The Real Dark Web -Tor-Freenet-Tarzan-MixMaster-JAP-Antsp2p-HayStack

The following networks are discussed on this page.

  • Tor
  • Morphmix / Tarzan
  • Mixminion / Mixmaster
  • JAP
  • MUTE / AntsP2P
  • Haystack
  • Freenet

Tor / Onion Routing

[Tor] [Onion Routing]

Tor and Onion Routing are both anonymizing proxy networks, allowing people to tunnel out through their low latency mix network. The two primary differences between Tor / Onion-Routing and I2P are again related to differences in the threat model and the out-proxy design (though Tor supports hidden services as well). In addition, Tor takes the directory-based approach – providing a centralized point to manage the overall ‘view’ of the network, as well as gather and report statistics, as opposed to I2P’s distributed network database and peer selection.

The I2P/Tor outproxy functionality does have a few substantial weaknesses against certain attackers – once the communication leaves the mixnet, global passive adversaries can more easily mount traffic analysis. In addition, the outproxies have access to the cleartext of the data transferred in both directions, and outproxies are prone to abuse, along with all of the other security issues we’ve come to know and love with normal Internet traffic.

However, many people don’t need to worry about those situations, as they are outside their threat model. It is, also, outside I2P’s (formal) functional scope (if people want to build outproxy functionality on top of an anonymous communication layer, they can). In fact, some I2P users currently take advantage of Tor to outproxy.

Comparison of Tor and I2P Terminology

While Tor and I2P are similar in many ways, much of the terminology is different.

Tor I2P
Cell Message
Client Router or Client
Circuit Tunnel
Directory NetDb
Directory Server Floodfill Router
Entry Guards Fast Peers
Entry Node Inproxy
Exit Node Outproxy
Hidden Service Eepsite or Destination
Hidden Service Descriptor LeaseSet
Introduction point Inbound Gateway
Node Router
Onion Proxy I2PTunnel Client (more or less)
Relay Router
Rendezvous Point somewhat like Inbound Gateway + Outbound Endpoint
Router Descriptor RouterInfo
Server Router

Benefits of Tor over I2P

  • Much bigger user base; much more visibility in the academic and hacker communities; benefits from formal studies of anonymity, resistance, and performance; has a non-anonymous, visible, university-based leader
  • Has already solved some scaling issues I2P has yet to address
  • Has significant funding
  • Has more developers, including several that are funded
  • More resistant to state-level blocking due to TLS transport layer and bridges (I2P has proposals for “full restricted routes” but these are not yet implemented)
  • Big enough that it has had to adapt to blocking and DOS attempts
  • Designed and optimized for exit traffic, with a large number of exit nodes
  • Better documentation, has formal papers and specifications, better website, many more translations
  • More efficient with memory usage
  • Tor client nodes have very low bandwidth overhead
  • Centralized control reduces the complexity at each node and can efficiently address Sybil attacks
  • A core of high capacity nodes provides higher throughput and lower latency
  • C, not Java (ewww)

Benefits of I2P over Tor

  • Designed and optimized for hidden services, which are much faster than in Tor
  • Fully distributed and self organizing
  • Peers are selected by continuously profiling and ranking performance, rather than trusting claimed capacity
  • Floodfill peers (“directory servers”) are varying and untrusted, rather than hardcoded
  • Small enough that it hasn’t been blocked or DOSed much, or at all
  • Peer-to-peer friendly
  • Packet switched instead of circuit switched
    • implicit transparent load balancing of messages across multiple peers, rather than a single path
    • resilience vs. failures by running multiple tunnels in parallel, plus rotating tunnels
    • scale each client’s connections at O(1) instead of O(N) (Alice has e.g. 2 inbound tunnels that are used by all of the peers Alice is talking with, rather than a circuit for each)
  • Unidirectional tunnels instead of bidirectional circuits, doubling the number of nodes a peer has to compromise to get the same information.
  • Protection against detecting client activity, even when an attacker is participating in the tunnel, as tunnels are used for more than simply passing end to end messages (e.g. netDb, tunnel management, tunnel testing)
  • Tunnels in I2P are short lived, decreasing the number of samples that an attacker can use to mount an active attack with, unlike circuits in Tor, which are typically long lived.
  • I2P APIs are designed specifically for anonymity and security, while SOCKS is designed for functionality.
  • Essentially all peers participate in routing for others
  • The bandwidth overhead of being a full peer is low, while in Tor, while client nodes don’t require much bandwidth, they don’t fully participate in the mixnet.
  • Integrated automatic update mechanism
  • Both TCP and UDP transports
  • Java, not C (ewww)

Other potential benefits of I2P but not yet implemented

…and may never be implemented, so don’t count on them!

