OSINT tools for discovering data breaches

OSINT (open source intelligence) is the collection and analysis of open-source information, primarily used by government agencies, law enforcement and business intelligence. Investing in an OSINT training course is an essential skill for cybersecurity professionals as they can be used to gather intelligence for due diligence, detecting fraud, scams and money laundering and potential data breaches. Contrary, OSINT has its vulnerabilities relating to cybersecurity, and can result in data breaches and cyber attacks from identified information found on the surface web or dark web.

1) Haveibeenpwned?

Have I Been Pwned? is a database that has a collection of billions of leaked accounts that have been compromised through a data breach. According to CybintSolutions, 95 percent of data breaches comes from only three industries: government, retail and technology. HIBP allows their visitors to input their email address or password to see where and when they have been breached, or if their password has already compromised (used by other users from previous data breaches). HIBP will make all users aware of the importance of having a unique password. The tool will tell a user if they have a strong unique password or a very bad one. By looking after your password and applying good password practises, it will help avoid a data breach.

2) Intelligence X

Intelligence X is an open source information gathering search engine tool. It is different from other search engines as it searches for specific target terms such as URLs, email addresses etc. It also has the service of searching for Bitcoin addresses. The searches are explored through the darknet as well as surface web, and. a copy of the results from the searches are stored in a historical data archive.

Let’s take this scenario for instance. A ransomware has infected 25 computers. The files in the infected computers are encrypted and cannot be accessed. The computers display the following message:

“You have 48 hours to pay 1 BTC to 1FfmbHfnpaZjKFvyi1okTjJJusN455paPH to obtain the decryption key. If you don’t pay, the recovery key will be destroyed, and your data will remain encrypted”.

With Intelligence X, you can use this as a starting point to find additional indicators of compromises (IoC). By simply, searching the bitcoin address of the ransom, you’ll be able to see where it has previously used, forums in which it has been discussed and transactions it may have been involved in. Intelligence X will provide all the information required to locate the attacker.

3) DeHashed

DeHashed is a similar tool to HIBP, however it offers users more search options such as names, phone number, IP address, URL etc. It is used to help give people the ability to find out if their personal data is available online from a data breach, as it will help prevent misuse of their information. Their objective is to alert users. If you are a user who has personal information registered on a numerous number of websites and one of the websites has been a victim of data breach,

DeHashed will allow you to use a variety of search options to help filter out where you have been compromised. This will save time from searching each registered site to see if it is a victim of a data breach.

OSINT and dark web bootcamps provides users with the essential skills to discover relevant intelligence and indicators of compromise (IoC) on the internet and dark web. The QA experience will give students practical skills placed in a safe working environment that enables students to explore and understand the different types of OSINT tools and techniques used by hackers, as well as cyber investigators. In the right circumstances, OSINT training can be a great way to upskill and develop employees effectively and efficiently enhancing the Return on Investment (ROI).