MLT Guide

and what you can do with it

(Version 0.9)

's

D0xing

to

Note from the publisher: The content in this doc was written and collected by MLT, who is not the person who created the .PDF of this book. The publisher only fitted the content into the design and added a few links and some typos maybe.

=D0x

What is doxing?
First off, I would like to start with a disclaimer, this guide is only for educational purposes, and I do not recommened carrying out the methods described within this guide. Now, onto doxing. Doxing, is the term used for the process of gathering personal information on a victim/target, although this does commonly take place over the internet, this isnt always the case. There are many methods of doxing, and various tools available over the internet.

Where to begin?
Basically, any personal information you have on the victim will be helpful, whether it be a facebook page, their full name(or even their first name), their general location, their phone number, anything. Social-Engineering is very closely related to doxing, as you can social-engineer the victim into revealing information about themselves. A good knowledge on how to trace IPs can also be helpful, as say, for example, if you have a full name, but no location, searching for that one name out of the whole world.. theres going to be a lot of people with that name, but if youre searching for someone with that name, living in a certain city (based on location of their ISP), it narrows it down, drastically. If they own a website, a simple WHOIS search will save you a lot of time. I am going to go through multiple scenarios, based upon potential information one could have on a victim.

Compiling/formatting your dox

Placing your dox in an eye-friendly format will save you a lot of time in the long run, and will avoid confusion. You should make a template to store your dox in, before attempting doxing Here is a suggested template that I made to store your dox in, it can be modified to suit your needs, but it covers the basics.

Usernames/Aliases: Real name: Real Nickname(s): Location: Ethnicity: Nationality: Pictures: Videos: Religious Views: Sexual Orientation: Home number: Mobile number:

IP address: Websites owned: Social-Networking pages: Forums theyve posted in: Family members: Occupation: Criminal Record: Car make, model and liscence number: List of all websites with their info on: Misc. information:

Tip!
Maltego, developed by Roelof Temmingh, Andrew Macpherson and their team over at Paterva, is a premier information gathering tool that allows you to visualize and understand common trust relationships between entities of your choosing. Currently Maltego 3 is available for Windows and Linux. There is also an upcoming version for Apple users that has yet to be released. Demo version is free to use and all youll need for your first few d0x ops.

Google Searching and boolean operators

Never underestimate the power of google, whilst doxing someone, google is by far your most powerful tool. You should come familiar with exploiting search terms, and any similar vunerabilities in google. http://www.hackersforcharity.org/ghdb/ is a useful site with lots of information on google hacking. Also try exploitdb.com. You should also learn all the boolean operators, as they can come in very useful, http://sudarmuthu.com/blog/2006/05/07/google-search-syntax-dissected.html is a webpage explaining how boolean operators work. If theres a dead link which you think will lead to information on the victim, you can always try googles cache. If google doesnt have a cache of the page, try using http://web.archive.org.

Getting the Victims IP

There are various methods of doing this, although im not going to go too indepth into this. Programs such as http://oxid.it/ Cain and Abel can be used, but programs arent always needed. Over MSN, the easiest option is to use the IPGet addon, or:
Go to start, then run, then type cmd, then type netstat -n, send the victim a file, or have them send you a file, or go on webcam with them, and repeat the process. The IP that wasnt previously there is the victims IP.

If youre on a website with the victim, you can get their IP by them seeing an image you have hosted. You will need a website for this. Host an image on your website, and put it as your avatar, Private Message the victim, then view the visitor logs for your website, and the victims IP will be available. This can also be achieved using a php dynamic image, and the .htaccess trick, although this is a lot more complex. You could also simply send the victim a link to your site, and then view their IP that way.

I have a victims username, what next?