  • Defense vs. message count analysis by garlic wrapping multiple messages
  • Defense vs. long term intersection by adding delays at various hops (where the delays are not discernible by other hops)
  • Various mixing strategies at the tunnel level (e.g. create a tunnel that will handle 500 messages / minute, where the endpoint will inject dummy messages if there are insufficient messages, etc)



Freenet is a fully distributed, peer to peer anonymous publishing network, offering secure ways to store data, as well as some approaches attempting to address the loads of a flash flood. While Freenet is designed as a distributed data store, people have built applications on top of it to do more generic anonymous communication, such as static websites and message boards.

Compared to I2P, Freenet offers some substantial benefits – it is a distributed data store, while I2P is not, allowing people to retrieve the content published by others even when the publisher is no longer online. In addition, it should be able to distribute popular data fairly efficiently. I2P itself does not and will not provide this functionality. On the other hand, there is overlap for users who simply want to communicate with each other anonymously through websites, message boards, file sharing programs, etc. There have also been some attempts to develop a distributed data store to run on top of I2P, (most recently a port of Tahoe-LAFS) but nothing is yet ready for general use.

However, even ignoring any implementations issues, there are some concerns about Freenet’s algorithms from both a scalability and anonymity perspective, owing largely to Freenet’s heuristic driven routing. The interactions of various techniques certainly may successfully deter various attacks, and perhaps some aspects of the routing algorithms will provide the hoped for scalability. Unfortunately, not much analysis of the algorithms involved has resulted in positive results, but there is still hope. At the very least, Freenet does provide substantial anonymity against an attacker who does not have the resources necessary to analyze it further.

Morphmix / Tarzan

[Morphmix] [Tarzan]

Morphmix and Tarzan are both fully distributed, peer to peer networks of anonymizing proxies, allowing people to tunnel out through the low latency mix network. Morphmix includes some very interesting collusion detection algorithms and Sybil defenses, while Tarzan makes use of the scarcity of IP addresses to accomplish the same. The two primary differences between these systems and I2P are related to I2P’s threat model and their out-proxy design (as opposed to providing both sender and receiver anonymity). There is source code available to both systems, but we are not aware of their use outside of academic environments.

Mixminion / Mixmaster

[Mixminion] [Mixmaster]

Mixminion and Mixmaster are networks to support anonymous email against a very powerful adversary. High-latency messaging applications running on top of I2P (for example Syndie or I2PBote) may perhaps prove adequate to meet the threat model of those adversaries, while running in parallel along side the needs of low latency users, to provide a significantly larger anonymity set. High-latency support within the I2P router itself may or may not be added in a distant future release. It is too early to say if I2P will meet the needs of users requiring extreme protection for email.

As with Tor and Onion Routing, both Mixminion and Mixmaster take the directory based approach as well.



JAP (Java Anonymous Proxy) is a network of mix cascades for anonymizing web requests, and as such it has a few centralized nodes (participants in the cascade) that blend and mix requests from clients through the sequence of nodes (the cascade) before proxying out onto the web. The scope, threat model, and security is substantially different from I2P, but for those who don’t require significant anonymity but still are not satisfied with an Anonymizer-like service, JAP is worth reviewing. One caution to note is that anyone under the jurisdiction of the German courts may want to take care, as the German Federal Bureau of Criminal Investigation (FBCI) has successfully mounted an attack on the network. Even though the method of this attack was later found to be illegal in the German courts, the fact that the data was successfully collected is the concern. Courts change their minds based upon circumstance, and this is evidence that if a government body or intelligence agency wanted to, they could gather the data, even if it may be found inadmissible in some courts later)

MUTE / AntsP2P

[MUTE] [AntsP2P]

Both of these systems work through the same basic antnet routing, providing some degree of anonymity based on the threat model of providing plausible deniability against a simple non-colluding adversary. With the antnet routing, they first either do a random walk or a broadcast search to find some peer with the data or identity desired, and then use a feedback algorithm to optimize that found path. This works well for applications that merely want to know what other people around them have to offer – “How are y’all doing” vs. “Hey Alice, how are you” – you basically get a local cluster of nodes that can share files with and maintain some degree of anonymity (though you don’t have much control over who is in that group of peers).

