Have you checked if you have been hacked? More specifically, has another company been hacked which led to your password being leaked? There are resources out there today for free, that you can use to verify one way or the other. HaveIBeenPwned.com is one of the free resources available to use to monitor the Dark Web.
Have I Been Pwned essentially creates and updates there own database filled with leaks found on the Dark Web. Without any cost, you can access this database and see if in the past your password has been leaked to the public.
The purpose of this video was to highlight why you should not pay that guy that is selling a Dark Web monitoring solution. Most solutions are going to perform some form of API call to the haveibeenpwned database to pull this information. We can do the same thing, for free.
Using python we can read from our passwords.csv exported from KeePass and compare the hash value (first 5 characters) against what is currently in the database. Definitely worth your time. In the future you can even automate this. For example, on a weekly basis export the passwords to a directory. Have a cronjob set up to monitor this directory and anytime a file is updated, run the script against this new file.
Github: github.com/Cyb...
HaveIBeenPwned documentation: haveibeenpwned...
I hope you enjoyed this video. Follow for more content just like this and as always, Never Stop Learning!
3 окт 2024
