Use Email address leaks to extract leaked credentials
Hello everyone! In the last article, We have learned how to extract sensitive information using an email address. This article is a continuation of that article in which we will learn how to extract leaked credentials using email address. This will help you to check whether your data was leaked online to the public or not.
Email address leak & Password leaks often happens due to data breaches in companies. You may have used same passwords in many platform like Instagram, Gmail, Facebook etc. This can be very dangerous because if data breach happens in any of these platforms then your whole account will be at risk! To avoid this, you should always use different passwords in every website so in case if data breach happened in one website, you rest of the accounts will be secured.
Announcement: If you want to learn how hackers hack millions of accounts on a website, Then i recommend you to check out this beginner friendly course which will teach you how to perform account takeovers in real world websites. Enroll this course now in only $4.55 usd (RS 360) before the offer expires(Last date of offer: 7th July 2022)
Email Address Leaks: Tools Needed to Get Leaked Password
We will be using some of the websites below to get leaked credentials:
1- BreachDirectory: Can be used to get lots of information of email address for free(Including Leaked Hash )
2- Intelligence X: Most of the features are paid. Still good for gathering sensitive information(Sometimes free)
Let us try to use breach directory to get leaked credentials from data breaches.
1- Open the website from here.
2- Type any email id of your choice. Here, I am going to type my dummy email address i.e. [email protected]
3- Now click on Scan. After few seconds, we can see the output shown below:
Perfect! As we can see, my credentials was leaked in some of the data breaches and we can see that my password’s first 4 letters are “Jori”. Scary right? Now i need to change my password after i finish writing this article. Apart from this, we also get the SHA-1 hashed value(An way to protect passwords) which we can use to crack the full password(We will discuss this topic in the later articles). Now let’s try Intelligence X
The steps are pretty much same as it was in the previous method.
1- Open the website from here.
2- Enter your email address and click on search.
As you can see, the results are much more detailed compared to the previous one. But this requires us to become a pro member by paying for their subscription. Still, if we scroll down we can see some of the data that are freely available(I am not going to show you because it contains lots of information of other users as well.)
At the end, we can analyze that using same credentials on every website can be very very dangerous! Because attackers can get all of these information with ease as seen in this article. Therefore, it is highly advised that you should use different passwords on different websites to keep yourself secure on the internet.
So, that’s it for this article. I hope you all learnt and explored something new & interesting in this article. Let me know if you have any doubt or issues regarding this article.
Join our telegram community over here.
Check out our cybersecurity section over here