Newsletter 2020-05-11

Published on May 11, 2020 by

May 2020: New dorks website, Tor, DDoS test and a Europol takedown

Our dataset continues to grow significantly: 17,660,962,195 selectors

In the past few months, we have invested in 200+ TB of enterprise storage which allows us to scale up data collection even more. As for the public web, we are currently crawling these TLDs: DE, AT, LU, CH, UA, KZ, RU

Later this week we will increase our coverage of TLDs and include major ones like .com, .org, .net, and many others.

🕵🏻 New Dorks website

👉🏼 https://intelx.io/dorks

This new dorks page provides simple links to “find something interesting”.

✅ Discover invite URLs for popular communication apps
✅ Lookup of deleted pastes
✅ Find historical website copies

Tor

Last month, we took a close look on Tor. We investigated spam websites run as Tor hidden services and published a blog post here.

tl;dr we removed from our Tor index:

  • 209,081 unique onion domains detected as spam
  • 34 million website files
  • 500 GB of data
  • 28% of our Tor index

We looked into Tor vanity domains which are .onion domains that include human recognizable text usually in the beginning. An example is “silkroad7rn2puhj.onion”. Read all details in this blog post. tl;dr: Only 11 out of 16 characters of onion addresses can be cracked using a used $300 GPU. 12 out of 16 will cost you at least $12k and cracking a full onion domain about $13 billion.

Lastly, we want to push the message that Tor hidden services are a failed technology doing “much more harm than good in practice”. We reposted an important blog post from the Lawfare Institute here.

Self-ddosing test

Yesterday we tried to self-ddos ourselves by using a shady DDoS-attacks-as-a-service provider. We documented it here with screenshots of the attack, statistics, and graphs showing the amount of IPs, bandwidth and packets per seconds used in the attacks. tl;dr:

  • Some attacks have no impact at all
  • Network level attacks (TCP SYN, NTP, DNS) can often be filtered and mitigated via simple firewall rules
  • Some of the attacks are successful in slowing down the responsiveness of the website
  • No attack had any permanent effect.

Takedown supported by Europol

Europol issued a press release stating: “Polish and Swiss law enforcement authorities, supported by Europol and Eurojust, dismantled InfinityBlack, a hacking group involved in distributing stolen user credentials, creating and distributing malware and hacking tools, and fraud.”

This takedown included the website datasense[.]pw, which, according to its own description, is a “combo cloud service that let’s you access thousands of databases, in a matter of seconds”. It is said that the hacking group was responsible for the massive Collection #1 data leak from January 2019.

This new development follows the seizure of WeLeakInfo in January 2020 by the FBI and European authorities.

Follow us on Twitter for the latest updates: https://twitter.com/_IntelligenceX


Kleissner Investments s.r.o., Na Strzi 1702/65, 14000 Prague, Czech Republic

If you don’t wish to receive this newsletter anymore, please click here to unsubscribe.

Related articles

Newsletter 2020-10-19

Published on October 19, 2020 by

October 2020: Hunter Biden, Maltego Transform v4, Decentralized TLDs 🥳 It has been 2 years since the launch of Intelligence X! At this point we would like to thank our users & customers for their trust and we look forward to the future. -Intelligence X Team Make sure to follow us on Twitter for the


An OSINT investigation into the alleged Hunter Biden email

Published on October 14, 2020 by

Disclaimer: Intelligence X is politically neutral. This investigation is based on public information (open source intelligence). tl;dr: It appears that the email addresses appearing in the alleged email are accurate. This does not validate nor refute the content of said email. The New York Post published today the two articles “Hunter Biden emails show leveraging


Top-level domain considerations

Published on September 21, 2020 by

We want to give some insight into top-level domains (TLDs) supported by Intelligence X. Even though there are a total of 1,508 available TLDs (full list by IANA), we choose to only support certain TLDs in order to prevent spam, false positives, and maintain a high quality data set. Validation of top-level domains appears in


Search the blog: