Still Under DDOS, but here is a status update anyway. The Tor network is breaking.
/d/OpSec icon

/d/OpSec

17,155 subscribers

Anonymous Planet Onion

Discussion of OpSec, Threat Models, Protection, Assessment & Countermeasures.

Vendors: /d/vendor_handbook.

While the focus of this community's OpSec discussions may center around Dark Net (DN) activity, all members of this sub are encouraged to think about, discuss, and share ideas relating to OpSec.

Privacy & Security Guides (Pinned post)

by /u/HeadJanitor Moderator · 53 votes · 6 months ago

͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ 

͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ 

Security Researchers
Krebs on SecurityLots of up-to-date, in-depth interesting cyber security news and investigations, by a true legend in the field and NY Times Bestseller, Brian Krebs.
Schneier on SecurityCommentary, news, essays and more all about cryptography, cyber security and privacy. New posts are written almost daily, and this is also home to the famous Crypto Gram weekly newsletter, that's been popular since 1994. By the world-renowned security professional, and serial bestselling author, Bruce Schneier.
Underground TradecraftCounterintelligence, OPSEC and Tradecraft for everyone.
Errata SecurityCovers latest interesting news, and explains concepts clearly. By Robert Graham and David Maynor.
Graham CluleySecurity news, advise and opinion. From Graham Cluley, co-host of Smashing Security.
The Last Watch DogPrivacy and Security articles, opinion and media by Byron Acohido
Troy HuntSecurity researcher and data breach collector.
Privacy Guides
EFF SSD - Tips for safer online communications
Restore Privacy - Tools and guides about privacy and security
Pixel Privacy - Online privacy guides
https://thetinhat.com - Tutorials and Articles for Online Privacy
https://www.privacytools.io/ - Tools to protect against mass surveillance
https://prism-break.org - Secure app alternatives
https://www.theverge.com - Guides for securing mobile, web and home tech
Oil and FishOnion Service Privacy Guide on Protocol Configurations
The New OilWelcome to The New Oil. This site is designed to help readers take back control of their data and regain their privacy online.
Cyber Security News
Dark Reading - Well-known cyber security news site, with articles on a range of topics, ranging from data breaches, IoT, cloud security and threat intelligence.
Threat Post - News and Articles Cloud Security, Malware, Vulnerabilities, Waterfall Security and Podcasts.
We Live Security - Security news, views, and insight, by ESET + Community.
The Hacker News - News and info covering Data Breaches, Cyber Attacks, Vulnerabilities, Malware.
Sophos: Naked Security - Security news and updates, presented in an easy-to-digest format.
IT Security Guru - Combines top cyber security news from multiple sites, easier to stay up-to-date.
FOSS Bytes - Cyber Security - News about the latest exploits and hacks.
Proxy Sites
Nitter (Twitter)Nitter is a free and open source alternative Twitter front-end focused on privacy, it prevents Twitter from tracking your IP or browser fingerprint. It does not include any JavaScript.
Invidious (YouTube)Privacy-focused, open source alternative frontend for YouTube.
Bibliogram (Instagram)Enables you to view Instagram profiles through their proxy without any tracking, great for anonymity.
Libreddit (Reddit)Private front-end for Reddit written in Rust. Massively faster than Reddit by not including ads, trackers or bloat.
File Sharing
OnionShare - Open source tool that lets you securely and anonymously share a file of any size.
ZeroNet - Decentralized Web site and Web application platform based on the BitTorrent protocol with Bitcoin-like blockchain that has built-in support for anonymization through Tor.
garlicshare - garlicshare is an open source tool that lets you securely and anonymously share files on a hosted onion service using the Tor network.
onionpipe - Onion addresses for anything. onionpipe forwards ports on the local host to remote Onion addresses as Tor hidden services and vice-versa.
onionbox - A basic implementation of OnionShare in Go. Send and receive files securely through Tor.
Wormhole - Wormhole lets you share files with end-to-end encryption and a link that automatically expires.
Magic Wormhole | Get things from one computer to another, safely. | MIT license
Awesome Cryptography
A Few Thoughts on Cryptographic Engineering - Some random thoughts about crypto.
https://toc.cryptobook.us - The book covers many constructions for different tasks in cryptography.
https://cacr.uwaterloo.ca/hac/about/toc3.pdf - This book is intended as a reference for professional cryptographers.
https://ia802703.us.archive.org/12/items/cryptoparty/cryptoparty.pdf
The Cloudflare Cryptography Blog
Real-World Cryptography Blog
The cr.yp.to blog
Vaultree Real-time searchable & Fully homomorphic encryption technology. Get the latest updates and news on Cryptography and Cybersecurity from the best cryptographers around the globe.

͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ 

͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏

Taking the Offensive: Threat Hunting and OSINT Tools

https://www.shodan.io - Search for devices connected to the internet and their vulnerabilities
https://prowl.lupovis.io - Free IP search & identifications of IoC and IoA
https://intelx.io - Search engine for data archives.
https://netlas.io - Search and monitor devices connected to the internet
https://urlscan.io - Scan a website incoming and outgoing links and assets
https://fullhunt.io - Identify an attack surface
https://www.zoomeye.org - Cyberspace search engine, users can search for network devices
https://leakix.net - Identify public data leaks
https://www.greynoise.io - Search for devices connected to the internet.
https://search.censys.io - Get information about devices connected to the internet.
https://hunter.io - Search for email addresses.
https://www.criminalip.io - Search for devices connected to the internet. Monitor potential attack vectors.
https://www.wigle.net - Map wireless access points around the world.
https://grep.app - Grep across a half million github repos.
https://www.onyphe.io - Search for devices connected to the internet and monitor attack vector.
https://vulners.com - A vulnerability database.
https://pulsedive.com - Search for devices connected to the internet.
grayhatwarfare.com - Search for S3 buckets that are public.

͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ 

͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏ ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏

File Encryption
ProviderDescription
VeraCryptVeraCrypt is open source cross-platform disk encryption software. You can use it to either encrypt a specific file or directory, or an entire disk or partition. VeraCrypt is incredibly feature-rich, with comprehensive encryption options, yet the GUI makes it easy to use. It has a CLI version, and a portable edition. VeraCrypt is the successor of (the now deprecated) TrueCrypt.
CryptomatorOpen source client-side encryption for cloud files - Cryptomator is geared towards using alongside cloud-backup solutions, and hence preserves individual file structure, so that they can be uploaded. It too is easy to use, but has fewer technical customizations for how the data is encrypted, compared with VeraCrypt. Cryptomator works on Windows, Linux and Mac - but also has excellent mobile apps.
ageage is a simple, modern and secure CLI file encryption tool and Go library. It features small explicit keys, no config options, and UNIX-style composability.

Threat Modeling

Data Flow Diagrams
Presentation (PDF) with very good introduction to DFDs
DFD Example and explanation
Tools for generating DFDs:
graphviz
draw.io
TikZ
Threat Enumeration
STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of Service, Elevation of Privilege)
Attack Trees
Methodologies
DREAD (Damage, Reproducibility, Exploitability, Affected users, Discoverability)
Tools
Microsoft TMT
OWASP Threat Dragon
Mozilla Seasponge
IriusRisk
eramba
Elevation of Privilege (EoP) Threat Modeling Card Game
Threat Playbook
pytm
ThreatSpec
Threat Model SDK
Aggregated Latest Crypto News
Latest Crypto Newshttp://qg24mbrij6rzxr77eovjwjzw7zwn7brmegr3yvwvppj4vhdxeuezkdqd.onion
Aggregated Latest Security News
Latest Security Newshttp://hpm242zmcxettb74wkl77lruaxq5tsmrg4ewwkywxyisy6ub7dk5l7id.onion/securitynews/
IntelTechniques Search Tools by Michael Bazzel
Intel Techniques
https://inteltechniques.com/tools
These tools were created as a supplement to the book Open Source Intelligence Techniques, 9th Edition and the IntelTechniques online OSINT training.

