Exploring the Dark Web

John Hammond · Beginner ·🔐 Cybersecurity ·9mo ago

Key Takeaways

The video explores the dark web, its accessibility through special software like Tor browser, and its implications on cybersecurity, including threat intelligence and exposed attack surfaces, with tools like Flare providing dark web search engine capabilities for security teams.

Full Transcript

There's a lot of mystique around the dark web, but really it's still just the internet with extra steps. And I mean that literally because the dark web requires some special software to be able to access it. Things like the tour browser. And when you hear words like to or the onion router, you can think of those as literally different steps or different hops across the internet where you have a handful of servers or computers that are receiving your network traffic but only knowing where it came from and where it's going to. All of your traffic is bundled up like an onion and then each server peels off one layer of the onion and sends it to the next. So the final destination where you're trying to go on the dark web never knows where you came from. So the dark web is a tool to protect you against tracking, surveillance, and censorship, but with that added privacy might come some cyber criminal activity. Now note this video is for educational purposes. Cyber crime isn't cool. But in this video, we'll explore some of the shady, darkest corners of the internet on the dark web and see what fresh new tour onion sites have popped up online. But here's the thing. When you're exploring the dark web, you're not going to regular online websites or domains like facebook.com or google.com. You're going to aunion URL. And these are usually long complex strings of random letters and numbers. So you don't always know the link to get to where you want to go. These onion addresses are generated with some cryptography magic and make for a tour hidden service. Since all of these websites are meant to be hidden to hidden services with anonymity and privacy in mind, it can be pretty tough to crawl or index the dark web like you would on the internet. So search engines like a Google equivalent are hard to come by and not all that effective. I'm here at dark search, one of the dark web search engines like Google on the clearet, but we could search for whatever we want, but it will only return what this has indexed. Let me search for hackers for hire. Haha, he he a little jokes there. And there are no results. As I mentioned, these can be pretty ineffective. Let's try searching for hacking. How about that? Okay, some results here. Exploit.in, N a popular Russianspeaking hacking forum with various information tools and services related to cyber security and malware. Omega Darknet Army Klopp one ransomware gang ramp another Russian hacking forum and marketplace verified a Russian cyber crime forum. No secrets there. Maybe we searched for ransomware. Couple extra results. We see Klopp and Ramp again. even a ransomware group sites just a different list or sort of catalog of different ransomware groups Everest group ransom look ransom x and that's the only page of results as I had mentioned though there are a lot of different tour or dark web search engines dark search is by no means the only one of course you might be familiar with maybe you've heard of haystack torch is another one granted this has a lot of the crazy wild advertisements with flashing lights and sensory overload of oh cards, drugs, guns, whatever, and some not safe for work, vulgar stuff that I will redact and blur. And again, you got to have the fortitude to go look around at some of this stuff. But it is still extremely worthwhile to know what information is out there on the dark web because what if it's your information? What if your data, your passwords, your identity is out and about just in the wind for hackers and cyber criminals to take advantage of? There could be data about where you work or data from your work or any of the data breaches and hacks and intrusions and compromises we see all the time in the news. Let me zoom in to the Klopp ransomware gang as one of these results from our search engine here because for some time Klopp has been running a muck in a lot of recent incidents and intrusions we saw all over the news. Ransomware groups like Klopp will encrypt all the data and all the files in your network or computer systems and then they'll blackmail you or extort you to pay whatever amount of Bitcoin or cryptocurrency. So, there's some anonymous payment and they've got their own getaway car and they'll use that as a ransom and demands or otherwise if you don't pay the money, they'll publish all that data out on the internet or their dark web leak site like this. So, that is out and about and more damage done, reputational tarnage, all of that bad stuff. And these hackers, the cyber criminals make light of it. Hey, dear companies, KOP is one of the top organizations that offers penetration testing services after the fact. Yeah. Okay, this is an announcement to educate companies who used the progress Move it product. The chances we downloaded a lot of your data as part of our exceptional exploit. Folks might be familiar with the move it data breach some time ago. Klopp says we're the ones who performed this attack and relax cuz your data is safe. Yeah, right. Uh here you can see some redacted information for companies that they've published and everything that's listed at the top of all the different victims. you could see the data that's now available for download. There are tons of these and this is just one ransomware group, one cyber criminal syndicate amongst however many other dark web marketplaces, forums, telegram chat groups, and other illegal illicit stuff. So, finding your information on the dark web can take hours, if not days or weeks of manual labor. But the sponsor of today's video, Flare, can help security teams continuously and automatically find that data for you. I use Flare personally for security research and cyber threat intelligence to see what threat actors, hackers, and cyber criminals are up to on the dark web because they collect actively collect all of these different sources across the dark web. Think of all those different search engines, those indexes that didn't work all that well, but all those different ransomware leak sites or forums or marketplaces or Telegram or signal chats where all of that illicit activity is happening and you're automatically notified when any of your information is exposed. Like from the events page, we could literally genuinely search across all of these different categories with any date range or any query or even severity that we'd like. Just as an example, I know we were just looking at that Klopp ransomware gangs leak site. We could toggle and filter for ransom leaks and search for specifically Klopp leaks. And when I search for this, there's no recent events because they haven't done much in the past couple months. Some of these hits are from July, June, but nothing in August or September timeline. But that's across,200 different events. And I could click into any of these and go take a look at really what it all entails. While you can manually search across all that data, you can also track down exposed credentials like usernames or passwords, some supply chain threats from ransomware that