However, the algorithm does not scale well at all – if the application wants to speak with a particular peer it ends up doing a broadcast search or random walk (though if they are lucky enough for that to succeed, the antnet routing should optimize that found connection). This means that while these networks can work great at small scales, they are not suitable for large networks where someone wants to get in touch with another specific peer. That does not mean that there is no value in these systems, just that their applicability is limited to situations where their particular issues can be addressed.


This was a closed-source network targeted at Iranian users. Tor did a good writeup on what to look for in a circumvention tool. Suffice it to say that being closed source and publicly targeting a specific country are not good ideas. I2P is, of course, open source. However, that source, and our technical documentation, need much more review.

Paid VPN Services

Only your Cable company knows for sure…


Dark Web Stats – emails and languages

gAtO StAts - of the dark web show us many things – below are some stats on just over 2,000 sites and 130 EMails that my crawlers have found. By the way .it has the most sites taken DOWN by FBI-DOJ and it’s still up there re-building – one site goes down and 6 replace it – why are they using .it I don’t know also Portuguese has 70 sites in the Dark Web – WoW so have fun Gatico’s - gAtO OuT


Dark Web Email stats — Generated on 2015-03-10

Out of 129 Unique emails

  • .onion                              10
  • .ch                                    2
  • .org                                  13
  • .tld                                   2
  • .org                                  13
  • .com                                70
  • .net                                  13
  • .ru                                    4
  • .it                                    50
  • .edu                                1
  • .info                               5
Dark Web Sites Alive

Dark Web Sites Alive

Dark Web Sites – out of 2,919 dark websites most are English  –Generated on 2015-03-10

  • Arabic Sites               4
  • Czech                           2
  • Danish                         5
  • German                       53
  • Spanish                       48
  • Finnish                        15
  • French                         59
  • Hungarian                    7
  • Italian                         152
  • Japanese                      4
  • Korean                         1
  • Norwegian bn             1
  • Norwegian nn            9
  • Dutch                         23
  • Polish                         12
  • Portuguese                70
  • Russian                     168
  • Swedish                    10
  • Turkish                      9
  • Ukrainian                  5
  • Chinese                      1

Tracking Bitcoins in the Dark Web

Tracking Bitcoins – Notes: Follow the Money //-Bitcoin 

gAtO lOoKiNg - at what data points I need to track Bitcoin Transactions in the Datk Web to find answers. These are my notes on just one 1 Websites : If I track the Transactions backwards I can find donors and people paying for their service, Malware and other such crimes if I take the Transactions forward in Time I can find the Main wallets that the bad guys use and who knows – just 1 mistake and we have an IP addresses to track the wallet. I only tracked this a few levels and found 2 large Wallets that they use and they are very active. I have my own BLockChian tool but blockchain.info will do chain.com or blockexplorer.com will give you the same answers – I rather keep my queries private so I have my own Bolckchain tool – Next come using visualization tools to map this out graphically for a better view- This is for education and research purpose –gAtO oUt  

my Target is a Russian Site called Rutor – Forum type

Data Points:

Incoming TimeStamps – Transactions – Total Receive – FInal Balance  – Hash 160 – 

Outgoing will track the Big Wallets – 

Outgoing TimeStamps – Transactions – Total Receive – FInal Balance  – Hash 160 – 

Forward Taint Analysis – Branch

Bitcoin mapped to the Dark Web

Bitcoin mapped to the Dark Web

It has a Donation Bitcoin address- 1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM   – So I tracked it down and found that it sent MOST of it’s donations to- 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 – Now when I track that one down it’s looking like a major Russian sites with over 155 Bitcoins 2–28-2015 the last transactions.

Now we can focus of – 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 – and look at all transactions and plot those all incoming and all outgoing this will give us targets to follow bad major actors. Now we can focus on WHO they SENT their funds to and WHO DONATED to them. But we backtrack one more layer and find that the sent a lot to this wallet address

1NtHN8Tx7MSGZ3XNx5iyNSRqsmQVnb3Ab6 —7,204 transactions 2015-03-03 17:06:41    – 2014-08-06 15:22:59

They still have other wallets – 1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz –   34 transactions

Address 1NtHN8Tx7MSGZ3XNx5iyNSRqsmQVnb3Ab6
Hash 160 f00d8406e59a45ab7e97c0b04db7f9429ebb301d
No. Transactions


Total Received 2,080.69607184 BTC
Final Balance 304.3742092 BTC

russian Rutor  – http://xuytcbrwbxbxwnbu.onion/forums/

Main Bitcoin Address 1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM

Address 1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM
Hash 160 8fcac294e22adeae7593423548491f35898b09f2


No. Transactions 19
Total Received 1.63527533 BTC
Final Balance 0.00080742 BTC

Forward Taint Analysis 1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM
Reversed Taint is the % of funds sent from an address which passed through another address.

