Email/XMPP: cuckoo(at)cock(.)lu (Require OTR/PGP)
PGP: 6BC6 F300 51C1 8FAF 9886 6DB5 B013 6F4B 85CF 1471
Key here: https://pgp.mit.edu/pks/lookup?op=get&search=0xB0136F4B85CF1471 ricochet:73kpi3bwypwnjacj
Introduction In recent years, Cybercriminals is increased on the DarkWeb. But several agents cannot be tracking much. I thought it would be better for more people to tracking the DarkWeb. So I write what is important on the DarkWeb research. The target reader is those who are interested in dark webs and have Internet literacy with a degree of Computer usage. As a criterion for judging you have Internet literacy or not, I thought it is good that Kaspersky ‘s Cyber Savvy Quiz got high scores and so on.
On the DarkWeb, there is overwhelmingly illegal content. I would like you to should have a settled conviction for research. Even in investigating, I would like you to set your own rules. What I would like you to be most conscious about is OPSEC (identity security). if you don’t know the word OPSEC, you cannot even be at the start of research. I want you to think again before starting research. It also has the possibility of being killed if your identity is found. I recommend you should read Mr.the_grugq’s OPSEC for Hackers once.
It is a group of websites constructed with the Hidden Service which is the function of Tor. You can not access without using Tor. Darknet refers to an IP Address that is not assigned to the host computer, but in the DarkWeb Area, there are also Darknet used by the meaning of the DarkWeb.
Here we describe the rules you should observe when researching the Dark Web.
1. Do not wiretap using Tor node. Holy fxxxing shit. In addition to cybercriminals, it is shit for users who use it with good intentions, so you should never do it.
2. Protect your information by separate the handle name as much as possible during research. Since requests for Murder are also done on the DarkWeb. So as not to be killed even if your personal data found by cybercriminals, don’t tie it with your own information. We recommend that you associate information on the fake with that handle.
3. Keep constant distance feeling between you and cybercriminals. When you want to hear information or want to interview to cybercriminals, you have to maintain a certain sense of distance. if you are too close to CyberCriminals, you will be doing a crime(LOL), or conversely, if the distance feeling is too much you cannot hear information.
3. Always encrypt messages and emails between you and cybercriminals.
It is very cautious because your partner is a cyber criminal. Be sure to encrypt the message whenever you want to do a questionnaire or interview. It is recommended to use it also to protect yourself.
There are several things to prepare for investigating the dark web.
When accessing the dark web it is recommended not to prepare your own PC that you use all the time but prepare another Computer or use a virtual machine.
Although there is a possibility of posting in the future, But now I wrote how to use it only, I would like to omit it this time. By the way, I use Qubes OS.
When you using the Tor browser, set the security level to the maximum safest from the security setting.
Besides setting torrc not to go through servers in dangerous countries such as Five Eye and any countries that have signed the Cybercrime Treaty as necessary. Regarding torrc setting method, it seems to be good that TorProject publishes materials and so you can refer to that. Tor Manual
As mentioned earlier, since cybercriminals encrypt messages and emails, they use these services to exchange messages.
Telegram It is necessary to register using the SMS service which can be paid by Bitcoin although a telephone number is required at the time of registering the account.
ProtonMail In the mail service, it encrypts with End to End.
Tutanota Same as above
Encrypt with PGP when using regular mail service.
DNSTrails Use it when researching websites that exist on Clearnet for advertising to the dark web
DomainBigData Same as above
Censys Same as above
Fofa Same as above
ZoomEye Same as above
Onion Investigator Sites that are scanning and publishing sites on the dark web. It is compatible with various ports, easy to use.
DeepDotWeb You can find out what is happening on the dark web at a site that is writing news on the dark web. You can also find information on protecting your privacy, interviewing the darknet market manager and arresting on dark web related. We also conduct VPN service reviews.
When you need information, and interview to cybercriminals, but there are a few things to keep in mind, so write below.
Encrypt all messages
You don’t interrogate the person’s personal information
I recommend you to talk to trusted guy for cybercriminals
Explain why you would like to interview, how you use the information you got, and clarify where and how it will be published
The most important anonymity for Tor users, sometimes it is revealed. This time I will write about the method of finding the IP leakage of the site on the dark web constructed by Hidden Service. From now on I will write down the way to remove the user’s anonymity.
There are four, but each plays an important role. Absolutely this order is nothing.
reconnaissance In this phase, we collect information gained from the outside. For example, the site’s source code and header, the administrator’s mother tongue.
Assemble information We drop the obtained information along with the syntax for searching using web services such as Shodan, censys, zoomeye, fofa, which scan the address space of ipv 4 into a database. Example) When you want to search by specifying OS by censys metadata.os_description: Debian
Search We will actually look for IP leaks using information gained through reconnaissance.
Verification Because phishing scams are often rampant, we will verify that it is a real server.
“The site is leaked IP! !” Even though I thought it was a fake thing. They may be distinguishable by checking the source code and header.
The leakage of IP address stays in the eyes of the law enforcement agency, and it seizes the location of the server based on the IP address and seizes (takedown) and analyzes it. Arrest the manager and the information of the other person who was conducting the transaction there is handed over to the institution. It seems that there are many flows of the arrest of related persons.
Darknet market is expected to shift to a decentralized market like OpenBazaar in the future due to successive darknet market fraud and hacking. In OB 2.0 it corresponds to Tor.
Information such as installation method has already begun to appear with Reddit and others.
The virtual currency used for trading has also moved to things like DASH, Monero, Zcash which are highly anonymous.
It is necessary to think about a method to remove anonymity from another angle without embedding and eavesdropping illegal code.
There is no perfect website even on the dark web. There is something missing.
There is little information on the dark web, it is important to combine like puzzles by drawing information one by one.
In particular, there is a need to think about which drugs are popular in which country, why.
OSINT of this hand can be used for C2 panel search of malware.
Bitcoin: 14xynNexMYP6kyKmNUchcGSTfgkCHGaGgr Bitcoin Cash: qpx57mqju870ajr8gf2zrjnmhcd5sgzgwgnuemrtaz Mona: MAuY2Wk9pQH6AHFvCVMoTCeaA7dKAc5Wmt Monero: 47CdMXnDg7TBeskdJed5SWFTJ5xr33jJDdb37Q6jEoLnHt1qkXo65p6P7Aq8npoNy2Uevme9ZHo2RWNjC8hvmZPiHFiWfTf Zcash: zcMQnMdwiRkB4gbTv1Y7JELQ3ucAybFt5SdWCYcKQa4TNmjUdky4iyynFiXY8fBkG9MBPWf5PymANGFhfweCUFKQ4DD5V6p