USERNAME OSINT
There are many platforms that display passwords from hacked websites along with usernames. Keeping a same password to all usernames is quite dangerous as the password of one username can come back as that of other account of the the same person.
There are databases that exist which can store your usernames and accounts even without your consent. Websites like “HaveIBeenPwned? , Firefox Monitor” help you in letting you know where your password, username, account has been stored without for consent and what other stuff like Gender, Location, Religion, etc., have been stored.
HaveIBeenPwned is a website that allows Internet users to check whether their personal data has been compromised by data breaches. The service collects and analyzes hundreds of database dumps and pastes containing information about billions of leaked accounts, and allows users to search for their own information by entering their username or email address. Users can also sign up to be notified if their email address appears in future dumps. The site has been widely touted as a valuable resource for Internet users wishing to protect their own security and privacy.
Database security concerns the use of a broad range of information security controls to protect databases (potentially including the data, the database applications or stored functions, the database systems, the database servers and the associated network links) against compromises of their confidentiality, integrity and availability. It involves various types or categories of controls, such as technical, procedural/administrative and physical.
Firefox Monitor is an online service developed by Mozilla, announced in June 2018 and launched on September 25 of that year.[1] It informs users if their email address and passwords used have been leaked in data breaches, using the database provided by Have I been Pwned? (HIBP) and working with HIBP’s creator, Troy Hunt.
LINKS for Tools
NameChk — https://namechk.com/
WhatsMyName — https://whatsmyname.app/
NameCheckup — https://namecheckup.com/
Checkusername — https://checkusernames.com/
SearchPOF — https://searchpof.com/
UserSearch — https://usersearch.org/
PeekYou — https://www.peekyou.com/username
KnowEm — https://knowem.com/
InstantUsernames — https://instantusername.com/#/
PEOPLE OSINT
There are alot of places where such data can be sourced from. Despite searching for random people is not considered ethical due to privacy reasons but when it comes to Security and Forensics, this sometimes becomes a must (IN A GOOD WAY).
Adhering to the last statement of the previous para, one such example to searching people for a good reason is — “Police officers in various jurisdictions have power to search members of the public, for example, for weapons, drugs and stolen property.[1] This article concerns searches of members of the public who have not been arrested and who are not held in detention. For search powers in relation to those persons see Search on arrest and Searches in detention. For searches of property, rather than people, see search and seizure.”
WhitePages and TruePeopleSearch are one of the best in regard of searching people. These have a facility where one can go into these and ask/request to remove their respective Information/Personal Details, and they will remove it (This feature is mostly used by those who want to keep their tracks covered completely).
WhitePages might have different extensions for different countries. “whitepages.com” is the US extension.
LINKS for Tools
WhitePages — https://www.whitepages.com/
TruePeopleSearch — https://www.truepeoplesearch.com/
FastPeopleSearch — https://www.fastpeoplesearch.com/
FastBackgroundCheck — https://www.fastbackgroundcheck.com/
WebMii — https://webmii.com/
PeekYou — https://peekyou.com/
411 — https://www.411.com/
Spokeo — https://www.spokeo.com/
That’s Them — https://thatsthem.com/ (Can be also used for phones, addresses, IP address, etc.)
Google — https://www.google.com/
VOTER RECORDS
**This is a very powerful Method/Tactic/Tool, so only use when you have full permission for an active Investigation else avoid using it completely, for Fun or Malicious Activities.
Whenever we go to vote, we all need a Voter ID. In some nations like The USA, these Voter Records are made public and this includes a lot of information about the respective person and at times lead to privacy breaches and many discriminate-related attacks (like let’s say a group of people dislike a race of people or a grp of immigrants, then all they need to do is to find those targets in Voter Records. There they can filter the database by race and conduct a malicious attack).
LINKS for Tools
VoterRecords — https://voterrecords.com/ (US site)
Vote Records India — https://services.india.gov.in/service/detail/search-your-name-in-voters-list