This page shows the addresses which have received bitcoins from 1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM. The greater the taint the stronger the link between the addresses.

Branch Address Taint (%) Count Top IPs
1EGhD6k5eemHUKXTyYpsW4tTgXsBNQqFhX 11.0051651037% 2
14Ccaz57tQ1VnQUYMRDfLCB33wxP94qsAc 8.3366196043% 2
1NvY14xke2ciChZrhsWkW6NuzKUUENeQZv 3.5355121312% 3
17MSwaNBwPpNVKQtmzXv7rdcB5AuPypHw6 3.2806102634% 2
1MqW5zvaJGuEC6nbN3pUQTLTzPYRMSbk8S 2.9744283827% 2
1AM8EBKq5nmS4auVJK4vmKxWFYPcQyvtra 2.8613089644% 4
1BKTXyCsdrcBGJt1UEnjCLMK1Ko6wePLty 1.7409219031% 2
1CoVBD7dgQ2Zp5CVCGi2vFsNodcpVknHx9 1.6006770483% 6
2 1HTwtVPt9rjw41eeXdYSVDKRwJyiMEbgei 1.3490150913% 4
17kuq7g8vuQWadEjZyXJmthQ8T5UEFJUTp 0.4930945387% 6
1A4R1UWVyChjDJYQMkNeGBW1L2ykzr6si5 0.4818026739% 2
1Dh4a88kEPcUgkwrXZ4LBmWPnDmUfa1ibU 0.4516307499% 6
1FV4CMcG2vgxR2wLacKzmbqqaLZuJdQXrn 0.2922542393% 3
12kgFJgQGEFhs3NWYsSJPNNLDooGkxjf3d 0.2781579272% 2
1ErGZMb1LGpm5AMuwzT1bL43QUH5q9efMa 0.2559340135% 6
4 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0968090042% 8
1K9nnxWbStkFCWvespfzLsPZYHq43vTQiD 0.0286783334% 3
1KRbwDqzFtyjteweqRe37osgEGkPLRMtnv 0.0215128665% 6
1JobkW3ZQxumgGZSRiHr2aY1GPr8TF3XpE 0.0064259097% 4
1FYE661Cri8xEqh2qaAMmw4pC573DukufK 0.0061480831% 4
13TbeKq8CtL1HMa3U4k6DPDJEP6jNnMNNp 0.0000610886% 3

Forward Taint Analysis 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5
Reversed Taint is the % of funds sent from an address which passed through another address.

This page shows the addresses which have received bitcoins from 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5. The greater the taint the stronger the link between the addresses.

Branch Address Taint (%) Count Top IPs
13 1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 2.2174398666% 26
25 1NtHN8Tx7MSGZ3XNx5iyNSRqsmQVnb3Ab6 1.7865394656% 50
3 1UtLFi4Tq3J78295tj2g2JwfhdAxUSE4T 1.5667580712% 6
3 1AH736hXH5FL4hwzK33jekiUAPxVUf6nAr 0.635670431% 6
1Q1JodiqipvQV1jwvuvVxkpQCmf8YZUNnP 0.1971180446% 2
19EdnSKKz5qyp841rNHzPgFsCAq4ikqUCV 0.1897090349% 4
1CSR6iByvTpU4AE13MHpRi28Uz4H4p8PSc 0.170258001% 2
1DV8HJwoPPtAKYKgK7HDE6x4JtkaZsrJSY 0.0636613273% 2
17Yc8SYUc1fGDRrYGK6g3bf8Zy1RzWoEmv 0.0490620728% 2
1BQRe4fFy8eBAwiahxXgHnMsEgict1sAbv 0.0409695535% 2
16Nh2MDRLDgCdNw1Jc62Uae2qfdy5LatGE 0.0396932922% 2
19jhCRTBY9wiRz8tZdrXZhSc4Fh959gV48 0.0229410487% 2
1AfUvSt5niHxK3rXirg6PPjX1vHAhH2xq5 0.0217795946% 4
1LWNgKGJbNay3sv9zXkoFWz3YPdquvjqqf 0.0134652748% 2
2 16wQPaxCNvJLmK27hkpALRtuEQj8J8s38B 0.0127191175% 4
2 18JwGuE6PW3K1R3EKjdoJxcM6TkfCB2ppS 0.0098792337% 4
1CwUXZj8RgazBJ2MebXaT3si7APtCcyfM2 0.0034772095% 2
16FafbhV69ZGF6LgRBRvtva8YDQZkrWoMw 0.0029778368% 2
1BZaVwqgfnzPSG2f87n37stWBDzrbLxP2Z 0.0029742616% 2
4 1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 0.0011167496% 8
2 1BKTXyCsdrcBGJt1UEnjCLMK1Ko6wePLty 0.0005619961% 4
1HGRgfAQfi4HNP6D6tFipepq3R9Mj5tBZU 0.0005416019% 2
14NaoDXNcgQApFGk6rMCKWkYHdLcWTXJi9 0.0004192744% 4

