Dark Web — How to get started
You may ask yourself now, “Why would anybody be interested in the Dark Web besides Criminals and Drug dealers/users?” — Well, the answer is simple. The Dark Web is not only home to criminals, but it is also a vast resource for all kinds of legitimate content; it is used by whistleblowers in countries with oppressive Governments, by journalists that report in countries that try to censor or oppress free press, and it hosts a number of sites that you would also find on the clear web, such as Facebook, BBC, and more.
OK, so why do I use the Dark Web? For me, the Dark Web is a very important resource during investigations. It is part of any OSINT (Open Source Intelligence) investigation, and life would be really hard without it for much digital forensics and OSINT investigators.
All right, how do I get SAFELY started with all this? Let’s look at a few options here and be reminded security precautions are even MORE important while accessing the Dark Web, do not think that nothing can happen to you because it is “anonymous” — Malware does not know anonymity, so let's start with some basic recommendations, though not all may be possible to implement for the average user. Take note that this is a beginner's guide; I am not going into every detail of the underlying technology, but I did some detailed posts on some of this in the past, so check those out if you are into the more technical details.
Personally, I never surf the dark web from my day-to-day PC/Mac — I use VMs for that, and I only use the VM’s once. For average users, that may be overhead, but I would still highly recommend using a Virtual Machine for accessing the Dark Web. I created a video some time ago on how to use CSI Linux via the Whonix Gateway securely; this is still my main Distro for investigations. You can check out the Video here:
Also, if you are installing TOR on your main PC and use that to access the dark web (which I do NOT recommend), the usual precautions apply. Make sure your System is up to date with the latest security patches, has reputable and updated Anti Malware, AV, and even better, some form of EDR tools, and configure your system to the usual best practices for security; this all becomes so much more important if you are accessing dark web sites.
Theoretically, all you need to access the Dark Web is a Computer, the Internet, and the TOR Browser. What is the TOR Browser? The Tor Browser is a web browser that anonymizes your web traffic using the Tor network, making it easier to protect your identity online. Do not think the TOR browser guarantees full anonymity and safety; the Reality is far from that and very complex. I will write about the dangers of compromised exit nodes in the TOR Network in the future.
The core principle of Tor, onion routing, was developed in the mid-1990s by United States Naval Research Laboratory employees, mathematician Paul Syverson, and computer scientists Michael G. Reed and David Goldschlag to protect American intelligence communications online.
Also, you can use the TOR browser for clear web websites to increase your privacy protection.
For now, what we need to do is to download the TOR browser from the TOR Project Website and install it. I am not going into detail on how to do this because I assume that if you are considering exploring the Dar Web, you have the basic skills to download and install the software.
After we start the TOR browser for the first time, it will connect to the TOR Network. When we are done with that, let’s change the security level. By default, the Security Level in TOR is set to standard, but if we are going to explore the Dark Web, I recommend we change that. To do this, we can use the Security Level Settings.
Personally, for normal use, I set this to at least “Safer”.
For more details on TOR browser security settings, check out: https://tb-manual.torproject.org/security-settings/
After this, we are good to go to check our first dark web site. But how do we find one? I will keep this simple as it is meant for beginners, so I will show the following 3 popular ways of finding .onion sites (.onion is the domain ending for hidden services sites, also known as onion sites or dark web sites)
DuckDuckGo
DuckDuckGo, to some, is a search engine; it has a clear web presence and a hidden service presence.
Let's look at the hidden service presence here as we discuss the dark web and TOR. Note that as of September/October 2021, only .onion V3 services are reachable; the difference between v2 and v3 is that v2 addresses are 16 characters long while v3 addresses are now 56 characters long, so it is easy to recognize them right away. Let’s Look at the DuckDuckGo hidden service .onion URL:
https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/
From here, you can start searching for content as you like. However, the dark web is not as simple to search as the clear web really, and this is where onion link sites come in, which brings us to the second option I want to mention here.
TheHiddenWikki
The HiddenWikki is a collection of onion links. You can check it out here: https://thehiddenwiki.org/ — As with any darkweb site. Excerxise common sense as scams are certainly out there.
Ahmia.fi
Ahmia is another dark web search engine (also maintains a clear web presence) that is quite good. You can access it via http://juhanurmihxlp77nkq76byazcldy2hlmovfu2epvl5ankdibsot4csyd.onion/ or the clear web presence via https://ahmia.fi/
Now, armed with all this information, I leave you to it and do some exploring. If you are interested in experimenting with hosting your own hidden service, I did create a tutorial on that some time ago; you can check it out here:
Lastly, let me share a few more links that will come in handy
There are some good Dark Web News Sites that I use; you may find them interesting as well:
Darknetlive
Darknet stats
DNStats
The Daily Swig
DarknetOne
DarknetMarkets
And there are a few resources on Reddit, even though Reddit did ban some subreddits on the topic in 2018
(https://www.vice.com/en/article/ne9v5k/reddit-bans-subreddits-dark-web-drug-markets-and-guns )
r/deepweb — https://www.reddit.com/r/deepweb/
r/onions — https://reddit.com/r/onions
Also cool is the Daily Dark Web Reports stuff from Hunchly
https://www.hunch.ly/darkweb-osint/
And to close, a hidden service that provides something similar to reddit — Dread
http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/
I hope you learned something from this article; subscribe to my YouTube Channel or this Blog to get notified on new content.
YouTube Channel:
