Table of Contents

Deep Web Hacker Forum Search

Introduction

Hacker forums provide clues to possible attack techniques, attack preperations against clients or leacked data. Kaduu enables you to explore and monitor hacker forums, allowing our clients to gain a better understanding of the tools and techniques used by hackers and the areas that are most likely to come under attack.

What can you find in hacker forums?

Hacker forums can be a source of a wide range of data from organizations, including:

The Kaduu dashboard offers a sophisticated darknet search tool designed to navigate and extract information from the elusive corners of the internet, commonly referred to as the "darknet." This search tool is vital for security professionals and researchers who require access to real-time and historical data related to cyber threats, data leaks, and hacker forums.

Technology and Background

The darknet is a part of the internet hosted within an encrypted network and accessible only through specialized means, such as specific browsers and configurations. Due to its secretive nature, standard search engines do not index these spaces, necessitating specialized tools like ours.

The Kaduu darknet search tool comprises two main components:

Database Search:

This feature is intended for in-depth, occasional searches in real time. It is limited to prevent account bans and IP blocking by robust botnet protection systems like Cloudflare. Live search is complementary to database searches and is particularly useful when specific, up-to-date information is required.

Handling of Data Leaks

Usage and Restrictions

Recommendations and Extended Use

While the database search covers approximately 90% of relevant forums through automated crawlers and our analyst team, live search serves as a supplementary tool for deeper investigations. Should clients require more extensive use of live searches, we offer extended licenses that include the creation of additional forum accounts.

In this deep-web search, we log in to +50 known hacker forums with various accounts and submit the keyword that is entered in the search mask of the hacker forum. For example, you can enter your company name or a brand to see if people are talking about it in the forums. If there are results for the search term, we show them in a link as a download. The corresponding pages are saved as a screenshot and also as a web page. We focus on the most popular forums in English, German, French and Russian language.

No - we only use the generic search field form the forum. Only the system admin could see in the log files the queries.

Lets say your company name is "Bank24 LdT" and your domains are "bank24.com and bank24.us". We recommend that you use a more generic search approach. The recommended query in the abive example would be "bank24" without the domain or legal specification.

How do we present the data?

If we find any result related to your search keyword, you can download the screenshot and html file in an archive.

Yes - you can press the delete button and the scan will be stopped and removed.

Are there any limitations?

A search can take up to 60 minutes. Please be patient. We also only allow a maximum of 5 searches per customer per day and a maximum of 20 per month, otherwise our authenticated accounts will be flagged. If you want to search for leaks without restriction, you can use the expert leak search mode https://wiki.kaduu.ch/doku/doku.php?id=leak_search, which searches for data that has been leaked in the past. The difference is that hackers usually do not publish recent data leaks for free, but sell them. So, if you want to find more recent data leaks that are being sold, you need to perform a live search.

Hacker forums are not professional websites in terms of stability, accessibility and functionality. So it happens again and again that they are temporarily offline. Sometimes they disappear completely and then reappear under a new domain. All hacker forums that have relevant data have in common that you have to log in with a user, solve a captcha and also very often have to pass an anti-bot check (Cloudflare). These components change frequently (e.g. the type of captcha) and thus automated scripts that are tuned to a forum quickly get problems when such a change takes place. But also changes to the HTML code within the forum can lead to errors if our tools are programmed to search for data in very specific areas of the forums. Another problem is that hacker forums do not tolerate automated bots like ours. So if a forum detects our activity, they will block our account or IP address. In summary, the technology will never be 100% reliable, there will always be changes and errors in individual forums. If there are several hundred forums, these errors will naturally accumulate and in kaduu only the errors are displayed on the very first page, which gives the impression that many forums have errors. But this is not the case and we are working daily on the optimization of the crawlers.