Exploring the Dark Web
Key Takeaways
The video explores the dark web, its accessibility through special software like Tor browser, and its implications on cybersecurity, including threat intelligence and exposed attack surfaces, with tools like Flare providing dark web search engine capabilities for security teams.
Full Transcript
There's a lot of mystique around the dark web, but really it's still just the internet with extra steps. And I mean that literally because the dark web requires some special software to be able to access it. Things like the tour browser. And when you hear words like to or the onion router, you can think of those as literally different steps or different hops across the internet where you have a handful of servers or computers that are receiving your network traffic but only knowing where it came from and where it's going to. All of your traffic is bundled up like an onion and then each server peels off one layer of the onion and sends it to the next. So the final destination where you're trying to go on the dark web never knows where you came from. So the dark web is a tool to protect you against tracking, surveillance, and censorship, but with that added privacy might come some cyber criminal activity. Now note this video is for educational purposes. Cyber crime isn't cool. But in this video, we'll explore some of the shady, darkest corners of the internet on the dark web and see what fresh new tour onion sites have popped up online. But here's the thing. When you're exploring the dark web, you're not going to regular online websites or domains like facebook.com or google.com. You're going to aunion URL. And these are usually long complex strings of random letters and numbers. So you don't always know the link to get to where you want to go. These onion addresses are generated with some cryptography magic and make for a tour hidden service. Since all of these websites are meant to be hidden to hidden services with anonymity and privacy in mind, it can be pretty tough to crawl or index the dark web like you would on the internet. So search engines like a Google equivalent are hard to come by and not all that effective. I'm here at dark search, one of the dark web search engines like Google on the clearet, but we could search for whatever we want, but it will only return what this has indexed. Let me search for hackers for hire. Haha, he he a little jokes there. And there are no results. As I mentioned, these can be pretty ineffective. Let's try searching for hacking. How about that? Okay, some results here. Exploit.in, N a popular Russianspeaking hacking forum with various information tools and services related to cyber security and malware. Omega Darknet Army Klopp one ransomware gang ramp another Russian hacking forum and marketplace verified a Russian cyber crime forum. No secrets there. Maybe we searched for ransomware. Couple extra results. We see Klopp and Ramp again. even a ransomware group sites just a different list or sort of catalog of different ransomware groups Everest group ransom look ransom x and that's the only page of results as I had mentioned though there are a lot of different tour or dark web search engines dark search is by no means the only one of course you might be familiar with maybe you've heard of haystack torch is another one granted this has a lot of the crazy wild advertisements with flashing lights and sensory overload of oh cards, drugs, guns, whatever, and some not safe for work, vulgar stuff that I will redact and blur. And again, you got to have the fortitude to go look around at some of this stuff. But it is still extremely worthwhile to know what information is out there on the dark web because what if it's your information? What if your data, your passwords, your identity is out and about just in the wind for hackers and cyber criminals to take advantage of? There could be data about where you work or data from your work or any of the data breaches and hacks and intrusions and compromises we see all the time in the news. Let me zoom in to the Klopp ransomware gang as one of these results from our search engine here because for some time Klopp has been running a muck in a lot of recent incidents and intrusions we saw all over the news. Ransomware groups like Klopp will encrypt all the data and all the files in your network or computer systems and then they'll blackmail you or extort you to pay whatever amount of Bitcoin or cryptocurrency. So, there's some anonymous payment and they've got their own getaway car and they'll use that as a ransom and demands or otherwise if you don't pay the money, they'll publish all that data out on the internet or their dark web leak site like this. So, that is out and about and more damage done, reputational tarnage, all of that bad stuff. And these hackers, the cyber criminals make light of it. Hey, dear companies, KOP is one of the top organizations that offers penetration testing services after the fact. Yeah. Okay, this is an announcement to educate companies who used the progress Move it product. The chances we downloaded a lot of your data as part of our exceptional exploit. Folks might be familiar with the move it data breach some time ago. Klopp says we're the ones who performed this attack and relax cuz your data is safe. Yeah, right. Uh here you can see some redacted information for companies that they've published and everything that's listed at the top of all the different victims. you could see the data that's now available for download. There are tons of these and this is just one ransomware group, one cyber criminal syndicate amongst however many other dark web marketplaces, forums, telegram chat groups, and other illegal illicit stuff. So, finding your information on the dark web can take hours, if not days or weeks of manual labor. But the sponsor of today's video, Flare, can help security teams continuously and automatically find that data for you. I use Flare personally for security research and cyber threat intelligence to see what threat actors, hackers, and cyber criminals are up to on the dark web because they collect actively collect all of these different sources across the dark web. Think of all those different search engines, those indexes that didn't work all that well, but all those different ransomware leak sites or forums or marketplaces or Telegram or signal chats where all of that illicit activity is happening and you're automatically notified when any of your information is exposed. Like from the events page, we could literally genuinely search across all of these different categories with any date range or any query or even severity that we'd like. Just as an example, I know we were just looking at that Klopp ransomware gangs leak site. We could toggle and filter for ransom leaks and search for specifically Klopp leaks. And when I search for this, there's no recent events because they haven't done much in the past couple months. Some of these hits are from July, June, but nothing in August or September timeline. But that's across,200 different events. And I could click into any of these and go take a look at really what it all entails. While you can manually search across all that data, you can also track down exposed credentials like usernames or passwords, some supply chain threats from ransomware that might have hit a third party, even build out threat intelligence reports, or add your own identifiers so you're automatically notified when your information is out there. Flare has a 7-day free trial with the link in the video description. So, seriously, nothing stopping you. Go check them out. See what personal details or business details are exposed. and another risk and threat to you or your company. Big thank you to Flare for sponsoring this video. But let's get back to exploring the dark web. Since using these dark web search engines isn't that effective, you might have better luck using like a catalog or list of onion URLs that are already categorized. So, I'm here on tour links, one of those sites that is a list of all these different categorized different onion URLs or places to go and explore on the dark web. Some of these are funny. We'll explore a tour scam list where even things were known to be proven as oh a scam or a lie where it's pretty clear a lot of these could very well just be fake or I don't know something for show stupid silly stuff that's just out there on the internet. I'm more interested in the hacking section since that's pretty pertinent to what we do. Granted, there's still not a lot here. One of these Pathfinder is this remote access Trojan, remote access toolkit or RAT that's supposed to be some FUD or fully undetectable back door for surveillance, monitoring, just watching and controlling what another computer might do. This is a pretty common reference on a lot of these different dark web catalog sites. So, I'll admit I don't know if Pathfinder is bogus or not, something silly. Maybe it's worth exploring in another video, but it looks and tries to sound cool. Anyway, whether or not you believe it, you can take everything with a grain of salt here on the dark web. But it says, "Oh, a key logger to record calls, intercept text messages, browse files, realtime geoloccation, and recording audio through a microphone remotely." Uh, but it costs whatever Bitcoin crap. Let's take a look at the hackers union uh for hacking web servers, computers, and smartphones. Malware development for any operating system, social media hacking, or changing grades in school and university. Oh, that one is dead. Another occurrence you'll probably run into quite frequently looking around at dark web or onion URLs. Some stuff just isn't online anymore. So, let's go back and take a look at our tour scam list and see what that covers. A good many of these could very well be honeypotss or things just to catch bad actors. Hey, folks that don't know any better but are trying to look around for this stuff out online. You know, all the folks that say, "Oh, I want to find a hacker for hire on the dark web or hitman for hire or something silly." And I guess this is a tour scam list because there is no honor amongst thieves. This individual writes, "Sometime ago, in my stupidity, I tried to make several transactions on the dark internet. You know how many times I was deceived? Six freaking times. And that's already too much. Some good profanity here and there. Let's take a look at the scam links. These include the Onion URL. And again, some may or may not still be online or offline, but uh look, the drugs empire to guns. Tons of stuff here. You Bitcoin scams, cryptocurrency that is always running a muck. Credit card scams. I want to get to hack. Look at how many of these there are. Hacker scams, black hackers, and dark web hackers. Let's look at dark web hackers. That sounds exactly like what we're looking for, right? Welcome to the dark web hackers. Have you ever tried to buy hacking services in the dark web before? Not happy with the results? Only empty promises, but no one getting the job done? Then you should try Vladimir and George, the dark web's most trusted hackers for getting things done. This is this is dumb. This is this is clearly not real or legitimate. This is obvious honeypot and scam. But hello, my name is Vladimir. I'm the technical expert at dark web hackers. Here's a list of my services. Remote control of someone's phone, Facebook and Twitter hacking, other social media hacks, network, Reddit, Instagram, DOS. DOS hacking web servers, game servers, or other internet infrastructure. Oh, and here's George here. My hacking skills are not as perfect as Vladimir's, but I'm really good with social engineering, and I like messing with people. I don't care what you want to do to them. There's something I can't do, then Vladimir will help and teach me for next time. Destroying someone's life. Okay, there's that. Uh, don't take this seriously, please. Oh, I like this one. spreading false information about someone on social media. Not as lifer ruining as the other destroying someone's life service, but still nasty. What does that mean, George? Can you tell me more? I'm curious. I'm curious, George. Anyway, let me get back to dark search because this one does have some neat feature where you could kind of, I don't know, uh, get a little bit risky. You could go to a random onion URL or check out some of the more recent and now fresh onions that have just popped up on the dark web. Well, let's get to the fresh onions. See what's out there and then wrap things up because I know I've been rambling for quite a bit. Ooh, Dig, your helpful AI assistant. Anonymous and uncensored. Click anywhere to continue. Uh, okay. I don't know if I trust this. I don't know where I'm at right now. Hi, I'm Dig, your anonymous and uncensored AI assistant. The placeholder text is, "What is the meaning of life?" So, I will follow suit. I'd love to get that from a dark web uh AI chatbot. Do it. Send it. I didn't know this existed. I didn't know these are out there. Okay, that's a pretty real response. Nothing crazy wild there. What strange things can I find on the dark web? What you got? Tell me something weird, dig. The dark web is a mysterious encrypted part of the internet where users can access content and services that are hidden from standard search engines. You might find illegal goods and services like drugs, weapons, stolen data, fake IDs, passports. Okay, that what the we're done. We're out of here. We're out. We're piecing out later. Well, while we have obviously only just scratched the surface of kind of what's out there on the dark web while we were still poking around and exploring, uh there's weird stuff, right? you really do kind of have to have the stomach for it or the fortitude to just see what's out there. Of course, with the profanity and vulgarity and all of that that comes with that world. But it is still important just to know, okay, what are actual hackers? What are real threat actors? That's not some stupid silly scam honeypot dumb fake thing. But the cyber criminals that are doing real damage like with ransomware, what information is out there? That's still the importance of threat intelligence that should really be a part of your security strategy, not just for your company, business, or whatever, but for your own personal wherewithal. So, I hope that at least shines a little bit of a light on the dark web, whatever it may be, whatever shape or form, but it's generally weird. Anyway, I'm done yapping. Thank you so much for watching. Special thank you to Flare for sponsoring this video. There's a link below in the video description. I hope you check them out and I'll see you in the next
Original Description
https://jh.live/flare || Manage threat intelligence and your exposed attack surface with Flare! Try a free trial and see what info is out there: https://jh.live/flare
Learn Cybersecurity and more with Just Hacking Training: https://jh.live/training
See what else I'm up to with: https://jh.live/newsletter
ℹ️ Affiliates:
Learn how to code with CodeCrafters: https://jh.live/codecrafters
Host your own VPN with OpenVPN: https://jh.live/openvpn
Get Blue Team Training and SOC Analyst Certifications with CyberDefenders: https://jh.live/cyberdefense
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from John Hammond · John Hammond · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Code Commentaries? PHP to JavaScript in Bash and PHP!
John Hammond
Tutorials? MySQL connection with PHP and Bash!
John Hammond
Variable Naming in Python! Happy Birthday, Linux! Nokia N900!
John Hammond
JavaScript Splits The URL!
John Hammond
HTML Tables in Python!
John Hammond
HTML, Net Shares, GML!
