7/29/2019 Doxing Never a Sound

1/6

Introduction:

Doxing is a legal and illegal technique used to track, trace, and collect information on individuals or organizations online anonymously. The effectiveness of the dox is entirely based on the individual performing the dox and is directly proportionate to the doxers understanding of how information can be connected and shared. To perform a successful dox you must be able to analyze small bits of data and see where it fits in the big picture of your target. Having a large list and access to search tools will not make you a doxer. Googling someone does not make you a doxer. Doxing in my opinion is an art form and when performed correctly can yield utterly devastating results.

Social Engineering will not be covered in this article and I will explain why. SEing and doxing are two separate techniques. One can be good at one and fail atthe other. Effectively used together they can significantly affect the quality of your results; and they often are. But again, they are two separate topics. Doxing does not require any direct interaction with you and your target and thus why I state in the definition as being anonymous. I will however mention a coupleof SEing opportunities throughout this article to assist in explaining the technique.

The Goal and the Target:

When you begin a dox you are likely to not know the target in person and have very little details to start out with. You may only have a name, or a username, oran email, or a phone number, and that is all. The goal of every dox is to acquire as much information as possible on the target. A successful dox does not fall into a preset list of variables that must be discovered in order to be successful. You may simply be looking for a connection or a specific piece of information.A full dox however is often listed as being able to achieve the following in no particular order:- Full Name- Age / Birthday- Usernames / Web Accounts

- Email Accounts- IP Address- Social Network Profiles- Pictures- Home Address- Phone Number(s)- Work / School Locations and Title- Likes / Interests- Family List- Good Friend List- Organization Affiliations- Any other useful / interesting information

This list is more a guideline on information usually collected than a strict requirement. But if you hear someone say they want a full dox on someone this is generally what they want. Now, not all of this information may be found without the use of SE or some illegal techniques. IP addresses can be very difficult to come by whilst staying 100% anonymous. But I will discuss IP addresses further ina moment.

Lets take a look at the information above. If a doxer was to successfully pull off a full dox on the target just imagine what might play out if this informationfell into the hands of an identity thief, stalker, rapist, someone with a grudge

7/29/2019 Doxing Never a Sound

2/6

, or a hacker with their own motives.

Doxing isnt all that bad however and has many legitimate uses. Thus is the reasonwhy I refer to the person performing the dox as a doxer and not a hacker, as you wll find in nearly every single other tutorial on the web. Though it will come inhandy if you are building a custom dictionary *hint*. Legitimate uses can rangefrom simple curiosity to safety precautions to law enforcement. Ill give some examples. If you need a babysitter and you want to ensure they arent someone who might leave your child in an unsafe situation. You perform a dox and determine that they like to throw parties while babysitting, with picture proof. This information wont be included in a paid background check. Another example would be if youare conducting business online and you want to determine if the individual is aknown scammer or appears to be trustworthy. Lets take look at law enforcement. Ateen vanishes into thin air and there isnt a single clue on their whereabouts. In some cases doxing can lead to suspects and potentially even a location. How about your website is defaced and the skiddies left a big logo of their group on your front page claiming credit. I have personally mapped out more than a couplehacker groups and scamming organizations to a full, or near full dox of every single one of their members, just because the information was there to be found and by simply following the breadcrumbs.

How its possible:

If you are brand new to this technique or this is the first time you are hearingabout it, this may appear scary. You should be thinking if you are vulnerable to being doxed. Prevention will be discussed last as it would be amateur to explain how an attack works and not how to defend against it. Now, in order for thisinformation to be collected it must first be posted. That means that the information that can be found on the target will be 99% of time posted by the target themselves! We live in an age where social media sites have exploded; Facebook, Twitter, many others. Not only is it all the rage but you can access these sites from anywhere. I couldnt believe it when I first heard about Facebook allowing thetagging of yourself and friends at a location / checking in. At first this soundsharmless and fun. People know where the party is at lets do this! Or this gem; He

y lost all my contacts. My new number is (#) text me! Although social media is not the only place where people will freely give out their personal information, it is a treasure trove that should be sought after by any doxer. Forums, craigslist, instagram, etc. all seem to come with a free spirit of posting personal details.

