Difference between revisions of "Self-dox"

From Gender and Tech Resources

m
m
Line 3: Line 3:
 
Such flaws can then be exploited. The exploitation wildly differs depending on the adversary. For example, profiling information can be used for encapsulation attempts by intelligence agencies. If those attempts are tried and fail, and you are still enough of an annoyance to your government, expect [[Psychological warfare|aggressive demonisation by government paid trolls]] (and exceptionalism at its current flourishing best).  
 
Such flaws can then be exploited. The exploitation wildly differs depending on the adversary. For example, profiling information can be used for encapsulation attempts by intelligence agencies. If those attempts are tried and fail, and you are still enough of an annoyance to your government, expect [[Psychological warfare|aggressive demonisation by government paid trolls]] (and exceptionalism at its current flourishing best).  
  
D0xing is also a part of reconnaissance, which generally focuses on its dark side. And useful for background checks.
+
D0xing is also a part of reconnaissance where it is called 'human intelligence' or 'humint', and its focus is on its shadow side. The techniques can be simple or complex, and are useful for background checks (infiltrant agents will probably remain invisible with these techniques but a littler petty tyrant may be detected).
  
 
== (Counter) moves ==
 
== (Counter) moves ==
Line 13: Line 13:
 
=== Search engines ===
 
=== Search engines ===
  
* Duck Duck Go (anonymous search)
+
* Duck Duck Go https://duckduckgo.com/ (anonymous search)
* IxQuick
+
* IxQuick https://ixquick.com/
* StartPage
+
* StartPage https://startpage.com/
* YaCy (distributed search)
+
* YaCy http://yacy.net/en/index.html (distributed search)
  
 
=== People ===
 
=== People ===
  
Looking for profile(s) of (a) person(s):
+
* Check Usernames http://checkusernames.com/
 
+
* Lullar http://com.lullar.com/
* Check Usernames
+
* Peek You http://www.peekyou.com/
* Lullar
+
* Pipl https://pipl.com/
* Peek You
+
* Recorded Future https://www.recordedfuture.com/
* Pipl
+
* Social Mention http://socialmention.com/
* Recorded Future
+
* WebMii http://webmii.com/
* Social Mention
+
* Whos Talkin http://www.whostalkin.com/
* WebMii
+
* Whos Talkin
+
  
 
=== Images ===
 
=== Images ===
  
Searching for information using (an) image(s):
+
* TinEye https://tineye.com/
 
+
* TinEye
+
  
 
=== Posts and discussions ===
 
=== Posts and discussions ===
  
Searching for information using a post or discussion:
+
* Omgili http://omgili.com/
 
+
* Omgili
+
  
 
=== IP lookup ===
 
=== IP lookup ===
  
When you have an IP address an IP lookup will provide details such as ISP name, country, state, city, longitude and latitude. Domain names can help us to find out important information such as address, email id and phone number:
+
When you have an IP address an IP lookup will provide details such as ISP name, country, state, city, longitude and latitude. Domain names can help us to find out important information such as address, email id and phone number.
 +
 
 +
Using whois from the command line you may or may not get useful results. It runs on port 43, and information returned is in plain ASCII format, but because whois servers all over the internet are managed by a wide variety of organisations, information returned may vary. And the different whois clients have different functionality too.
 +
 
 +
Whois proxies can be used between a client and a server. Those usually use the http or https protocol. If port 43 is blocked, that is not a problem when a client is using proxies through a browser. Also, likely a proxy will determine which server to contact for different lookups.
 +
 
 +
Almost all services prevent data mining for preventing data gathering for spamming, and that also limits the service for other purposes such as intelligence gathering. Recently, some ISP’s are discussing limiting their service even further.
 +
 
 +
RWhois (referral whois) is a directory services protocol which extends the whois protocol in a hierarchical and scalable way. It focuses on the distribution of “network objects” (domain names, IP addresses, email addresses) and uses the hierarchical nature of these network objects to more accurately discover the requested information. It is similar to DNS but apparently, still not in general use.
  
