Visit DeepDotWeb for News on the Deep Web
Name: DeepDotWeb (Visit DeepDotWeb)
Best Website For: Deep Web News
Reason it's on The Best Sites:
DeepDotWeb is the place you want to be when breaking news about the deep web strikes. Search the site for specific news or write for them.
At age 15, Corey Ewels used the darknet to download almost 4,500 pictures of child abuse, prosecutor Jeremy Evans told Grimsby Crown Court. Police raided Ewels’ Abbey Road, Grimsby home on January 20, 2015. One year passed before investigators analyzed the computer seized from house of the so-called “wizz kid.” Ewels, one of the youngest the court had ever seen for child abuse crimes involving the darknet, told the court that he had downloaded the pictures before her had turned 15.
Jeremy Evans tried to explain onion routing and the Tor Browser to the court. His explanation likely made little difference as Ewels had already admitted he had searched for and downloaded the illegal pictures. Evans said that Ewels used a “computer within a computer” to access the darknet where he had found the “indecent images of children.” Evans called the darknet a set of hidden layers inaccessible by regular search engines. Ewels made “use of the dark web to uncover this material,” Evans said. He said the “computer within a computer” served as a “trapdoor” for darknet access.
Police investigators may not have simply waited a year to access the computers, as information revealed by the prosecutor indicated. They found themselves unable to recover any data when they conducted what should have been a simple forensic data recovery. The investigators needed to access the “trapdoor” to find out what Ewels had stored within it. And they could not. So according to the prosecutor, the police reached out to the The National Technical Assistance Centre (NTAC). NTAC specializes in assisting government agencies with data interception and data recovery.
A discussion on a popular image board focuses on what Ewels did that landed him in court for downloading child abuse content. He used Tor through a virtual machine. All of the PlayPen users—unless they managed to use a clearnet proxy—used Tor as well. Ewels could have been identified by using an outdated version of the Tor browser and leaving NoScript in the “off” position. His arrest occurred in 2015. Since Tor shipped with NoScript off, he may have forgotten to turn it back on. He could have downloaded anything that “phoned home,” so to speak. Even something as simple as the locktime file that law enforcement uploaded to Hansa marketplace that automatically pinged a law enforcement server when opened. (There is no reason any locktime file should be a .xlsx file. It should not even be a downloadable file for that matter.)
Why did the police need a year to break into the virtual machine? Why did they require help from the UK’s data recovery specialists? The encryption is either awful and effectively worthless or great and next to impenetrable.
Ewels pleaded guilty to a combined total of six counts of possessing indecent images of children and possessing extreme pornography. Judge Graham Robinson allowed the now 18-year-old to avoid prison by sentencing him two years of supervision without access to computers.
The post Teen Avoids Jail After Downloading 4,500 Child Abuse Photos appeared first on Deep Dot Web.
This week’s summary of various cryptocurrency news and developments.
Ellen DeGeneres mentioned Bitcoin to her 3 million viewers
Popular American TV show host Ellen DeGeneres recently did a small take on Bitcoin during her show. During the few minutes she spoke about the flagship cryptocurrency, DeGeneres likened it to the photo of a baby goat, as both only exist on the internet. She correctly mentioned hot wallets and hardware wallets, while pointing out Bitcoin “works kind of sort of like the stock market.”
If you want to know what bitcoin is, I learned about it. A bit. pic.twitter.com/txICiTXYgi
— Ellen DeGeneres (@TheEllenShow) February 15, 2018
Cryptocurrency enthusiasts saw her humorous take on Bitcoin as a positive, as her show averages roughly 3 million viewers per episode. Adding to that, Ellen shared the clip on social media to millions of followers, which will help increase Bitcoin’s exposure.
Coinbase glitch charges customers thousands in ‘ghost’ charges, VISA takes the blame
This week, Coinbase users saw thousands of dollars pour out of their accounts in ghost charges, after buying cryptocurrencies at the popular exchange using their credit cards. On Reddit, one user even reported seeing 50 charges, worth $67,000, hit their credit card. On Twitter, Coinbase responded to the situation by blaming Visa and its credit card processor, WordPlay. It added that it “will ensure that each affected customer will be refunded in full for any erroneous charge.”
Later on. Visa and WordPlay issued a joint statement, apologizing for the problems and revealing “all reversal transaction have now been issued.” The joint statement reads that the issue “was not caused by Coinbase.” Per Coinbase, a glitch that reprocessed purchases was caused by a new policy among credit card companies and banks, that changed the merchant carrier code (MCC) crypto companies use when working with them.
Cryptocurrency mining is slowing down the search for alien life
According to various reports, cryptocurrency mining is causing a shortage in high-end graphics processing units (GPUs), which is in turn slowing down the search for alien life. Search for Extraterrestrial Life (SETI) researchers are looking to build up their operations at two different facilities, but are seemingly unable to find GPUs to buy due to the shortage caused by crypto miners.