Performing a Dox:

This portion we will cover some of the ways this all done. Remember, having thetools or even knowing the common techniques wont make you a doxer. You must pay attention to the details and follow the leads specific to your target. Your own ability to do this will determine the outcome of your results and if you are new

to this, it takes practice.

1. Google

What Im going to say next will shatter some of your minds.Google wont tell you everything! Google wont give you all the results. Google willmiss, not be able to find, and straight up deny showing what it is you are looking for. But, Google is the best tool to at your disposal. That means you need to know how to use it effectively. If all you know how to do simply type in whatyou seek and hit search you need to get on this right away: http://www.googlegui

7/29/2019 Doxing Never a Sound

3/6

de.com/Knowing how to Google can mean the difference between a failed dox and a successful dox. It will also make your task easier. Ill give one example;You have a phone number and you want to see any other listings for it. You typein the number and it shows some results then the results arent the exact number and out of order. Throw quotations around it. Awesome, now you dont want to see all the reverse phone number lookups and such. So you change your search to look like this:CODE :"(#)" -reverse, -lookup, -results, -directory, -area

Bam, there is a post on craigslist that would have normally been on page 70 of aregular search. That is only the tip of the iceberg of what you can do. Go check that guide.

2. Emails

A lot of this information applies across the board so I will start to dwindle down to what you might need to know when searching for and using a said piece of information. Keep that in mind.Emails are a meal ticket. If you are performing a dox, you want them. Sometimesyou start with just an email address and sometimes you dont. Lets start by sayingthis is your starting point. If you have an email address one of the first things you should check is the security measures on the email address (after googling

it of course and pulling those results). This tips the scales of being legal and illegal. Only doing this is still technically legal; if you take it further then not so much. Go to the client and without attempting to login to the email select the Forgot Password option. This should ALWAYS be done using a proxy or VPN.Some clients will log IPs of those clicking on this link. Same goes for attempting to login. You will normally see 1 of 3 things. Security questions, a backup email account, or a phone number with only the last 2 digits in plain text. Takenote of whatever you see. Lets break this down. Security questions are very vulnerable and are most commonly questions that are geared for the user to remember.This information also happens to be a common discussion topic among friends. Whatis your pets name?, What was your high school mascot?, Where were you born? You kthese questions. I dont need to list them all. A backup email is usually has a couple asterisks to prevent you from seeing the full email. But through your dox

you are likely piece it together, so copy it down. Finally the phone number willonly show you the last 2 digits. What you probably dont know is that using various people searches you can sometimes find the first 6 digits in plain text and the last 4 blanked out. That means you only need to decipher 2 digits to have thecomplete number. It is also a good reference if you already have the targets number to make sure they line up. This is good to check before attempting to breakinto the email if you know its an old number so they dont get texted by the client of the break in. Oh right, thats illegal. Moving on then.Emails can also give you direct links to social media profiles. There used to bea separate unlisted search page to search facebook by email but it has since been integrated into the normal search bar now. This makes it easier for you. Tryit.

3. Usernames

Emails flow right into this area of focus and vice versa. A lot of times the username is the same as the email address without the @ and what follows. Plug andplay with these. You will get lucky a lot of times and find the targets email address this way. Usernames can also be one of two things; very unique and very common. The unique ones make it easier to find when googling and should be a focuspoint for you if they are. If they are common dont become discouraged, it just means more data to sift through. But you will eventually make your connections.

7/29/2019 Doxing Never a Sound

4/6

4. IP Addresses

Just to get this out of the way. As previously mentioned it will be tough to pull IP addresses without some basic SE. But if you do have one make sure you crossreference a couple IP lookups to correctly determine a location if you dont already have a trusted one that you already use. As this information is very often incorrect.

5. Phone Numbers:

Numbers can be a hassle and can prove very difficult to find as most people often feel a bit uncomfortable posting their numbers out in open public. This is where SE will help especially if you know their work email address. A lot of timesfor example for work emails people will have their signature setup to show theirtitle, work location, and contact information to make communication between other employees easier. Refer to the above on my example of Google searching when searching out number connections. Did I mention you can also find Facebook accounts by putting a phone number in the search bar? Yep. If they have listed in their profiles or in the account you bet. Not a 100% guarantee but it does work enough to take a second to check.