Sent Transactions (Oldest First)


d2343b633648df54a97f1c17cbc61ae0c8b3fc6eaa4834aba95b1dedaa749c11 2015-02-28 15:13:51
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.02 BTC

1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 0.00080742 BTC

d760ca520a51ccfecb8b13d57e9e9361dd33432277244db121f388b5464f3a69 2015-02-22 08:20:44
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.134 BTC

1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 0.00090742 BTC

9ea39386edb73af774d4dd4d455893686e217434deb09a8525945b86b31b28d6 2015-02-14 15:41:15
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.50074716 BTC

1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 0.0009 BTC

e5400443d745dc65529e2a44af0c632412649f4fe03b181821cf0f7951b82d77 2015-02-07 16:23:55
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.95812075 BTC

1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 0.0008 BTC

e31d379a23c416acd81312ff7fcf5ab6440101d38966edd76bc33649a450ec6e 2015-01-21 16:37:46
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1A4R1UWVyChjDJYQMkNeGBW1L2ykzr6si5 0.02 BTC

1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 0.1049 BTC

b41a1c2e3a1cce3eb21d4a6dc2dead8ebe82aa1223ff084a41a6450acc17b27d 2015-01-11 21:03:03
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 147KA4pZNoWa6aqZjEkGGQqSQCNTgr6Zt9 0.0009 BTC

Bitcoin Address Addresses are identifiers which you use to send bitcoins to another person.

Address 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5
Hash 160 7683fe644e422fb5eb188f4b5f88acf8c22609dc


No. Transactions


Total Received

153.42158471 BTC

Final Balance

0.00000001 BTC


Received Transactions (Oldest First)


5e61490cdc5e4b8301fae79005adf16e23cafc9c647a4bf1d95ae4c242b816ce 2015-03-02 14:29:40
1UtLFi4Tq3J78295tj2g2JwfhdAxUSE4T 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.637 BTC
b1d8165b8a0a00152a52e70c0b0e63f4b4a8a28c3a4f5768f6aa4a2d6a9c5536 2015-03-02 14:29:27
1UtLFi4Tq3J78295tj2g2JwfhdAxUSE4T 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.8196 BTC
d2343b633648df54a97f1c17cbc61ae0c8b3fc6eaa4834aba95b1dedaa749c11 2015-02-28 15:13:51
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.02 BTC
2649bea8642dff5df722ae4603934e6923d3792fb3e8ca130cc13baf3f227710 2015-02-26 21:19:03
1ABR7zQKUwd6bm6Yn4vMdKcZeS5rvWTKKN 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 9.7495 BTC
c3bf2e86f0c463962cbaa8e306c4274bc8149123c01ae6bfd78301ff6cb954f0 2015-02-25 14:24:30
19jhCRTBY9wiRz8tZdrXZhSc4Fh959gV48 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.2242 BTC
d760ca520a51ccfecb8b13d57e9e9361dd33432277244db121f388b5464f3a69 2015-02-22 08:20:44
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.134 BTC
f0bb075efa6f62831c62c4de5bdc8fee61b06190d91b869b128191e51a389c08 2015-02-21 07:30:05
1HGRgfAQfi4HNP6D6tFipepq3R9Mj5tBZU 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.303 BTC
b45790b0d2330e8bd247dd1650fd51d89131caccce1ad8abb83d67de78646a22 2015-02-17 16:58:37
1AH736hXH5FL4hwzK33jekiUAPxVUf6nAr 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 3 BTC
9ea39386edb73af774d4dd4d455893686e217434deb09a8525945b86b31b28d6 2015-02-14 15:41:15
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.50074716 BTC
70c5bc162ae7ebe0814ccb4529b5c139053a41cc89d0aede009753c6fdeedfcd 2015-02-08 15:07:55
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.41286591 BTC
e5400443d745dc65529e2a44af0c632412649f4fe03b181821cf0f7951b82d77 2015-02-07 16:23:55
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.95812075 BTC
3ed07babaaf8000abf84f9950cb4969996fbd7ea0aca734c84af4157f7296497 2015-02-07 10:25:56
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.59441341 BTC
356c5442b5b6abd8ffff132d782e9272a8289e8fa76ed9bd9a7326186d60a58a 2015-02-05 19:17:10
16Nh2MDRLDgCdNw1Jc62Uae2qfdy5LatGE 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0569 BTC
7dafde347e78b72d60c8d0f3a8c78035d5a27a9be8ff1d5ae67f01dd7ab71eb7 2015-02-05 11:06:19
12aSH5k86L2CcKHeyo997JAZCioD6dE2fX 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.3 BTC
6bab0248f7cd1b9ed69c91cf2a728a4428ed37af74feafca8a996ef11fb84428 2015-02-03 17:27:22
1UtLFi4Tq3J78295tj2g2JwfhdAxUSE4T 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.71691792 BTC
b8ee473482dee0a313f5c833d2682c3076ce1a931aabae803facf9d4eeac2823 2015-02-02 20:21:19













