Tor .onions: The Good, The Rotten and The Misconfigured

DefCamp
DefCampDefCamp
GOOD BAD MISCONFIGURED ANDTHETHETHE TOR .onion
Who am I?
-Nobody lol -Security enthusiast -ex-Intern @ Ixia
Tor & why onions’ lives matter
Onion routing
Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured
Hidden Services aka FB..CI… .onion-s
Tor .onions: The Good, The Rotten and The Misconfigured
Facebook on Tor
Pornhub educational website on Tor
Webhosting Services
Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured
Wikileaks website on Tor
The Guardian submission form on Tor
Tor .onions: The Good, The Rotten and The Misconfigured
Begging on Tor
Lottery on Tor
Cryptocoins laundering on Tor
Cloned Cards on Tor
Counterfeit cash on Tor
Gold on Tor
Fake IDs on Tor
Cheap Apple stuff on Tor
Steroids on Tor
Weed on Tor
Guns on Tor
Assassins on Tor
Hackers for hire on Tor
Malicious mirroring websites on Tor
Ransomware as a Service on Tor[0]
Ransomware as a Service on Tor[1]
Dropper malicious script on Tor
Blue whale game on Tor
Blackmail & pr0n on Tor
Human traffic on Tor
Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured
DON'T USE CLOUDFARE on Tor
Really, don't do it
Nvm, it's legit now
How police catches people on Tor
Tor .onions: The Good, The Rotten and The Misconfigured
False Positives
False postivies and angry owners
How others crawl Tor
Deanonymized on Tor
Vulnerable Apache Mirror on Tor
Tor .onions: The Good, The Rotten and The Misconfigured
The Rotten
Learning stuff on a Tor carders forum[1]
Learning stuff on a Tor carders forum[2]
Learning stuff on a Tor carders forum[3]
The Good
The misconfigured
Conclusions & geek stats • ~20.000 sites crawled • 1 in 10 cryptojacking • The deep web is smaller than you think • Is Tor good or bad? • @asdxcristi
Tor .onions: The Good, The Rotten and The Misconfigured
1 of 59

Tor .onions: The Good, The Rotten and The Misconfigured

Download to read offline
Technology

Ionut-Cristian Bucur in Bucharest, Romania on November 8-9th 2018 at DefCamp #9. The videos and other presentations can be found on https://def.camp/archive

DefCamp
DefCampDefCamp

Recommended

My darkweb-presentation by
My darkweb-presentationMy darkweb-presentation
My darkweb-presentationPaul Wilson
5.1K views45 slides
Internet Terms by
Internet TermsInternet Terms
Internet Termsjpatetta
203 views6 slides
The Deep Web by
The Deep WebThe Deep Web
The Deep WebMartin Pacheco
3K views8 slides
Technical Presentation by
Technical PresentationTechnical Presentation
Technical Presentationhahiro
132 views10 slides
Deep web by
Deep webDeep web
Deep webDerek de los Reyes
1.1K views6 slides
Understand Internet Before You Regret. by
Understand Internet Before You Regret.Understand Internet Before You Regret.
Understand Internet Before You Regret.Sumit Parvat
39 views11 slides

More Related Content

Similar to Tor .onions: The Good, The Rotten and The Misconfigured

Dark Web by
Dark WebDark Web
Dark WebKunalDas889957
258 views29 slides
Journey To The Dark Web by
Journey To The Dark WebJourney To The Dark Web
Journey To The Dark WebMiteshWani
1.8K views20 slides
Tor the onion router by
Tor the onion routerTor the onion router
Tor the onion routerJapneet Singh
98 views16 slides
Ecommer by
Ecommer Ecommer
Ecommer Julia Rosales
303 views6 slides
Ecommer by
Ecommer Ecommer
Ecommer Julia Rosales
473 views6 slides
Tor: The Second Generation Onion Router by
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterMohammed Bharmal
2.6K views17 slides

Similar to Tor .onions: The Good, The Rotten and The Misconfigured (20)

