
2 Years of monitoring sensitive information pastebin dumps - @dumpmon (2015) - matthberg
http://jordan-wright.com/blog/2015/05/26/two-years-of-at-dumpmon/
======
tyingq
That's a pretty easy path to find targets, full details tweeted to you daily.
And probably high rate of success, as somebody already felt the need to
pastebin it.

I worry about unprotected S3 buckets too. There's probably a Twitter bot
coming soon for those:
[https://community.rapid7.com/community/infosec/blog/2013/03/...](https://community.rapid7.com/community/infosec/blog/2013/03/27/1951-open-s3-buckets)

------
adulau
If you are interested to run your own pastebin (or alike) analysis, AIL is a
"modular framework to analyse potential information leaks from unstructured
data sources like pastes from pastebin or similar services or unstructured
data streams." [https://github.com/CIRCL/AIL-
framework](https://github.com/CIRCL/AIL-framework)

~~~
jwcrux
Whoa that looks awesome. Nice work!

------
GordonS
This seems like a great idea, but taking a look at what the Twitter bot is
posting shows it tweets a lot of false positives, such as hashes of files
(which it presumably thinks might be password hashes)

------
jwcrux
Hi everyone, author of the post here. Happy to answer any questions.

------
bobsgame
I am also Time Magazine's 2006 Person Of The Year.

~~~
bobsgame
Hey, it's true! I thought it was cute.

