Scrapesy to reduce response time for data breach

Scrapesy to reduce response time for data breach

Scrapesy is a tool made by red team analysts at Standard Industries. It helps organizations to detect incidents of data breaches. This scrapes both the dark web and the clear web to look for leaked credentials and other information. This was designed for the security workers, threat intelligence, and also by penetration testing professionals. Although, their usage is not limited to them only.

This tool scrapes leaks of credentials which are sometimes known as ‘combolist’. It will also “ingest and parse them against a list of domains and/or explicit email addresses owned by your organization”. As said by Michael Giordano, the red team analyst at Standard Industries.

He also said, “It targets known sources that contain combolists from numerous phishing campaigns typically targeted around well-known services like Spotify, Facebook, and Twitter.”

“Additionally, there are instances of third-party breaches where these credentials could become exposed if an organization happens to conduct business with that third party.”

Scrapesy is not the first tool created for this purpose. There are numerous other such tools that have the capability of scraping the internet and detecting leaks of credentials. Scrapesy can be used for the detection of data breaches. The breaches can have an effect on wider organizations and also the response time for such incidents can be decreased.

Users are free to create and share modules that may help in the process detection of such leaks and feed it to the community.

“As time goes on, we would like to develop a framework for Scrapesy that will make it relatively easy for folks to create their own modules.”

By IEMA IEMLabs

IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.

This site is under maintenance,
some features might not work!!!