Search the Community

Este proyecto tiene como objetivo configurar un servidor VPS como un proxy inverso en la red TOR para mostrar el contenido de otro VPS en la clearnet. Utiliza Nginx como servidor web y proxy inverso, junto con un certificado SSL autofirmado generado por OpenSSL para proporcionar cifrado y seguridad adicionales. Si distribuyes esta guía paso a paso de Montar un VPS de proxy inverso en la red TOR para mostrar el contenido de otro VPS en la clearnet conserva los créditos. Montar un VPS de proxy inverso en la red TOR para mostrar el contenido de otro VPS en la clearnet es un proceso que requiere varios pasos y herramientas. A continuación, te guiaré a través del proceso de configuración: Nota: Asegúrate de que estás utilizando un VPS con una distribución de Linux compatible, como Ubuntu o Debian. Actualiza el sistema: sudo apt-get update && sudo apt-get upgrade -y Instala TOR y Nginx en el VPS: sudo apt-get install tor nginx -y Configura TOR: Abre el archivo de configuración de TOR: sudo nano /etc/tor/torrc Añade las siguientes líneas al final del archivo: HiddenServiceDir /var/lib/tor/hidden_service/ HiddenServicePort 80 127.0.0.1:8080 Guarda y cierra el archivo (Ctrl + X, luego Y, y presiona Enter). Reinicia TOR y obtén tu dirección .onion: sudo systemctl restart tor sudo cat /var/lib/tor/hidden_service/hostname Toma nota de la dirección .onion generada. Configura Nginx como proxy inverso: Crea un archivo de configuración para el sitio web: server { listen 8080; server_name pcxodijkwovkpyhkyrdyqdnfs63ulvan7bh4ukr2qvds6cnwcnqftaid.onion; location / { proxy_pass [Hidden Content]; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } server { listen 443 ssl; server_name pcxodijkwovkpyhkyrdyqdnfs63ulvan7bh4ukr2qvds6cnwcnqftaid.onion; ssl_certificate /etc/nginx/ssl/pcxodijkwovkpyhkyrdyqdnfs63ulvan7bh4ukr2qvds6cnwcnqftaid.onion.crt; ssl_certificate_key /etc/nginx/ssl/pcxodijkwovkpyhkyrdyqdnfs63ulvan7bh4ukr2qvds6cnwcnqftaid.onion.key; location / { proxy_pass [Hidden Content]; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } generar un certificado autofirmado de OpenSSL Instala OpenSSL: sudo apt-get install openssl -y Crea un directorio para almacenar el certificado y la clave: sudo mkdir /etc/nginx/ssl Genera el certificado y la clave privada autofirmados: sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt Durante el proceso, se te pedirá que proporciones información sobre la organización y el servidor. Puedes rellenar estos campos o dejarlos en blanco presionando Enter. Habilita el sitio web y reinicia Nginx: sudo ln -s /etc/nginx/sites-available/hidden-service /etc/nginx/sites-enabled/ sudo systemctl restart nginx Configura el firewall (opcional pero recomendado): Si tu VPS tiene un firewall activo (como ufw), asegúrate de permitir el tráfico de TOR y Nginx: sudo ufw allow 80/tcp sudo ufw allow 8080/tcp sudo ufw allow 443/tcp sudo ufw allow 8443/tcp Una vez que hayas completado estos pasos, tu VPS de proxy inverso en la red TOR estará configurado y mostrará el contenido de tu otro VPS en la clearnet a través de la dirección .onion generada. That's all... Nota: Cabe destacar que si el servidor en la Clearnet pasa por Cloudflare lo bloqueara, y creo que el 80% del trafico de internet pasa por Cloudflare View full article

contents this is the server side code written in nodejs for screenshotting Tor websites. The code itself is just a puppeteer that connects to tor websites through a TOR proxy (which I setup on a different server. See the image below for instructions on how to setup a tor proxy) Its written as a docker img that fetches a list of tor sites from Amazon DynamoDB (you can replace this with SQL), then crawls each one and takes screenshot of them all. Stores it on S3 then exists. This project was run once a day on Azure Container Instances. the lambdasubmitsite.js is redundant actually and can be ignore. Its a rest endpoint (aws lambda) to receive user submitted Tor sites. setup tor proxy in the code you can see the following line const config_tor_proxies = ["18.130.24.239:56826", "18.130.24.239:56824"] I setup two instances of Tor and port 56826 and 56824. One is also sufficient. [Hidden Content]

What is tornado? Tornado is implements tor network with metasploit-framework tool and msfvenom module, you can easily create hidden services for your localhost .onion domain without portforwarding. If you have experience different remote administration tools, probably you know you need forward port with virtual private network or ngrok but in this sense with tornado, the tor network offers the possibility of making services in a machine accessible as hidden services without portforwarding, by taking advantage of the anonymity it offers and thereby preventing the real location of the machine from being exposed. tornado can do create hidden service with tor network generate cross platform msfvenom payload with fully undetectable shellcode execution not shikata_ga_nai things hidden service becomes available outside tor network and ready to reverse shell connection be careful with tor2web even onion network, the only suicide mission is wearing blinders. tornado not secure from victim's point of view: the point of tor is that users can connect without being eavesdropped on and going through the clearnet with tor2web, even with https seriously cripples the efforts made to protect users. Disclaimer This tool is only for testing and can only be used where strict consent has been given. Do not use it for illegal purposes! It is the end user’s responsibility to obey all applicable local, state and federal laws. I assume no liability and are not responsible for any misuse or damage caused by this tool and software. [hide][Hidden Content]]

Anonymously Reverse shell over Tor Network using Hidden Services without port forwarding. This project implements the tor network with the metasploit-framework tool and msfvenom module. You can easily create hidden services for your LHOST .onion domain without portforwarding. If you have experienced different remote administration tools, probably you know you need a forward port with VPN or NGROK but in this sense, the Tor network offers the possibility of making services in a machine accessible as hidden services without portforwarding, by taking advantage of the anonymity it offers and thereby preventing the real location of the machine from being exposed. Currently, this project has that features. Create a hidden service Generate msfvenom payload with fully undetectable Hidden service becomes available outside tor network Disclaimer This tool is only for testing and can only be used where strict consent has been given. Do not use it for illegal purposes! It is the end user’s responsibility to obey all applicable local, state and federal laws. I assume no liability and are not responsible for any misuse or damage caused by this tool and software. [hide][Hidden Content]]

kalitorify is a shell script for Kali Linux which use iptables settings to create a transparent proxy through Tor Network, the program also allows you to perform various checks like checking the Tor Exit Node (i.e. your public IP when you are under Tor proxy), or if Tor has been configured correctly. Changelog v1.27.1 Fix curl request in check_status() function (kalitorify -s, –status) [hide][Hidden Content]]

