Differences

This shows you the differences between two versions of the page.

--- paste_git_monitoring [2022/11/08 17:04]
kaduuwikiadmin [Search Syntax]
+++ paste_git_monitoring [2024/10/16 23:26] (current)
kaduuwikiadmin
@@ Line 1: / Line 1: @@
 ===== Introduction =====
-**Pastebin** allows users to share text in the form of public posts called "pastes." Since the launch of Pastebin,many similar web applications called "paste sites" have developed. Pastebin sites are usually used for sharing code. However, any data in text form can also be uploaded and shared. The Pastebin search tool allows users to find relevant content based on keywords. Pastebin also relies on users to report abuse, which means non-compliant ones are rarely removed. This allows hackers to easily and anonymously penetrate data in an accessible location. Pastebin and similar websites are hosted on the Deep Web. This means that they can be viewed in a normal Internet browser, but the content is not indexed by Google and other traditional search engines. Users have to use the internal keyword search function to find specific content, or get paste links directly from other users. There are also paste sites on the dark web that offer increased anonymity via a Tor browser and are focused exclusively on illegal activities. For example, DeepPaste on the Dark Web is mainly used for advertising illegal goods or services. So, hackers use paste sites to prepare attacks or even to anonymously publish data from successful attacks. Therefore, it is important to monitor them.
+Pastebin allows users to share text in the form of public posts called "pastes." Since the launch of Pastebin,many similar web applications called "paste sites" have developed. Pastebin sites are usually used for sharing code. However, any data in text form can also be uploaded and shared. The Pastebin search tool allows users to find relevant content based on keywords. Pastebin also relies on users to report abuse, which means non-compliant ones are rarely removed. This allows hackers to easily and anonymously penetrate data in an accessible location. Pastebin and similar websites are hosted on the Deep Web. This means that they can be viewed in a normal Internet browser, but the content is not indexed by Google and other traditional search engines. Users have to use the internal keyword search function to find specific content, or get paste links directly from other users. There are also paste sites on the dark web that offer increased anonymity via a Tor browser and are focused exclusively on illegal activities. For example, DeepPaste on the Dark Web is mainly used for advertising illegal goods or services. So, hackers use paste sites to prepare attacks or even to anonymously publish data from successful attacks. Therefore, it is important to monitor them.
-**Git** is a free and open source distributed version control system designed to handle everything from small to large projects and share code among developers. Publishing sensitive information to version control systems like GitHub is a common risk for organizations. There have been documented cases of developers accidentally publishing secrets such as API keys only to have them scraped and used by attackers moments later. Thats why ist important to monitor GIt repositories.
+Git is a free and open source distributed version control system designed to handle everything from small to large projects and share code among developers. Publishing sensitive information to version control systems like GitHub is a common risk for organizations. There have been documented cases of developers accidentally publishing secrets such as API keys only to have them scraped and used by attackers moments later. Thats why ist important to monitor Github repositories.
+===== How are hackers using paste sites? =====
+  * Sharing stolen data: Hackers may use paste sites to share stolen data, such as login credentials, personal information, or confidential business information, with other members of their group or with the public.
+  * Storing malware: Hackers may use paste sites to store malware, such as viruses, trojans, or ransomware, that they have created or obtained. This allows them to easily share the malware with others or to distribute it through infected websites or email attachments.
+  * Communicating with other hackers: Hackers may use paste sites to communicate with other members of their group or with the public. They may use these sites to share information about vulnerabilities, tools, or techniques, or to coordinate attacks on specific targets.
+  * Hiding command and control infrastructure: Hackers may use paste sites to host Command and Control (C&C) infrastructure, which is used to control and manage malware infections. This allows them to easily update malware or to exfiltrate data from infected systems without being detected.
+  * Doxxing: Hackers may use paste sites to share personal information about individuals or organizations, known as doxxing, as a form of harassment or intimidation.
+  * Phishing Schemes: Hackers might use paste sites to host phishing pages, which they could then use to steal login credentials or other sensitive information from unsuspecting victims.
+It's important to note that many paste sites have implemented anti-abuse measures and policies and will remove illegal content when notified
 ===== How does this work? =====
+You can monitor Github and Paste Sites in 2 different ways:
+  - Using https://deepweb.leak.center/paste_monitor/dashboard
+  - Using https://v2.control.leak.center/#/paste/search
+**''About 1)''**
+The technique we use in deepweb.leak.center is slightly different to control.leak.center and will catch different results. In this platform we offer the ability to use custom google queries to find your keyword in combination with paste sites and a direct API connection to Pastebin. You see under "sources" on the result page which technique was used to grab the according result:
+{{::pastebin1.png?800|}}
+**''About 2)''**
+We use a simple http crawler for +50 pages
+These pages publish their latest pastes on their website, allowing us to index them.
 Please enter you search term under the navigation item "pastebin". You could for example search for pwd AND jpmorgan and you will see all data that contains BOTH search terms in the same result:
@@ Line 47: / Line 73: @@
 | quick brown | Search for quick or brown in paste text. This is the equivalent of quick OR brown search query.|
 | quick OR brown | Search for quick or brown in paste text. OR keyword is case-sensitive. This is the equivalent of quick brown search query.|
+| quick AND brown | Search for quick and brown - the paste should have both. AND keyword is case-sensitive. |
+| quick AND NOT brown | Search for pastes containing quick and not brown. AND and NOT keywords are case-sensitive. |
+| quick -brown | Search for pastes, with quick and containing no brown. This is the equivalent of quick AND NOT brown query. |
+| createdAt:2020-03-05 | Search for pastes indexed on 5th of March, 2020. |
+| createdAt:[2019-01-01 TO 2020-01-01] | Search for pastes created between 1st of January, 2019 and 1st of January, 2020. |
+| createdAt:[* TO 2020-01-01] | Search for pastes created until 1st of January, 2020.|

My DokuWiki

User Tools

Site Tools

Differences

Page Tools