John Hammond
Python 08 Programming Style and Comments
John Hammond
Python 26 Object Oriented Programming
John Hammond
75 Python Tutorials, Out Now!
John Hammond
Batch 14 Mathematical Expressions
John Hammond
Batch 85 Array Append
John Hammond
Batch 86 Array Count
John Hammond
Batch 87 Array Index
John Hammond
Batch 88 Array Insert
John Hammond
Batch 89 Array Remove
John Hammond
Batch 90 Array Reverse
John Hammond
Python [colorama] 00 Installing on Linux
John Hammond
Python [colorama] 09 Cursor Position
John Hammond
Python [hashlib] 02 Algorithms
John Hammond
Python 00 Installing IDLE on Linux
John Hammond
Python [pygame] 11 Rectangular Collision Detection
John Hammond
Python [pygame] 12 Platforming Rectangular Collision Resolution
John Hammond
Python [XML-RPC] 01 Research
John Hammond
Python [pyenchant] 03 Personal Word Lists
John Hammond
FancyURLopener Authentication and User-Agent [urllib] 03
John Hammond
Python 04: PEP8 Coding
John Hammond
Python Challenge! 17 COOKIES
John Hammond
Google CTF 2016: Ernst Echidna
John Hammond
Google CTF 2016: Spotted Quoll
John Hammond
Google CTF 2016: Can you Repo It?
John Hammond
Google CTF 2016: No Big Deal
John Hammond
Google CTF 2016: In Recorded Conversation
John Hammond
Homemade CTF Challenge: 01 "Orchestra"
John Hammond
Homemade CTF Challenge: 02 "Bae's Base"
John Hammond
Homemade CTF Challenge: 03 "Web Hunt"
John Hammond
Homemade CTF Challenge: 04 "UPX"
John Hammond
Homemade CTF Challenge: 05 "The Assumption Song"
John Hammond
Homemade CTF Challenge: 06 "A Brisk Stroll"
John Hammond
Homemade CTF Challenge: 06 "I lost my password!"
John Hammond
web25 :: Mr. Robot : EKOPARTY CTF 2016
John Hammond
web50 : RFC 7230 :: EKOPARTY CTF 2016
John Hammond
misc50 : Hidden inside EKO :: EKOPARTY CTF 2016
John Hammond
Hack The Vote 2016 CTF: Sander's Fan Club [web100]
John Hammond
Hack The Vote 2016 CTF Warpspeed [forensics150]
John Hammond
Juniors CTF 2016 :: Black Suprematic Square
John Hammond
Juniors CTF 2016 :: Six Strange Tales
John Hammond
Juniors CTF 2016 :: Lost Code
John Hammond
Juniors CTF 2016 :: Here Goes!
John Hammond
Juniors CTF 2016 :: Southern Cross
John Hammond
Juniors CTF 2016 :: Clone Attack
John Hammond
Juniors CTF 2016 :: Dirty Repo
John Hammond
Juniors CTF 2016 :: Hackers Blog
John Hammond
Juniors CTF 2016 :: Voting!!!
John Hammond
Juniors CTF 2016 :: The Good, The Bad and The Junkman
John Hammond
Juniors CTF 2016 :: Stop Thief!
John Hammond
Juniors CTF 2016 :: ROFL
John Hammond
Juniors CTF 2016 :: Restriced Area
John Hammond
Juniors CTF 2016 :: Oh SSH!
John Hammond
HackCon CTF 2017 TRIVIA and BONUS Challenges
John Hammond
HackCon CTF 2017 "Bacche" Challenges
John Hammond
More on: AI Security
View skill →Related Reads
📰
📰
📰
📰
Crypto Market Faces Security Risks Amidst Growing Adoption and Innovation
Dev.to AI
Blinding the State Informant: How Axiom Shield Weaponizes Client-Side Sandboxing Against EU Chat Control
Dev.to · AXIOM
I built a free, 100% client-side tool to view and remove file metadata
Dev.to · RaveTools
Security news weekly round-up - 17th July 2026
Dev.to · Habdul Hazeez
🎓
Tutor Explanation
DeepCamp AI