A Beginner's Guide to the Dark Web for Investigators

A Beginner's Guide to the Dark Web for Investigators

A short instruction on how to find information on the Dark Web for OSINT purposes

Many times, an investigation would lead me to the Dark Web. Sometimes it’s to dive into forums and gather intelligence, and other times it would be to check illegal goods markets selling counterfeit products of my clients. Every time I mention that I use the Dark Web, people imagine a really scary place with criminals selling their goods right and left and that people can suffer dire consequences even for trying to open websites there. Other people ask if it’s even legal to access it. It’s not illegal, and the right precautions and tools make it a safe enough place and a source of abundant information not searchable through traditional means.

Investigators need a list of tools to start the process of understanding and using the darknet.

Step 1. Get the Tor Browser

The Tor Browser provides access to .onion websites and is pretty good for browsing anonymously. The browser usually opens with the DuckDuckGo search engine which adds an additional layer of protection. It behaves as a regular browser and all surface websites can be open as well. The downside is that Tor is painfully slow.

Step 2. Install a Virtual Private Network (VPN)

VPNs mask users’ IP addresses and add more anonymity. There are many free VPNs, but they limit the number of countries that can be used to hide IPs. They are easy to use and can be activated with a one-click button. Browsers also have VPN extensions. VPNs still can log data so their use doesn’t make users completely anonymous (for example, Onavo Project, a free VPN, was collecting user data and giving it to Meta, both companies were sued and had to pay $10 million each). Using them also can slow down the browsing process significantly.

Step 3. Find a list of websites to visit

There is no one centralized place to find all Dark Web websites but many directories try to keep their databases updated. Hidden Wiki, OnionLinks are popular darknet directories (links to be opened in Tor). Investigators can also use dark web search engines like Ahmia or Haystack (to be opened in TOR). Many databases haven’t been updated for some time, and new Dark Web sites appear and disappear every day, so aggregators’ data needs to be re-checked.

If a website doesn’t open today, it still might work tomorrow. There is a service to check if the most popular darknet websites are down and find new links when the old ones don’t work.

Forums and chats are also great places to find information about the subject. Marketplaces are useful as well, but they contain mostly illegal content.

There is also Hunchly, a service I wrote about in my previous post, that provides a free daily dark report with new websites collected in a spreadsheet.

Things to keep in mind

Anonymity is incredibly important on the Dark Web. Using Tor and VPNs doesn’t make it 100% safe. It’s always a good idea to back up your computer data and check for malware and viruses on a regular basis. Some investigators use virtual machines or clean computers just for the Dark Web. Users should never share any information that can unveil their identity including email addresses, usernames, photos, and other easily searchable information.

Any data extracted from the darknet can be used in an investigation only after cross-checking and source verification. Criminals, hackers, law enforcement, and tyrannical governments can be all in one space and share fake information.


Interesting Reads This Week:


Find more about fraud and investigations in the Investigator Blog

Sandeep A.

Co-Founder @ Risky Business Solutions | International Policy @ Stanford | thwarting grifters.

1 年

So I’ve typically learned in a few courses and conversations that the “Dark Web” is any criminal-oriented site, both on the open web and not (examples: Raid Forum, Dread, Nulled, even 8kun), and that the Deep Web was the non-indexed TOR or other similar routing protocol accessed set of sites. Since there are benign sites on Onion protocol like Wikipedia, I’m curious what your thoughts are on this distinction.

Abishek .

| Minimizing financial crime, since 2018 |

1 年

CFBR

回复

要查看或添加评论,请登录

社区洞察

其他会员也浏览了