April 26, 2025
6
min read
Michael Hammond

Security BSides - Web Scraping for Fun and Profit

Editor
Michael Hammond
Category
Cybersecurity
Date
April 26, 2025
Share:
Twitter
Instagram
LinkedIn

Our Security Researcher Scott Goodwin and Senior IT Audit Manager Nick DeLena recently presented at BSides Boston.

Pastebin.com and other public ‘paste’ sites are rich sources of sensitive information. Hackers will often post their stolen ‘loot’ to websites like these for public consumption. These sources of information go largely unmonitored.Pastebin is keenly aware of this fact, and offers users the ability to create a list of alert keywords. In the event that one of the keywords is found in a public paste, an email is sent to the user. They will also remove pastes that are found to contain personally identifiable information. However, we have shown that a well-designed scraper can capture this information before it is removed by the Pastebin team. These data can include:

  • Suite of stolen NSA tools published to Pastebin
  • NASA and other government sector breaches published to Pastebin
  • Daily onslaught of compromised website credentials, Netflix, proxies, and occasionally, credit card data and even SSNs.

Audit. Security. Assurance.

IT Audit | Cybersecurity | IT Assurance | IT Security Consultants – OCD Tech is a technology consulting firm serving the IT security and consulting needs of businesses in Boston (MA), Braintree (MA) and across New England. We primarily serve Fortune 500 companies including auto dealers, financial institutions, higher education, government contractors, and not-for-profit organizations with SOC 2 reporting, CMMC readiness, IT Security Audits, Penetration Testing and Vulnerability Assessments. We also provide dark web monitoring, DFARS compliance, and IT general controls review.

Contact Info

OCD Tech

25 BHOP, Suite 407, Braintree MA, 02184

844-623-8324

https://ocd-tech.com

Follow Us

Videos

Check Out the Latest Videos From OCD Tech!

Services

SOC Reporting Services
SOC 2 ® Readiness Assessment
SOC 2 ®
SOC 3 ®
SOC for Cybersecurity ®
IT Advisory Services
IT Vulnerability Assessment
Penetration Testing
Privileged Access Management
Social Engineering
WISP
General IT Controls Review
IT Government Compliance Services
CMMC
DFARS Compliance
FTC Safeguards vCISO

Industries

Financial Services
Government
Enterprise
Auto Dealerships

Blog
Category

Security BSides - Web Scraping for Fun and Profit

By  
Michael Hammond
May 15, 2017
6
min read
Share this post

Our Security Researcher Scott Goodwin and Senior IT Audit Manager Nick DeLena recently presented at BSides Boston.

Pastebin.com and other public ‘paste’ sites are rich sources of sensitive information. Hackers will often post their stolen ‘loot’ to websites like these for public consumption. These sources of information go largely unmonitored.Pastebin is keenly aware of this fact, and offers users the ability to create a list of alert keywords. In the event that one of the keywords is found in a public paste, an email is sent to the user. They will also remove pastes that are found to contain personally identifiable information. However, we have shown that a well-designed scraper can capture this information before it is removed by the Pastebin team. These data can include:

  • Suite of stolen NSA tools published to Pastebin
  • NASA and other government sector breaches published to Pastebin
  • Daily onslaught of compromised website credentials, Netflix, proxies, and occasionally, credit card data and even SSNs.
Share this post
Michael Hammond

Similar articles

Cybersecurity

FTC Safeguards Rule for Car Dealerships

OCD Tech
April 24, 2025
3
min read
Cybersecurity

The Importance of ITGC Audits in Compliance

OCD Tech
April 21, 2025
6
min read
Cybersecurity

ISO 27001 vs SOC Standards: Which Should You Choose?

OCD Tech
April 11, 2025
1
min read
Cybersecurity

Common WiFi Hacking Techniques Explained

OCD Tech
April 2, 2025
6
min read
View all
Company
About UsBlog
About
Privacy policyCookies Settings
CONTACT US
25 Braintree Hill Office Park, Suite 407
Braintree MA, 02184info@ocd-tech.com844-623-8324
Copyright © 2025 OCD Tech