1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.9295 BTC
b93269e8522ccf0f646e170c2b88a354ec36cd8f723aa1ecc243b467cc8e77d1 2015-02-01 17:30:14
1AH736hXH5FL4hwzK33jekiUAPxVUf6nAr 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2 BTC
815fe7054809568843e6d1a706b6f03ebae4b35f10076bccc5cc56fefa318ec0 2015-01-31 10:18:57
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.34807701 BTC
0a7ba0d195f7bbae16fc3e0bdb9124f4c106ab953f4bd9dbb5e50637793836f5 2015-01-30 17:44:35
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.47689935 BTC
eb180a98e0dd55bf7a48e7d8abaf1c8cfa85a5d0ed6f996a2fb159c6b2b00daa 2015-01-30 17:26:53
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.77930403 BTC
4bdb980c4f7964789f58d99186f427a2073fc436a238248eb19b66449814f678 2015-01-27 18:16:43
1NtHN8Tx7MSGZ3XNx5iyNSRqsmQVnb3Ab6 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.5255 BTC
cd7ba1d6231ebac72bb542845ea082519af38deb5cd62b01ef09fc9c7f3ffe52 2015-01-27 17:23:51
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.5987 BTC
d801968aead1e48ed8b7d941379ae191c5e3c27f6e2a0721f207046b10b9f469 2015-01-25 17:25:05
1HGRgfAQfi4HNP6D6tFipepq3R9Mj5tBZU 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.2059 BTC
d09cb66b7aab5832d14ce57220664441633f2f17222093f7e901c568c8c463a5 2015-01-23 11:08:11
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.94594443 BTC
f501a0c2c12124917dda86995f0fc8fd86767a98b7fc0b2d63767e7e36fb33d1 2015-01-21 11:17:40








1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.4155 BTC
4db751b68ca82a6b66d3283af95204c7e541672b7adbda0a8e67569f2918b2ec 2015-01-21 06:55:52


1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.7465 BTC
0e40583f045e251332c5bd762d6c7d8ebfc0a2d772be89088c9fc789b38eb167 2015-01-20 18:20:54
1BKTXyCsdrcBGJt1UEnjCLMK1Ko6wePLty 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.7749 BTC
c6c5f97658fb4eaf2fb9343e7b66ac17d3308b94bd91583a5b2cc39134ec4309 2015-01-20 17:11:35
1HGRgfAQfi4HNP6D6tFipepq3R9Mj5tBZU 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.09112807 BTC
361cfc04b5dfa2f2bef8d35cb6ec21e5d57ba2efaf202a01262216dabcf6f128 2015-01-20 14:11:08




1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.3533 BTC
39cc788c8a3d6ab1add20334ab97fb985bb96d024576613a732e218d70458a7e 2015-01-19 10:47:31
























1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.9035 BTC
025081d1eee8aeb1bc6141f736e8ac7e4668793561760b43b232554bb12be570 2015-01-17 18:24:39



1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.2735 BTC
b7f78287ad2bbb1a156ae0298f4cbac50a61d700ebedb1a7969a9a7fca8361d3 2015-01-17 07:27:43





