In this article, we will use LeakSearch to leverage the COMB (Combination Of Many Breaches) data breach database. The COMB breach contains over 3.2 billion email/password combinations, making it a massive database to leverage. Since we are working with breached accounts, I advise that you check with your local laws before installing and giving LeakSearch a try. With that said, COMB is a publicly available database, and we will be working with it from a penetration testing/OSINT/Security awareness view.
Data breaches in an ethical sense can help us determine who’s passwords are potentially compromised so they can secure them, in terms of OSINT work, we can potentially learn more about our target based on the breached information to learn more about them. Breaches can be an incredibly useful tool. While we have looked at other sources, such as Dehashed and Haveibeenpwned, LeakSearch allows us to search its massive database in clear text for free. For this article I am installing LeakSearch on my Linux VM, this is a Python3 program so it can also be installed to Windows and OSX, though I always recommend using a VM whenever searching for breaches or performing OSINT investigations. On a side note, should you find your account is part of a data breach and the information is still correct, you should make sure to change your passwords immediately and review your accounts for unusual settings and activities.
Author
Latest Articles
- New EditionAugust 26, 2024LeakSearch
- New EditionJune 6, 2024Searching the Darkweb
- OfficialMarch 21, 2024Maigret
- NewFebruary 22, 2024Artificial Intelligence and Image Manipulation