might have hit a third party, even build out threat intelligence reports, or add your own identifiers so you're automatically notified when your information is out there. Flare has a 7-day free trial with the link in the video description. So, seriously, nothing stopping you. Go check them out. See what personal details or business details are exposed. and another risk and threat to you or your company. Big thank you to Flare for sponsoring this video. But let's get back to exploring the dark web. Since using these dark web search engines isn't that effective, you might have better luck using like a catalog or list of onion URLs that are already categorized. So, I'm here on tour links, one of those sites that is a list of all these different categorized different onion URLs or places to go and explore on the dark web. Some of these are funny. We'll explore a tour scam list where even things were known to be proven as oh a scam or a lie where it's pretty clear a lot of these could very well just be fake or I don't know something for show stupid silly stuff that's just out there on the internet. I'm more interested in the hacking section since that's pretty pertinent to what we do. Granted, there's still not a lot here. One of these Pathfinder is this remote access Trojan, remote access toolkit or RAT that's supposed to be some FUD or fully undetectable back door for surveillance, monitoring, just watching and controlling what another computer might do. This is a pretty common reference on a lot of these different dark web catalog sites. So, I'll admit I don't know if Pathfinder is bogus or not, something silly. Maybe it's worth exploring in another video, but it looks and tries to sound cool. Anyway, whether or not you believe it, you can take everything with a grain of salt here on the dark web. But it says, "Oh, a key logger to record calls, intercept text messages, browse files, realtime geoloccation, and recording audio through a microphone remotely." Uh, but it costs whatever Bitcoin crap. Let's take a look at the hackers union uh for hacking web servers, computers, and smartphones. Malware development for any operating system, social media hacking, or changing grades in school and university. Oh, that one is dead. Another occurrence you'll probably run into quite frequently looking around at dark web or onion URLs. Some stuff just isn't online anymore. So, let's go back and take a look at our tour scam list and see what that covers. A good many of these could very well be honeypotss or things just to catch bad actors. Hey, folks that don't know any better but are trying to look around for this stuff out online. You know, all the folks that say, "Oh, I want to find a hacker for hire on the dark web or hitman for hire or something silly." And I guess this is a tour scam list because there is no honor amongst thieves. This individual writes, "Sometime ago, in my stupidity, I tried to make several transactions on the dark internet. You know how many times I was deceived? Six freaking times. And that's already too much. Some good profanity here and there. Let's take a look at the scam links. These include the Onion URL. And again, some may or may not still be online or offline, but uh look, the drugs empire to guns. Tons of stuff here. You Bitcoin scams, cryptocurrency that is always running a muck. Credit card scams. I want to get to hack. Look at how many of these there are. Hacker scams, black hackers, and dark web hackers. Let's look at dark web hackers. That sounds exactly like what we're looking for, right? Welcome to the dark web hackers. Have you ever tried to buy hacking services in the dark web before? Not happy with the results? Only empty promises, but no one getting the job done? Then you should try Vladimir and George, the dark web's most trusted hackers for getting things done. This is this is dumb. This is this is clearly not real or legitimate. This is obvious honeypot and scam. But hello, my name is Vladimir. I'm the technical expert at dark web hackers. Here's a list of my services. Remote control of someone's phone, Facebook and Twitter hacking, other social media hacks, network, Reddit, Instagram, DOS. DOS hacking web servers, game servers, or other internet infrastructure. Oh, and here's George here. My hacking skills are not as perfect as Vladimir's, but I'm really good with social engineering, and I like messing with people. I don't care what you want to do to them. There's something I can't do, then Vladimir will help and teach me for next time. Destroying someone's life. Okay, there's that. Uh, don't take this seriously, please. Oh, I like this one. spreading false information about someone on social media. Not as lifer ruining as the other destroying someone's life service, but still nasty. What does that mean, George? Can you tell me more? I'm curious. I'm curious, George. Anyway, let me get back to dark search because this one does have some neat feature where you could kind of, I don't know, uh, get a little bit risky. You could go to a random onion URL or check out some of the more recent and now fresh onions that have just popped up on the dark web. Well, let's get to the fresh onions. See what's out there and then wrap things up because I know I've been rambling for quite a bit. Ooh, Dig, your helpful AI assistant. Anonymous and uncensored. Click anywhere to continue. Uh, okay. I don't know if I trust this. I don't know where I'm at right now. Hi, I'm Dig, your anonymous and uncensored AI assistant. The placeholder text is, "What is the meaning of life?" So, I will follow suit. I'd love to get that from a dark web uh AI chatbot. Do it. Send it. I didn't know this existed. I didn't know these are out there. Okay, that's a pretty real response. Nothing crazy wild there. What strange things can I find on the dark web? What you got? Tell me something weird, dig. The dark web is a mysterious encrypted part of the internet where users can access content and services that are hidden from standard search engines. You might find illegal goods and services like drugs, weapons, stolen data, fake IDs, passports. Okay, that what the we're done. We're out of here. We're out. We're piecing out later. Well, while we have obviously only just scratched the surface of kind of what's out there on the dark web while we were still poking around and exploring, uh there's weird stuff, right? you really do kind of have to have the stomach for it or the fortitude to just see what's out there. Of course, with the profanity and vulgarity and all of that that comes with that world. But it is still important just to know, okay, what are actual hackers? What are real threat actors? That's not some stupid silly scam honeypot dumb fake thing. But the cyber criminals that are doing real damage like with ransomware, what information is out there? That's still the importance of threat intelligence that should really be a part of your security strategy, not just for your company, business, or whatever, but for your own personal wherewithal. So, I hope that at least shines a little bit of a light on the dark web, whatever it may be, whatever shape or form, but it's generally weird. Anyway, I'm done yapping. Thank you so much for watching. Special thank you to Flare for sponsoring this video. There's a link below in the video description. I hope you check them out and I'll see you in the next

