The Basics
What is doxing?
Doxing is basically finding out information about a person. The vast majority of people on the internet are anonymous and with anonymity comes power because you cannot hurt the physical person behind the username.
Doxing takes away this power, that is why people will go to extreme lengths to make sure they remain anonymous.
However, the internet stores information from decades ago. Almost everyone can be found on the internet if you know what to look for.
What Are You Looking For?
Anything and everything. The main goals of doxing are to find out;
With these you have power of the person you are doxing. However you are not limited to this. Look for absolutely anything on the person.
Methods
Doxing is subjective, there is no set way to do it because all of it depends on the person you are doxing.
Here is the method I use and have found to be highly effective:
Start with the person's username
I am assuming this is a person on a forum you want to find out information on.
Everyone registers on a forum with a username, most people will use this username for several forums.
Start by googling this.
If however you are like me, your username means something else. Mine is the Greek God of Death, so if you simply google Thanatos you will get thousands of results. You will be searching for the proverbial needle in a haystack.
However, you know that I am on a hacking website so the chances are I will be on others. So you begin to look for results using "Thanatos" and "computer security" or "hacking" etc. (Don't worry you won't find much on me)
If you find the person on multiple forums register on that forum (use an untraceable username) and read every post your slave has ever posted. People will usually let some information slip (I just went and edited a post I made on another forum a month ago because I remembered I left too much information there)
Most forums have a "Post A Picture Of Yourself" thread or something along those lines, so you can normally get a picture of your slave at this point. However, if they are careful you might get nothing.
Write down any piece of information, no matter how trivial. With every new piece of information, new roads of investigation open up.
E-Mail Address
As I begin to write this section I decided to google my e-mail address. It links to two pages dated 2006. I went on these pages and found links to a very old social networking page I used to have which contained information about me that I don't like on the internet. Thankfully I closed the account so it's all deleted now.
Back on topic now; e-mail addresses. Google the person's e-mail address if you have it. This is a very effective way as all posts with their e-mail address in it provide great amount of information. If someone registers on forums using different usernames but the same e-mail address it can be used to link them.
With the e-mail address, go to;
http://www.myspace.com
http://www.bebo.com
http://www.facebook.com
and search the e-mail address. You can find old social networking pages which are a goldmine of information. Many people started these pages before they were aware of the dangers of all the information they left. People will use their real names on these pages so they are very useful. Location details are very important too.
You are looking to build up a rough profile of someone before you begin to narrow down.
Next Steps
If your slave is under the age of 18 then the person will not be on any electoral registers etc. so they are a dead end. However, if they are over 18 then the electoral register is a good place to look. Also the slave's parents will probably be on the electoral register so you can try to find them. A problem with this could be generic surnames "Smith" etc. will produce lots of results whereas something a bit less common such as "Christie" will produce less results
Look at your profile and start to cross-reference pieces of information. I know someone's name and rough location let's look through a phonebook:
https://www.intelius.com/
http://pipl.com/
http://www.ukphonebook.com/
are 3 very good sites for the USA and UK. They allow searches of people and locations. I have used these sites many times with great results and reverse lookup of phone numbers (so if you manage to get a phone number without the address you can look it up)
Now if you are ex-directory (like myself) then you will not show up on these records but the majority of people will not be. This tends to be something outwith the control of a 13 year old threatening someone on a forum so it is usually a good way to find information.
These records will be under the parent or guardian name so you will have to search using the person's surname.
If you have the name of your slave's parents then you may want to repeat the whole process again but searching for the parent. Social networking sites are a great place to start for adults as they will usually give out name, age, job etc. pretty freely.
Maltego is a very good program for doxing, it allows visual representation of how websites etc. are linked to a person and allows you to build a comprehensive profile.
http://www.paterva.com/maltego/
http://ctas.paterva.com/view/What_is_Maltego
Conclusion
False positives are common. Cross-reference everything. If I think someone goes to a certain school and find a possible address for them inside that school's catchment area then there is a high probability that the address and school are correct.
Doxing requires intelligence, you need to know where to look, what to look for. I treat it as a puzzle. The more information you have the more information you can find out. You can find information in the wierdest places. Did you ever win a big award at school? Chances are that's on the internet somewhere. Ever take part in an outside club that did something special or went on a trip? That's probably on the internet somewhere
Example
The following is an example of a dox I did. It was by no means a complete dox as I didn't really care enough to constantly search for the guy. But the guy turned up on the news for being arrested so I feel I will share it here.
Ghost Exodus
Remember Ghost Exodus? The hacker who was arrested for hacking into a hospital system. I doxed him a few weeks before he was arrested. My dox had nothing to do with his arrest but some of the information I found was later found by the security consultant that was behind his arrest.
The story behind this dox started when a member called "r00t34d" joined this forum. In his signature was the mention of the Electronik Tribulation Army (ETA). After several of his posts caught my attention I decided to look into that organisation.
The following is a PM I sent to a friend (he can reveal himself if he wishes) regarding R00t34d and the ETA :
Quote:Sent: Tue May 26, 2009 12:23 am
by Thanatos
What do you make of r00t34d?
I cannot decide if the ETA is a bunch of script kiddies or not. I am thinking that they are.
They talk of being skillful etc. but I found incriminating evidence on them within minutes.
The irony is that they are going to try to DDOS anonymous by using a downloaded botnet.
After insulting anon for using DDOS they are going to do the same.
http://www.youtube.com/watch?v=E46vE6xf4...r_embedded
The video has now been removed after Ghost's arrest but it contained a message regarding botnets etc. which
What is doxing?