* Domain tools: whois and rwhois
+
'''Technical information related to whois'''
 +
* <nowiki>RFC 954 – NICNAME/WHOIS http://www.faqs.org/rfcs/rfc954.html</nowiki>
 +
* <nowiki>RFC 1834 – Whois and Network Information Lookup Service, Whois++ http://www.faqs.org/rfcs/rfc1834.html</nowiki>
 +
'''Whois clients'''
 +
* Linux online manpage jwhois http://linux.die.net/man/1/whois
 +
* Ripe whois client http://sourceforge.net/projects/whois/files/ (does not check for supported flags at the client side, except for -h (whois host) and -p (whois port))
 +
'''Webbased whois lookups'''
 +
* Geektools http://www.geektools.com/whois.php (also serves as proxy)
 +
* Whois at the Open Directory Project http://www.dmoz.org/Computers/Internet/Domain_Names/Name_Search/ with (list of whois servers)
 +
'''Useful whois servers'''
 +
* InterNIC http://www.internic.net/whois.html (the main Internic whois)
 +
* American Registry for Internet Numbers http://whois.arin.net/ (gives info on who owns a netblock)
 +
* Advanced query RADb http://www.radb.net/query/?advanced_query=1 (for routing information from an IP address)
 +
* Robtex http://www.robtex.com/ (goodies in a toolbar)
 +
'''RWhois'''
 +
* RWHOIS project on ARIN http://projects.arin.net/rwhois/
 +
* RWhois Web Interface http://projects.arin.net/rwhois/prwhois.html (a sample rwhois web interface on ARIN using the Net::Rwhois perl5 client)
 +
'''Other interesting lookups'''
 +
* The New Ultimates, mostly US data http://www.newultimates.com/
  
 
=== D0xing tools ===
 
=== D0xing tools ===
  
And then there are tools particularly created for d0xing (also known as human recon). Please follow the money, where the makers are located, and assess likelihood of the code being poisoned. I use as little automated tools as possible. Not only because of the risk of poisoning, also because I prefer to pay more attention to little-easily-overlooked-details. The more you automise, the more you overlook.
+
And then there are tools particularly created for d0xing (also known as human recon). Please follow the money, where the makers are located, and assess likelihood of the code being poisoned. I use as little automated tools as possible. Not only because of the risk of poisoning, also because I prefer to pay more attention to little-easily-overlooked-details. The more you rely on automised tools, the more you overlook.
  
* Sleeping Time
+
* Sleeping Time http://sleepingtime.org/
 +
* Metagoofil http://www.edge-security.com/metagoofil.php
 +
* theHarvester http://www.edge-security.com/theharvester.php
  
 
=== Reuseful archives ===
 
=== Reuseful archives ===
Line 60: Line 82:
  
 
'''Europe'''
 
'''Europe'''
* Archives portal europe
+
* Archives portal europe http://www.archivesportaleurope.net/directory
* Archiwum Dokumentow Elektronicznych (POL)
+
* Archiwum Dokumentow Elektronicznych (POL) http://www.nac.gov.pl/
* Bundesarchiv, Federal Archives (GER)
+
* Bundesarchiv, Federal Archives (GER) http://www.bundesarchiv.de/index.html.de
* Central State Electronic Archives of Ukraine
+
* Central State Electronic Archives of Ukraine http://tsdea.archives.gov.ua/
* The National Archives (UK)
+
* The National Archives (UK) https://www.nationalarchives.gov.uk/
* White and Yellow Pages Europe
+
* White and Yellow Pages Europe http://www.wayp.com/eng/europa3.shtml
* Офіційний веб-портал Державної архівної служби України
+
* Офіційний веб-портал Державної архівної служби України http://www.archives.gov.ua/
  
 
'''Africa'''
 
'''Africa'''
  
* National Archives of South Africa (NASA)
+
* National Archives of South Africa (NASA) http://www.national.archsrch.gov.za/sm300cv/smws/sm300dl
* White and Yellow Pages Africa
+
* White and Yellow Pages Africa http://www.wayp.com/eng/afrika3.shtml
* White Pages (ZA)
+
* White Pages (ZA) http://www.whitepages.co.za/
  
 
'''Asia'''
 
'''Asia'''
  
* White and Yellow Pages Asia
+
* White and Yellow Pages Asia http://www.wayp.com/eng/asia3.shtml
  
 
'''Oceania'''
 
'''Oceania'''
  