SETI chief scientist Dan Werthimer stated.
- “We’d like to use the latest GPUs [graphics processing units]… and we can’t get ’em. This is a new problem, it’s only happened on orders we’ve been trying to make in the last couple of months.
While cryptocurrency miners use GPUs to increase their revenues, SETI researchers use the high-performing processors to scan various communications frequencies at once to make sure they don’t miss out on any potential alien communication attempt.
White House official says crypto regulations aren’t coming anytime soon
Speaking to CNBC at the Munich Security Conference, White House cybersecurity coordinator Rob Joyce stated that cryptocurrency regulations are still far from happening, as the government is still looking into them. He said he thinks they’re “still absolutely studying and understanding what the good ideas and bad ideas in that space are. So I don’t think it’s close.” Joyce further revealed his biggest concern was with the use of Bitcoin for illegal activities, emphasizing the irreversibility of Bitcoin transactions as troubling.
The White House official further added the lack of a trail in Bitcoin was a problem, as in a case of credit card theft, for instance, the victim can contact his or her bank so purchases can be undone and the cash retrieved. He noted that “with the current instantiation of Bitcoin and other cryptocurrencies, we haven’t figured that out yet. So it’s a problem.”
Switzerland revealed guidelines supporting ICOs
Switzerland’s financial watchdog, FINMA, recently revealed guidelines on initial coin offerings (ICOs) so as to support them. The guidelines reveal the regulator will oversee the fundraises and regulate them with anti-money laundering laws or as securities. %he guidelines further reveal ICOs should be handled in a case-by-case basis, and identify three different types of ICOs, defined by the types of tokens they issue. The three different types include payment ICOs, which issue tokens that are set to be used as a payment method, utility ICOs, whose tokens are to be used to provide digital access to an application or service, and asset ICOs, whose tokens entitle their holders to earning streams, dividends, interest payments, or shares in an underlying company.
Other regulators throughout the world also showed a positive stance towards ICOs. In Gibraltar, the government is now developing legislation to regulate the fundraising practice in its territory, while in Spain the government might even include tax incentives to lure blockchain-based companies to the country.
Cryptocurrency regulations are ‘inevitable’, says IMF chief
International Monetary Fund (IMF) chief Christine Lagarde, in an interview with CNNMoney, recently said that cryptocurrency regulations are inevitable, as it is “clearly a domain where we need international regulation and proper supervision.” She added that the IMF is actively trying to prevent digital currencies like Bitcoin from being used to launder money or finance terrorism. To Lagarde, the regulatory direction should be activity—based and should focus on “who is doing what, and whether they’re properly licensed and supervised.”
Bitcoin at $10,909 as the cryptocurrency market recovers
This year’s steep correction saw Bitcoin drop from a $19,000 all-time high to little over $6,000. The flagship cryptocurrency has since been recovering, as last week it was at $8,400 and this week it once again surpassed the $10,000, as it is currently trading at $10,909. According to CoinMarketCap, Bitcoin’s market cap is of $184 billion, and its market share of the cryptocurrency ecosystem is at 36.2%.
Ethereum at $975.37, as it market cap closes in on $100 billion
Ethereum has cemented its position as the number two cryptocurrency by market cap, and nevertheless keeps growing. Ethereum’s Ether token is currently trading at $975.37, and its market cap is at $95 billion, closing in on the $100 billion mark. Ethereum’s share of the cryptocurrency ecosystem is currently at 18.72%.
Ripple eyes $50 billion market cap as XRP grows to $1.2
Ripple, the third biggest cryptocurrency by market cap, registered gains this week along with the rest of the ecosystem. Its XRP token grew to $1.2, which helped its market cap reach $46.6 billion.
The dark web continues to do more damage every day. Despite the numerous efforts that many law enforcement agencies and government across the globe are doing, it still isn’t enough to put a stop to it. Many criminals are in bed with the dark part of the internet and do not intend to stop anytime soon due to the freedom they enjoy over there. Many countries have seen their streets flooded with illegal drugs which are causing death tolls to rise and thanks to the dark web.
Illicit drugs which under any circumstances wouldn’t be sold because of its status can be easily acquired on the dark web which has caused drug abusers to embrace this new reality, making the fight against the dark web a very difficult one.
The United States, Canada and countries in Europe have been bleeding from the harm that the dark web is causing. Many arrests have been made so far but still hasn’t helped the situation. For instance, drug overdose deaths in the U.S., skyrocketed last year up to 21%. From, 52,000 the number rose to 63,600 within just a year and this was attributed to the opioid epidemic which was caused by drugs from the dark web.
However, one country has also been on the receiving end of the dark web’s harm–India. For a few years now, Indians have gotten on the dark web train, committing all kinds of crimes there is to commit on the dark web.