Original Description

https://jh.live/flare || Manage threat intelligence and your exposed attack surface with Flare! Try a free trial and see what info is out there: https://jh.live/flare Learn Cybersecurity and more with Just Hacking Training: https://jh.live/training See what else I'm up to with: https://jh.live/newsletter ℹ️ Affiliates: Learn how to code with CodeCrafters: https://jh.live/codecrafters Host your own VPN with OpenVPN: https://jh.live/openvpn Get Blue Team Training and SOC Analyst Certifications with CyberDefenders: https://jh.live/cyberdefense
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from John Hammond · John Hammond · 0 of 60

← Previous Next →
1 Code Commentaries? PHP to JavaScript in Bash and PHP!
Code Commentaries? PHP to JavaScript in Bash and PHP!
John Hammond
2 Tutorials? MySQL connection with PHP and Bash!
Tutorials? MySQL connection with PHP and Bash!
John Hammond
3 Variable Naming in Python! Happy Birthday, Linux! Nokia N900!
Variable Naming in Python! Happy Birthday, Linux! Nokia N900!
John Hammond
4 JavaScript Splits The URL!
JavaScript Splits The URL!
John Hammond
5 HTML Tables in Python!
HTML Tables in Python!
John Hammond
6 HTML, Net Shares, GML!
HTML, Net Shares, GML!
John Hammond
7 Python 08 Programming Style and Comments
Python 08 Programming Style and Comments
John Hammond
8 Python 26 Object Oriented Programming
Python 26 Object Oriented Programming
John Hammond
9 75 Python Tutorials, Out Now!
75 Python Tutorials, Out Now!
John Hammond
10 Batch 14 Mathematical Expressions
Batch 14 Mathematical Expressions
John Hammond
11 Batch 85 Array Append
Batch 85 Array Append
John Hammond
12 Batch 86 Array Count
Batch 86 Array Count
John Hammond
13 Batch 87 Array Index
Batch 87 Array Index
John Hammond
14 Batch 88 Array Insert
Batch 88 Array Insert
John Hammond
15 Batch 89 Array Remove
Batch 89 Array Remove
John Hammond
16 Batch 90 Array Reverse
Batch 90 Array Reverse
John Hammond
17 Python [colorama] 00 Installing on Linux
Python [colorama] 00 Installing on Linux
John Hammond
18 Python [colorama] 09 Cursor Position
Python [colorama] 09 Cursor Position
John Hammond
19 Python [hashlib] 02 Algorithms
Python [hashlib] 02 Algorithms
John Hammond
20 Python 00 Installing IDLE on Linux
Python 00 Installing IDLE on Linux
John Hammond
21 Python [pygame] 11 Rectangular Collision Detection
Python [pygame] 11 Rectangular Collision Detection
John Hammond
22 Python [pygame] 12 Platforming Rectangular Collision Resolution
Python [pygame] 12 Platforming Rectangular Collision Resolution
John Hammond
23 Python [XML-RPC] 01 Research
Python [XML-RPC] 01 Research
John Hammond
24 Python [pyenchant] 03 Personal Word Lists
Python [pyenchant] 03 Personal Word Lists
John Hammond
25 FancyURLopener Authentication and User-Agent [urllib] 03
FancyURLopener Authentication and User-Agent [urllib] 03
John Hammond
26 Python 04: PEP8 Coding
Python 04: PEP8 Coding
John Hammond
27 Python Challenge! 17 COOKIES
Python Challenge! 17 COOKIES
John Hammond
