LeakSearch

Aug 26, 2024
Obraz zawierający zrzut ekranu, Grafika, tekst, Czcionka

Opis wygenerowany automatycznie

In this article, we will use LeakSearch to leverage the COMB (Combination Of Many Breaches) data breach database. The COMB breach contains over 3.2 billion email/password combinations, making it a massive database to leverage. Since we are working with breached accounts, I advise that you check with your local laws before installing and giving LeakSearch a try. With that said, COMB is a publicly available database, and we will be working with it from a penetration testing/OSINT/Security awareness view.

Data breaches in an ethical sense can help us determine who’s passwords are potentially compromised so they can secure them, in terms of OSINT work, we can potentially learn more about our target based on the breached information to learn more about them. Breaches can be an incredibly useful tool. While we have looked at other sources, such as Dehashed and Haveibeenpwned, LeakSearch allows us to search its massive database in clear text for free. For this article I am installing LeakSearch on my Linux VM, this is a Python3 program so it can also be installed to Windows and OSX, though I always recommend using a VM whenever searching for breaches or performing OSINT investigations. On a side note, should you find your account is part of a data breach and the information is still correct, you should make sure to change your passwords immediately and review your accounts for unusual settings and activities.

Author

Jeff
Latest Articles
Subscribe
Notify of
guest

0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023