Dark Web by KunalDas889957
Dark WebDark Web
Dark Web
KunalDas889957258 views
Journey To The Dark Web by MiteshWani
Journey To The Dark WebJourney To The Dark Web
Journey To The Dark Web
MiteshWani1.8K views
Tor the onion router by Japneet Singh
Tor the onion routerTor the onion router
Tor the onion router
Japneet Singh98 views
Ecommer by Julia Rosales
Ecommer Ecommer
Ecommer
Julia Rosales303 views
Ecommer by Julia Rosales
Ecommer Ecommer
Ecommer
Julia Rosales473 views
Tor: The Second Generation Onion Router by Mohammed Bharmal
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion Router
Mohammed Bharmal2.6K views
WRT 205 U3 by Vincent Perez
WRT 205 U3WRT 205 U3
WRT 205 U3
Vincent Perez291 views
Dark Net by jangezkhan
Dark NetDark Net
Dark Net
jangezkhan169 views
Deep Dark Web - How to get inside? by Anshu Prateek
Deep Dark Web - How to get inside?Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?
Anshu Prateek1.8K views
Dark Web.pptx by eliofatjon
Dark Web.pptxDark Web.pptx
Dark Web.pptx
eliofatjon3 views
Mensworldhq.com what happens on the dark web by Paul Brooks
Mensworldhq.com what happens on the dark webMensworldhq.com what happens on the dark web
Mensworldhq.com what happens on the dark web
Paul Brooks15 views
Godfather 2.0 by Asian School of Cyber Laws
Godfather 2.0Godfather 2.0
Godfather 2.0
Asian School of Cyber Laws1.4K views
The Dark Web by jamiecornista
The Dark WebThe Dark Web
The Dark Web
jamiecornista11.7K views
The dark web darwin de leon by Darwin de Leon
The dark web darwin de leonThe dark web darwin de leon
The dark web darwin de leon
Darwin de Leon1K views
The dark web darwin de leon by Darwin de Leon
The dark web darwin de leonThe dark web darwin de leon
The dark web darwin de leon
Darwin de Leon344 views
CryptoParty Belfast 11 Nov 2014 - Tor by pgmaynard
CryptoParty Belfast 11 Nov 2014 - TorCryptoParty Belfast 11 Nov 2014 - Tor
CryptoParty Belfast 11 Nov 2014 - Tor
pgmaynard850 views
Drones Invasion Of Privacy by Dawn Jones
Drones Invasion Of PrivacyDrones Invasion Of Privacy
Drones Invasion Of Privacy
Dawn Jones5 views
Cyber crime- a case study by Shubh Thakkar
Cyber crime- a case studyCyber crime- a case study
Cyber crime- a case study
Shubh Thakkar1.2K views
Prashant Saxena - Informative Presentation on the Dark Web by University of Notre Dame
Prashant Saxena - Informative Presentation on the Dark WebPrashant Saxena - Informative Presentation on the Dark Web
Prashant Saxena - Informative Presentation on the Dark Web
University of Notre Dame138 views
Dw communication by Arjun Chetry
Dw communicationDw communication
Dw communication
Arjun Chetry24 views

More from DefCamp

Remote Yacht Hacking by
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht HackingDefCamp
1.7K views89 slides
Mobile, IoT, Clouds… It’s time to hire your own risk manager! by
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!DefCamp
974 views167 slides
The Charter of Trust by
The Charter of TrustThe Charter of Trust
The Charter of TrustDefCamp
560 views24 slides
Internet Balkanization: Why Are We Raising Borders Online? by
Internet Balkanization: Why Are We Raising Borders Online?Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?DefCamp
309 views22 slides
Bridging the gap between CyberSecurity R&D and UX by
Bridging the gap between CyberSecurity R&D and UXBridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXDefCamp
260 views13 slides
Secure and privacy-preserving data transmission and processing using homomorp... by
Secure and privacy-preserving data transmission and processing using homomorp...Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...DefCamp
470 views102 slides

More from DefCamp(20)

Remote Yacht Hacking by DefCamp
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht Hacking
DefCamp1.7K views
Mobile, IoT, Clouds… It’s time to hire your own risk manager! by DefCamp
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
DefCamp974 views
The Charter of Trust by DefCamp
The Charter of TrustThe Charter of Trust
The Charter of Trust
DefCamp560 views
Internet Balkanization: Why Are We Raising Borders Online? by DefCamp
Internet Balkanization: Why Are We Raising Borders Online?Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?
DefCamp309 views
Bridging the gap between CyberSecurity R&D and UX by DefCamp
Bridging the gap between CyberSecurity R&D and UXBridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UX
DefCamp260 views
Secure and privacy-preserving data transmission and processing using homomorp... by DefCamp
Secure and privacy-preserving data transmission and processing using homomorp...Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...
DefCamp470 views
Drupalgeddon 2 – Yet Another Weapon for the Attacker by DefCamp
Drupalgeddon 2 – Yet Another Weapon for the AttackerDrupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the Attacker
DefCamp269 views
Economical Denial of Sustainability in the Cloud (EDOS) by DefCamp
Economical Denial of Sustainability in the Cloud (EDOS)Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)
DefCamp254 views
Trust, but verify – Bypassing MFA by DefCamp
Trust, but verify – Bypassing MFATrust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFA
DefCamp323 views
Threat Hunting: From Platitudes to Practical Application by DefCamp
Threat Hunting: From Platitudes to Practical ApplicationThreat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical Application
DefCamp218 views
Building application security with 0 money down by DefCamp
Building application security with 0 money downBuilding application security with 0 money down
Building application security with 0 money down
DefCamp179 views
Implementation of information security techniques on modern android based Kio... by DefCamp
Implementation of information security techniques on modern android based Kio...Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...
DefCamp215 views
Lattice based Merkle for post-quantum epoch by DefCamp
Lattice based Merkle for post-quantum epochLattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epoch
DefCamp241 views
The challenge of building a secure and safe digital environment in healthcare by DefCamp
The challenge of building a secure and safe digital environment in healthcareThe challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcare
DefCamp323 views
Timing attacks against web applications: Are they still practical? by DefCamp
Timing attacks against web applications: Are they still practical?Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?
DefCamp258 views
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t... by DefCamp
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
DefCamp294 views
We will charge you. How to [b]reach vendor’s network using EV charging station. by DefCamp
We will charge you. How to [b]reach vendor’s network using EV charging station.We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.
DefCamp443 views
Connect & Inspire Cyber Security by DefCamp
Connect & Inspire Cyber SecurityConnect & Inspire Cyber Security
Connect & Inspire Cyber Security
DefCamp290 views
The lions and the watering hole by DefCamp
The lions and the watering holeThe lions and the watering hole
The lions and the watering hole
DefCamp225 views
Catch Me If You Can - Finding APTs in your network by DefCamp
Catch Me If You Can - Finding APTs in your networkCatch Me If You Can - Finding APTs in your network
Catch Me If You Can - Finding APTs in your network
DefCamp304 views

