What OS do you suggest for hackers wanting to stay anonymous?
whonix or qubes?
Ho do you learn how to read and use the exploits on 0day? Any comprehensive tutorial to get people to know how to use said exploits?
How and where do people get hacking hardware?
How do people get hardware level hacking tools such as hardware keyloggers, screen capture devices, rfid readers, etc.
What are suggest first targets to practice hacking against (once you learn how)?
I'd assume first testing against yourself, but then who? Friends, family members? People you don't like online?
>>2846 Whonix is OS made to run only in Virtual Machine while Qubes is OS installed on the hard drive. You can use Qubes-Whonix with Qubes virtualization (though you need modern hardware as it may be incompatible).
>>2846 > whonix or qubes?
Both, whonix runs on top of qubes. See whonix wiki:
http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Qubes Also make sure to read /wiki/Documentation. It's a lot, but it's better to read it now so you don't deanonymize accidentally, even if you won't use qubes-whonix. I found a lot of great tips on there.
Here's the qubes docs: http://sik5nlgfc5qylnnsr57qrbm64zbdx6t4lreyhpon3ychmxmiem7tioad.onion/doc/ Read at least /intro/, /getting-started/ and /faq/ before installing.
Note: There's an option to automatically install whonix in the qubes installer that the whonix wiki/qubes docs don't mention, so don't bother with the complicated steps.
>>2846 >What OS do you suggest for hackers wanting to stay anonymous? whonix or qubes?
Whonix is a os that is built around the idea of isolating proxies, you need 2 vms running, maybe in qubes in order to use it. This is a good place to start I guess, the problem is when you start getting into tools you will see some tools like antidetect are windows (or wine) only. So you need your own isolating system that can make sure what is proxying through can't leak info or figure out the proxys real IP.
A setup might look like
host 2 > torsocks/proxychains > host 1 > vpn > tor
this is how whonix etc works, also I added running tor over a vpn because it's a good idea. host 1 will not route packets except through tor. this is a private network between 1 and 2, any other host/path to internet = leak. An upside of this is host 2 you can even run another vpn or proxychains to get past having a tor exit IP. You can use your gateway to proxy any untrusted vm through tor with almost zero chance of IP leak/traffic not through tor.
>Ho do you learn how to read and use the exploits on 0day?
that depends on the exploit, some are more manual than others it's a factor in the price of the exploit too. one click pwn whatever is going to be expensive and harder to find. look up dorking and exploit db if you have no idea about exploits.
>What are suggest first targets to practice hacking against
Doesn't really matter, insecure servers are on tor but you will probably have a lot more success at first on the clearnet. Tor has the benefit that you can't be tracked/ip banned from a .onion but you will have trouble using tor exits on the regular internet, lots of sites ban them or will flag accounts you make. So in order to have an easier time you have to get a proxy after tor.
>>2846 Forgot
>How do people get hardware level hacking tools such as hardware keyloggers, screen capture devices, rfid readers, etc.
Ebay lol you can also go on markets for some stuff which will be marked up. Don't search for keylogger maybe more along the lines of usb keyboard input capture device.
>>2856 Well how would you buy them anonymously? Using either cash, bitcoin, or a prepaid visa could hide the money paper trail, but what about shipping addresses or store cameras?
>>2856 There is no perfectly secure way of buying stuff online (https://whonix.org/wiki/Money), but buying hardware keyloggers isn't illegal or that suspicious anyway.
>>2869 Can you get convicted for intercepted mail alone? Would that mean that I could repeatedly order drugs to somebody I hate and get them arrested by this?
>>2855 <DeepDotWeb
DeepDotWeb is like the plebbit of the darknet websites. It oozes normalfaggotry like a feminist oozes sweat mixed with expired pimple cream from xer clogged pores.
For a basic news site + market list use Darkwebnews
darkweba6le5w52w.onion/
And since I'm posting resources, here's a few more:
Exposingtheinvisible - good "getting started" website with good info on threat models and use cases
exposingtheinvisible.org/resources/inspiration/domain-games
The privacy guides on IVPN - every budding skript kiddie and H@X0r should read these. Everything from threat modelling to niche subjects like VPN over Tor are covered. Read all the guides at least twice.
www.ivpn.net/blog/privacy-guides
>>2826 >No whitehatfags allowed. No glowinthedarks allowed.
no script kiddies allowed either
>>2846 >What OS do you suggest for hackers wanting to stay anonymous? whonix or qubes?
install gentoo
>>2846 >Ho do you learn how to read and use the exploits on 0day? Any comprehensive tutorial to get people to know how to use said exploits?
Learn assembly
>How do people get hardware level hacking tools such as hardware keyloggers, screen capture devices, rfid readers, etc.
Learn hardware interfacing
>What are suggest first targets to practice hacking against (once you learn how)?
Fortnite
I'm not joking, I learned by attacking what was popular at the time.
>>2858 If you're paranoid the typical method is a dropoff. Find an abandoned house or a hostel. The main problem is that you'll probably want to be there to make the pickup. They typically want ID if it's redirected to a post office. Of course most of the time they'll just drop it out the front, and you'll be fine.
It's possible to make your own keylogger, but you need to be good with electronics.
Realistically, if you use non-traceable payment then you should be fine. LEA will go the easy route and rely on credit card details. They don't have some master list which tells them who lives at what address, they have to go to court to get that info. And they give zero shits about small-time hackers. They are too busy chasing down large-scale industrial espionage.
>>3780 >It's possible to make your own keylogger, but you need to be good with electronics.
This is possible, but probably not recommended for anyone that isn't already into etching their own boards and pulling parts.
If one of these devices is discovered, and it is suspected to be a keylogger, it will likely be turned over to the police, who will in turn start an investigation. It will likely then be turned over to a department or contractor that specializes in cyber/tech crimes.
The investigator could:
-Check if there where any witnesses.
-Check if the area has video surveillance.
-Maybe check for fingerprints.
-Maybe image the storage device of the machine (or just check the logs for USB device events).
-Subpoena local ISPs to look for people searching for "keyloggers" or info about them.
-If nothing above works, then the device may be disassembled and serialized parts checked against supply chain distribution. I'm not really sure, but this may only be considered in cases of serious crime (murder, terrorism, etc).
I'm not sure what the actual threshold is for LE, where they say "I don't know or I can't help you" if someone finds one of these. This probably varies by country too, so the above is hypothetical to a well-funded LEA.
Some of the keyloggers that can be bought look exactly like a USB port extension, so this may prevent identification by the majority of people. Only security focused, vigilant individuals would be suspicious of such a device and only if they actually found it and knew it wasn't supposed to be there.
This thread is for everything related to other people's computers, there's a lot of those on tor and even more on the clearnet. post ur
>scripts
>creds
>dox
>shells
>defacements
>targets
>favorite tools
and tips and tricks ofc. I will answer questions if they aren't too dumb. No whitehatfags allowed. No glowinthedarks allowed.
LINKS
new feshonions http://vps7nsnlz3n4ckiie5evi5oz2znes7p57gmrvundbmgat22luzd4z2id.onion/ (not crawling for some reason)
doxbin http://doxbinjs77uawbbl.onion/
archive http://archivecaslytosk.onion/
0day http://mvfjfugdwgc5uwho.onion/
webshells http://z2huz7tsxluvnxoc.onion
whonix http://kkkkkkkkkk63ava6.onion/
qubes http://qubesos4rrrrz6n4.onion/
cuckcuckgo http://3g2upl4pq6kufc4m.onion
searx http://ulrn6sryqaifefld.onion/
There are more good links i will post later