1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.5645 BTC
47e127e6ede6a7a11175a0253f3b3c54b21c381358f6f7d97ffa0bfb700ebf48 2015-01-16 10:08:41
1Lv9cChvuMg1HM1ct4t6GoSQwA8sR8ZSmV 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.1265 BTC
e37d015b8bd169eaa7731e73befdad2a49a181d5b1f7de6a089bdeb84f88aa02 2015-01-15 17:13:52
1AH736hXH5FL4hwzK33jekiUAPxVUf6nAr 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.4349 BTC
0454c717af60f009932edaba62bf787fcd9b3c0d46e74c25ba0ea8f2f3741cf7 2015-01-15 16:36:17
1BKTXyCsdrcBGJt1UEnjCLMK1Ko6wePLty 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.9 BTC
c713a77d1f67a30865d832def49a366b8d603ec18d2fe68fbc09ae05479cb510 2015-01-15 13:39:24
1HGW1CcZHXqGZ4CMEH7tPAPUq7y97JMNx 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.15 BTC
c3188223fd86ec20527855a170e4919046db07413c17b046f48948e871e939ac 2015-01-13 15:27:35
1BKTXyCsdrcBGJt1UEnjCLMK1Ko6wePLty 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.699 BTC
4ec44ccde9b150ddd17f72c732b51dfec371abbf2a5ddbecc043d5991f60d9bb 2015-01-12 15:43:48
1HGRgfAQfi4HNP6D6tFipepq3R9Mj5tBZU 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0749 BTC
dc88011b62a5fb504dd780d962c8e38c344dfeb5c52469bbc8abc230953be837 2015-01-10 08:04:35
1CtKXKwZ4A2hiLLBedn4zZ7jRXDAmm3G5j 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.7995 BTC
810866b8b4a3673833e53afbe8ad3d6dd68d50ccae7124f27f2ecebf63a5c5f8 2015-01-10 03:28:47
















1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 12.4795 BTC
b59347e37295025edeea36671321ed7f5a42e26fc486d267636243bc9adb7756 2015-01-09 14:42:21
1C8bhkiKmm7e8f5V7uhdq2zPS98QR8QLc1 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 6.3395 BTC
b71f5872afcfbdf38509bd59f558a68e344876f771b6fc779b2e78242391e6f9 2015-01-06 11:25:28
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.995 BTC
08929a68ec2a0568f2a3ee0ce631918f5bb42b5230262d3b395b5aa0cc953d9d 2015-01-06 11:24:34
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1 BTC
71eda6b3463bfe4c7722a20f8a29cd6f1e38c0770fefc7e6574cf8743b187496 2015-01-06 09:40:42
1AH736hXH5FL4hwzK33jekiUAPxVUf6nAr 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.5408 BTC
25c71f88137267efb20463db1b65084ccc2258f7f316e77130dbc3e26e0847bf 2015-01-06 08:57:31
1AH736hXH5FL4hwzK33jekiUAPxVUf6nAr 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2 BTC
e783db2d942d7f96283547814c588c50ab94e105e4fc767fdd4404422efea8ca 2014-12-31 09:09:52
1MSc45GE7PH5pb3QCT18AhvtUwaPiQ8zzd 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.08645221 BTC
19c30fd66202b866f5c5831923cce78997717ba941481f80d0654b62b0b325ea 2014-12-28 09:52:04
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1 BTC
bf0d61d592384a4032ace6cfb0bbd6fd16ac15ea0dc3c9f067a4a2677596b7c4 2014-12-27 15:43:45
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1 BTC
f687acbb563fb9e7a4076a3e69b2bebbb005f2f35ec7180d3421d22560d2bfd8 2014-12-27 15:38:41
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1 BTC
b119fbec62be2bdae512848de0ea00498f11d1f176641a99eabb17c00c8b6ec2 2014-12-27 15:12:22
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1 BTC

eceived Transactions (Oldest First)


2a4a2c714d51875dcd3cee6638ecff91c06d0720cd87d242ffee9a7c1a23be91 2014-12-27 13:44:53
1ESgfptPcdBoxLjBji7MpdUbDu5UhXtASh 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.62713021 BTC
7468540ae9b5bd65b8543cbe0dde2456add54a57562e5e90e05ea4cde248f3ba 2014-12-20 18:01:57
1BQRe4fFy8eBAwiahxXgHnMsEgict1sAbv 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.3616 BTC
918b9604eb0d3b9cc6da92887263960768c8fc43bdaa3fd698215b8c8eca47b9 2014-12-16 18:00:04
13dwHrjFwSbhLGHsQD1n2vY47q9nC6B8uR 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.009 BTC
ffdd823d74f5b560923abc7f7b4ab4bffe55e84d398e6b36ed5f9b7c743f3ac1 2014-12-15 16:49:43
1BZaVwqgfnzPSG2f87n37stWBDzrbLxP2Z 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0363 BTC
258f6df358fb0a2003c3dfc83deeb4486309cb9fe8d67149d9fcaf4b09294995 2014-12-09 05:58:57
1J9YqsZ9Ma9HKehmvvaoDWzTLjRXnR6BPv 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.10648424 BTC
fed414863b7e5af1b5c11f5307b8c3d5b485a2452c8eb70fd9f1d07835eac954 2014-12-08 12:56:12
1LL7pbKG7t6g1YGqGYi1FAyyspPEFD3aPY 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 4 BTC
492dcc537bc3c66bb9932dce8e244c5d0049ad37726b540c5d253eb8e5e22b41 2014-12-07 10:42:14
1DV8HJwoPPtAKYKgK7HDE6x4JtkaZsrJSY 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.54 BTC
5a6bea6dddd1594f1bec99a5f7cd196842b8f2631096d32e855d24cdd149b9d8 2014-12-03 10:19:28






