In this post I use a python tool (EyeWitness), TOR, TorGhost, and the Dark Web Reports from Hunchly to automate viewing the Dark Web resources.
Dark Web Report + TorGhost + EyeWitness == Goodness
Shodan and DOUBLEPULSAR / WannaCry
What is WannaCry? In March 2017, Microsoft issued the MS17-010 bulletin (https://technet.microsoft.com/en-us/library/security/ms17-010.aspx) patching (and warning) of a broad set of vulnerabilities in many of its operating systems from Windows XP to Windows 10 and 2016. This vulnerability could be exploited via the DOUBLEPULSAR attack released by ShadowBrokers and supposedly attributed to the NSA. For more... Continue Reading →
Removing Yourself from the Internet
Helpful guide that provides directions on how to remove private information from public web sites.
The Secrets of LinkedIn
For those of you that have been the targets of SPAM or phishing or perhaps for those of you that are cyber defenders, how many times have you heard "I have no idea how the attacker got my personal email address." I have a secret to share with you. [Come a little closer to the... Continue Reading →
WhatsMyName Project
What Is It? I've created the WhatsMyName project on Github (https://github.com/WebBreacher/WhatsMyName) to help with #OSINT searches by using target user names. Here's how it works: We understand that people use the same username across multiple web sites. For example, I am "WebBreacher" on both the Github and BitBucket web sites. Some web sites make it... Continue Reading →
My 3 Favorite OSINT Videos
There are three quick and impactful videos that I like pointing people towards when they ask about how their personal data can be used against them. All are free on YouTube. Enjoy! Data to Go https://www.youtube.com/watch?v=_YRs28yBYuI https://www.youtube.com/watch?v=_YRs28yBYuI Amazing mind reader reveals his 'gift' https://www.youtube.com/watch?v=F7pYHN9iC9I https://www.youtube.com/watch?v=F7pYHN9iC9I See how easily freaks can take over your... Continue Reading →
Trump Twitter Bot
What I just made a thing on Twitter. It is a "bot". This python computer program runs on my computer and retweets Donald Trump's (https://twitter.com/realDonaldTrump) Twitter account only if the original tweet came from an Android device. Here's what it looks like for both a tweet from Trump and one that is probably not: Why... Continue Reading →
Changing your location manually in Chrome and Firefox
Our modern web browsers such as Google Chrome and Mozilla Firefox (as well as Internet Explorer, Opera and Safari) have the abilities to use our current location using a variety of techniques. Most of the time, the browser will prompt the user and ask for permission to use the current location on some web site. That... Continue Reading →
Watching You Drink Beer
I noticed that many people on Twitter publish when they use the Untappd.com application. This app allows a user to "check-in" when they drink beer. They get badges, the dates and times of their drinking is noted, and many times the geographic location of where they drank is also available.....all with no authentication! Woohoo! So... Continue Reading →