This list will be continuously updated. Please feel free to submit additions.

Comments (64)
/u/AlphaZero · 3 votes · 6 months ago · Link

You deserve jazzier flair than just 'moderator' if you're going to slang posts this sexy around these here parts

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Thank you, /u/AlphaZero - I'll keep it alive in here with fresh content to give us a better outlook.

/u/Hungry_Eyes O_O · 2 votes · 6 months ago · Link

Great info. Thanks.

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Thank you!

/u/Akar · 2 votes · 6 months ago · Link

Very informative. Be sure to list Mental outlaw, He make videos about all three topics and most info he gets from here.

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Shall do; thanks for the mention. We need the good stuff!

/u/Grecchi · 1 votes · 3 months ago · Link

Yes. Outlaw is all over the DW stuff.

/u/Cyberjagu · 2 votes · 6 months ago · Link

/u/HeadJanitor always high quality posts

I cherish that you shared :)

/u/HeadJanitor Moderator OP · 2 votes · 6 months ago · Link

DAMN! You really push the momentum and drive for me. I didn't think this was going to be a big deal but hearing it from you----I'll put some work into it. Thank you.

/u/bf703c91 · 2 votes · 4 months ago · Link

Under Privacy Guides, add Oil and Fish

http://ajp3kyuubtuxuizdufvdpslr2m5cn7jo3xwf7txttckwzxvjaqkedhqd.onion

/u/HeadJanitor Moderator OP · 1 votes · 4 months ago · Link

Sweet, thank you!

/u/HeadJanitor Moderator OP · 1 votes · 4 months ago · Link

Done!

/u/alexpo · 1 votes · 6 months ago · Link

Great post thank you so much.

Was also wondering how you felt about portswigger? They have some interesting resources on cybersecuity and programming in general. I also think they're behind BurpSuite.

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

THANK YOU. Gotta keep it live. I go through the sites--sometimes too quickly just in search of post-worthy material. The BurpSuite is what pivotal to the field. I'm comprehensive in that it covers every aspect of vulnerability scanning.

/u/newbieforever2018 "You've got ★bail★" · 1 votes · 6 months ago · Link

Do you personally get information from any of the sites mentioned above regarding how to cash out all of your upvotes safely?

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

I look through the site for newsworthy posts. My posts is the inverse of my value. At some point, I'll be thin air.

/u/newbieforever2018 "You've got ★bail★" · 2 votes · 6 months ago · Link

I believe that your value increases exponentially with each quality topic such as this one. The way that the math works out is that your fans already know to expect quality no matter what the topic but there are always noobs who first stumble upon your works and all of them tell their friends thus becoming a threat to your dread private message systems capabilities to contain the volume of messages generated as responses. So one could say that you are a drain on the systems resources but in a good way if that makes sense. Thanks Mr Alp wherever you are.

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Thousand points for that. I'm about to head home and I can't wait to start that drive. Glad Mr. Alp has been taking care of you.

/u/fantomas · 1 votes · 6 months ago · Link

Why no links to the sites?

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Good call! I'll plug in the links -- I had more sites to add.

/u/FUDPolice woop woop · 1 votes · 6 months ago · Link

I'm a big fan of privacytools, however, I preferred them when they were electing to be impartial and not affiliated with any companies. Whilst not exhaustive it's a good starting point

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

These days (honestly) it's so hard to find the impartial (I don't even watch news). If I scoop up a pile do you think you can sort it out for me within a week or so?

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Message me just a few to go into these categories. I mean, there are so many, I'm not trying to turn it into a phone book but just get the 'basics' out there.

/u/capitcha · 1 votes · 6 months ago · Link

Phenomenal list, would be better with links but still great information.

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Thank you! We all start somewhere.

