tbh I don't think KeCa AP is a really good way to check privacy of a combo list, HIBP owns a shit tons of dumps also private and it's checking only the emails so it's pretty useless trust me.
Whats the most effective way to check the quality of combo compared to IHBP which idetificate in substantial % data which we can consider as useful/useless?
Ideas such as MYRZ are ridiculous, they wont work.
Theories about swapping email format/generating fake one - sure, but that kind of rigged combo is obvious. My idea from some time ago was - collecting ALL HITS FROM valid private KECA AP output against the few most popular services to check the ratio of hits.
As long as hit ratio is quite good - combo is probably not rigged + worth it. Whats important - I dont think KECA AP is 0/1 valid proof, but im sure that if you'll check all combos which I defaced in this topic - those with highest % of private would become most effective, you can do it yourself and it will prove that I'm right. I would do it myself, but its a waste of my time to prove how shit community is, already spend hour on it.
Mate, also you know what was my point of this topic. If I check someone combo and theres 15k mails in a row listed as public it means.. its a fucking "exploit.in" outout or other shit, raped as swiss cheese. Quality combos are fresh combos, if you'll prove breach of specific SQL with date noone gives a fuck about privacy ratio, true? All combos which are used in that topic are random mix. We have talked about this topic months ago.