Weaponize the Dark Web for OSINT

The Dark Web or Dark Net is among the most challenging environments for OSINT researchers to work in. It’s used more and more for illegitimate activity by nefarious actors. Researchers looking to research the dark web need to operate safely, being aware of the variation in results that are presented by different searchs & also actors who are active in different types of darknets. As OSINT researchers, we need to be well-versed with the dark web and be able to navigate it with efficiency.

The dark web is a subset of the internet that is accessed via special means, such as a TOR browser, and is not indexed. It’s important to note there are many dark webs and below is an example of four common ones:

Note that accessing TOR from your daily driver PC/Laptop running Windows 10 is a huge security and privacy risk. For that reason, it is recommended to configure a cloud-based VM using providers such as Amazon Workspaces, Google Cloud, etc. If that is not an option you can use a platform such as VMware to host a local VM and setup a TOR browser in it. It is advisable to run another OS on your VM. For Example- If your Daily Driver is Windows 10, its best if you use Linux based OS for research purposes. Also, If you have extra hardware you can setup a standalone research laptop/computer.

As a beginner, these few tools will get you familiar and comfortable when combing through the dark web for information:

The Dark Web is crawled and indexed by non-standard providers. Search Engines like Google or Bing will not crawl .onion sites on the TOR network. Though, proxied TOR sites, those which use TOR2WEB services are indexed by Google.

Some Examples of Search Engines:

Investigations on the dark web usually come down to attribution between surface and dark web. When trying to attribute targets participating in transactions and/or activity on the dark web, information slippage is more often tied to poor habits. This is where the same attributable markers, e.g. usernames, PGP keys, cryptocurrency addresses, are used by actors on both the surface & dark web.

We can search Shodan for .onion links either by doing an SSL certificate search or a general query. We can also substitute the .onion with the full address of the service you are interested in as well. This may reveal the location.

Related posts:

Even though ultimately, this story is about the miracle that happened with my son, it started when my dad graduated (passed away) and his sister couldn’t wait to tell me a lot of family secrets about…

From getting an online lottery to serving people as a social media marketer, you can perform a lot of tasks and can work as much or as little as you want. If you get to know the ins and outs and gain…

Donald Trump has been swapped from his role as the President into a gamer, and the gaming world has had a reckoning with its “Gamer-in-Chief”. Trump has singlehandedly taken the gaming world by…