/u/StrangeLoops · 1 votes · 6 months ago · Link

Great resources. A few additions I would add would be the Whonix and Kicksecure wikis, which in my opinion together amount to an incredibly comprehensive overview of the full ins and outs to the technical side of OpSec for this discipline. The complete content of both wikis are available for download on GitHub, also, so that they can be viewed offline. Another resource for articles and papers called The Counter-Surveillance Resource Center hosts some good content. Lastly, Free Haven's Selected Paper's in Anonymity is a Tor Project-affiliated bibliography of a massive collection of papers dating back to 1977 on the subject of anonymity.

Whonix: http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Documentation

Kicksecure: http://www.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion/wiki/Documentation

Counter-Surveillance Resource Center: http://aka3xvhiygnchpsbrilphkzbdxtvr6j6pc7hluf6mf2ddruttsikswad.onion

Selected Paper's in Anonymity: http://7fa6xlti5joarlmkuhjaifa47ukgcwz6tfndgax45ocyn4rixm632jid.onion/anonbib/index.html

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Fantastic. The stuff need. I'll add these on thanks to you!

/u/StrangeLoops · 1 votes · 6 months ago · Link

Sure. Here's two aggregate sources that are good as well.

Latest Security News: http://hpm242zmcxettb74wkl77lruaxq5tsmrg4ewwkywxyisy6ub7dk5l7id.onion

Latest Crypto News: http://qg24mbrij6rzxr77eovjwjzw7zwn7brmegr3yvwvppj4vhdxeuezkdqd.onion

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Nice, I'll give this page a full make over, activate the links and pin it to the top of the subdread. Thank you!

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Updated! Thank you!

/u/Hep · 1 votes · 6 months ago · Link

thanks a lot

:)

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Thank you!

/u/wokeMindedFeminazi · 1 votes · 6 months ago · Link

hmmmmmm.... PRivAcy TooLSss.io???? when it comes to privacy and security we should consider not to trust on advertisings, they're shilling lots of software under USA jurisdiction(the country #1 on massive data collection) , for example: Brave, DuckDuckgo, BitWarden.

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

I just went through the first 45% of the site --- 98% of the objects mentioned were free. Brave, DuckDuckGo and BitWarden will find their place shortly. Brave is already making deals for a paid VPN and Telemetry with Microsoft. Everything eventually finds its proper place.

/u/FanFanFan · 1 votes · 5 months ago · Link

didn't the privacytools team except their leader leave and make a new project privacyguides? It does not have affiliate links, as far as I know.

some of privacytools' current recommendations are weird, like IPFS, it does not have anything to do with privacy AFAIK.

/u/G-Lock18 · 1 votes · 6 months ago · Link

Nicely organized and based

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Thank you, Fully Auto Nine.

/u/fergustos · 1 votes · 6 months ago · Link

Thnx man

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

My pleasure. Thank you!

/u/An_I2P_User · 1 votes · 6 months ago · Link

I recommend removing That One Privacy Site from this list.

While it was once a fantastic resource, That One Privacy Site has merged with SafetyDetectives (Libreddit onion mirror). Safety Detectives is owned by Kape Technologies, a super sketchy company which owns both multiple VPNs and VPN review sites (big conflict of interest!), and the Safety Detectives VPN page (which thatoneprivacysite.net now redirects to) conveniently decided that 3 Kape-owned VPNs belong in the top 4. Windscribe (a competing VPN company, so don't overlook that bias) wrote a good post about this consolidation of the VPN industry which talks specifically about Kape with sources.

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Thank you. I need good insight like this. 'That One Privacy Site' will be removed.

If you know of any good ones, please let me know.

/u/An_I2P_User · 1 votes · 6 months ago · Link

Here are some resources I like...

Techlore makes videos (cross-posted to YouTube, LBRY/Odysee, and PeerTube) and maintains community-driven data on VPNs.

The New Oil also makes videos (YouTube, Odysee, PeerTube) and writes a blog.

These two do a podcast together called Surveillance Report.

