Doxing is a technique of tracing someone or gathering information about an individual using sources on the internet. Its name is derived from “Documents” or “Docx”. Doxing method is based purely on the ability of the hacker to recognize valuable information about his target and use this information to his benefit. It is also based around the idea that, “The more you know about your target, the easier it will be to find his or her flaws” ~ Urban dictionary.
Such flaws can then be exploited. The exploitation wildly differs depending on the adversary. For example, profiling information can be used for encapsulation attempts. If those fail, and you are still enough of an annoyance to your government, expect aggressive demonisation by government paid trolls (and exceptionalism at its current flourishing best).
- General resources
- Ditching online presences
D0xing is also a part of reconnaissance, which generally focuses on its dark side.
You can use the same (or similar) spies online techniques to see yourself through the eyes of the adversaries that might d0x you. That information can then be used to protect yourself from your adversaries as best as you can. And when setting up other, anonymous or pseudonymous identities, these resources can be used for test-driven-development of the identity.
Search engines[linkview show_cat_name=”0″ cat_name=”Search Engines”]
Looking for profile(s) of (a) person(s):[linkview show_cat_name=”0″ cat_name=”People Search”]
Searching for information using (an) image(s):[linkview show_cat_name=”0″ cat_name=”Image Search”]
Posts and discussions
Searching for information using a post or discussion:[linkview show_cat_name=”0″ cat_name=”Discussion Search”]
When you have an IP address an IP lookup will provide details such as ISP name, country, state, city, longitude and latitude. Domain names can help us to find out important information such as address, email id and phone number:[linkview show_cat_name=”0″ cat_name=”IP address Search”]
And then there are tools particularly created for d0xing (also known as human recon). Please follow the money, where the makers are located, and assess likelihood of the code being poisoned. I use as little automated tools as possible. Not only because of the risk of poisoning, also because I prefer to pay more attention to little-easily-overlooked-details. The more you automise, the more you overlook.[linkview show_cat_name=”0″ cat_name=”Doxing tools”]
Such as wandering through archives, yellow pages, phone directories and other possibly useful information made publicly available.
Europe[linkview show_cat_name=”0″ cat_name=”Archives Europe”]
Africa[linkview show_cat_name=”0″ cat_name=”Archives Africa”]
Asia[linkview show_cat_name=”0″ cat_name=”Archives Asia”]
Oceania[linkview show_cat_name=”0″ cat_name=”Archives Oceania”]
South America[linkview show_cat_name=”0″ cat_name=”Archives South America”]
North America[linkview show_cat_name=”0″ cat_name=”Archives North America”]
Bigger identity wardrobe
When you are familiar with your own shadow online, you can change the avatar to cast another shadow, or you can ditch it completely and leave digital spaces -some information can not easily be removed and/or changed and is retained- or set up multiple, fake, anonymous or pseudonymous avatars.
Got more links or suggestions for this page? Please post below as a comment or reply to tweets of this post.