βSnowHaze Browser - SnowHaze is a browser with your privacy and security in mind. SnowHaze is open source and offers you the most extensive tools on iOS to reclaim the control over your personal data and move freely on the internet.
βMySudo - Handy tool for creating entire personal profiles with numbers and emails you can use in place of your personal information.
βhttps://privacy.com/ - A wonderful platform for placing anonymous purchases. Allows you to create a digital preloaded credit card so your real number isnt stored by amazon or google.
βSyncthing - Open Source, secure file synchronization program.
βTails - Home - Portable linux distribution focused on extreme privacy and security.
βAnonymouse.org - Proxied "anonymous" web searching tool.
βPrivoxy - Home Page - Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk.
βKali Anonsurf - ParrotSec's anonsurf and stealth, ported to work with Kali Linux.
βParrotSec/anonsurf - Anonsurf routes all your traffic through Tor, and it also lets you start i2p services and clear any traces left on the user disk. Anonsurf also kills away all dangerous applications by virtue of the Pandora bomb, so you do not need to worry about having a Tor browser and other scripts running to hide your system.
βcryptsetup-nuke-password - Installing this package lets you configure a special βnuke passwordβ that can be used to destroy the encryption keys required to unlock the encrypted partitions. This password can be entered in the usual early-boot prompt asking the passphrase to unlock the encrypted partition(s).
βPrivacy Analyzer - see what data is exposed from your browser.
βBrowser Mirror - See what your browser says about you
βWebkay - A demonstration of all the data your browser knows about you. All this data can be accessed by any website without asking you.
βLogger - IntelTechniques custom tool for seeing what data can be tracked in your browser.
βhttps://tenta.com/test/ - Site for checking DNS Leakage and other browser security issues.
βhttps://www.grc.com/shieldsup - Great tool for profiling your internet connection and router for exposure, potential vulnerabilities, and open ports.
βhttps://ipleak.net - See what information you are giving away while browsing the internet. IP addresses, DNS leaks, WebRTC leaks, fingerprints and user-agent.
βhttps://browserleaks.com - Here you will find a gallery of security testing tools that will show you what kind of personal data can be leaked, and how to protect yourself from it.
βWhat every Browser knows about you β This site not only shows what information your browser provides to third-party sites, but also explains how it can be dangerous and suggests what extensions will help to ensure your anonymity.
βhttps://iaca-darkweb-tools.com - A collection of darkweb search tools. Allows you to query .onion search engines, marketplaces and social media sites.
Tor Bridges - alternative entry points for Tor that are not listed
Some networks may block port TCP 9050 or even dynamically blacklist all Tor nodes in an attempt to prevent thier users from accessing the Tor network and get around access control
This can be over come by useing Tor bridges.
This can be configured to use by adding the bridge information to the torrc file like below
#Bridge fte 128.105.214.163:8080 [hash]
Obfuscated bridges - bridges that use special plug-ins called pluggable transports which obfuscate the traffic flow of Tor making its detection harder
βhttps://hidden-services.today - Place with fresh links to TOR services hidden that is free of spam and scam sites. Only trusted and safe links are provided.
βhttps://www.hunch.ly/darkweb-osint/ - Identify new hidden services, or find investigation targets that you might not have otherwise known about. It is 100% free and every day you will receive a link to a spreadsheet you can download or view online. Requires you to provide an email address to join their mailing list.
βTOR66 - An onion site that lists newly discovered onion sites that have been submitted from a variety of different clearnet platforms.
βH-Indexer - Another onion site that offers a list of fresh onions. Beware, results are often uncensored, so you may encounter illegal material.
https://osint.party/api/rss/fresh - An amazing RSS feed of fresh and newly discovered .onion sites. Be careful, this feed remains uncensored, so you may encounter illegal content.
βDarknet Markey Buyers Guide - The buyerβs DNM bible aims to be a complete guide that covers all steps that users have to take in order to buy securely from darknet markets. It orientates itself on OPSEC best practices and, if exactly followed, will greatly minimize the risk of you getting caught.
β’ Your "work" computer should never ever have anything personally related to your real identity. Ever!
β’ Your host machine should have Anti-Virus or Windows Defender enabled.
β’ Your host machine should always be kept up to date with current updates.
β’ Your host machine should have full HD encryption.
β’ Your host machine should have opensnitch, Glasswire, or Littlesnitch installed.
β’ Your host machine should have booting from USB disabled in the BIOS settings (see how to get into your BIOS and disable it).
β’ Your host machine should have a VPN running on it.
β’ Everything should be saved to the USB and never the HD.
β’ A password manager should be used for storing your passwords.
β’ VM should be saved onto on a USB/Micro SD and encrypted.
β’ Whonix should be used to conduct all your Darkweb activities.
β’ Spoof your MAC and Computer Name every time on start-up and shutdown.
β’ Use CCleaner, bleachbit, or similar programs on your host machine before each shutdown.
β’ Be conscious of other devices you may have on your person that are giving away your location (cell phones are not your friends).
β’ PGP encryption for secure emailing
β’ Only wired keyboards and mice
β’ Read http://grugq.github.io/β
Tell Bash to use /dev/null instead of ~/.bash_history. This is the first command we execute on every shell. It will stop the Bash from logging your commands.
1
export HISTFILE=/dev/null
Copied!
It is good housekeeping to 'commit suicide' when exiting a shell:
Note: Or deploy your files in /dev/shm directory so that no data is written to the harddrive. Data will be deleted on reboot.