Rustom Juneja, a marijuana-smoker, last year told investigators he used to get his drugs from local dealers in his neighborhood until he got bored of “Indian product” and decided to switch to the dark web in 2015. “I brought strains of marijuana from the U.S. and Canada, from a marketplace on the dark web,” he stated.
Just as many countries, law enforcement agencies in the country have been trying all possible means to put a stop to the situation. Just last year, many arrests were made involving the sales of drugs ordered from the dark web.
Reports now claim that Mumbai police have taken a new approach in trying to halt this situation by joining in on the action. The police are trying to find a way to enter the dark web to stop the supply of illegal drugs.
According to the Anti-Narcotics Cell (ANC), most dark web drug dealers have their identity protected by using the special software Tor, which provides them anonymity. Users on this website, therefore, enjoy some high-level encrypted protection, making it difficult for them to be caught.
DCP Shivdeep Lande of the ANC stated that they learned about the dark web after interrogating five students who were arrested in May last year for possessing illegal drugs (1,400 LSD tabs and ecstasy) of which they ordered from the dark web to an Indian friend in the United States. “They used to send money using Bitcoin to him, and he would then place an order for drugs on the dark web and would get the drugs delivered to the youngsters’ delivery address,” Mr. Lande stated.
Prashant Mali, a cyber-expert advocate also explained that normally, global suppliers do not deceive their buyers, as it would be bad for the growth of their business. However, when this happens, the customers then alert others about the seller in the various chat rooms on the dark web. “The cheaters are then blocked,” he added.
He then urged the Indian Law enforcement agencies to create a Cyber Spy Force to follow the trend in the virtual world and take measures to stop it.
A senior official with the Narcotics Control Bureau (NCB) in New Delhi also stepped in saying that the dark web is just something used to hide identity and that there is more to drug dealings over there. He states that, once a buyer places an order, it needs to be processed and that requires a physical residence.
The post Mumbai Polive Searches for a Wat Into The Dark Web appeared first on Deep Dot Web.
Following the recent reports of a high rise in Darknet related drugs among the youth, authorities have taken positions on the various Darknet platforms to arrest suppliers. The Ohio authorities have produced one other evidence of the ongoing drug trade by arresting an Iowa man in this process. In order to avoid a risk of being exposed, he operated on the Darknet where he sold illicit drugs to Ohio college students. He, therefore, received payments in bitcoin to complete his anonymous move. Unfortunately for him, authorities discovered him on the platform and put him behind bars.
On Monday, the Prosecutor Keller Blackburn announced that Anthony Scott Boeckholt, 42, was involved in the shipping of illegal drugs to two students through the darknet marketplace. Blackburn explained in a statement, the role the darkest part of the internet plays in the illegal trade. “The secretive nature of the dark web and cryptocurrency allows huge drug deals to be made without a trace. This means that anything purchased on the Darkweb may not be what it appears, leading to fentanyl-laced narcotics and other more severe substances.” The Darknet is also used for other crimes aside drug sales. An Ohio man was indicted in 2017 for a child porn related case.
He has been charged with a first-degree felony. According to the report, Boeckholt started his Darknet drug sale some years back. His illicit drug shipment to the Ohio college students went on for two years before his arrest. The time period for this shipment was between January 2016 to January 2018. The suspect is under investigation for additional offenses. “Additional individuals in both Ohio and Iowa as this case remain under investigation,” authorities revealed. His mode of shipment was not revealed but it is likely that the drug was shipped by air. This is the most popular channel where drugs are trafficked to the United States of America.
The suspect who is well grounded in drug sales has been linked to an overdose death that occurred at the Ohio University in 2017. Two students lost their lives in that process. The overall drug overdose death in the county is unprecedented as the figures continue to rise annually. As of June 1, 2017, about 390 deaths related to drug overdose were recorded. All these can partly be blamed on the arrested suspect as he played a role in the penetration of illicit drugs through the borders. The United States of America is counted among the leading Darknet drug engagers in the world.
The urgent rise of authorities to combat the ever increasing of the Darknet related drugs can be clearly understood by going through the statistics of the county. They recorded 4141 drug overdose death in 2016, which is above 30 percent rise of the previous year. Kathryn Haun, the former prosecutor of San Francisco confirmed that the Darknet remains the major distributor of illicit drugs. This has been a major concern for the whole of Europe, forcing them to launch a raid to shut down some markets such as the Alphabay market. Authorities said that the shutdown will be a model for future operations.
Blackburn said to the general public that the suspect used the college kids to the trafficking of a bunch of narcotics to Ohio. “Ohio is in the middle of an opiate crisis, and this suspect in Iowa was using college kids to traffic thousands of dollars in narcotics.”Boeckholt has been held by the Iowa police for an extradition to Ohio. Authorities have also arrested Floyd Dale Riffle, 56, for being in possession with narcotics suspected have been originated from the Darknet. Authorities seized 8 grams of methamphetamine after a search was conducted in his house. They have ensured that all drug-related cases are controlled.
