic as JavaScript can be used with malicious intent. Most JavaScript is of course not malicious however; that would be total mayhem. I haven't watched your video but if it says that you can search for your info in it using grep, then that means that it's in the form of a very big plain text file. I am not aware of any way of executing malicious code just by reading (as opposed to executing) a text file. grep and others are relatively easy tools to use in a Linux or other Unix operating system. Correct me if I'm wrong but you are coming from a Windows environment, yes? Due to it being a different operating system and to your concerns about malware, you might want to consider running Linux in a VM and accessing the data from inside that VM. If anything goes haywire, you can trash the VM and not worry about the host operating system. I use Linux Mint and it works well both for beginners and seasoned users. Hope that helps.

 

[revenge of rebecca]

Correct me if I'm wrong but you are coming from a Windows environment, yes? Due to it being a different operating system and to your concerns about malware, you might want to consider running Linux in a VM and accessing the data from inside that VM. If anything goes haywire, you can trash the VM and not worry about the host operating system. I use Linux Mint and it works well both for beginners and seasoned users. Hope that helps.

I am a new convert from Windows. I use the virtual machine known as Whonix in order to access the kiwifarms onion website. See https://en.wikipedia.org/wiki/Whonix. However, the virtual machine (and computer itself) does not have enough space to store a 300Gb+ text file.

In whonix, we are supposed to disable javascript in the web browser, to prevent browser fingerprinting and malware. See https://youtu.be/7wLLcFMmbpg for a Whonix demo in which the guest disables javascript in the browser.

When I was able to, I always accessed https://kiwifarmsaaf4t2h7gc3dfc5ojhmqruw2nit3uejrpiagrxeuxiyxcyd.onion with javascript disabled. However, @Null has taken away the ability to pass the ddos protection without javascript. So I am forced to use javascript to access this site.

Thanks for your kind comments!!

 

[Null]

When I was able to, I always accessed https://kiwifarmsaaf4t2h7gc3dfc5ojhmqruw2nit3uejrpiagrxeuxiyxcyd.onion with javascript disabled. However, @Null has taken away the ability to pass the ddos protection without javascript. So I am forced to use javascript to access this site.

It is theoretically possible (and some PoW systems do this, since the concept of PoW for smooth anti-DoS attacks has spread like absolute wildfire since we adopted it) to provide linux commands that can be copy+pasted to solve the task without JS.

 

[revenge of rebecca]

It is theoretically possible (and some PoW systems do this, since the concept of PoW for smooth anti-DoS attacks has spread like absolute wildfire since we adopted it) to provide linux commands that can be copy+pasted to solve the task without JS.

Yes, so I installed the argon2 package in Whonix and used the terminal to solve the cryptographic challenges. That was the way it was set up until recently. Now I have to turn on the javascript.

 

[Belisarius Cawl]

I am a new convert from Windows. I use the virtual machine known as Whonix in order to access the kiwifarms onion website. See https://en.wikipedia.org/wiki/Whonix. However, the virtual machine (and computer itself) does not have enough space to store a 300Gb+ text file.

In that case there might be a way to filter the data so that it's reduced in ways that are relevant to you so that it's only, say, 10 GB or something else a lot more manageable. I can't say "yes" or "no" without further details though.

In whonix, we are supposed to disable javascript in the web browser, to prevent browser fingerprinting and malware.

I haven't used Whonix but a brief search on Whonix and disabling JS led me here for example:

https://forums.whonix.org/t/disabling-javascript-js-in-tor-browser-tbb-by-default/4804/3

Disabling JS by default is something I can understand. I can also understand selective acceptance or rejection of JS files from some host or other but turning it off altogether is pretty much unthinkable. To get a sense of what I mean, install a browser called "dillo" on Whonix. Whonix is based on Debian so it should be available with apt. dillo doesn't implement JavaScript at all and frankly I'm not sure who the target audience is anymore. You will see that virtually every website you try with it will barely function, if at all. Ironically, the dillo website itself uses JS (can be confirmed with "View Source" functionality on any browser):

https://dillo.org

 

[Cowboy Kim]

Also, is there a book equivalent of the video lecture you can recommend? I don't do well with lectures. I have a few OSINT materials in my archives but was looking for some advice here.

Michael Bazzell's books seem to be held in high regard, same goes for Structured Analytic Techniques for Intelligence Analysis by Pherson and Heuer. I've also heard that Cases in Intelligence Analysis by Beebe and Pherson is used for training by actual glowies. Keep in mind I haven't read any of these books, so I can't verify any of those claims, nor the aforementioned books quality.

It's certainly not only for Minecraft because I saw an example of a breach for me on armorgames.com from who knows how long ago.

It's probably a joke/attempt at making it seems less "dangerous" to outside parties who could report it.

I am not a criminal

>I am not a criminal
Downloading leaked databases is a legal grey-area at best, as the databases are only leaked by illegally accessing a computer/server

I would want to do it without exposing myself to javascript that could be malicious (due to breachforums being a fed honeypot), without compromising my own anonymity, and without accidentally downloading malware from a threat actor.

Considering your threat model includes nearly zero-JS and Whonix, I'm guessing you're using the internet on most-wanted mode. Assuming you're running Whonix under Qubes to ensure you aren't crossing streams (personal life, legally dubious, and shitposting aren't routing through the same connection), you could run all the JS you want and have no fear, since the VM you accessed the leak from is tossed the second you get the data you need.

I do not know if the data breach is still publicly accessible at all anymore, and I do not know how to check.

If it was published on BreachForums, you'd have to check BreachForums.

In that case there might be a way to filter the data so that it's reduced in ways that are relevant to you so that it's only, say, 10 GB or something else a lot more manageable.

Someone else would have to filter the file, in which case you may as well tell the second party to run the grep commands for you.

 

[xmpp]

Not gonna bother replying directly because there's a lot but if you don't want to use a tool and just want to download the databases to grep through it yourself, here you go.

BreachForums V2 (before original LEA takeover) - Includes most of the famous breaches, including KiwiFarms too
New BreachForums Databases - Recent databases after the LEA takeover, doesn't include current BF stuff

I had a list of torrent links to like 100+ other breaches like Naz.API, Collections and Antipublic but can't find it right now, i'll update this later if I do

 

[JT Marlin]

same goes for Structured Analytic Techniques for Intelligence Analysis by Pherson and Heuer. I've also heard that Cases in Intelligence Analysis by Beebe and Pherson is used for training by actual glowies.

These books are wonderful. Do you have any similar recommendations?