04 - searching the pastebin for "nice" things
Pastebin is a website where you can store any text online for easy sharing. The website is mainly used by programmers to store pieces of sources code or configuration information, but anyone is more than welcome to paste any type of text. The idea behind the site is to make it more convenient for people to share large amounts of text online.
But by stating out what NOT to do on pastebin, this is what it's being used very often and this is exactly what we are searching for, to find evidences of leaked information about ourself or our customers.
An example on what you can find from a quick catch while doing the preparation of this material:
But this is all to be done on a manual search, there should be automatic ways of doing that and just presenting you with the interesting findings.
Well, of course there is. It's call pastehunter.
And it even gets better. Instead of just searching for test strings like you do at the pastebin site, you can use the fomous pattern-matching YARA toolkit.
get and install