Traffickers have found ease in the trafficking of fentanyl drugs. This is one of the drugs that have resulted in many drug overdose deaths in America. Fentanyl has been said to have killed more Americans than gun violence. In respect to this, there have been policies implemented to prevent the high influx of drugs into the country. It was recently suspected that the postal carriers are the favorites of the traffickers as it has a big loophole. More traffickers are expected to be put behind bars as the police have taken over the Darknet in a quest to reveal their identities.
The post Man Arrested For Selling Darknet Drug to College Students appeared first on Deep Dot Web.
A group of 26 north Yorkshire police officers and staff members who contributed to the takedown of what was referred to as a “sophisticated” network of illegal drugs smugglers on the dark web has received chief constable’s commendation.
Two dark web drug traffickers, Aarron Gledhill and Ross Brennan, who are said to have met at the university, were put behind bars for more than 17 years for conspiring to deal, export and sell illegal potent substances especially the killer fentanyl among other drugs on the dark web.
Each of the 26 North Yorkshire police officers and staff members has received a Chief Constable’s Commendation for what he referred to as their role in bringing down an international illegal drugs market based in York in a ‘sophisticated investigation’.
“Inspirational teamwork, courageous decision making and professionalism in dismantling a sophisticated international illegal drugs market network especially on the dark web and protecting the general public from more harm.” Dave Jones, the North Yorkshire Police’s Chief Constable said.
Brennan admitted to have been importing illegal drugs such as fentanyl and heroin from around the world and posting them to his thousands of customers who pay with virtual currency especially bitcoin.
The complexity and level of the said investigation required no single speciality but involved a wide range of North Yorkshire police divisions including a Cybercrime team, intelligence team, investigation hub, covert teams, forensics experts, organized crime unit, North Yorkshire Police crime analyst and National Crime Agency including West Yorkshire Police in the neighborhood.
“It felt good and fulfilling [when both suspects] finally pleaded guilty and received their jail sentence after we presented overwhelming evidence that we had gathered against them.” Nichola Holden, the Special inspector detective, who led the North Yorkshire police in the sophisticated investigation said as he received his commendation.
“However, not without the overwhelming collaboration between the specialist teams across all policing agents in the country and beyond. Now it goes without saying that despite North Yorkshire police having a large geographical area to serve, there is no new generation network of criminals that we cannot tackle, as long as we bring our diverse skills together and work collaboratively,” he added.
The National Crime Agency has now used this case to develop a national response policy to fight similar illegal substance on dark web.
Aarron Gledhill and Ross Brennan case is said to be the first of its kind in the whole of the UK taking into consideration the use of sophisticated and complicated technology to link buyers and the quantities and qualities of the illegal drugs involved. Ringleader Brennan, the 28 year old suspect from Huntington, York, was convicted at York Crown Court last year September. The judge described him as a “21st century sophisticated and arrogant criminal.” According to the evidence produced before the court, the two are believed to have created an online supermarket on the dark web to advertise illegal products and also used an encrypted program to mask transactions that earned them around £450,000.
30 year old Aarron Gledhill from Huddersfield also admitted to receive, package and store illegal drugs which were sent to him through an address in Huddersfield and York.
They both pleaded guilty of conspiring to import and distribute grade-A illegal substances and money laundering through virtual currency. Aarron Gledhill received 13 years and nine months sentence while Brennan was jailed for 13 years, eight months in prison.
The post North Yorkshire Police Receives Chief Constable’s Commendation for Crackdown of Dark Web Drug Smugglers appeared first on Deep Dot Web.
25-year-old Kyle Enos of Newport, South Wales, used a dark web marketplace to supply people with fentanyl and was caught. The drug dealer has been sentenced to prison. Fentanyl, a synthetic opioid which is 40 times stronger and potent than heroin has been the cause of many overdose deaths in the US and recently in the UK.
The drug was linked to 113 deaths in the UK alone just last year. As to whether the drugs that killed them had been supplied by Enos, is still unknown but nevertheless, investigators warned that the synthetic opioid posed extreme dangers.
Upon the numerous attempts to curb the situation as well as the arrests made, it didn’t seem to bother Enos as he was running a complex drug operation on the dark web. His operation killed at least 14 young customers in Hull, according to reports. This led to the launch of intelligence operations by the Humberside Police to prevent the deadly drug from being sold to drug users.
The situation in Hull was so serious to the extent that, it was once the focus of a BBC iPlayer documentary which showed drug users injecting fentanyl into their body and talking about its possible effects.
Enos controlled his dark web drug business from his flat in Wales and even offered a buy-one, get-one-free on the synthetic opioid.
