Firstly what is doxing? Doxing is a technique used to track, trace, and collect information on individuals or organizations online anonymously.
So your question is how will we dox like a pro? To be honest it’s quite easy. I’ll show you 2 ways on how to dox like a pro. The first method will concentrate on online searching and the second one , well , is a GUI tool that will make doxing incredibly easy.
Method 1
Skills you will need.
- Social Engineering
- Notepad
- An anonymous email
Here’s a basic form for all of the stuff you should find to make the person’s dox usable:
—————————————————————————————————————————-
Username/s/:
E-mail:
City:
Zip/Postal:
State/Province:
Country:
IP address:
ISP:
Operating System:
Home Address:
Phone number:
Cell Phone number:
Website:
———————————————————————————————————————
How to obtain an IP address from your victim.
I’d suggest going to http://whatstheirip.com
On this website, you enter your e-mail, and you get a set of links. Pick any link, copy and paste, and give the link to your victim saying something similar to this “LOL THIS IS HILARIOUS” or “HERE’S A NAKED PICTURE OF YOU” (get creative). Once clicked, the IP will be sent to your e-mail. This is where it is good to us that anonymous email you just setup. Getting this link to them can be achieved many different ways for the most part if I have the victims phone number I send them a text that looks like it’s from their cell service provider. Sometimes asking them to click on the link to confirm a setting on a account or notifying them that they have an outstanding balance on their account.
If your target has e-mailed you, you can get the IP from looking at the e-mail source. To look at the e-mail source for windows desktop users, right click on the message, and click ‘View Message Source’ or ‘Show Original’. When you’re looking at the source, look for this: ‘Received: by’ It will show you an IP address. This is the IP address of your target.
Once you have the IP address of your target, go to http://ipaddress.com and enter the IP of your victim. You now have the location, zip code, state, country, ISP, and operating system.
Once you’ve collected all the information, your next step is to find more information on social networking sites.Using their email on all of these sites in the search engine will lead to the victim. The least amount of information you can gather is their name , that is if they have their security properly configured. Another way to search on which social sites the victim are , is by going to google search and type in his/her name,username or email + insert a @ after it. This will pull up any posts online by this person if there are any.
If your victim has photos online, save the photo and go to a website named http://tineye.com. On this website, upload the picture of your victim. When it is finished, you can find if this photo is uploaded on any other websites. You can also find out if the photo is fake.
If your victim has a website, put the website in http://who.is. If the website owner does not use WHOIS Guard Protect, you can find out all information about him (name, phone, address, etc.)
Then there’s people searches which for me is one of the must have, if you decide to dox professionally and you miraculously live in the US /:)/. It’s quick , easy and provides the information in seconds. Most of these sites come with a hefty fee for more information (almost everything) and can give you a reverse look-up on a name , email , phone , username or address. Here’s a few sites which you can have a look at or if you want to buy the premium account.
http://www.spokeo.com/
https://pipl.com/
Method 2
Download the below tool.
- IP Tracker (Provides latitude and longitude, city, state, and country of the IP provided)
- Auto-Doxer! Choose between: Email, Username, or Phone Number of victim and it will give you common subscriptions/sign-ups related to that piece of information. (See media for picture). Double click an entry to copy the link to your clipboard.
- Dox Manager. Easily manage your dox and even export it to a clean and simple text file.
- Address Finder! Get someones address and phone number from just their email! (Does not work everytime)
Conclusion and prevention.
- Use different email accounts.
- Create common usernames and don’t repeat them.
- Do not allow profiles to list your email address and other personal details.
- Ensure all profiles that can be private are.
- Don’t post all of your information all over the place.
I hope this provides you a decent head start into the world of doxing. There are more advanced techniques and some that I did not mention. If anyone needs help or have questions , please leave a comment and I’ll get back to you.