Well, youre probably thinking having only the online username of a victim is completely useless. Think again, take the FBI for example, when theyre doxing, the first thing theyre going to look for is information leading directly to the location of the victim, or the victims ISP, say the victim is using multiple proxies/vpns, etc, this may be too hard for the FBI to accomplish, so instead, theyll start doxing the victim by finding information about their usernames/aliases, when the FBI dox, thats always what they look for first. You can have loads of proxies, but you should have even more aliases than you do proxies. I know.. we all want to claim credit for things, make ourselves look cool.. but, it will result in your downfall. Also, to protect yourself from doxing, use a short username, like I do. Think of it this way, if theyre registered on hackforums, for example, with a certain username, chances are theyre going to be registered on other websites with that same username. First thing to do, is to run a google search of their username, and see if any interesting websites come up, any forums that they are registered on, etc. If you do find something, see if you can view their profile, as they may have their date of birth, or email address, or something similar there. If they have registered on a forum, you can also sift through all of their posts, to see if they have let slip any personal information, but this can be time-consuming. After google searching their name, regardless of whether you get anything useful or not, you should try searching their username/real name on:
http://knowem.com/ http://com.lullar.com/ http://www.pipl.com/ http://www.spokeo.com/ http://www.checkusernames.com/ ... and any other medium to big sized social network.

I have a victims Email Address, what next?

First off, as usual, start by google searching the victims email address. Generally, you dont get information from this, but you may be surprised, if theyve signed up on a website using their email address, that information might be available to you in a simple google search. If nothing shows up, try www.pipl.com. If theyre in your contacts list, and you dont know their full name, try using http://www.facebook.com/find-friends/index.php. You can also coax a victim into sending you an email with an attachment, hovering over the attachment in windows, should give you the name of the author, which will generally be their name, if theyve set up their PC using the correct details. http://www.emailfinder.com/ is a reverse-email lookup, which can be used to find information from an email-address. Having a victims email can also be a great oppourtunity for social-engineering/ manipulating them.

I have a victims Name, what next?

Once you have a victims name, youve got pretty far. Chances are, youll know their general location by the point when youve got their name, but if not, you need to strive to find that out. Start with a google search of their name, it may bring up some social-networking sites, although this generally doesnt work if they have an exceptionally commonnly used name. Once you have their name and general location, you want to proceed straight to getting their address and phone number. Here are some useful sites:
http://www.whitepages.com/ person http://www.zabasearch.com/ http://www.411.com/ http://www.foo.com/ http://www.lookuppeople.co.uk

I have a victims phone number, what next?

A google search will probably be useless this time, but theres still a very slim chance, so try it anyways. Performing a reverse-phone lookup is probably the best choice here. Sadly, theres now no longer a reverse phone lookup for the united kingdom available on the internet. People in the USA are in luck, below are a few which work:
http://www.usaphonelookup.com/ http://phonenumbers.addresses.com/phone.php http://www.whitepages.com/reverse-lookup http://www.numberway.com/phone-numbers/3/ http://www. infobel.com http://www.freecellphonedirectorylookup.com http://www.isearch.com

I have a picture of the victim, what next?

Once you have a picture of the victim, the first thing you want to do, is perform a reverse image lookup, to see what other websites they post on. A decent website for a reverse image lookup is TinEye or just use the Google Reverse Image Search function (just drag the victims picture into the image search box and it will pop open saying Drop image here/search by image. Another useful way of gathering information about someones picture, is .exif data. exif, stands for Exchangeable image file format. It is the image file format that digital cameras use, and stores information about the camera and photo. http://upload.wikimedia.org/wikipedia/commons/6/6a/Konqueror_Exif_data.jpg Above is an example of what you will typically find in exif data, it is not very useful, although it does tell you what type of camera/phone they own, and the date and time when they took their photo.

EXIF DATA
Exif data is completely underrated, if the user has an iPhone, or another phone with GPS tracking enabled(lots of phones do, such as various N series Nokais, and pretty much any phone using the Android operating system, a few cameras do also.) then you can find the GPS location, which is usually accurate by the nearest hundred metres, of exactly where they were when they took their photo. Some Phones and Cameras even tell you the name of the victim within their .exif data. An online .exif data viewer can be found http://regex.info/exif.cgi. You simply choose an image from the web, or upload your own image. Firefoxs new file API can be used for viewing .exif data, and be found here. There can be an .exif data viewer firefox add-on found http://hacks.mozilla. org/2009/12/firefox-36-fileapi-demo-reading-exif-data-from-a-local-jpeg-file/, its very user-friendly, you simply right click the victims picture, and the .exif data will open up in a new window.