He was given an eight-year jail sentence on Monday at the Cardiff Crown Court after admitting to selling fentanyl to 168 people in the UK, Canada, Europe and the US from May 2016 to May 2017. Thus a whole year of supplying these deadly drugs to people, causing enormous damage that we can only imagine.
Judge Eleri Rees stated that the deaths were a true reflection of the danger of the drug, which is far more potent than heroin. She added that Enos was fully aware of the potency and the high risk involved but ignored them as he advertised his products and sought customers reviews about them on the dark web.
“This was a sophisticated, complex operation in that you supplied fentanyl to over 160 addresses to the UK, Europe, and the US. The profits were such that you were able to rent a luxury apartment in Cardiff city centre,” Judge Rees stated.
Enos used his dark web handle “sovietbear” to create a page on the now-defunct dark web marketplaces AlphaBay and Dream Market that offered same-day delivery to customers in Britain, three days to those in Europe and a week to customers across the globe. His online profile claimed he was selling pure fentanyl at the lowest prices and also offered custom concentrations.
In addition, his page boasted of re-shipping packages seized by customs and further stated that the detection was “very, very rare”.
“My priority is your satisfaction,” Enos had written under his profile. “My prices are great, and so is the product,” he added.
According to officers, Enos stated that he was importing fentanyl from illegal sellers in China every two or three weeks and prepared the packets himself, before sending them to his buyers through first class or air mail.
When Enos’s home was searched last year, officers had to wear biohazard suits and respirators due to the danger of the drug.
According to court documents, the police analyzed Enos’s customer database after his arrest and found out that four people in his database had passed away but as to whether the fentanyl provided by Enos was the cause of their deaths, couldn’t be proven. They also used some documents they found to identify 92 customers in the UK and 78 others abroad.
25-year-old Jonathan Robinson, from Northumbria, was found dead at his home. Jack Barton, 23, a university student also died in Cardiff in January last year. The other two dead people in his database were 34-year-old Aaron Rees, from Ammanford who was discovered dead during March 2017. The fourth person died in Scotland but his or her name wasn’t brought up in court.
Enos will be escaping charges for the deaths in England and Wales but investigations are still ongoing in Scotland. Reports suggest he made around £16,000 from his fentanyl sales.
The post Dark Web drug dealer who supplied fentanyl into the UK jailed 8 years appeared first on Deep Dot Web.
We all know cybersecurity threats grow each day and, in these times of increasing danger, it is of great importance to test your website’s security before burglars do. While even the most dull-witted system administrator is able to run a scan with Nmap or Nessus (though he could ignore the myriad of options these scanners offer), it results slightly more difficult to find someone who knows how to use an intercepting proxy, or even knows what it is. The reason is simple, because a basic vulnerability scan is quite an automated task to perform, thus, you don’t have to use your brain, while the usage of an intercepting proxy, requires a more stringent logic to understand what you’re seeing in your console. In this article, we’ll see what is an intercepting proxy and how to use it to test the security of your application.
HTTP means HyperText Transport Protocol. HTTP is a text-based client-server protocol in which a client (generally a web-browser) makes a request, and a server (generally the machine that hosts the web application) answers the requested resource. By default, the server listens on port 80 (http) or on port 443 (https). Each HTTP request contains three parts:
- a method that identifies the request’s type, plus a URI and the HTTP version used by the client
- a header that contains optional parameters
- an optional MIME (Multiporpose Internet Mail Extensions) document attached to the request
The HTTP response, is also made of three parts, specifically:
- a three-digit status line
- a header
- a MIME document
The HTTP Methods
There are several HTTP methods that can be used like, for example, GET, POST, HEAD, PUT, TRACE and so on, but in this article we will focus on the following:
- GET – it is the most common one. It is used to retrieve a document from a server
- HEAD – a variant of the GET method, it is used to retrieve the header of a document, but not the document itself. It can be used to verify if the document exists.
- POST – it is used to send a document to the server
The HTTP Headers
- Content-Length – indicates the length of the document in bytes
- Content-Type – indicates the type of the MIME document. For example, HTML pages use “text/html” type
- Content-Encoding – tells how the document has been encoded, for example, “x-gzip”
- Server – returns the version of the web server that generated the response
- Date – indicates when the response has been produced by the server
- Last-Modified – the date of the last modification of the document
- User-Agent – provides information about the client. The server can answer with a different response depending on this header
- If-Modified-Since – it is a date. Using this date, the server will return the document only if it is newer than the version stored in the client’s cache
- Referrer – indicates what’s the link followed by the client before arriving in the current page
- Host – the fully qualified domain name of the URI requested
HTTP Status Codes
All status codes starting with “2”, indicate a positive response like “200 Ok”. All status codes starting with “3”, indicate that the document is no longer available like “301 Moved Permanently”. All status codes starting with “4”, like “404 Not Found”, indicate that the server found an error in the client’s request. All status codes starting with “5”, indicate an internal error of the server.
What Is An Intercepting Proxy
To test the security of your web application, you will need to understand how it acts in every possible situation. To make this possible, the only way is to read every request and response exchanged, analyzing every possibility of exploitation. Here comes the utility of an intercepting proxy. This tool, in fact, is the only really indispensable one to test the behaviour of your website. An intercepting proxy can, as its name tells us, capture every response and every request and, furthermore, it gives you the possibility to change them.
If you are wondering why you should want to change a response coming from the server, try to figure out this classical example: you are browsing the shopping cart of a website and you see that a certain item has a cost of $300. Using your intercepting proxy, you can observe that the price is actually defined with a hidden form that the normal user could not see simply browsing the website. Thanks to your powers of observation, you can change the cost to, for example, $0, submitting the request and buying the item for free. I personally encountered an application that made me do this trick, but keep in mind that this is only an example of the myriad of vulnerabilities that you could find in this way. For example, you could discover a sql injection vulnerability or a xss one.
How to install ZAP
ZAP stands for Zed Attack Proxy. ZAP is only one of many intercepting proxies, but it is my favourite, because it has awesome features and it comes to you absolutely free. It is maintained by hundreds of international volunteers and it is multi-platform, so you can install it on Linux as well as on Windows. Let’s see how you can install ZAP on Linux:
- go to github and download the latest version
- install it typing ./ZAP_X_X_X_unix.sh
- run cd /usr/local/bin ; ./zap.sh
Now you will be prompted with the following choice:
Click on “Yes, I want to persist this session” and give to it the name and location that you desire. Now you’ll see tha main console, empty:
Go to “tools”, “options”, “local proxies” and remember what port ZAP is listening on (address is localhost). You can change the port to a different one, if you want.
Now click on “Dynamic SSL Certificates” and click on “generate” and “save”.
You’re now creating a new certificate that your browser will use to trust ZAP as local proxy. Now go to your browser’s settings (we’ll use firefox in this example) and set the port for the proxy to the same used by ZAP:
Now let’s import the certificate in your browser, clicking on “import” and choosing the location where you saved the previously generated one:
Now you’re ready to surf the internet with Firefox intercepting every request and response with ZAP! As far as you browse your website, you should see a lot of captured requests and responses in the console:
In the left grid you will see the directory view of your website, while in the lower edge of the console, you’ll see the list of the messages exchanged between your browser and the server. If you click on one of them, you’ll be able to see it in details and, yes, you’ll be able to change it and re-submit it.
Every message is identified by an ID and highlighted with the risk severity.
If you want to explore, you can try to install other intercepting proxies like:
- Burp Suite
Identify Application Entry Points
Now that we installed our intercepting proxy, and we’re able to capture every request and every response, let’s see how we can use the gathered information, to study the behaviour of our website. The starting point is finding the entry points of our application. As you walk through your application, take note of where the GET and POST methods are used.
You can see that the GET is the most used method but in the POST you can usually find sensitive information like prices of items and other things the developer doesn’t want the user to see and modify. Take note also of where uncommon methods like PUT and DELETE are used, because they can usually reveal an unexpected behaviour of the application. Try to understand where cookies are established and keep track of every hidden form. Identify all the hidden parameters in the POST request (those that you can’t see without an intercepting proxy), and identify all the query strings in the GET requests (those with the “?” mark). Find all the parameters in the query strings like “pass=foo”; you’ll have to identify the parameters even if they are encrypted. Take note of every redirect, of every 4XX and 5XX status code and, more generally, of every error message.
This enumerating job is quite boring but, with a growing experience, you’ll be able to identify the interesting zones of your website in less time. This crucial phase of your test is fundamental to perform every security test, but it’s only the beginning; if you perform an exhaustive enumeration phase, you’ll be able to identify your application’s vulnerabilities.
The post How To Test Your Website’s Security With An Intercepting Proxy appeared first on Deep Dot Web.
In Cottage Grove, Minnesota, Judge B. William Ekstrum sentenced 44-year-old Stephen Allwine to life in prison without parole for the murder of his wife. Only days before the sentencing, a jury deliberated eight hours before finding Allwine guilty of murdering his wife and trying to make the death look like a suicide. Life in prison is the mandatory sentence in first-degree murder cases.
The Washington County prosecutor who tried the case, Fred Fink, said that in his 43 years as a prosecutor, Allwine’s case was “probably the most complex case [he had] ever tried.” DeepDotWeb has followed Allwine’s case ever since officials revealed Allwine’s charges and the details surrounding his case. His Criminal Complaint contained a goldmine of information, both about Allwine’s case and about the “murder-for-hire” site Besa Mafia. If drugging and shooting his wife would not have been difficult enough to successfully hide, investigators found that Allwine tried—several times—to hire hitmen from Besa Mafia, a fake darknet site for ordering contract killings. Besa Mafia no longer exists.
