performing-paste-site-monitoring-for-credentials

Featured

Monitor paste sites like Pastebin and GitHub Gists for leaked credentials, API keys, and sensitive data dumps using automated scraping and keyword matching to detect breaches early.

AI & Automation 15,448 stars 1852 forks Updated 1 weeks ago Apache-2.0

Install

View on GitHub

Quality Score: 97/100

Stars 20%
100
Recency 20%
90
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Performing Paste Site Monitoring for Credentials ## Overview Paste sites (Pastebin, GitHub Gists, Ghostbin, Dpaste, Hastebin) are frequently used as staging areas for leaked credentials, database dumps, API keys, and sensitive data before wider distribution on dark web forums and Telegram channels. Monitoring these sites provides early breach detection, enabling organizations to respond before stolen data is weaponized. This skill covers building automated paste site monitors using the Pastebin Scraping API, keyword-based alerting, credential pattern matching, and integration with incident response workflows. ## When to Use - When conducting security assessments that involve performing paste site monitoring for credentials - When following incident response procedures for related security events - When performing scheduled security testing or auditing activities - When validating security controls through hands-on testing ## Prerequisites - Python 3.9+ with `requests`, `beautifulsoup4`, `regex`, `pymisp` libraries - Pastebin PRO account with Scraping API access ($49.95/month for programmatic access) - GitHub API token for Gist monitoring - Keyword lists specific to your organization (domains, project names, internal terms) - Elasticsearch or database for paste storage and search ## Key Concepts ### Paste Site Threat Landscape Over 300,000 user credentials are posted on Pastebin annually, averaging 1,000 username/password pairs per leak. Paste sites serve three pri...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
1 weeks ago
Language
Python
License
Apache-2.0

Integrates with

GitHub · DevTools Elasticsearch · Database

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

performing-dark-web-monitoring-for-threats

Dark web monitoring involves systematically scanning Tor hidden services, underground forums, paste sites, and dark web marketplaces to identify threats targeting an organization, including leaked cre

15,448 Updated 1 weeks ago
mukul975
AI & Automation Featured

monitoring-darkweb-sources

Monitors dark web forums, marketplaces, paste sites, and ransomware leak sites for mentions of organizational assets, leaked credentials, threatened attacks, and threat actor communications to provide early warning intelligence. Use when establishing dark web monitoring coverage, investigating specific data breach claims, or enriching incident investigations with dark web context. Activates for requests involving dark web OSINT, leak site monitoring, credential exposure, Recorded Future dark web, or Tor hidden service intelligence.

15,448 Updated 1 weeks ago
mukul975
AI & Automation Solid

secret-scanning

Guide for configuring and managing GitHub secret scanning, push protection, custom patterns, and secret alert remediation. For pre-commit secret scanning in AI coding agents via the GitHub MCP Server, this skill references the Advanced Security plugin (`advanced-security@copilot-plugins`). Use this skill when enabling secret scanning, setting up push protection, defining custom patterns, triaging alerts, resolving blocked pushes, or when an agent needs to scan code for secrets before committing.

34,887 Updated today
github