* New Zealand Web Archive
+
* New Zealand Web Archive http://natlib.govt.nz/collections/a-z/new-zealand-web-archive
* PANDORA, Australia's Web Archive
+
* PANDORA, Australia's Web Archive http://pandora.nla.gov.au/
* White and Yellow Pages South Pacific
+
* White and Yellow Pages South Pacific http://www.wayp.com/eng/southpas3.shtml
  
 
'''South America'''
 
'''South America'''
  
* White and Yellow Pages America
+
* White and Yellow Pages America http://www.wayp.com/eng/amerika3.shtml
'''
+
'''North America'''
North America'''
+
  
* National Archives (US)
+
* National Archives (US) http://www.archives.gov/
* WayBackMachine
+
* WayBackMachine https://archive.org/web/
* White and Yellow Pages America
+
* White and Yellow Pages America http://www.wayp.com/eng/amerika3.shtml
* White Pages (US)
+
* White Pages (US) http://www.whitepages.com/

Revision as of 11:03, 9 June 2015

Doxing is a technique of tracing someone or gathering information about an individual using sources on the internet. Its name is derived from “Documents” or “Docx”. Doxing method is based purely on the ability of the hacker to recognize valuable information about his target and use this information to his benefit. It is also based around the idea that, “The more you know about your target, the easier it will be to find his or her flaws” ~ Urban dictionary.

Such flaws can then be exploited. The exploitation wildly differs depending on the adversary. For example, profiling information can be used for encapsulation attempts by intelligence agencies. If those attempts are tried and fail, and you are still enough of an annoyance to your government, expect aggressive demonisation by government paid trolls (and exceptionalism at its current flourishing best).

D0xing is also a part of reconnaissance where it is called 'human intelligence' or 'humint', and its focus is on its shadow side. The techniques can be simple or complex, and are useful for background checks (infiltrant agents will probably remain invisible with these techniques but a littler petty tyrant may be detected).

(Counter) moves

You can use the same (or similar) spies online techniques to see yourself through the eyes of the adversaries that might d0x you. That information can then be used to protect yourself from your adversaries as best as you can. And when setting up other, anonymous or pseudonymous identities, these same resources can be used for test-driven-development of the identity.

Resources

Search engines

People

Images

Posts and discussions

IP lookup

When you have an IP address an IP lookup will provide details such as ISP name, country, state, city, longitude and latitude. Domain names can help us to find out important information such as address, email id and phone number.

Using whois from the command line you may or may not get useful results. It runs on port 43, and information returned is in plain ASCII format, but because whois servers all over the internet are managed by a wide variety of organisations, information returned may vary. And the different whois clients have different functionality too.

Whois proxies can be used between a client and a server. Those usually use the http or https protocol. If port 43 is blocked, that is not a problem when a client is using proxies through a browser. Also, likely a proxy will determine which server to contact for different lookups.

Almost all services prevent data mining for preventing data gathering for spamming, and that also limits the service for other purposes such as intelligence gathering. Recently, some ISP’s are discussing limiting their service even further.

RWhois (referral whois) is a directory services protocol which extends the whois protocol in a hierarchical and scalable way. It focuses on the distribution of “network objects” (domain names, IP addresses, email addresses) and uses the hierarchical nature of these network objects to more accurately discover the requested information. It is similar to DNS but apparently, still not in general use.

Technical information related to whois

  • RFC 954 – NICNAME/WHOIS http://www.faqs.org/rfcs/rfc954.html
  • RFC 1834 – Whois and Network Information Lookup Service, Whois++ http://www.faqs.org/rfcs/rfc1834.html

Whois clients

Webbased whois lookups

Useful whois servers

RWhois

Other interesting lookups

D0xing tools

And then there are tools particularly created for d0xing (also known as human recon). Please follow the money, where the makers are located, and assess likelihood of the code being poisoned. I use as little automated tools as possible. Not only because of the risk of poisoning, also because I prefer to pay more attention to little-easily-overlooked-details. The more you rely on automised tools, the more you overlook.

Reuseful archives

Such as wandering through archives, yellow pages, phone directories and other possibly useful information made publicly available.

Europe

Africa

Asia

Oceania

South America

North America

Retrieved from "https://gendersec.tacticaltech.org/wiki/index.php?title=Self-dox&oldid=2157"