Other Misc. info I can find out on the person?

Cell phone monitoring services can be used to monitor the victim using GPS, it will reveal where the victim is at any given time. Two good Cell phone monitoring services are https://secure.accutracking.com/ login.php and https://secure.accutracking.com/login.php. http://www.abika.com/ is a great overall site for doxing, you can do background checks on people, various reverse lookups, criminal record searches, etc. Abika also has a liscence plate search. Here is a site to view the marriage registeries, to see if your victim is married, and if so, when, where, who to, etc.

Linkage

NOTE: Not all of these links work. You might encounter some broken ones or some changes to
sites (no longer offering free services etc.)

http://www.ip-adress.com/ip_tracer/ http://www.zabasearch.com/ http://www.zoominfo.com/ http://www.freeality.com http://www.isearch.com http://www.whitepages.com/find_neighbors http://www.411.com/ http://www.google.com/search?hl=en&pb=r&q=NAME+HER E+%28first+or+last+or+b oth%29+optional%3A+state%2F zipcode%2Fcity%2Fetc. http://infobel.com http://www.pipl.com/ http://com.lullar.com/ http://www.checkusernames.com/ http://www.ip2location.com/ http://www.paterva.com/web5/ http://www.archive.org/index.php http://www.emailchange.com/ http://www.selfseo.com/find_ip_address_of_a_website.php http://tvtropes.org/pmwiki/el.php?findfor=InsertNameHere http://tineye.com/ http://regex.info/exif.cgi http://www.192.com/ http://www.criminalsearches.com/ http://www.blackbookonline.info/ http://skipease.com/ http://www.whoishe.com/ http://www.usaphonelookup.com/ http://phonenumbers.addresses.com/phone.php www.spokeo.com http://pastehtml.com/view/b1026x5qu.html www.ipeople.com https://www.facebook.com/directory/people/ www.whitepages.com www.yasni.com www.skipease.com www.peekyou.com www.soople.com www.zaba.com http://www.zabasearch.com/ Abika.com freeality.com radaris.com www.fonefinder.net http://wink.com/ http://spock.com http://socialmention.com/ http://www.whostalkin.com/ (this is one of my favorites! Lots of socnets included!) http://www.samepoint.com/ http://www.oneriot.com/ http://www.kosmix.com/

www.yacktrack.com www.keotag.com/ twoogel.com knowem.com http://www.lytebyte.com/2008/03/01/how-to-find-your-cellphones-email-address/ http://textsurprise.com/index.php http://www.clamtxt.com/ http://www.freesmsbundles.com/ http://www.sendmassage.com http://m.websmsonline.com/index.php http://pumpsms.com/index.php http://pastehtml.com/view/b1026x5qu.html www.pipl.com www.ipeople.com https://www.facebook.com/directory/people/ www.whitepages.com www.yasni.com www.skipease.com www.peekyou.com www.soople.com www.zaba.com http://www.zabasearch.com/ Abika.com freeality.com radaris.com www.fonefinder.net http://wink.com/ http://spock.com http://socialmention.com/ http://www.whostalkin.com/ http://www.samepoint.com/ http://www.oneriot.com/ http://www.kosmix.com/ www.yacktrack.com www.keotag.com/ twoogel.com knowem.com http://yahoo.intelius.com/ http://www.findermind.com/free-people-search-engines/ http://www.peekyou.com/ http://aad.archives.gov/aad/series-list.jsp?cat=GS29 http://www.192.com/ http://www.freecellphonedirectorylookup.com http://pastehtml.com/view/bh59gkh7b.html# http://www.archive.org/web/web.php http://www.numberway.com/phone-numbers/3/ https://www.vinelink.com/vinelink/initMap.do http://www.jailbase.com/en/sources/fl-lcso/ http://publicrecords.onlinesearches.com