Michael Bazzell runs a site called IntelTechniques and does a podcast called The Privacy, Security, & OSINT Show (formerly The Complete Privacy & Security Podcast).

Switching.Software is a great resource for finding more private/secure/ethical alternatives (along the lines of PRISM Break).

PrivacyGuides.org (onion) is run by the people who used to run PrivacyTools.io. (See this blog post and this Reddit post for more on that.)

Some other privacy-friendly frontends:

There's also https://farside.link/ which lists many instances and can automatically redirect you to an instance of a given frontend. (See its GitHub repo for more info.)

/u/HeadJanitor Moderator OP · 1 votes · 6 months ago · Link

Thank you so much for this. On the weekend I'll get busy with this post and make all the above into links as well. I greatly appreciate your input.

/u/Carl173 · 1 votes · 5 months ago · Link

hoq do i send an anonymous pic

/u/HeadJanitor Moderator OP · 1 votes · 5 months ago · Link

Clear all the EXIF data and upload it then share the link.

http://uoxqi4lrfqztugili7zzgygibs4xstehf5hohtkpyqcoyryweypzkwid.onion

https://imgbb.com/

/u/Carl173 · 1 votes · 5 months ago · Link

how do i do the first part im so new to trying thid psrt of the darkweb

/u/HeadJanitor Moderator OP · 1 votes · 5 months ago · Link

Download the release (version) that applies to your computer. Drag & drop.

https://github.com/szTheory/exifcleaner/releases

/u/HoodNerd · 1 votes · 5 months ago · Link

fuck krebs.

/u/akkarin · 1 votes · 3 months ago · Link

belated thanks.

/u/HeadJanitor Moderator OP · 1 votes · 3 months ago · Link

Appreciated as always. Thank you, /u/akkarin

/u/aurelia91 · 1 votes · 3 months ago · Link

Awesome list, thanks for sharing! Especially helpful to me as a CS/Cyber student

/u/HeadJanitor Moderator OP · 3 votes · 3 months ago · Link

/post/41936e8dacffa43b4e0b

Hope it helps.

/u/aurelia91 · 1 votes · 3 months ago · Link

Definitely helps, thank you /u/HeadJanitor!

/u/HeadJanitor Moderator OP · 1 votes · 3 months ago · Link

You're very welcome. Hopefully there was something that met your needs. Have a wonderful day.

/u/HeadJanitor Moderator OP · 2 votes · 3 months ago · Link

THAT is awesome. I'll send you another list that will completely fulfill your needs.

/u/kr4ck3n · 1 votes · 3 months ago · Link

Awesome compilation of resources. Thanks for sharing!

/u/HeadJanitor Moderator OP · 1 votes · 3 months ago · Link

Thank you!

/u/startwiping · 1 votes · 2 months ago · Link

Do you think the extension libredirect or privacy redirect should be added? There's also thenewoil.org which talks about privacy.

/u/HeadJanitor Moderator OP · 1 votes · 2 months ago · Link

Should I place thenewoil.org under privacy guides?

Let's test out a privacy re-redirect.

/u/startwiping · 1 votes · 2 months ago · Link

Yeah new oil is privacy guides. I've heard lib redirect is better than privacy redirect but they're just extensions for automatically redirecting to proxy sites.

/u/HeadJanitor Moderator OP · 1 votes · 2 months ago · Link

The New Oil is now up - thank you!

/u/startwiping · 1 votes · 2 months ago · Link

What do you think about ArkenJS?

/u/HeadJanitor Moderator OP · 1 votes · 2 months ago · Link

A JavaScript add-on whereas these are mostly straight sites.

/u/swmxMZluuf2z0kOqv73o · 1 votes · 1 week ago · Link

Perhaps be good for add a section of hardware that list tools of security for enhance opsec?

Thing like the purism and privacy beast laptops, reliable HSMs (eg monero wallets of hardware, U2F keys, Nitrokey for HEADS Evil Maid of defeat, etc), BusKill for the tripwire, etc