6. Language Comparisons:

If you are running dry and having difficulty making connections you might want t

o try this. Language comparisons are something you should watch out for anyway though. I once doxed a guy who liked to Capitalize The First Letter Of Every WordJust Like This. It made tracking him pretty easy. But something else is try taking information already posted and search for just that. Suppose we have an individual come into the forums and say they ask asking for someone to hack a website. No emails listed on their profiles and the username is yielding nothing. Butdo a quoted search of part of one of his sentences and now we find he has postedthe exact same question in 5 different locations. To which then we find his email address, then his facebook, his phone number, and turns out the website belongs to a guy he goes to school with who stole his girlfriend away from him.That being said, that is how I found out that my first two articles were straight copypasta to other sites and the author claimed credit for writing them. Now I personally dont mind this too much if you want to do it, albeit annoying. Just at

the very least say you got it from HTS.

7. Profiles

Profiles can contain a little or a lot. We already know social media profiles provide a plethora of information. But any site your target has an account on youneed to check the profile to see what is listed. You may find another piece of information that you didnt already have.

8. People Searches

This is big and is exactly where Google will fail you. There are sites that areby design made to search specifically for profiles and public records. Google wo

nt do this because as an admin of a site you can prevent Google Bots from doing their thing. You need to already know the profile URL location of the sites for people searches to work (if by username or email). I will say this, a lot of themsuck, and a lot of them want money. But there are some out there that can proveinvaluable in your doxing endeavors.

9. Images

This is huge. Image trails can and will often be your yellow brick road. Pinterest, instagram, imgur, reddit, 4chan, pictures everywhere all day every day. Ofte

7/29/2019 Doxing Never a Sound

5/6

n posted with complete disregard on what pictures can yield. In some cases withsome work you can pull original file names (ie: names of who the picture is of,id codes of social media profiles and camera information), dates of creation (taken), and sometimes even GPS location if taken with a phone. But even if you dontknow how to do that you can still find solid connections to various accounts inquestion if you find the same pictures. Ill explain this with an example and a sad one. You find a picture of a girl flashing her breasts. Its hosted on Imgur. You look to the right and see her Imgur account name and click on it. Now you seeher other files and some pictures of her and her family. Now search by image and find her facebook, she is only 16. Imgur and Instagram are vulnerable to the careful observer to finding your other pictures. Imgur will not however show images not in a file and not in files listed as hidden. Instagram tries to prevent you from seeing the account on the main site but with webstagram you can see it all.

Try these and you will what I mean:CODE :http://web.stagram.com/n/(username)/http://(username).imgur.com/

Now I just mentioned searching by image. There are two ways to do this. You canuse a website designed to as such, but like before most of them suck. Or you canuse Google. An image search site will give you the option to upload or use a li

nk. With Google you can only use a link. So if you have a downloaded image, upload it somewhere first then use that link. To use Googles image search simply throw in the image link and it will say no results found (most likely) due to it searching for the link and not the image. It will then give you the option to search by image, doing this will show other locations for the same image and like images. This can be extremely handy. Now, if you search for an image link and it actually gives you normal search results, you can instead throw this up in your URL to search by the image if Google doesnt give you the option:

CODE :https://www.google.com/searchbyimage?hl=en&safe=off&biw=1920&bih=1080&site=search&image_url=(image location)

Conclusion and Prevention:

Prevention should be pretty apparent by now. This has been said before and now you can see why.- Use different email accounts.- Create common usernames and dont repeat use them.- Do not allow profiles to list your email address and other personal details.- Ensure all profiles that can be private are.- Dont post all of your information all over the place!

In conclusion, I hope this provides you a decent head start into the world of doxing. There are more advanced techniques and some that I did not mention. I liketo encourage some work on the reader to seek out and learn on their own. You will remember more that way. Now if you are interested, in the forums I have hosted a doxing challenge that I have personally created and manage if you want to give doxing a test run. It can be found here:https://www.hackthissite.org/forums/viewtopic.php?f=116&t=9340

If anyone has any questions or wish to discuss or add some of your techniques an

7/29/2019 Doxing Never a Sound

6/6

d tools please do so. Thanks for reading.