First time on OneHack, another Bible of Dark Web…
It is extremely easy to access the dark web and even easier to be detected on it if you don’t take precautions. If you are new to the darknet, this guide will help you on your way.
The Dark Web, or Darknet, is a general term for a collection of websites on an encrypted network with hidden IP addresses – all of which gives users strong anonymity protection . Because they are not indexed by traditional search engines, you can only access them with special anonymity browsers, such as I2P, Freenet, and the most common, The Onion Router (TOR) bundle.
The Dark Web is Not the Same as the Deep Web
The Deep Web is all the sites on the web that can’t be reached with a search engine . Although this includes sites on the Dark Web, it also includes sites that serve more mundane functions, such as business intranets, webmail platforms, databases, online banking platforms, and services that usually require a password or other means of authentication.
These are found and accessed directly with a URL or IP address, and are hidden behind firewalls, paywalls and HTML forms. Because all these other pages are included in the Deep Web, the Deep Web is actually far more vast than the regular internet (also known as the Clear Web).
How to Access the Dark Web Safely
The main gateway to the Dark Web is the Tor browser. This is an encrypted network of volunteer relays around the world through which users’ internet connections are routed.
Although the relays are an integral part of what makes Tor anonymous, they can also lead to slow connections . This is because rather than connecting directly to the server of the website you want to get to, you first have to go through the relays, which are often purposely scattered around the globe. Also, since the system is decentralized, not all the relays have the same CPU, meaning that while some are fast and powerful, others might operate at a snail’s pace.
The easiest way to browse web pages is to download and install the Tor browser bundle. Tor URLs end in the suffix .onion . Unlike .com websites, the URLs are usually complex and difficult to remember, and websites will often change their URLs in order to evade detection and DDoS attacks.
When you’re on the Dark Web, ISPs – and by extension, the government – might not be able to view your activity, but they will know you are on the Tor Network. This alone is enough to raise eyebrows in some countries.
That’s why we recommend accessing Tor using a VPN. That way, your internet traffic is routed through the VPN before going through the Tor Network and finally reaching its destination. With this method, your ISP only sees the encrypted VPN traffic, and won’t know you’re on the Tor network .
The major concern with using Tor over a VPN is that it requires you to trust your VPN provider, as the provider may see that you are using Tor. To mitigate this issue, use a VPN that does not log your activities, and connect to your VPN before opening the Tor browser .
Use These Steps as a Guide
Step 1. Get yourself a good VPN service
That means one that doesn’t keep logs, has no DNS leaks, is fast, is compatible with Tor, and which (preferably) accepts Bitcoin as payment.
We recommend Nordvpn or Express VPN as the best VPN available on the market with its amazing features and military grade encryption.
Step 2: Download and install the Tor browser bundle
Before you do though, check that your VPN is running . Also be sure to download Tor from the official Tor project website.
Once it’s installed, look for the Tor Browser folder and click on the “Start Tor Browser” file inside it.
A new window will open asking you to either click on the “Connect” or “Configure” button. Click on the “Connect” option to open the browser window.
Step 3. Start browsing .onion websites
When you open Tor on your computer, you’ll automatically be directed to the search engine DuckDuckGo. While DuckDuckGo is designed to provide extra privacy and encryption while searching the web, you shouldn’t think of it as the dark web version of Google.
That’s because even in Tor, DuckDuckGo searches the clear web . That means if you do a keyword search, you’re results are going to be basically the same as what you would find on the regular internet.
Fortunately, there are Dark Web search engines (mentioned in the end) that will bring you to .onion sites . These include:
- Welcome to Dark Web Links (http://bznjtqphs2lp4xdd.onion/)
- Candle (http://gjobqjj7wyczbqie.onion/)
- not Evil (http://hss3uro2hsxfogfq.onion/)
Just make sure to always turn on your VPN before opening Tor and starting a web surfing session.
The Dark Web Isn’t Just for Criminals
The anonymity provided by the Dark Web is certainly attractive to those looking to buy or sell illegal goods such as drugs, weapons, or stolen data.
