1
00:00:00,590 --> 00:00:07,400
The last thing that I would like to show you is how can you search in leaked databases by username?

2
00:00:07,460 --> 00:00:14,270
Now, we have already done this in a previous section in which we have searched for someone on the hashed

3
00:00:14,300 --> 00:00:21,590
haveibeenpwned and in linked databases, and I would like to cover this again with a different approach

4
00:00:21,590 --> 00:00:28,010
by searching for someone's username in leaked databases instead of their phone number or their email

5
00:00:28,010 --> 00:00:34,250
address, because sometimes you don't have the person's email address and phone number, the only thing

6
00:00:34,250 --> 00:00:38,540
that you have is their social media accounts and online accounts.

7
00:00:38,540 --> 00:00:43,310
And sometimes you can use the username to search within leaked databases.

8
00:00:43,550 --> 00:00:49,640
So if you go to Haveibeenpwned, you can see that you can only search by email address and you cannot

9
00:00:49,640 --> 00:00:51,260
search by username.

10
00:00:51,260 --> 00:00:54,650
So an alternative to this is going to be the hashed.

11
00:00:55,040 --> 00:01:00,950
I always like to use it to find whether this username is leaked somewhere or not.

12
00:01:00,950 --> 00:01:07,700
And once I find the leaked somewhere, then I can download the database and search for this username.

13
00:01:08,120 --> 00:01:14,820
So if you clicked on field, you can select username, but I don't like to use this option because if

14
00:01:14,850 --> 00:01:21,960
you searched for or selected username and then added a certain username like Tricia Kabra one three,

15
00:01:21,990 --> 00:01:27,420
two and then you click on search, you can see that there are no results found.

16
00:01:27,420 --> 00:01:35,490
But if you removed this option and you only searched for Rishi Kabra 132 and then hit enter, you can

17
00:01:35,490 --> 00:01:43,170
see that we were able to find five search results and this username were found in this data collection

18
00:01:43,170 --> 00:01:47,490
and in a Trax tangle and BigBasket and Zomato.

19
00:01:47,490 --> 00:01:53,790
So the next step is going to be to download one of these databases and search for this username.

20
00:01:53,790 --> 00:01:59,580
And we will probably find more information associated with this username.

21
00:01:59,880 --> 00:02:05,700
Another website that you can use is called Leak Peek, and you will find its link in the resources of

22
00:02:05,700 --> 00:02:06,600
this lecture.

23
00:02:06,630 --> 00:02:12,360
You can select username and then search for example for Rishi Kabra 132.

24
00:02:12,360 --> 00:02:13,980
And then click on search.

25
00:02:14,190 --> 00:02:20,780
And you can see that we did not get anything which means that this website's database is different than

26
00:02:20,810 --> 00:02:21,410
the hashed.

27
00:02:21,440 --> 00:02:28,160
The hashed has more data breaches than Leek Peak, so that's why I always like to use the hashed first

28
00:02:28,160 --> 00:02:29,480
to see where it's leek.

29
00:02:29,480 --> 00:02:33,560
And then I can go and use some of these partial free websites.

30
00:02:34,370 --> 00:02:38,630
Now let me search for Zeus which is site sub username.

31
00:02:38,660 --> 00:02:47,630
I can click on search and we can see that this username has been found in these data breaches or data

32
00:02:47,630 --> 00:02:48,290
leaks.

33
00:02:48,290 --> 00:02:52,040
And we can see the first part of the password.

34
00:02:52,430 --> 00:02:55,850
Another website that you can use is called Breach Directory.

35
00:02:55,880 --> 00:02:59,060
You can search by username or email.

36
00:02:59,060 --> 00:03:01,520
So I'm going to say Zeus again.

37
00:03:03,020 --> 00:03:05,270
And now I'm going to solve the captcha.

38
00:03:08,180 --> 00:03:11,060
And as you can see we did not find any password.

39
00:03:11,060 --> 00:03:16,670
But maybe this username has been used in this data breach or data leak.

40
00:03:17,000 --> 00:03:23,450
So I can go and download this data breach and then search for this username to see any additional information.

41
00:03:23,450 --> 00:03:28,240
But if we looked at the columns we can see that we only have passwords and usernames.

42
00:03:28,240 --> 00:03:35,380
And what you can do is that if you searched for this username in this database, you'll get the password.

43
00:03:35,380 --> 00:03:42,550
And then you can search for this password on dhash to see if this password has been used with another

44
00:03:42,550 --> 00:03:47,380
account or another website that used the exact same password.

45
00:03:47,770 --> 00:03:54,310
Now, if the person has a Twitter account, then you can search within the Twitter data leaked and you

46
00:03:54,310 --> 00:04:01,870
might be able to find the person's account like his email address or full name or any phone number.

47
00:04:01,870 --> 00:04:07,870
So you only have to have a username in order for you to search within the Twitter data leak.

48
00:04:08,620 --> 00:04:14,410
And if the person has a Snapchat account and their account was old, then you can always search in the

49
00:04:14,410 --> 00:04:19,210
Snapchat data breach to find the first digits of their phone number.

50
00:04:19,210 --> 00:04:23,620
And if you were able to find the first digits of their phone number, then you can search within the

51
00:04:23,620 --> 00:04:29,800
Facebook data leak to find the account that is associated with this number.

52
00:04:30,040 --> 00:04:37,060
So as a quick reminder, I can go to the data leaks and then if I have the person's Facebook account,

53
00:04:37,060 --> 00:04:45,280
then I can convert their username to a Facebook ID and then use or search for this Facebook ID within

54
00:04:45,280 --> 00:04:46,630
the Facebook data leak.

55
00:04:46,630 --> 00:04:53,170
So I can go to a certain country and then right mouse click, show more options and then select Agent

56
00:04:53,170 --> 00:04:54,100
Ransack.

57
00:04:54,130 --> 00:05:00,340
And here I can search by username or by a phone number or by a full name.

58
00:05:00,340 --> 00:05:02,080
That depends on the database.

59
00:05:02,080 --> 00:05:05,800
Every single database is different and has different columns.

60
00:05:05,950 --> 00:05:11,740
So in this lecture you have learned how you can search for someone's username in leaked or breached

61
00:05:11,740 --> 00:05:12,790
databases.

62
00:05:13,210 --> 00:05:16,480
The only thing that you need is the person's username.

63
00:05:16,480 --> 00:05:21,640
So you always have to gather initial information about the target using search engines.

64
00:05:21,640 --> 00:05:27,550
And after you find the person's account, then you can collect the usernames and search for the usernames

65
00:05:27,550 --> 00:05:29,260
in these databases.

66
00:05:29,860 --> 00:05:36,100
And if the person's username was in a data breach or a data leak, then you will always find additional

67
00:05:36,100 --> 00:05:39,520
information that associated with this username.

68
00:05:39,520 --> 00:05:44,620
So you might be able to find a phone number and email address or an IP address.