“Besa Mafia was a fraud, yes,” Fred Fink told reporters.
After his wife’s death, authorities found irregularities in the blood found in the Allwine’s home. Blood had pooled around Stephen Allwine’s wife, Amy Allwine, but it wound up in other parts of the house too. Investigators found blood in rooms where it could not have been. They found evidence that someone had walked through the house with blood on their feet and then cleaned up the footprints and blood spatter that did not fit the story provided by Allwine. And in cases with blood spatter and spray, “clean” in the eyes of a civilian and “clean” in the eyes of a forensic investigator mean two different things.
The government’s case started making even more sense once the FBI found connections between Allwine’s phones and Dream market forum posts asking how to purchase Scopolamine on the darknet. Amy Allwine had a high concentration of Scopolamine in her blood, investigators found. After the Besa Mafia hack, the world could see messages between “dogdaygod” and Besa Mafia. The Besa Mafia admin kept painting scenarios for dogdaygod where a hitman would murder his wife. Dogdaygod kept paying too. The fantasy sold by Besa Mafia eventually became too costly for dogdaygod.
But in one of the bitcoin wallets, or cached files on his computer containing bitcoin addresses, investigators found a bitcoin address where dogdaygod had sent thousands of dollars worth of bitcoin. There are very few possible reasons Allwine and dogdaygod could both have a bitcoin address used by the Besa Mafia admin. Either Allwine was dogdaygod or Allwine was the Besa Mafia admin. Since bank withdrawals matched, to some degree, the payments made to Besa Mafia, authorities safely assumed that Allwine was not the Besa Mafia admin.
“You are an incredible actor, a hypocrite, and a cold and calculating killer,” Judge Ekstrum told Allwine.
The post Allwine Sentenced to Life in Prison for First Degree Murder appeared first on Deep Dot Web.
In Rostov-on-Don, a city in Southern Russia, the Customs Service of the Ministry of Internal Affairs captured a drug dealer who “played a key role in an international criminal organization.” Authorities arrested the “key player” drug dealer and one accomplice. The duo, an announcement said, helped supply drugs to customers spread throughout numerous regions in Russia. Along with several unknown operatives, the duo ran an “international trade network” by importing drugs into Russia from sellers on the darknet and redistributing them through local channels.
In January 2018, Russian authorities intercepted five packages from an address in Germany that contained significant quantities of drugs. The sender of the packages had addressed them to the suspects currently in custody. Inside the packages, authorities found 8 kilograms of hashish, 5 kilograms of amphetamine, 2 kilograms of marijuana, and smaller amounts of ephedrine and ecstasy pills. The police said the drugs equalled a little over $500,000. The dealer and his accomplices traded only in bitcoin, as far as authorities know, though.
Russian authorities raided the house after intercepting the package. They arrested the recipient and his accomplice. They also seized 2 kilograms of “pre-packaged” drugs of unknown specifications. “During the interrogation, one of the suspects told us where and how the drugs were sold,” a MIA source said. The customers in Russia found the dealer through darknet sites and then used bitcoin to pay the dealer. “After that, the dealers packed the drugs in bundles and sent them to customers through bookmarks,” he added. “In total, the police found 63 caches in the Rostov region, Krasnodar and Stavropol Krai. The total mass of drugs found in the caches exceeded 10 kg.”
Authorities reportedly discovered that the dealer played a much larger role in drug trafficking after the accomplice revealed information during questioning. Any evidence the investigators had already uncovered may not have pointed towards a role in a larger criminal organization. This is far from Russia’s first darknet drug trafficking case, but many involve dealers farther away from the source. Some of the cases involved entire marketplaces, though.
The drug traffickers currently face three charges for the smuggling of narcotic drugs in large amounts. By the end of the investigation, they could be facing any number of charges. Investigators are currently working to establish the identities of other conspirators. Russian authorities spoke of closing a drug trafficking channel between Germany and Russia, but Germany’s side of that channel may still be open. Authorities did not reveal details pertaining to the ongoing information but similarly neglected to say anything about involvement with international authorities.
“The contents of mail items are inspected at various stages of shipment, including by using special equipment installed in the places of sorting and processing of parcels and small packages,” a representative of Russian Post told Kommersant.
Prior to his arrest, 25-year-old Chateau-Thierry resident Adel Belkacem made five separate orders on the darknet, the authorities announced after the May 2017 arrest. In May, Customs spotted a package containing 109 ecstasy pills, 117 grams of amphetamine, 48 grams of ketamine, and 64 grams of cannabis. Belkacem received a sentence of nine months in prison and a fine of 3,000 euros.