Doxing is basically finding out information about a person. The vast majority of people on the internet are anonymous and with anonymity comes power because you cannot hurt the physical person behind the username.
Doxing takes away this power, that is why people will go to extreme lengths to make sure they remain anonymous.
However, the internet stores information from decades ago. Almost everyone can be found on the internet if you know what to look for.
What Are You Looking For?
Anything and everything. The main goals of doxing are to find out;
- Real Name
- Address
- Phone Number
- Parent's Names
- Parent's Jobs
- Place of Education (School/University etc.)
- Job
- Relatives
With these you have power of the person you are doxing. However you are not limited to this. Look for absolutely anything on the person.
Methods
Doxing is subjective, there is no set way to do it because all of it depends on the person you are doxing.
Here is the method I use and have found to be highly effective:
Start with the person's username
I am assuming this is a person on a forum you want to find out information on.
Everyone registers on a forum with a username, most people will use this username for several forums.
Start by googling this.
If however you are like me, your username means something else. Mine is the Greek God of Death, so if you simply google Thanatos you will get thousands of results. You will be searching for the proverbial needle in a haystack.
However, you know that I am on a hacking website so the chances are I will be on others. So you begin to look for results using "Thanatos" and "computer security" or "hacking" etc. (Don't worry you won't find much on me)
If you find the person on multiple forums register on that forum (use an untraceable username) and read every post your slave has ever posted. People will usually let some information slip (I just went and edited a post I made on another forum a month ago because I remembered I left too much information there)
Most forums have a "Post A Picture Of Yourself" thread or something along those lines, so you can normally get a picture of your slave at this point. However, if they are careful you might get nothing.
Write down any piece of information, no matter how trivial. With every new piece of information, new roads of investigation open up.
E-Mail Address
As I begin to write this section I decided to google my e-mail address. It links to two pages dated 2006. I went on these pages and found links to a very old social networking page I used to have which contained information about me that I don't like on the internet. Thankfully I closed the account so it's all deleted now.
Back on topic now; e-mail addresses. Google the person's e-mail address if you have it. This is a very effective way as all posts with their e-mail address in it provide great amount of information. If someone registers on forums using different usernames but the same e-mail address it can be used to link them.
With the e-mail address, go to;
http://www.myspace.com
http://www.bebo.com
http://www.facebook.com
and search the e-mail address. You can find old social networking pages which are a goldmine of information. Many people started these pages before they were aware of the dangers of all the information they left. People will use their real names on these pages so they are very useful. Location details are very important too.
You are looking to build up a rough profile of someone before you begin to narrow down.
Next Steps
If your slave is under the age of 18 then the person will not be on any electoral registers etc. so they are a dead end. However, if they are over 18 then the electoral register is a good place to look. Also the slave's parents will probably be on the electoral register so you can try to find them. A problem with this could be generic surnames "Smith" etc. will produce lots of results whereas something a bit less common such as "Christie" will produce less results
Look at your profile and start to cross-reference pieces of information. I know someone's name and rough location let's look through a phonebook:
https://www.intelius.com/
http://pipl.com/
http://www.ukphonebook.com/
are 3 very good sites for the USA and UK. They allow searches of people and locations. I have used these sites many times with great results and reverse lookup of phone numbers (so if you manage to get a phone number without the address you can look it up)
Now if you are ex-directory (like myself) then you will not show up on these records but the majority of people will not be. This tends to be something outwith the control of a 13 year old threatening someone on a forum so it is usually a good way to find information.
These records will be under the parent or guardian name so you will have to search using the person's surname.
If you have the name of your slave's parents then you may want to repeat the whole process again but searching for the parent. Social networking sites are a great place to start for adults as they will usually give out name, age, job etc. pretty freely.
Maltego is a very good program for doxing, it allows visual representation of how websites etc. are linked to a person and allows you to build a comprehensive profile.
http://www.paterva.com/maltego/
http://ctas.paterva.com/view/What_is_Maltego
Conclusion
False positives are common. Cross-reference everything. If I think someone goes to a certain school and find a possible address for them inside that school's catchment area then there is a high probability that the address and school are correct.
Doxing requires intelligence, you need to know where to look, what to look for. I treat it as a puzzle. The more information you have the more information you can find out. You can find information in the wierdest places. Did you ever win a big award at school? Chances are that's on the internet somewhere. Ever take part in an outside club that did something special or went on a trip? That's probably on the internet somewhere
Example
The following is an example of a dox I did. It was by no means a complete dox as I didn't really care enough to constantly search for the guy. But the guy turned up on the news for being arrested so I feel I will share it here.
Ghost Exodus
Remember Ghost Exodus? The hacker who was arrested for hacking into a hospital system. I doxed him a few weeks before he was arrested. My dox had nothing to do with his arrest but some of the information I found was later found by the security consultant that was behind his arrest.
The story behind this dox started when a member called "r00t34d" joined this forum. In his signature was the mention of the Electronik Tribulation Army (ETA). After several of his posts caught my attention I decided to look into that organisation.
The following is a PM I sent to a friend (he can reveal himself if he wishes) regarding R00t34d and the ETA :
Quote:Sent: Tue May 26, 2009 12:23 am
by Thanatos
What do you make of r00t34d?
I cannot decide if the ETA is a bunch of script kiddies or not. I am thinking that they are.
They talk of being skillful etc. but I found incriminating evidence on them within minutes.
The irony is that they are going to try to DDOS anonymous by using a downloaded botnet.
After insulting anon for using DDOS they are going to do the same.
http://www.youtube.com/watch?v=E46vE6xf4...r_embedded
The video has now been removed after Ghost's arrest but it contained a message regarding botnets etc. which