I'm ony sharing this for EDUCATIONAL and SECURITY purposes only
Para iwas sa doxing
Doxing is one of the powerful h@cking methods.
What is doxing?
Doxing is derived from Document Tracing. Doxing is tracing the information from internet resources about particular person.
Usually internet users left their information (like gender, name, city, ..) in some websites (like social networks, ..). So using some searching techniques, we can gather complete data about a person. This type of searching (tracing) is known as Doxing. This data can be used to h@ck their account or trace them.
What you can find using Doxing?
Real Name, age, gender
Email Id, registered websites
Social Network Page (Facebook, Twitter links)
Address, Phone Number
Parent’s Names and their jobs
Place of Education (School/University etc.)
Relatives atbp..
Where to start?
if alam mo ang real name ng target mo, then mag start ka dun. If alam mo naman ang username then start there. or if you know any other data. Start from Using name or username , and search for other informations sa google.
How to?
Just assume you want to gather information about one of the forum members. Lets assume na ang username nia is "Pedro". If you search "Pedro" in google, you will get thousand results about Pedro, So ano dapat gawin?
If you have some other information about Pedro in that forum itself. For example, You got his birthday. Now you can continue your searching with “Pedro 28/12/1960”. This will reduce the results.
You can also use some other info like signature. For example if his signature in the forum is “Gwapogi”. You can continue searching using “Pedro Gwapogi". This will reduce the Results
Minsan yung target person mo is registered sa multiple forums, websites, social networks… So while searching, you will get result of registered website of him using that username or info.
Read Each posts of target person, he might left some more information about him in any of the forums or websites.
Using Email Address for Tracing:
If alam mo ang email address ng target mo, mas madali na syang ma trace.
Security Questions
H@cker can get the victim’s security question's answer using doxing.
For example, if your questions is “What is your pet name?” He will search your name in Facebook or Google and may find a post or picture of you with your pet with the pets name captioned in the Photo. Done! Your account is compromised.
List of easy to cr@ck security questions. (Para sakin)
Whats your favorite color?
What high school did you attend?
What city were you born?
Whats your pets name?
Whats your mothers maiden name?
Dictionary Attack:
H@ckers can gather information about the victim and create a dictionary file (wordlist) for a target person alone. Using that dictionary file, he can cr@ck your passwords.
dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying hundreds or sometimes millions of likely possibilities, such as words in a dictionary.
Dictionary attack softwares:
Cain and Abel
Cr@ck
Aircr@ck-ng
John the Ripper
L0phtCr@ck
Metasploit Project
Ophcr@ck
Tips
Be carefull in giving informations on the internet
Use very strong passwords
Dont set stupid security questions(dont use stupid answers, if you do be sure to remember it)
Thats all thank you for your time..
No blackhats please..
Para iwas sa doxing
Doxing is one of the powerful h@cking methods.
What is doxing?
Doxing is derived from Document Tracing. Doxing is tracing the information from internet resources about particular person.
Usually internet users left their information (like gender, name, city, ..) in some websites (like social networks, ..). So using some searching techniques, we can gather complete data about a person. This type of searching (tracing) is known as Doxing. This data can be used to h@ck their account or trace them.
What you can find using Doxing?
Real Name, age, gender
Email Id, registered websites
Social Network Page (Facebook, Twitter links)
Address, Phone Number
Parent’s Names and their jobs
Place of Education (School/University etc.)
Relatives atbp..
Where to start?
if alam mo ang real name ng target mo, then mag start ka dun. If alam mo naman ang username then start there. or if you know any other data. Start from Using name or username , and search for other informations sa google.
How to?
Just assume you want to gather information about one of the forum members. Lets assume na ang username nia is "Pedro". If you search "Pedro" in google, you will get thousand results about Pedro, So ano dapat gawin?
If you have some other information about Pedro in that forum itself. For example, You got his birthday. Now you can continue your searching with “Pedro 28/12/1960”. This will reduce the results.
You can also use some other info like signature. For example if his signature in the forum is “Gwapogi”. You can continue searching using “Pedro Gwapogi". This will reduce the Results
Minsan yung target person mo is registered sa multiple forums, websites, social networks… So while searching, you will get result of registered website of him using that username or info.
Read Each posts of target person, he might left some more information about him in any of the forums or websites.
Using Email Address for Tracing:
If alam mo ang email address ng target mo, mas madali na syang ma trace.
Security Questions
H@cker can get the victim’s security question's answer using doxing.
For example, if your questions is “What is your pet name?” He will search your name in Facebook or Google and may find a post or picture of you with your pet with the pets name captioned in the Photo. Done! Your account is compromised.
List of easy to cr@ck security questions. (Para sakin)
Whats your favorite color?
What high school did you attend?
What city were you born?
Whats your pets name?
Whats your mothers maiden name?
Dictionary Attack:
H@ckers can gather information about the victim and create a dictionary file (wordlist) for a target person alone. Using that dictionary file, he can cr@ck your passwords.
dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying hundreds or sometimes millions of likely possibilities, such as words in a dictionary.
Dictionary attack softwares:
Cain and Abel
Cr@ck
Aircr@ck-ng
John the Ripper
L0phtCr@ck
Metasploit Project
Ophcr@ck
Tips
Be carefull in giving informations on the internet
Use very strong passwords
Dont set stupid security questions(dont use stupid answers, if you do be sure to remember it)
Thats all thank you for your time..
No blackhats please..
Last edited:
Salamat