Recently uploaded

Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ... by
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...ShapeBlue
85 views10 slides
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or... by
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...ShapeBlue
158 views20 slides
Why and How CloudStack at weSystems - Stephan Bienek - weSystems by
Why and How CloudStack at weSystems - Stephan Bienek - weSystemsWhy and How CloudStack at weSystems - Stephan Bienek - weSystems
Why and How CloudStack at weSystems - Stephan Bienek - weSystemsShapeBlue
197 views13 slides
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue by
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueShapeBlue
163 views54 slides
Cencora Executive Symposium by
Cencora Executive SymposiumCencora Executive Symposium
Cencora Executive Symposiummarketingcommunicati21
139 views14 slides
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti... by
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...ShapeBlue
98 views29 slides

Recently uploaded(20)

Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ... by ShapeBlue
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...
ShapeBlue85 views
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or... by ShapeBlue
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
ShapeBlue158 views
Why and How CloudStack at weSystems - Stephan Bienek - weSystems by ShapeBlue
Why and How CloudStack at weSystems - Stephan Bienek - weSystemsWhy and How CloudStack at weSystems - Stephan Bienek - weSystems
Why and How CloudStack at weSystems - Stephan Bienek - weSystems
ShapeBlue197 views
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue by ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
ShapeBlue163 views
Cencora Executive Symposium by marketingcommunicati21
Cencora Executive SymposiumCencora Executive Symposium
Cencora Executive Symposium
marketingcommunicati21139 views
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti... by ShapeBlue
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
ShapeBlue98 views
Business Analyst Series 2023 - Week 4 Session 7 by DianaGray10
Business Analyst Series 2023 - Week 4 Session 7Business Analyst Series 2023 - Week 4 Session 7
Business Analyst Series 2023 - Week 4 Session 7
DianaGray10126 views
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O... by ShapeBlue
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
ShapeBlue88 views
20231123_Camunda Meetup Vienna.pdf by Phactum Softwareentwicklung GmbH
20231123_Camunda Meetup Vienna.pdf20231123_Camunda Meetup Vienna.pdf
20231123_Camunda Meetup Vienna.pdf
Phactum Softwareentwicklung GmbH50 views
Keynote Talk: Open Source is Not Dead - Charles Schulz - Vates by ShapeBlue
Keynote Talk: Open Source is Not Dead - Charles Schulz - VatesKeynote Talk: Open Source is Not Dead - Charles Schulz - Vates
Keynote Talk: Open Source is Not Dead - Charles Schulz - Vates
ShapeBlue210 views
Ransomware is Knocking your Door_Final.pdf by Security Bootcamp
Ransomware is Knocking your Door_Final.pdfRansomware is Knocking your Door_Final.pdf
Ransomware is Knocking your Door_Final.pdf
Security Bootcamp90 views
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N... by James Anderson
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
James Anderson156 views
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ... by ShapeBlue
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
ShapeBlue146 views
Uni Systems for Power Platform.pptx by Uni Systems S.M.S.A.
Uni Systems for Power Platform.pptxUni Systems for Power Platform.pptx
Uni Systems for Power Platform.pptx
Uni Systems S.M.S.A.61 views
The Power of Heat Decarbonisation Plans in the Built Environment by IES VE
The Power of Heat Decarbonisation Plans in the Built EnvironmentThe Power of Heat Decarbonisation Plans in the Built Environment
The Power of Heat Decarbonisation Plans in the Built Environment
IES VE69 views
Igniting Next Level Productivity with AI-Infused Data Integration Workflows by Safe Software
Igniting Next Level Productivity with AI-Infused Data Integration Workflows Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Safe Software385 views
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda... by ShapeBlue
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
ShapeBlue120 views
Microsoft Power Platform.pptx by Uni Systems S.M.S.A.
Microsoft Power Platform.pptxMicrosoft Power Platform.pptx
Microsoft Power Platform.pptx
Uni Systems S.M.S.A.80 views
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue by ShapeBlue
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlueCloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue
ShapeBlue93 views
NTGapps NTG LowCode Platform by Mustafa Kuğu
NTGapps NTG LowCode Platform NTGapps NTG LowCode Platform
NTGapps NTG LowCode Platform
Mustafa Kuğu365 views

Tor .onions: The Good, The Rotten and The Misconfigured