How to stay Anonymous online in 2021: VPN, TOR, WHONIX & TAILS In many applications including surfing the internet, chatting, sending confidential documents anonymity has become a necessary and legitimate desire. A piece of information can be encrypted by using many encryption techniques, but it will only give you the encrypted content and will not hide your identity because It is still possible to know the source and destination of the communicating end. Anonymity in a business network can be devastating as it can make an organization vulnerable to security risks, liability and potential litigation and it is very useful for your competitor to know your moves. Moreover many renowned big companies like Amazon, Microsoft, and Google have collected your personal information in order to serve up targeted ads. There is nothing wrong to be anonymous and controlling your own personal privacy if you are doing the legitimate business. Several ways are present to ensure your privacy while browsing the internet VPN VPN is the acronym for the Virtual Private Network, a technology that allows you to connect to one or more computers by using a private network from public internet connection. Your IP (internet protocol) address is the prime identity number that Internet provider assigns your computer to let you go anywhere on the Internet. It’s exactly like the house number on your home. It masks an IP address so all online activities are virtually untraceable from any one. User’s initial IP address is replaced with one from the Virtual Private Network provider so that a communication take place without being tracked, monitored, and identified. Why VPN is called a network because you’re using a special network of VPN servers that covers the entire globe. How does VPN Work? VPN works in a way to bypass censorship by creating a pathway within a client and server ends with different control points through which data packets travel. When using a VPN an encryption and authentication layer is applied to that pathway in order to protect the traffic and data packets travel. Data packets travel through virtual, private and secure channel. This technique is called VPN Tunneling which creates a secure communication channel within network of computers. How does VPN work Drawbacks of VPN For end-device users, VPN might be an easy set up since you just need to download your VPN application and install it on your device but it has the drawback of being monitored from VPN service providers as they allow you to use their private servers in exchange for your data. There have been cases where VPN service providers are monitoring the data from their users for their own benefits in that way your communication is not all private but be monitored by service providers. What is TOR? The Onion Router (TOR) is a free and open-source software for enabling anonymous communication. It is designed to stop people tracking your browsing habits including government agencies and corporations. The name (The Onion Router) refers to the way that Tor protects your data by wrapping it in multiple layers of encryption like an onion. How does TOR work? TOR Browser routes all web traffic through the TOR network, making it anonymous. As the image below shows, TOR consists of a three-layer proxy, like layers of an onion. At first, TOR Browser connects at random to one of the publicly listed entry guards, bounces that traffic through a randomly selected middle relay, and finally directed the traffic through the third and final exit relay. how does tor work Drawbacks of TOR One of the drawbacks of TOR browser is that your ISP can see that you’re connected to TOR hence it can draw attention to you. Although, your ISP can’t see your activities but it will raise suspicion about what you’re doing. Another drawback of using TOR browser is that it only hides traffic going through TOR network and won’t anonymize other apps on your computer hence not completely giving the concept of anonymity. WHONIX OS Whonix is a Debian based Linux operating system used to provide anonymity, privacy and security on browsing the Internet. It consists of two main components i.e. Whonix workstation and Whonix gateway. Both components are VirtualBox virtual machine appliances, so as to run it on any operating system that has VirtualBox. How Does Whonix Work? At first the Whonix workstation and gateway are configured on host machine. Workstation consists of the desktop application, routes all of its traffic to the gateway which is connected to the workstation. The gateway is further connected to the TOR network for accessing the internet. Whonix gateway is the only way for the workstation to transmit the information through internet because the workstation is an isolated machine and it has no idea about its own host IP and configuration. From the image we can see that all the traffic that is directed through the gateway is TORrified while the traffic from the host machine in non TORified.The host machine does not participate in the Whonix private network and that is why continues to use its normal internet connection. how does whonix work It is a huge advantage of isolating the workstation from a network to keep an IP address private even if any application in a Whonix workstation is compromised, it is almost impossible to reveal your IP because it does not know your IP. Drawbacks of Whonix Although Whonix provides transparency of your IP address, it has a notable disadvantage in terms of physical security. If your host machine is ever compromised, all the stored personal information and your internet browsing activity could be discovered easily. TAILS Linux OS If your goal is to leave no trace of every activity you did on the host machine then choose Tails. Tails or The Amnesic Incognito Live System is a live Debian based linux operating system that aims to provide privacy and anonymity. You can start TailsOS on almost any computer from a USB stick or a DVD. Tails sends its traffic by using TOR network, leaving no trace on the system you are using. Live means it runs on the medium typically a USB, immediately upon starting the system. The entire operating system lives on that USB. All you have to do is first download the live operating system, write it on a USB, insert it to the system, after turning it on you will get a live operating system simply boots from a USB device. tails OS linux The portability of TailsOS solves the problem of physical security as if your USB device ever gets lost or compromised, there will be no personal information present on that USB as well as the system on which you have inserted that USB and nothing can be learned about your specific usage. And The Winner Is? As we have seen there are many techniques and tools available to hide a person’s identity while browsing the internet. The above mentioned techniques provide anonymity at some point and has some notable drawbacks which can lessen the degree of anonymity so by comparing VPN, TOR, WHONIX and TAILS, the technique that is said to be the best practice for providing complete anonymity as well as safe and secure communication is TAILS as it gives you complete security for traffic transmission, privacy of identity and the physical security.

kalitorify kalitorify is a shell script for Kali Linux which use iptables settings to create a transparent proxy through Tor Network, the program also allows you to perform various checks like checking the Tor Exit Node (i.e. your public IP when you are under Tor proxy), or if Tor has been configured correctly. What is Transparent Proxy through Tor? A transparent proxy is an intermediary system that sits between a user and a content provider. When a user makes a request to a web server, the transparent proxy intercepts the request to perform various actions including caching, redirection, and authentication. Changelog v1.26.2 Update data/torrc, Makefile [hide][Hidden Content]]