But there are also legitimate reasons for using the Dark Web. In past years it has gained popularity as a safe haven for whistleblowers, activists, journalists , and others who need to share sensitive information, but can’t do so out in the open for fear of political persecution or retribution by their government or other powerful actors.
Police and intelligence agencies also use it to monitor terror groups and keep tabs on cybercriminals . Additionally, corporate IT departments frequently crawl the Dark Web in search of stolen data and compromised accounts, and individuals may use it to look for signs of identity theft.
In many circles, the Dark Web has become synonymous with internet freedom , especially as nation states continue to clamp down on it. It now plays host to a number of media organizations involved in investigative journalism, such as ProPublica and the Intercept. Most notably, WikiLeaks – the website that publishes classified official materials – also has a home on the Dark Web. Even Facebook maintains a presence there in order to make itself accessible in countries where it is censored by the government.
Surfing the Dark Web Isn’t Illegal, but It Can be Dangerous
You can’t be charged with a criminal offense for simply searching the Dark Web, but you can get in trouble for using it to carry out illegal activity ; headlines about police operations that involved the Dark Web and child pornography, drugs, or hackers dumping stolen data are not infrequent.
Moreover, the anonymity of the Dark Web also makes it notoriously risky. Since there’s no oversight, it’s teeming with scammers. That said, one can maintain one’s safety by simply following the same basic security rules that apply to the normal web: Always be careful about the links you click because some can be misleading, and avoid sites or links that advertise illegal, disturbing, or dangerous content you don’t want to see.
Is the Tor Browser Completely Anonymous?
Similarly, in October 2017 the security firm We Are Segment identified a vulnerability in Tor that was affecting some Mac and Linux users. This vulnerability, which became known as TorMoil, caused IP addresses to be leaked when users accessed URLs that began with file://, rather than http:// or https://. We Are Segment notified the Tor developers, who promptly fixed the error by updating to a new version of the web browser.
In order to address these issues, the Tor Project has recently improved security and privacy by strengthening its encryption . It also gives web developers the tools to build fully anonymous Darknet sites (known as hidden services, or rendezvous points) that can only be discovered by those who know the site’s URL.
Criminal Cases Involving the Dark Web
Although we believe the Dark Web should be used for promoting free speech and bypassing censorship, there’s no denying that the press tends to focus on the more shady activity that goes on there. Here are some of the most high profile stories that have come out in recent years:
- Silk Road: Perhaps more than any other website, the Dark Web brings to mind Silk Road. Silk Road began as the invention of a libertarian idealist who wanted to sell home-grown mushrooms for Bitcoin, and ended up hosting 1.2 billion dollars worth of deals involving drugs, firearms, hits, counterfeit cash, and hacker tools.Five of the hits were commissioned by the site’s creator, Ross Ulbricht, known on Silk Road as the Dread Pirate Roberts. Ulricht was ultimately caught because of an old post to a regular website in which he promoted Silk Road in its early days. His mistake: using his real email address.
- AlphaBay: Following the shuttering of Silk Road, AlphaBay became the most prominent Dark Web marketplace. When AlphaBay went down in 2017, it was because of security missteps even more basic than those of the Dread Pirate Roberts.Among other blunders, founder Alexandre Cazes used his legitimate email address for communications on the site ([email protected]), kept several unencrypted cryptocurrency wallets constantly open, and re-used the same pseudonym on and off the Dark Web. And when the cops busted into his home in Thailand to arrest him, he was logged onto the AlphaBay server with the username “admin.”The computer was unlocked and unencrypted, and contained text files of passwords used on the site, as well as a document listing the type and location of all his financial holdings that was titled in bold “TOTAL NET WORTH.” Several days after his arrest, Alex Cazes was found dead in his prison cell, apparently having committed suicide.
- The Playpen Case: Although it only existed for seven months, the child pornography site Playpen managed to amass 215,000 users before the FBI gained access to its host server via information provided by a foreign law enforcement agency (which has not been publicly identified).Instead of just shutting the site down, the FBI continued to host it on its own servers for two weeks, during which it used a Flash app to capture 1,300 IP addresses belonging to site visitors. This led to the arrest of nearly 900 users around the globe, including Playpen’s creator, Steven Chase (may he burn in hell).
