a visit to the darknet

The DarknetThe layer of the internet nobody wants you to

see…

Presented by:

Dan Weis

Who’s this guy?

Lead Pentester Certified Ethical Hacker, Licensed Penetration Tester, 23+

other certs Trainer/Mentor upcoming Ethical Hackers Underground Researcher Been in IT since 1995 in various roles both here and

internationally. 5+ years in security providing consulting, 3 years+ as a

pentester. Major Nerd

The Internet

6th August 1991 the internet was born (became publicly available) These days, 2.5 billion people inhabit the internet Most people think the internet is just this:

And occasionally this:

Disclaimer

The sites presented here are underground illegal sites

It is not recommended you visit these

Some are monitored by the feds (all are monitored by the CIA )

Nor do I support any of these sites or activities

They ARE dangerous sites

Seriously…know what you are doing..

Sandboxie, Java disablement, VM’s etc..

What is it?

The ‘Darknet’ is the hidden underground of the internet

It’s where Hackers, criminals, organised crime, political activists and whistleblowers operate

Usually only accessible through the Tor anonymizing software

Normally where blackmarket transactions are conducted

Had no search engine of any sort…. Until earlier this year….

Grams

Meet Grams, the Darknet’s first Search Engine It indexes 8 of the Darknet’s markets Keep’s track of the latest rate for bitcoin

currency, and allows you to filter items to display in bitcoins, USD, EUR, GBP

Sorts by relevance, similar indexing to Google So what can you buy?

Demo

A visit to the underground……

Hacking sites

HACKBB

Hacker hiring

THERE ARE LOTS MORE…

Thehiddenwiki.net

Deepweb link directory

Doxbin

Pastebin for Personally Identifiable information

IT’S NOT ALL BAD….For whistleblowers

Leakdirectory.org

The New Yorker

You don’t need tor to visit all sites

A lot of sites operate on the standard web But are located in countries that have laws that are….

lacking… Yes they are still watched by the Feds They go up and down often and change url’s frequently Require you to have anonymous currencies, such as

bitcoin and paid a fee just to browse Is where a lot of the stolen data ends up….

Indexeus

Indexeus.org 200 million identities+ and

expanding Indexes user account

information acquired from more than 100 recent data breaches

Including Adobe, Yahoo etc Lists things like email addresses,

usernames, passwords, Internet address, physical addresses, birthdays and other information that may be associated with those accounts.

Trade in stolen credit cards & dumps

Verifiedaccts.com

You name it…they sell it….

Pastebin...

So why are you showing us this?

To make you aware that there is more than what you realise….

Why...

And to ensure you don’t become a victim!

Change your passwords regularly Use strong passwords Don’t use the same password for everything! Use a current browser Ensure you are using an up-to-date, patched workstation Ensure you are using an adequate endpoint protection Stop clicking on things!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

If you do this…

Thanks!