The Ethical Hacker Network - [Article]-Doxing and Anti-Doxing

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4167

Editor-In-Chief

[Article]-Doxing and Anti-Doxing – Part I

« on: August 31, 2012, 12:35:26 PM »

Jason is about to be on a roll. In addition to this article and then Part II in the works, he's also slated to do some course reviews, a new contest as well as some other ideas for his column. I think I have him jammed for at least the next year. Should be fun.

Speaking of fun, if you can, catch Jason at DerbyCon speaking on this very topic of doxing.

Permanenet link: [Article]-Doxing and Anti-Doxing – Part I

Quote

By Jason Andress

For those of us following or taking part in the various hacktivist activities happening around the globe on a regular basis, doxing is a regular feature. We wake up in the morning to find the personal lives of businessmen, hackers who have made target of themselves for one reason or another, government employees, and a host of others spilled out onto the Internet for the entire world to see. Doxing can be a tool for use in security testing, investigation, or research on the positive side. But it can also be a tool for humiliation, harassment, and worse on the negative side.

In the Part I of this article, we will discuss what exactly doxing is and the tools and techniques we might use to carry out such an attack. In the Part II of this article we will talk about the steps we can take to at least lessen its impact, should we find ourselves on the receiving end of such efforts.

Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

shadowzero

Full Member

Offline

Posts: 120

It's a UNIX system, I know this!

Re: [Article]-Doxing and Anti-Doxing – Part I

« Reply #1 on: August 31, 2012, 02:11:44 PM »

A good read. Looking forward to part 2.


	Logged

Cyber.spirit

Sr. Member

Offline

Posts: 351

The World is sick, Save your mind...

Re: [Article]-Doxing and Anti-Doxing – Part I

« Reply #2 on: September 04, 2012, 03:22:07 AM »

good article im waiting for part two too!


	Logged

ICS Academy Network Security Certified

chrisj

Hero Member

Offline

Posts: 1163

Re: [Article]-Doxing and Anti-Doxing – Part I

« Reply #3 on: September 04, 2012, 10:22:35 AM »

Great refresher, but when I clicked the link for the Google advanced operators, I got a 404 error.

Looking forward to part 2.


	Logged

OSWP, Sec+

jason

Hero Member

Offline

Posts: 1012

Re: [Article]-Doxing and Anti-Doxing – Part I

« Reply #4 on: September 04, 2012, 11:40:58 AM »

Looks like they've moved things on me. The updated link is:

http://support.google.com/websearch/bin/answer.py?hl=en&answer=136861

Thanks for the heads-up, I'll get Don to tweak the article.


	Logged

m0wgli

Full Member

Offline

Posts: 248

Re: [Article]-Doxing and Anti-Doxing – Part I

« Reply #5 on: September 04, 2012, 03:52:57 PM »

Well written article, a good overview for those unfamiliar with the concepts.

I followed some of the well publicised doxes earlier in the year e.g. Lulzsec and UGNazi, and found them to be very useful examples of the techniques involved and how the information gathered can be expanded upon.

Also, as you mention in your article some of these inferences are entirely wrong, which has led to the wrong person getting doxed by mistake.

I don't know what you've got planned for your next contest but requiring a bit of OSINT/information reconnaissance before actually getting to the challenge or being the challenge itself could prove interesting.

Looking forward to part two!


	Logged

Security + | OSWP | eCPPT | CSTA

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4167

Editor-In-Chief

Re: [Article]-Doxing and Anti-Doxing – Part I

« Reply #6 on: September 04, 2012, 04:35:00 PM »

Article has been tweaked!

Glad everyone is enjoying it.

Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

jason

Hero Member

Offline

Posts: 1012

Re: [Article]-Doxing and Anti-Doxing – Part I

« Reply #7 on: September 06, 2012, 03:05:28 PM »

Just ran across this today:

http://www.powersearchingwithgoogle.com/course

This is a short video course from Google on power searching. Happy doxing Grin


	Logged

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4167

Editor-In-Chief

Re: [Article]-Doxing and Anti-Doxing – Part I

« Reply #8 on: September 19, 2012, 01:13:58 PM »

FYI...

Jason's editorial schedule for his column is as follows:

Sept = Spooky Warfare Hacking Contest
Oct = Course Review: SANS vLive FOR408
Nov = Spooky Warfare Results
Dec = Doxing Part II
Jan or Feb = Course Review: SANS vLive FOR508

Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

nebu10uz

Sr. Member

Offline

Posts: 368

Re: [Article]-Doxing and Anti-Doxing – Part I

« Reply #9 on: September 19, 2012, 01:39:20 PM »

Yup, I took that course this summer. I learned some cool tricks. Earned a cert for passing the course. Very easy.


	Logged

Security+, OSCP, CEH

jason

Hero Member

Offline

Posts: 1012

Re: [Article]-Doxing and Anti-Doxing – Part I

« Reply #10 on: September 19, 2012, 04:14:30 PM »

Google continues to amaze me (even though they're evil) with the handy things that you can get to with their engine. I just figured out a while back that wikipedia <whatever> will get you right to the link for whatever you're searching on. Its a heck of alot faster than going through the whole route. I've found a few other things that work similarly and are a huge timesaver.


	Logged

Pages: [1] Go Up

« previous next »