Note: Or delete the file and then fill the entire harddrive with /dev/urandom and then rm -rf the dump file.
Restore the date of a file
Let's say you have modified /etc/passwd but the file date now shows that /etc/passwd has been modifed. Use touch to change the file data to the date of another file (in this example, /etc/shadow)
1
touch -r /etc/shadow /etc/passwd
Copied!
Clear logfile
This will reset the logfile to 0 without having to restart syslogd etc:
1
cat /dev/null >/var/log/auth.log
Copied!
This will remove any sign of us from the log file:
Our favorite working directory is /dev/shm/. This location is volatile memory and will be lost on reboot. NO LOGZ == NO CRIME.
Hiding permanent files:
Method 1:
1
alias ls='ls -I system-dev'
Copied!
This will hide the directory system-dev from the ls command. Place in User's ~/.profile or system wide /etc/profile.
Method 2: Tricks from the 80s. Consider any directory that the admin rarely looks into (like /boot/.X11/.. or so):
1
mkdir '...'
2
cd '...'
Copied!
Method 3: Unix allows filenames with about any ASCII character but 0x00. Try tab (). Happens that most Admins do not know how to cd into any such directory.
1
mkdir #x27;\t'
2
cd #x27;\t'
Copied!
Encrypting a file
Encrypt your 0-Days and log files before transfering them - please. (and pick your own password):
β’ Always use tor to create emails and to check that email.
β’ Never use your home wifi
β’ If email registration requires a phone number, use a burner phone that can recieve texts.
β’ Wait at least 1 month before using the phone, and purchase far away from your home.
β’ Use email providers that operate on Tor and use PGP when dealing with clients
β http://secmailw453j7piv.onion
β http://eludemaillhqfkh5.onion
β http://mail2tor2zyjdctd.onion
β http://cockmailwwfvrtqj.onion
PGP Encryption
βNulltrace - An onion site that offers an easy to use PGP toolkit. Allows a user to create PGP keypairs, sign, verify, encrypt and decrypt.
Security Settings: Click on the shield icon at the top of the Tor browser and click "Advanced Security Settings" and set the value to "Safest". Note For Tails Users: Tails will reset this value on system restarts, so make sure you do this everytime you launch Tor on Tails!
Privacy Checking: To check that your I.P. address is a Tor exit node, and that your security settings are correct, go to https://whatsmybrowser.org/ and ensure the following:
-Javascript is disabled! -No browser details can be detected!
Plugins: Additional addons/plugins should not be installed. Plugins not supported by the TorProject run the risk of bypassing the Tor network and accessing the net directly, which runs the risk of leaking your real I.P. address. It should be a clear indication to anyone why this is an issue, but people sometimes disregard this risk and lose a large part of their OpSec over this mistake.
Tails: Tails is a live operating system that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity and helps you to: use the internet anonymously and circumvent censorship; route all connections to the internet through the Tor network; leave no trace on the computer you are using unless you explicitly ask it to; encrypts your files, emails, and instant messaging using state-of-the-art cryptography.
Whonix: An alternative to Tails and also an open source project. Whonix is an operating system focused on anonymity, privacy, and security. It's based on the Tor anonymity network, Debian GNU/Linux, and security by isolation. DNS leaks are impossible and not even malware with root privileges can find out the user's real I.P. address.
Shredding History / Footprints: This section only applies to users who use the Tor browser while not using Tails or Whonix.
The recommended tool for cleaning footprints, history, cache, etc. from your drive(s) is using a program known as CCleaner. When using the program it is recommended to go to 'Options' > 'Settings' and then selecting "Complex Overwrite" (7 passes) and "Secure File Deletion". Make sure all the boxes are ticked when cleaning including the 'Windows' and 'Application' tabs.
This is normally recommended before the connection to Tor, and after you've left Tor, to wipe all cookies etc. Remember that although this may clear a good deal of the tracks left behind on your PC, wiping your drive(s) with random data and zeros from a live operating system is the only way to permanently clean your tracks. It is also good to note that there is no reliable way to wipe solid state drives so using hard drives is the preferred hardware.
Cookies - How The NSA Is Using Them To Track Tor Users: Let's suppose that there is an online shopping website, owned, or controlled by the NSA. When a normal user will open that website from his/her real I.P. address, the website creates a cookie on the user's browser and stores the real I.P. address and other personal information about the user. When the same user will again visit the same NSA owned website, enabling Tor this time on the same browser - the website will read the last stored cookies from the browser, which includes the user's real I.P. address, and other personal Information. Furthermore, the website just needs to maintain a database of real I.P. addresses against the Tor Proxy enabled fake I.P. addresses to track anonymous users. The more popular the site is, the more users can be tracked easily. Documents show that the NSA is using online advertisements, i.e. Google Ads to make their tracking sites popular on the internet.
How You Can Avoid Cookie Tracking? By using the Tor browser exclusively for darknet activities. Browsers can't read cookies created by other browsers so using your standard browser for clearnet use can save you from this issue. However, you should always clear the cookies (with CCleaner or alike) after youβre done so any stored information, such as login information will not be stored on the computer's drive. If you're doing something very interesting, you should use Tor on an amnesic operating system, such as Tails, so that any data is dumped when the machine is closed.
Closing: Hopefully you found this Tor Browser Security Guide a helpful source of information on the various steps needed to maintain your security and privacy. Don't take your freedom, nor your livelihood, for granted. You never know what could happen so never let the odds be stacked against you!