Finding WEIRD Phishing Websites

Рет қаралды 47,118

22 күн бұрын

jh.live/censys || Get started with the leading Internet Intelligence Platform for threat hunting and attack surface management -- find what is exposed out on the open Internet with Censys! jh.live/censys
Learn Cybersecurity - Name Your Price Training with John Hammond: nameyourpricetraining.com
WATCH MORE:
Dark Web & Cybercrime Investigations: • Tracking Cybercrime on...
Malware & Hacker Tradecraft: • Malware Analysis & Thr...
📧JOIN MY NEWSLETTER ➡ jh.live/email
🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/discord ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
🔥KZfaq ALGORITHM ➡ Like, Comment, & Subscribe!

Пікірлер: 76

@PopperOfCorn 21 күн бұрын

You know, all the information you should never share with a stranger on the internet.

@taxibutler1858 21 күн бұрын

A certain shrimp applauds your knowledge

@godzamoongus Күн бұрын

Are you a small boy?

@godzamoongus Күн бұрын

someone call Mange Tout

@blinking_dodo 21 күн бұрын

I often get spam mails with links to those pages. One of the actors fails to protect their backdoor, so i can just walk in open the file manager they keep exposed. Then i rename the index files to break the landing pages. Really want to automate it, but *legal* is evil.

@pelijot 21 күн бұрын

yup, thats Dynmap, a web Minecraft map.

@BillAnt 20 күн бұрын

Gotta love going down rabbit holes... hehe

@awesomekalin55 20 күн бұрын

And Railway System Map is from Minecraft Transit Railway

@SzaboB33 21 күн бұрын

You constrained by the sponsorship: cannot use "screw you" as an email address Me, a free individual: deleting their databases with SQL injection

@uhh6785 20 күн бұрын

you're a hero to some bro

@_tr11 20 күн бұрын

YOU'RE A HERO

@thepythoncodez 18 күн бұрын

based

@shinris3n 21 күн бұрын

How could you tease us like that with the exe file! Follow up vid?!

@s1lverposting 21 күн бұрын

hey, you found my Minecraft server!

@BendaCZ 21 күн бұрын

I hope you are joking 🤣

@gameshoot8571 20 күн бұрын

Is it for serious?

@BritishEngineer 20 күн бұрын

lmao

@Redstoneprojrjr 19 күн бұрын

😂

@user-eh1fd2pz3s 7 күн бұрын

Yy🎉🎉y🎉@@BendaCZ❤

@coder_117 21 күн бұрын

I've been getting spam texts for months telling me my USPS package has arrived at the warehouse but can't be delivered due to incomplete address information. It then asks me to confirm my address at an obviously fake link.

@tobixnator9314 21 күн бұрын

That's a real Minecraft server

@stavros222 21 күн бұрын

Live overflow will absolutely love it 🤣

@3N18AKPzmGOsBgWKH 21 күн бұрын

Truth be told, i just love you exploring the internet and see what happens :P Hope these will show up more in the future. Sure, phishing was in focus, but you ended up going in all other different directions and even cracking the password for the zipfile xD Love it!

@drabspirit 21 күн бұрын

The Minecraft server looks interesting! That map view you opened seemed to be Dynmap, which is a mod/plugin to create a Google maps like view of your server, definitely someone with quite the world and those color blocks on the maps were likely player claims within the game using another mod/plugin!

@exoexe1555 20 күн бұрын

The Minecraft Map is a plugin called DynMap, which uses an open port to process and host that live map you were interacting with. It can be configured to show players, mobs, waypoints and more

@nickadams2361 21 күн бұрын

Never been so excited for front desk information

@radscientist 19 күн бұрын

I've gotten a bunch of these as well as the "Thank you for your payment" with a transaction number that is a link and, of course, a downloadable file. They are usually sent from a Gmail address with a person's name and the sender's name is different.

@AkiiiMatcha 19 күн бұрын

Super fun video! Thanks for making this. :)

@_tr11 20 күн бұрын

it's so fun to write scripts to fill their databases with garbage bro

@j_r_- 15 күн бұрын

Green spotlight makes that background foam look good

@vectoralphaAI 21 күн бұрын

How much does Censys cost??

@deaddead698 13 күн бұрын

There’s a free version that gives you 250 searches a month with 10 pages worth of results. Tbh not bad for basic usage. To go up to 500 searches tho, you gotta pay $69 US. That right there’s a ripoff

@luketurner314 20 күн бұрын

17:50 that colab would be so cool

@nickadams2361 21 күн бұрын

I love how you said “hosted in Ohio apparently”

@BillAnt 20 күн бұрын

Well it could be located on a server just about anywhere.

@SperkSan 21 күн бұрын

Hey John I was wondering when you send requests to these actual *bad* websites (not some CTF challenge), do you use a VPN? If no then if the guys behind the website check their logs and see your IP has made some weird requests to their server then won't they target you?

@nordgaren2358 21 күн бұрын

IP address is worthless

@chrissametrinequartz9389 20 күн бұрын

also I am like 99% certain that he would be using a vpn

@vader567 2 күн бұрын

Oh please he is a cybersec expert

@luketurner314 20 күн бұрын

17:45 that almost sounds like Owen Wilson's "wow"

@kymtoobe 21 күн бұрын

censys not for usual user :P

@cat_fury 21 күн бұрын

this work?

@htjmartin 21 күн бұрын

Today I learned that there is an open source phising tool... interesting.

@jon9509 21 күн бұрын

11:27 xD

@maddyfromcartoon 21 күн бұрын

is brave browser safer than chrome?

@arthur979 21 күн бұрын

if you are smart, every browser is the same

@nicholas4839 21 күн бұрын

Nos all the same

@linux_for_noobs 19 күн бұрын

Just don't use chrome, edge, opera or safari. Those are basically spyware.

@maddyfromcartoon 17 күн бұрын

@@linux_for_noobs how? Can you pls explain? I am using chrome rn.

@maddyfromcartoon 15 күн бұрын

@@linux_for_noobs Can you explain how? btw I am using Chrome

@Milonsarkar-xn7db 16 күн бұрын

On eBay s3

@grudge290 21 күн бұрын

I get this all the time lol

@kalidoom1674 20 күн бұрын

finds sites like this and writes code to send bogus info ;)~

@CyberSecJourn 11 күн бұрын

Dude seriously, why are all your sponsors pretty expensive? If I'm to assume beginners, and people just learning Cybersecurity to gain information to pass a cert or get a job, are they really going to be interested in purchasing these tools, services, etc? I mean, I won't say scammy but it is SURE looking like you're here for the money if I'm to be honest.