28 Google CTF 2016: Ernst Echidna
Google CTF 2016: Ernst Echidna
John Hammond
29 Google CTF 2016: Spotted Quoll
Google CTF 2016: Spotted Quoll
John Hammond
30 Google CTF 2016: Can you Repo It?
Google CTF 2016: Can you Repo It?
John Hammond
31 Google CTF 2016: No Big Deal
Google CTF 2016: No Big Deal
John Hammond
32 Google CTF 2016: In Recorded Conversation
Google CTF 2016: In Recorded Conversation
John Hammond
33 Homemade CTF Challenge: 01 "Orchestra"
Homemade CTF Challenge: 01 "Orchestra"
John Hammond
34 Homemade CTF Challenge: 02 "Bae's Base"
Homemade CTF Challenge: 02 "Bae's Base"
John Hammond
35 Homemade CTF Challenge: 03 "Web Hunt"
Homemade CTF Challenge: 03 "Web Hunt"
John Hammond
36 Homemade CTF Challenge: 04 "UPX"
Homemade CTF Challenge: 04 "UPX"
John Hammond
37 Homemade CTF Challenge: 05 "The Assumption Song"
Homemade CTF Challenge: 05 "The Assumption Song"
John Hammond
38 Homemade CTF Challenge: 06 "A Brisk Stroll"
Homemade CTF Challenge: 06 "A Brisk Stroll"
John Hammond
39 Homemade CTF Challenge: 06 "I lost my password!"
Homemade CTF Challenge: 06 "I lost my password!"
John Hammond
40 web25 :: Mr. Robot : EKOPARTY CTF 2016
web25 :: Mr. Robot : EKOPARTY CTF 2016
John Hammond
41 web50 : RFC 7230 :: EKOPARTY CTF 2016
web50 : RFC 7230 :: EKOPARTY CTF 2016
John Hammond
42 misc50 : Hidden inside EKO :: EKOPARTY CTF 2016
misc50 : Hidden inside EKO :: EKOPARTY CTF 2016
John Hammond
43 Hack The Vote 2016 CTF: Sander's Fan Club [web100]
Hack The Vote 2016 CTF: Sander's Fan Club [web100]
John Hammond
44 Hack The Vote 2016 CTF Warpspeed [forensics150]
Hack The Vote 2016 CTF Warpspeed [forensics150]
John Hammond
45 Juniors CTF 2016 :: Black Suprematic Square
Juniors CTF 2016 :: Black Suprematic Square
John Hammond
46 Juniors CTF 2016 :: Six Strange Tales
Juniors CTF 2016 :: Six Strange Tales
John Hammond
47 Juniors CTF 2016 :: Lost Code
Juniors CTF 2016 :: Lost Code
John Hammond
48 Juniors CTF 2016 :: Here Goes!
Juniors CTF 2016 :: Here Goes!
John Hammond
49 Juniors CTF 2016 :: Southern Cross
Juniors CTF 2016 :: Southern Cross
John Hammond
50 Juniors CTF 2016 :: Clone Attack
Juniors CTF 2016 :: Clone Attack
John Hammond
51 Juniors CTF 2016 :: Dirty Repo
Juniors CTF 2016 :: Dirty Repo
John Hammond
52 Juniors CTF 2016 :: Hackers Blog
Juniors CTF 2016 :: Hackers Blog
John Hammond
53 Juniors CTF 2016 :: Voting!!!
Juniors CTF 2016 :: Voting!!!
John Hammond
54 Juniors CTF 2016 :: The Good, The Bad and The Junkman
Juniors CTF 2016 :: The Good, The Bad and The Junkman
John Hammond
55 Juniors CTF 2016 :: Stop Thief!
Juniors CTF 2016 :: Stop Thief!
John Hammond
56 Juniors CTF 2016 :: ROFL
Juniors CTF 2016 :: ROFL
John Hammond
57 Juniors CTF 2016 :: Restriced Area
Juniors CTF 2016 :: Restriced Area
John Hammond
58 Juniors CTF 2016 :: Oh SSH!
Juniors CTF 2016 :: Oh SSH!
John Hammond
59 HackCon CTF 2017 TRIVIA and BONUS Challenges
HackCon CTF 2017 TRIVIA and BONUS Challenges
John Hammond
60 HackCon CTF 2017 "Bacche" Challenges
HackCon CTF 2017 "Bacche" Challenges
John Hammond

