DeHashed - the fastest data breach search engine and few of its alternatives.

While you are Information Gathering during the Reconnaissance phase of a Pentest it is good to take a look into DeHashed (dehashed.com). Wondering if you have been compromised? This platform will help you to find your data, where it is leaked, and can be used by hackers with free deep-web scans and protection against credential leaks. It is an advanced anti-fraud and Security tool that allows you to retrieve data from hacked databases.

The web-based software permits you to search for anything like username, email, passwords, address, or phone number. After the search, you should agree with the privacy policy to get to your data.?DeHashed is?a modern personal asset search engine created for security professionals, fraud investigators, and curious people to help secure accounts and provide insight into compromised assets. Designed to use state-of-the-art technology; this means data can only be released if it is encrypted. The features that make DeHashed a magnificent tool are a fast search engine, breach analytics, free breach alerts, and notifications, soc integrations, and live support to run any issue.

The main features and innovations mentioned on their webpage are:

• Account compromise prevention: Monitor hacker activity in real-time to prevent account takeover attacks using compromised credentials.
• Fraud Investigation identification aid: Leverage DeHashed cyber intelligence dataset to identify possible identity fraud.
• Affordability: Not overpriced and do not charge for most services. Security should be free, people should not have to pay to feel safe on the internet. This is a good moment to mention that this is a paid tool and you first need to get a subscription for at least a week to use it.
• Private Datasets: DeHashed is constantly obtaining new and private datasets that other services simply do not have.
• Integrity: Join the 1000's of law enforcement agencies and fortune 500 companies around the world utilizing DeHashed for their day-to-day investigations, and protection needs.
• Powerful integrations: Query the DeHashed dataset programmatically for use in your own applications with their powerful API.

This all looks good, but what are the alternatives?

• Have I been pwned? (https://haveibeenpwned.com/). This page was created after the largest single customer account breach ever - Adobe. The FAQ page has much more detail, but all the data on this page is from "breaches" where the data is exposed to people who should not be able to see it. This site serves as a service to the general public. Data breaches are common and many people underestimate the scale or frequency with which they happen.
• Snusbase (https://snusbase.com/). Industry-leading database search. We pride ourselves on being faster than all our competitors, amassing a very large selection of private and public databases.
• LeakBase (https://snusbase.com/). You want to check?if your account credentials have been leaked. Probably a good place to check that out.
• Leakwatch (https://leak.watch/). Use of stolen passwords is the most common vector of cyber attacks today. If some user credentials have been compromised, get to know them as soon as possible with its security analysis solution.
• Leaksify (https://leaksify.com/). Leaksify is one the most famous sites for checking if your email address, website, username or associated account has been hacked. Here you can enter your email address or any other information (safely) and the website will check it for multiple data breach records and clearly show breach information including passwords and sensitive data.
• We Leak Info (https://weleakinfo.com/). Access over 8 billion records and an ever-growing number of data breaches. Our data is never censored or changed. Each search takes a fraction of a millisecond and can return up to 10,000 results at once. You can search for your username, email address, password, hash, IP address, name, phone number, domain, or IP range. You can execute queries and regular expressions without degrading performance.
• GhostProject.fr (https://ghostproject.fr/) Fast free Database Lookup of over 15 billion records and 7,200 data breaches allows you to search by email or username, GP.
• NuclearLeaks (https://nuclearleaks.com/). The largest free collection of publicly available website databases for security researchers and journalists. Nuclearleaks.com aims to increase awareness of database breaches by providing as much information as possible regarding security breaches. Their goal is to inform and educate people about the importance of online privacy as well as the security of personal information.

Those are only few of many available resources to mention. Feel free to add more names and information in the comment section under this article.

Thank you for reading!