Welcome!
By registering with us, you'll be able to discuss, share and private message with other members of our community.
-
📢 Contact if any issue or question
Need help or have a question? Feel free to contact us on Telegram!
📩 Contact on Telegram
Databreach Lists
- Thread starter Shield
- Start date
- Tagged users None
Latest Major Data Breaches (2024)
Here are some of the most recent high-profile breaches and where they were discussed/shared:
- Snowflake Breach (June 2024)
- Impact: 165+ companies (including Ticketmaster, Santander, Advance Auto Parts)
- Data: Customer PII, credit card data
- Shared on: BreachForums, Exploit.in
- Thread: Snowflake DB Leak - 500M+ Records
- AT&T Breach (March 2024)
- Impact: 73M current/former customers
- Data: Call/SMS logs (2022), social security numbers
- Shared on: BreachForums, RAMPANT
- Thread: AT&T - 73M Records
- 23andMe Breach (October 2023, data leaked 2024)
- Impact: 6.9M users (DNA data, ancestry info)
- Data: Genetic profiles, family trees
- Shared on: BreachForums, CyberNews
- Thread: 23andMe - Full DNA Dump
---
Where to Monitor for New Breaches:
1. BreachForums (Primary leak hub)
2. RAMPANT (Invite-only, high-tier leaks)
3. Exploit.in (Russian-focused)
4. Have I Been Pwned (Legit tracking)
5. Telegram Channels (e.g., @dataleakschannel)
---
Note: Many forums require registration (some are invite-only). Use a burner email and VPN for anonymity. Avoid downloading files directly—use virusTotal to scan hashes first.
Want details on a specific breach? Let me know.
Here are some effective Google dorks for finding SQL-related vulnerabilities and exposed databases:
---
SQL Injection Vulnerabilities
Code:
inurl:index.php?id= intext:"SQL syntax near"
inurl:".php?id=" intext:"Warning: mysql_"
inurl:".php?cat=" intext:"You have an error in your SQL syntax"
inurl:".php?page=" intext:"unclosed quotation mark"
inurl:".asp?ID=" intext:"Microsoft OLE DB Provider for SQL"Exposed SQL Files (Backups, Dumps, Configs)
Code:
intitle:"index of" "sql" "dump" -git
intitle:"index of" "backup.sql"
intitle:"index of" "database.sql"
intitle:"index of" "config.php" "DB_PASSWORD"
intitle:"index of" ".env" "DB_HOST"MySQL/MariaDB/PostgreSQL/MSSQL Exposed Admin Panels
Code:
inurl:"phpmyadmin" intitle:"phpMyAdmin"
inurl:"adminer.php" intitle:"Adminer"
inurl:"/mysql/admin/" intitle:"MySQL Admin"
inurl:"pgadmin" intitle:"pgAdmin"
inurl:"sqlserver" intitle:"Microsoft SQL Server"SQL Error Messages (Debug Pages)
Code:
intext:"SQL syntax error" inurl:".php"
intext:"Warning: mysql_connect()" inurl:".php"
intext:"ODBC Driver" intext:"for SQL Server" inurl:".asp"
intext:"PostgreSQL Query Error" inurl:".php"
intext:"syntax error at or near" inurl:".php"Exposed Database Credentials
Code:
intext:"DB_USER" intext:"DB_PASS" filetype:env
intext:"mysql_user" intext:"mysql_password" filetype:php
intext:"DB_HOST" intext:"DB_NAME" filetype:ini
intext:"sql_password" ext:txt---
Tips for Safe Dorking
- Use
site:to limit searches to specific domains (e.g.,site:example.com). - Combine dorks with
-to exclude false positives (e.g.,-inurl:github). - Use
filetype:to target specific files (e.g.,filetype:sql). - For deeper searches, try Shodan or Censys with SQL-related queries.
---
Warning: Only use these for ethical security research (e.g., bug bounty, authorized pentesting). Unauthorized access is illegal.
