🗣️Breaches/Leaks

🗣️ Breaches/Leaks

🗣 Breaches

• Usage : https://psbdmp.ws/api/search/<email>

• Usage https://cavalier.hudsonrock.com/api/json...@email.com =======

• Usage https://cavalier.hudsonrock.com/api/json...@email.com

Tools

• WhatBreach — An OSINT tool facilitating the discovery of breaches involving a specific email address, capable of loading public databases.

• h8mail и pwnedOrNot — Tools for finding passwords from compromised email addresses in public databases.

• Infoga — Collects email account information from public sources and checks for email leaks using the haveibeenpwned.com API.

Pastebins

Investigate - Verify Leak Data

https://techjournalism.medium.com/how-to-verify-leak-data-3b0c8d8b764a

Metadata

• Extract the metadata from multiple images and store it in a list : link

  • Tools :

    • PDFMiner

    • metadata2go.com

    • Jimpl

    • VerEXIF

    • Metadata Interrogator

  • Automate the collection of metadata, collect creation dates and store it for analysis in chronological order :

    Copy

    import fitz
    from datetime import datetime
    
    def extract_creation_date(pdf_path):
        with fitz.open(pdf_path) as doc:
            try:
                creation_date = doc.metadata.get("creationDate")
                if creation_date:
                    creation_date = datetime.strptime(creation_date[2:16], "%Y%m%d%H%M%S")
                    return creation_date
                else:
                    return None
            except Exception as e:
                print(f"Error extracting creation date from {pdf_path}: {e}")
                return None
    
    if __name__ == "__main__":
        pdf_paths = ["file1.pdf", "file2.pdf", "file3.pdf"]
        creation_dates = []
        for path in pdf_paths:
            creation_date = extract_creation_date(path)
            if creation_date:
                creation_dates.append((path, creation_date))
        
        creation_dates.sort(key=lambda x: x[1])
        print("PDF Creation Dates (in chronological order):")
        for i, (pdf_path, date) in enumerate(creation_dates, start=1):
            print(f"{i}. {pdf_path} - {date}")

Virus scan - You never know

• Set up a separate machine, one that perhaps connects via the Tor Project

  • Runs two different virus scan software packages.

    • If the data runs on an external hard drive, check virus/malware on that dump of data as a whole.

Check photos/graphs

• Yandex reverse image search : Struggles with graphics

• Search through Dorks, a lot of leaks on Slideshare

• Chronolocate

Signatures (pen)

• fileproinfo

Word-Doc

• FOCA