After Customs intercepted Belkacem’s package of drugs, a customs officer conducted a controlled delivery. A customs officer disguised himself as a postman and delivered the package. After Belkacem accepted the package, the officer arrested him and French authorities later searched his home for evidence of drug trafficking. They found that the 25-year-old had been ordering drugs from the darknet—using bitcoin—and doing something unknown with the drugs.
With no actual evidence to charge Belkacem with drug trafficking, French authorities only charged him for receiving illegal substances (or importing them in the mail) and charged him for possessing illegal substances. But because of the quantity of drugs purchased in Belkacem’s previous orders, along with the drugs purchased in the intercepted order, authorities operated under the assumption that Belkacem had “resold” some or all of the drugs that he had purchased. They simply lacked evidence to back up their assumptions.
In court, where Belkacem showed up as a free man, the truth as the authorities wanted to hear reached the surface. Belkacem first admitted that he had made the purchases. He admitted that he had purchased drugs on the darknet on numerous occasions. He said that he did not resell the drugs but that he had heavily consumed them in the months leading up to his arrest. He explained that ever since his arrest, he had abstained from all substances. But during the period of time when he had placed routine orders on the darknet, he financed his purchases with the money earned as a roofer: 600 euros every week.
Belkacem said that he only made such large orders because his dealer refused to ship small orders. The dealer only sold wholesale quantities of drugs. One final time, the judge asked, “are you sure you do not finance your purchases with resale, in part?” The judge added that a purchase containing 109 ecstasy pills surprised him. This time, Belkacem said that he had helped his friends obtain drugs through the darknet. He did it for free, however. Belkacem reminded the judge that he had not used drugs since his arrest.
The judge sentenced him to nine months in prison and a fine of 3,000 euros.
The post Man Sentenced After Package Interception in France appeared first on Deep Dot Web.
The title of this article has TWO typos! Come on!
If he opened the images in any os that isn’t privacy focused then I guess the phone home option is possible. Would it not have been better to use an obsf4 bridge rather than a VPN? Although I’ve been told that if the bridge is compromised then all of your Tor usage can be watched leaving your real IP and hitting the hidden service whereas if you use no bridge and pass through a malicious exit node they still can’t see your real IP (without the use of timed correlation attack where possible via compromised service+node) so it’s hard to tell whats best. I’ve also read the big attack on Tor during 2014 was done via adding malicious bridges rather than exit nodes but that may be untrue. Any opinions?
This fucking low life scum back should be tied to a tree with barbed wire and saturated with kerosene so he could burn to death as slowly as possible.
Fucking good work by the “Nonce Brigade” as fare as I am concerned.
There is NO FUCKING PLACE FOR CHILD PORN ON THE DARK NET.
The Dark Net stands for FREEDOM not perverted sadism
Any decent human being should assist in any way to dig these animals out including assisting the “Nonce Brigade” and bring them to justice, and that includes us.
“due to the freedom they enjoy over there.”
That’s the whole point, freedom. People like that. Sucks heh?
It wouldn’t surprise me if western countries found ways to start banning tor/vpn/encryption. Wouldn’t surprise me at all.
I’m starting to think they might start pushing for it very soon, considering all the propaganda they keep spreading around.
Here’s how I see the future regarding the Internet/deepweb:
-Feed the public propaganda. “Think of the children!” “Drugs are bad mkay?” “Killers for hire with the click of a button!!11, OMG”
-Cyber Crime units gets the ok, hundreds of millions, sometimes even billions invested
-2030/2040: “We must ban Tor and VPN’s! It’s the only way!!” -> more propaganda
Hard to say how he got caught.
If the site(s) he visited were datasharing with law enforcement, it is a possibility that law enforcement saw his username/pw/e-mail and identified him through those.
Also, 4.5k images is a big deal, it’s bound to gather the attention of someone, somewhere.
List of possible causes:
-Honeypot site that read his username/pw and possibly e-mail
-Username/e-mail used on the clearnet identified him
-Leaked something about himself in a conversation
-Probably bragged about his deep web habits to someone
I cannot believe that anyone could recommend this POS, they don’t respond to your email, terminate your service. With one year of use I didn’t even used 10GB of bandwidth but I cant connect to vpn anymore.
I believe he probably downloaded some pictures which allowed them to phone home. If he used tails etc or kept them on an encrypted drive on his computer but look at them after he unlocked his encrypted drive in his normal os then it’s a real possibility that phone home happened to him.
Alternatively perhaps meta data time stamps were able to pin point him if he at one stage or another went through a compromised entry node seeing as the actual site was already under LE control they would be capable of putting 2 and 2 together especially if he didn’t use an ISP and didn’t hide his tor usage from his isp they won’t be able to see all of that and make a pretty solid guesstimate.
These are my thoughts, I am probably wrong but who knows.
Who’s Ellen DeGeneris?
Fukin retard.They sell somthing that people.want.This is not a crime.