Hacker data dumps scrape to make huge grey marketing database

100 million records offered to sales types, at disruptive prices

Former password collector Steve Thomas plans to tear up the contact broker market by offering a database of 30 million names for free, all built on data sourced by scraping the web.

The former PwnedList founder, and now SalesMaple CEO, says the database will soon to balloon to almost 100 million records.

Thomas said it will save sales bods hundreds of thousands of dollars in subscription services by allowing them to hook up their favourite open source intelligence tool to SalesMaple's API and access open source intelligence resources typically used in breach or criminal investigations.

"I found that the security community's open-source intelligence tools have far outpaced the sales and marketing databases available," Thomas told El Reg.

"Not only that, but the security community has access to hundreds of millions of records of free intelligence, where sales and marketing pays hundreds of thousands of dollars for the same data.

"We monitor the hacker community for data dumps and mine common pasting sites or file dump sites like pastebin, pastebay, or sendshare to get a large stream of data."

Thomas sieves through the unstructured data, including PGP keys and SSL certificates, to find and validate contact information.

He says he came across the concept during demonstration of the Recon-ng pre-penetration testing tool in which he had consulted the open source intelligence sources.

"That encouraged me to bring these rich data sets together as a service non-security people can also make use of," Thomas said.

The service offered by the market intelligence startup cleaves out free and spam email addresses and those email domains that lack sendmail servers, and continuously re-evaulates the validity of the database.

Sales people stand to save a lot, Thomas estimates, beyond the subscription costs to the likes of Dun and Bradstreet, Hoovers, and Salesforce. He claims interns paid to dredge contact information usually consult inferior sources which adds up to a "large" hidden cost in wasted time.

The service will launch soon and will be accessible through the RESTful API for security pros using tools like Recon-ng. ®

Similar topics

Other stories you might like

Biting the hand that feeds IT © 1998–2021