Deep Inspection of Online Personas
I found myself a new online toy. It is called Pipl and it is all about finding people online. Obviously, the concept behind the tool is not new. There are other tools that does the same, but this one is incredible accurate and verbose. It is a must toy in the arsenal of any serious penetration tester/attacker.
Of course, I went ahead and looked up several people I know and various security researchers, etc. The stuff it returned were unbelievable: facebook accounts, myspace, flickr, twitter and whatnot.
Anyway... The tool is also very AJAXy and it seams that it could be easily scripted.