- The Ashley Madison Case: In 2015, the hacker group, the Impact Team, breached a dating site for extramarital affairs called Ashley Madison. The hackers threatened to release users’ personal information unless the website and its sister site, Established Men, were shut down. A month later, when their deadline wasn’t met, the Impact Team started publishing data on the Dark Web.Over the course of several dumps, information was revealed that included the email and IP addresses of 32 million members, the email correspondences of the CEO of Ashley Madison’s parent company, and the website’s source code.The hacker’s stated motivation was 1) an objection to the site’s primary purpose, and 2) the site’s practice of forcing users to pay to delete their accounts (which were even then not fully scrubbed from the servers).Because Ashley Madison didn’t require email verification to create a profile, it would have been easy to create accounts using someone else’s email address, and then use this to extort them. Although we still don’t know who was responsible for the attack, one can speculate that they were someone affected by these poor security practices.
Bonus Security Steps For the Dark Web
DO NOT change the TOR browser window size unless you like living dangerously. The FEDS have programs that can match identities on random things such and matching time online and other things with the browser window size, I shit you not. If you don’t change the size then it is the same as most other people.
You MUST use a VPN whenever you are connected to the TOR Network
Disconnect your webcam or block the camera with some black tape. Hackers and governments have ways of getting into your computer and turning on the video and cameras. You can have intimate images of you be used as blackmail or extortion, or even worse, used by the feds.
Disconnect your microphone or cover it with tape to muffle it good. The same goes for the microphone as the camera, the last thing you want is to be recorded saying incriminating things at home. It doesn’t even have to be while on the dark net. Even the Facebook creator Mark Zuckerberg does it as he knows the dangers.
NEVER use your real name, photos, email, or even password that you have used before on the dark web. This is the fastest way to be tracked. Use an anonymous email account / secure messaging apps and aliases that have nothing to do with you that you have never used before.
If you are using TOR on the dark web for anything other than looking at cute pictures of kittens, you should think seriously about your privacy and security.
On a final note, we encourage everyone who uses the Dark Web to do so responsibly. Stay SAFE and make sure your VPN is connected!
Dark Web Search Engines
- Google Scholar
- Not Evil
- Start Page
- Wayback machine
- Ahmia Deep Web Search Engine
- Searx Search Engine
- Agartha Market
- Apollon Market
- Berlusconi Market
- Cryptonia Market
- Empire Market
- Genesis Market
- Nightmare Market
- Tochka Market
- Yellow Brick Market
(Simply Google Them)
Dark OSINT Tools
Huge Collection of Deep Web Onion Links
- Deep Web 7839 Awesome Links List [Uncensored Table]
- Deep Web Onion Links Collections – Dark Net Sites (My Pastebin)
DarkWeb 101 - Anonymity
1. Cleanup Computer
You can use Windows or Linux to connect to the Dark Web.
Clear cache, trackers, cookies, viruses and adware that’s currently on your machine with the following tools.
Cleanup Tools (Removes cache, history, cookies etc)
Remove Malware, PUP’s and Adware
Run windows/linux commands to verify and repair integrity of system files
- sfc /scannow for Windows (Run command prompt as administrator)
- debsums for Linux (To install “apt install debsums” and then execute program “debsums -s”)
After all scans completed, reboot your system and continue with step 2 (#Install Tools)
2. Install Tools
Must Have Tools
- Get a VPN
- Download the latest TOR Browser
- Install browser extensions and maximize browser security
- Change your DNS manually using uncensored DNS IP
Additional/Optional Anonymity Tools for more security
3. Create Fake Identity
If you’ll be using any services on the dark web then you definately will need to create a fake identity that has nothing in common with your real life.
The below services are for anyone that wants to protect their online identity.
Before Signing up with the below free services, make sure you are connected to your VPNand TOR browser already.
Keep in mind that every time you create an account on any website or login to a service, your public IP have already been logged. > Go back to step 1 to clean and clear your machine. Then connect to your VPN and TOR to create your fake online identity with the below services.
Name Profile Generator
Encrypted Email Services
Encrypted Messaging Apps
Ready for Action > After you completed all the steps you are now ready to wander around the dark web.