Under Utilized Tools/Resources #55

The Privacy OSINT And Security show’s episode from today talked about email scores and how services (although he didn’t name one) like Facebook use data breaches to determine if an email is legit or not.

Well if you’re looking to create sock puppets or push the limits of the CFAA, you can monitor sites like today’s resource for expired domains that have emails that have been in breaches, buy the domains, buy an email service and recreate the old emails.

Such an interesting and useful attack surface!

Here is one site you can use to find expired domains!


Read all the entries in this series!


Leave a Reply