You may ask yourself now, “Why would anybody be interested in the Dark Web besides Criminals and Drug dealers/users?” — Well, the answer is simple. The Dark Web is not only home to criminals, but it is also a vast resource for all kinds of legitimate content; it is used by whistleblowers in countries with oppressive Governments, by journalists that report in countries that try to censor or oppress free press, and it hosts a number of sites that you would also find on the clear web, such as Facebook, BBC, and more. OK, so why do I use the Dark Web? For me, the Dark Web is a very important resource during investigations. It is part of any OSINT (Open Source Intelligence) investigation, and life would be really hard without it for much digital forensics and OSINT investigators. All right, how do I get SAFELY started with all this? Let’s look at a few options here and be reminded security precautions are even MORE important while accessing the Dark Web, do not think that nothing can happen to you because it is “anonymous” — Malware does not know anonymity, so let's start with some basic recommendations, though not all may be possible to implement for the average user. Take note that this is a beginner's guide; I am not going into every detail of the underlying technology, but I did some detailed posts on some of this in the past, so check those out if you are into the more technical details. Personally, I never surf the dark web from my day-to-day PC/Mac — I use VMs for that, and I only use the VM’s once. For average users, that may be overhead, but I would still highly recommend using a Virtual Machine for accessing the Dark Web. I created a video some time ago on how to use CSI Linux via the Whonix Gateway securely; this is still my main Distro for investigations Also, if you are installing TOR on your main PC and use that to access the dark web (which I do NOT recommend), the usual precautions apply. Make sure your System is up to date with the latest security patches, has reputable and updated Anti Malware, AV, and even better, some form of EDR tools, and configure your system to the usual best practices for security; this all becomes so much more important if you are accessing dark web sites. Theoretically, all you need to access the Dark Web is a Computer, the Internet, and the TOR Browser. What is the TOR Browser? The Tor Browser is a web browser that anonymizes your web traffic using the Tor network, making it easier to protect your identity online. Do not think the TOR browser guarantees full anonymity and safety; the Reality is far from that and very complex. I will write about the dangers of compromised exit nodes in the TOR Network in the future. The core principle of Tor, onion routing, was developed in the mid-1990s by United States Naval Research Laboratory employees, mathematician Paul Syverson, and computer scientists Michael G. Reed and David Goldschlag to protect American intelligence communications online. Also, you can use the TOR browser for clear web websites to increase your privacy protection. For now, what we need to do is to download the TOR browser from the TOR Project Website and install it. I am not going into detail on how to do this because I assume that if you are considering exploring the Dar Web, you have the basic skills to download and install the software After we start the TOR browser for the first time, it will connect to the TOR Network. When we are done with that, let’s change the security level. By default, the Security Level in TOR is set to standard, but if we are going to explore the Dark Web, I recommend we change that. To do this, we can use the Security Level Settings. For more details on TOR browser security settings, check out: After this, we are good to go to check our first dark web site. But how do we find one? I will keep this simple as it is meant for beginners, so I will show the following 3 popular ways of finding .onion sites (.onion is the domain ending for hidden services sites, also known as onion sites or dark web sites 1.DuckDuckGo 2.TheHiddenWikki
1 Comments 12 Likes
Sephiroth Hojo
As long as you just look around, and never do anything suspicious, why can’t you just use tor from a non-vm? I have never had any problems doing so.
App Store
Download Artifact to read and react to more links
App Store Play Store