This video teaches viewers about the dark web, its accessibility, and its implications on cybersecurity, highlighting the importance of threat intelligence and tools like Flare for security teams. It also touches on the legitimate uses of the dark web and the need for special software to access it. The video is a beginner's guide to understanding the dark web and its relevance to cybersecurity.

Key Takeaways
  1. Access the dark web using Tor browser
  2. Use Flare for dark web search engine capabilities
  3. Understand the implications of ransomware and threat intelligence
  4. Explore legitimate uses of the dark web
  5. Utilize VPN for secure browsing
💡 The dark web is a complex and mysterious part of the internet that requires special software to access and has both illicit and legitimate uses, making it essential for security teams to understand and utilize tools like Flare for threat intelligence.

Related Reads

📰
Crypto Market Faces Security Risks Amidst Growing Adoption and Innovation
Learn about the growing security risks in the crypto market amidst increasing adoption and innovation, and how to mitigate them
Dev.to AI
📰
Blinding the State Informant: How Axiom Shield Weaponizes Client-Side Sandboxing Against EU Chat Control
Learn how Axiom Shield uses client-side sandboxing to counter EU Chat Control 2.0, and why this matters for online privacy
Dev.to · AXIOM
📰
I built a free, 100% client-side tool to view and remove file metadata
Learn to build a client-side tool to view and remove file metadata, protecting user privacy
Dev.to · RaveTools
📰
Security news weekly round-up - 17th July 2026
Stay updated on the latest cybersecurity news from July 10-17, 2026, to enhance your security knowledge
Dev.to · Habdul Hazeez
Up next
Best VPN For China 2026 — Which One Actually Works?
Tutorial Stack
Watch →