# OSINT Password

## Hunting Breached password

* We can use [dehashed](https://dehashed.com/) **cost money**
  * If a similar password pops multiple times it means it could be used somewhere else.
  * Dehashed will also allow us to lookup for password and give information on where it is coming from
* [WeLeakInfo](https://weleakinfo.to/)
* [Snusbase](https://snusbase.com/)
* [HaveIBeenPwned](https://haveibeenpwned.com/)
* [Scylla](https://scylla.so/)

## Breachparse

* Get the tool [here](https://github.com/hmaverickadams/breach-parse)
* This tool will searched through the breach data and pull down names
* `./breach-parse.sh @domain.com outfile.txt` gather breached emails and passwords from the mentionned domain and put it in a file using the name mentioned
* At the end of the execution we will get 3 files `outfile-master.txt` with email and passwords, `outfile-passwords.txt` with the pulled passwords nd `outfile-users.txt` with the users

## Other tips

* If we get hash:
  * We can try to crack it
  * It can be useful to search it and see if it ties back to something else
* Developers often share whole sections of code on StackOverflow (we could find leaks there)
* Github migh have private keys or secret as well


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://csbygb.gitbook.io/pentips/osint/password.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.