An engine to make Tor network your default gateway Summary The Tor project allows users to surf the Internet, chat and send instant messages anonymously through its own mechanism. It is used by a wide variety of people, companies and organizations, both for lawful activities and for other illicit purposes. Tor has been largely used by intelligence agencies, hacking groups, criminal activities and even ordinary users who care about their privacy in the digital world. Nipe is an engine, developed in Perl, that aims on making the Tor network your default network gateway. Nipe can route the traffic from your machine to the Internet through Tor network, so you can surf the Internet having a more formidable stance on privacy and anonymity in cyberspace. Currently, only IPv4 is supported by Nipe, but we are working on a solution that adds IPv6 support. Also, only traffic other than DNS requests destined for local and/or loopback addresses is not trafficked through Tor. All non-local UDP/ICMP traffic is also blocked by the Tor project. [hide][Hidden Content]]

Two 0-days discovered in Tor, and more are expected. Dr. Neal Krawetz is a security researcher who, in recent years, has repeatedly reported security breaches to the Tor Project, but, in his opinion, he believes that the security of his networks, tools and users is not taken. seriously enough. For this reason, Dr. Neal Krawetz published last week and today on his blog, technical details about two 0-day vulnerabilities that affect the Tor network and the Tor browser. The researcher has also promised to reveal at least three more 0-days of Tor, including one that can reveal the real-world IP address of Tor servers. Tor's first 0-day. In a blog post dated July 23, [Hidden Content] the researcher describes how companies and Internet service providers could block users from connecting to the Tor network by scanning network connections for "a distinctive packet signing» that is unique to Tor traffic. This bug could be used as a way to block Tor connections from starting and ban Tor entirely. The second 0-day of Tor. Today, in a new blog post, [Hidden Content] he reveals a second flaw that, like the first one, allows network operators to detect Tor traffic. However, while the first day zero could be used to detect direct connections to the Tor network (to the Tor guard nodes), the second day can be used to detect indirect connections. These are connections that users make to Tor bridges, a special type of entry point on the Tor network that can be used when businesses and ISPs block direct access to the Tor network. Tor bridges act as proxy points and transmit user connections to the Tor network itself. Because they are sensitive Tor servers, the list of Tor bridges is constantly updated to make it difficult for ISPs to block it. But Dr. Krawetz says that connections to Tor bridges can be easily detected, too, using a similar technique of tracking specific TCP packets. “Between my previous blog post and this one, you now have everything you need to enforce the policy [of blocking Tor on a network] with a real-time stateful packet inspection system. You can prevent all your users from connecting to the Tor network, whether they connect directly or use a bridge. " DR. KRAWETZ.

About TorghostNG TorghostNG is a tool that make all your internet traffic anonymized through Tor network. Rewritten from TorGhost with Python 3. TorghostNG was tested on: Kali Linux Manjaro ... What's new in TorghostNG 1.2 Fixed update_commands and others in torghostng.py Changed a few things in theme.py Changed a few things in install.py Now you can change Tor circuit with -r [HIDE][Hidden Content]]

hello guys Can someone share please, a c# RAT or botnet source with connection over tor for secure encryption Cdt

How to become Anonymous using Proxychains and Tor [Hidden Content]

Spacenet is a Tor based python botnet meant for credential stealing . This project is complete with a full explained UsersGuide Video: [Hidden Content] Download: [HIDE][Hidden Content]] Password: level23hacktools.com

TOR for Browser v3.1.6 is a tool to surf the internet completly anonymous by using 2 incapsulations. How to use: 1) Select a number from Circuit 1 2) Select a number from Circuit 2 3) Select Access type 4) Type the site to visit 5) Hit Go! There is in each Circuit 20 proxy servers. This proxy servers must be combined using Circuit 1 and Circuit 2. Using this will increase the anonymity of the connection. Also there is two options in Access: Restricted - Blocks Cookies, JavaScript and Objects Unrestricted - Allow Cookies, JavaScript and Objects Download: [HIDE][Hidden Content]] Password: level23hacktools.com

Salut à tous J'utilise TOR depuis le début et j'ai récemment changé le client newsgroups pour 9 ThunderBird (TB). je passe TB avec win-tor comme proxy J'ai envoyé un message sur des newsgroups quand j'utilise win-tor, je reçois des en-têtes NNTP supplémentaires J'aimerais savoir comment interroger les en-têtes NNTP Injection-Info:logging-data, X-Trace, NNTP-X-TOR-Router, NNTP-X-Ufhash, Content-ID article-number in Xref: newsgroup-server newsgroup-name:article-number obtenir plus d'informations? un script / application / programme / code sur le net? Merci

Hey guys I'm looking for a good botnet that supports Tor to allow clients communicate to the .onion server over Tor network. PM with the botnet name and price...

