🟥
LSWSec - Offensive
  • Introduction
  • File transfer
    • Transferring Files
      • Transferring Files - Linux
      • Transferring Files - Windows
  • Recon
    • Passive information Gathering
      • Website
      • Finding SubDomains
        • DNS
        • DNS Zone Transfer
    • Subdomain Enumeration
    • OSINT
      • Email
      • People
      • Social Media
      • Username and Accounts
      • Passwords
      • Business
      • Image and Location
    • Active Information Gathering
      • Nmap
      • Netcat
      • ss
      • Unknown Port Scanning
    • Vulnerability Searching
  • Ports
    • 21 - FTP
    • 22 - SSH
    • 23 - Telnet
    • 25 - SMTP
    • 69 - TFTP
    • 80 - HTTP
    • 88 - Kerberos
    • 110 - Pop3
    • 111 - RPCBind
    • 119 - NNTP
    • 135 - MSRPC
    • 139/445 - SMB
      • PSExec
      • Nmap
      • Other tools
    • 143/993 - IMAP
    • 161/162 - SNMP
    • 389/636 - LDAP
    • 443 - HTTPS
    • 554 - RTSP
    • 587 - Submission
    • 631 - Cups
    • 1433 - MsSQL
    • 2049 - NFS
    • 3306 - MySQL
    • 3389 - RDP
  • Web
    • useful information
    • Web Proxy
      • Burp
    • Web Content Discovery
    • SQL
    • Web Fuzzing with FFUF
      • Directory Fuzzing
      • Domain Fuzzing
      • Paramater fuzzing
    • Local File Inclusion
      • LFI
      • Basic Bypass
    • Authentication Bypass
    • IDOR
  • Priv-esc
    • Windows
      • mimikatz
  • Pivoting
    • Info
    • Locating other machines
    • proxy
    • SSH tunneling/port forwarding
    • plink
    • socat
    • chisel
    • sshuttle
    • connecting to windows environments with a user account
  • Command and Control
    • powershell empire
    • Armitage
  • Active Directory
    • Debugging DNS
    • NTLM Authenticated Services
    • LDAP Bind Credentials
Powered by GitBook
On this page
  • Hunting Breached Passwords
  • Gathering Breach Credentials with breach parse
  • Hunting Breached credentials with DeHashed
  • Other tips
  1. Recon
  2. OSINT

Passwords

Hunting Breached Passwords

  • https://github.com/hmaverickadams/breach-parse

  • WeLeakInfo – https://weleakinfo.to/v2/

  • LeakCheck – https://leakcheck.io/

  • SnusBase – https://snusbase.com/

  • Scylla.sh – https://scylla.sh/

  • HaveIBeenPwned – https://haveibeenpwned.com/

  • Dehashed – https://dehashed.com/

Gathering Breach Credentials with breach parse

Tool for parsing breached passwords.

Download breached password list from magnet located here (put into beachparse folder): magnet:?xt=urn:btih:7ffbcd8cee06aba2ce6561688cf68ce2addca0a3&dn=BreachCompilation&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.leechers-paradise.org%3A6969&tr=udp%3A%2F%2Ftracker.coppersurfer.tk%3A6969&tr=udp%3A%2F%2Fglotorrents.pw%3A6969&tr=udp%3A%2F%2Ftracker.opentrackr.org%3A1337

Cd to breach-parse folder
Run      ./breach-arse.sh @domain domain.txt

Hunting Breached credentials with DeHashed

  • DeHashed – costs money

  • Can search for anything in the screenshot below.

  • Hashes can be searched at hashes.org

Other tips

If you find a breached password, search for the password to find other compromised accounts.

PreviousUsername and AccountsNextBusiness

Last updated 1 year ago