Some time ago, a friend told me that she was having trouble testing a certain application. All test solutions stressed the platform correctly, generated relevant scalability results, but at the same time they looked very , she said. Well, as a self-proclaimed information security student, also known as the weird-looking-guy-guy, I could adapt some of my studies to the case. artificial The Great Wall of Context At that time, I was studying how some marketing companies buy hacked data on shady forums. In my youthful imagination, it would be interesting to expose these companies and their dirty practices. I could pass for a criminal selling what they were looking for. To trade, I would need a database. And to have a database, I would need ... well, data. The Not-So-Big Scope Wall: What's the Plan? What would marketing companies expect to find in a database? People. More precisely, ways to find them. That said, my idea was to create a simple database: Names, passwords (for greater credibility) and email addresses. Weird Names and Where to Find Them Fortunately, the internet is a wonderful place full of people with extravagant hobbies. Finding name banks is not difficult. That is, sites with endless lists with names in the most varied languages. After browsing hundreds of sites, I reduced the search for ready-made lists, for people with similar purposes to mine. I found not one, but several lists in on , and I thank the owner for having kindly organized all the credits. Thus, the content was ready for use. this repository Github Having the list of names, I just needed to search for and, mainly, the most used . Yes, only three data per individual. It was enough and the code had always allowed me to include more information if necessary. passwords email domains We have the Loot, now what? So, let's take all the ingredients and organize. At this stage, I had already cloned the , adding passwords and creating an environment that facilitated the work. All I had to do was , trying to maintain as much fidelity as possible to a real database. I even passed the passwords through a hash algorithm , even though banks with plain text passwords are more valuable. It is worth mentioning that I had no intention of actually selling a manipulated file, just receiving offers from companies and exposing them. repository generate data sets (MD5, for no particular reason) All Ready (?) At this point, when I was ready to dig into the dark corners of the internet, where bad guys ate screws for breakfast (without any milk), I received the message from my friend quoted at the beginning of this article. I realized that my little Frankenstein could be useful not only for my goals, but for those of honest and hardworking developers trying to make a living. She suggested that I share the story in this text, because perhaps this concept is useful for others with similar problems. And well, this is it. I have no surprising ending or one that will change your life, this is just another one of those stories that is always coolest in the narrator's mind. Unless you belong to a company that buys leaked data. In this case, be careful or I may be your next contact on the supplier list. For more morally questionable content, you can find me on , where I pass by just one more citizen like any other. Linkedin

Mind

The Prometheus Prototype

Read My Stories

Too Long; Didn't Read

Developers: Build Less. Deliver More. [Learn how]	

Generating Databases for Tests or Other Purposes

Too Long; Didn't Read

Company Mentioned

wbk#!$4

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

Generating Databases for Tests or Other Purposes

Too Long; Didn't Read

Company Mentioned

wbk#!$4

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

RELATED STORIES