[Hidden Content]

Checker on balance. Saving The Bad's You can write any host. Base login:pass [HIDE][Hidden Content]] Use Tor as a proxy for brute After the launch, a text writer with IP:PORT will appear. data - tor browser itself, if that you can update yourself! But first set up: Write how much proxy you need. 1 proxy holds exactly 20 streams! That's why you don't need to make 100 proxies if you're a brute in 100 threads. [HIDE][Hidden Content]]

View File [COURSE] LEARNING TOR AND THE DARKWEB [COURSE] LEARNING TOR AND THE DARKWEB MP4 | Video: AVC 1280x720 | Audio: AAC 48 kHz 2ch | Duration: 1 Hour | 132.3 MB Genre: eLearning | Language: English The dark web-a bastion of encrypted websites that can be visited and hosted anonymously-is home to criminals and privacy-minded citizens alike. In this course, learn about the social and technical underpinnings of the dark web, as well as how you can access and host websites that are hidden from prying eyes. Instructor Mike Chapple provides some history on the dark web and the Tor Browser, the basic software needed to access the dark web and browse the internet anonymously. ━━━━━━━━━━━━━━━━━━━━━ You can download these books and guides for free if you are a PRIV8 user Submitter dEEpEst Submitted 05/07/19 Category Libro Online Password ********  

Suelo usar tor algunas veces, no es que sea mi navegador predeterminado, pero si lo usaba bastante y uso habeces en el modo inproxy, pues si no es imposible el acceso, espero que os sea de interes, es una charla que se dio en el cibercamp en 2018, esta bastante bien. [Hidden Content] Un saludo.

[Hidden Content]

The only way to use Tor Network Safely What is Tor ? "Tor is short for The Onion Router (thus the logo) and was initially a worldwide network of servers developed with the U.S. Navy that enabled people to browse the internet anonymously. Now, it's a non-profit organization whose main purpose is the research and development of online privacy tools. " What Tor is good for ? "If you want to be anonymous—say, if you live under a dictatorship, you're a journalist in an oppressive country, or a hacker looking to stay hidden from the government—Tor is one of the easiest ways to anonymize your traffic, and it's free. It's far from perfect, though (we'll get to that in a moment).On a more general level, Tor is useful for anyone who wants to keep their internet activities out of the hands of advertisers, ISPs, and web sites. That includes people getting around censorship restrictions in their country, police officers looking to hide their IP address, or anyone else who doesn't want their browsing habits linked to them. Tor's technology isn't just about browsing anonymously. It can also host web sites through its hidden services that are only accessible by other Tor users. It's on one of these hidden service sites that something like The Silk Road exists to traffic drugs." The best way to use Tor Safety Is " Tails " What's the difference Between Tails and Tor browser? Tails : Tails is an operating system built on Linux it uses only Tor to send its Internet traffic, and it has almost all the tools you need for dark web use pre-installed and ready. It has PDP software has electron which is a Bitcoin wallet it has pgp encryption for emails it has Tor has everything you need to be completely anonymous on the dark web and it can be ran from a USB or DVD and can be used on almost any computer. Tor Browser : Tor Browser is a web browser based on Mozilla Firefox and configured to protect your anonymity. Given the popularity of Firefox, you might have used it before and its user interface is like any other modern web browser. How to install Tails ? You can follow the steps from the official website : [HIDE][Hidden Content]] Good Tips : - Dont use it on Carding ! - Do not use VPN or Proxy to connect Tor Network - Don't trust any files from unknown website

TOR for Browser v3.1.6 (demo) is a tool to surf the internet completly anonymous by using 2 incapsulations. How to use: 1) Select a number from Circuit 1 2) Select a number from Circuit 2 3) Select Access type 4) Type the site to visit 5) Hit Go! There is in each Circuit 20 proxy servers. This proxy servers must be combined using Circuit 1 and Circuit 2. Using this will increase the anonymity of the connection. Also there is two options in Access: Restricted - Blocks Cookies, JavaScript and Objects Unrestricted - Allow Cookies, JavaScript and Objects Download: [hide][Hidden Content]] Virus Scan [hide][Hidden Content]]