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 8.7445 BTC
b7e6c7d4b9780c8478603df9908814bddfc9eba10e3fc1956fb4be1c13a19508 2014-12-02 21:45:15
19waMbmQKh75vh6CWZ3M3AuxxfDgYaoUaC 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.6596 BTC
9af1c5853553c5b3ecd9e99627c9f37fd46d775332cfb66949c9b509ea6f819b 2014-12-02 12:00:07
18JwGuE6PW3K1R3EKjdoJxcM6TkfCB2ppS 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.111 BTC
36a97960fa5618088cf644d10be85dcbca450e81c49ebdaf15d78b9a088dcf04 2014-12-01 19:07:04
1CR74kWgyj1Cvout5XJZNYDSmwhduzAqG5 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.6114 BTC
5435460786da0bde996bad2192f2901666f1628e6fbee8010b4ee1333476ea19 2014-11-14 15:24:01






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 4.2495 BTC
4174d19c7eec1d82726f9c7216fc97ef97de17c7729f4b69015f0a2a890d7732 2014-11-12 17:23:21






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 3.0025 BTC
066c0fbb3ecb5d72be7e53782faef56419a5de529474fada875debf1502c9407 2014-11-08 19:02:29
1ABR7zQKUwd6bm6Yn4vMdKcZeS5rvWTKKN 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 7.0745 BTC
ffabad79a099e18d9b871eec141fbd83b991da6aec7847d71f599bdc444f1851 2014-11-06 07:36:47





1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 8.3135 BTC
3e9fbbf559d5c2be7d52ae9cb13828807897a0f1e2f9dc5cb016d56445c3f7ed 2014-11-01 19:14:00




1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 4.1495 BTC
73f317e19dd602c6496a9422dc6a79c19fd6b50db5aa41739f617f9524f7f4f7 2014-10-22 11:57:27
18JwGuE6PW3K1R3EKjdoJxcM6TkfCB2ppS 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0647 BTC
db540ae8000d104fe573102af4c96a9a95796a21d64d6c413921f16fa9fd092e 2014-10-22 06:09:33






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 9.2745 BTC
bbca6248d6940e70b0644d808d378f309802d708225b55d6a4b377e4ed4a49b2 2014-10-16 06:23:37






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 4.6685 BTC
22ec2f8b394c281b7c47eb40cd102187e4720d4eb4cde3002c7c0b08f73097b3 2014-10-15 18:44:58





1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.4225 BTC
8110148d0f816ab76a16aa455959e78c05bbf863a8a3b78eb14e4990b1a1669a 2014-10-10 15:28:11
16wQPaxCNvJLmK27hkpALRtuEQj8J8s38B 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1 BTC
21fba8e705793d4a291c0e8de8c1dc0b33a96b1c263facdefb1b855874e930eb 2014-10-10 06:11:40






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.5535 BTC
79540099c3cf5e1d05279209cdcc8e8333d6d908cd97c9ae7eb30f5606b4e823 2014-10-06 11:59:22
16wQPaxCNvJLmK27hkpALRtuEQj8J8s38B 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.529 BTC
c15bb4856612123b852877188be562e84eebda709c3b2f501154ea705d3cdc82 2014-10-04 15:40:20





1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.7095 BTC
e792ec4a5e7453e29d6ab763e10653f1f50144e55be8dec8b0b5ee08dd84ac72 2014-10-04 08:07:28






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.2735 BTC
9041df7610973ad18058862d898ea0b4ed7b997d861e2ab4ebca4f7a3168100e 2014-10-03 12:42:07






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.0355 BTC
7c2350a971ab04e3010d7c7f1ec7d9fef8e8663ef3f789d74529485fc39a16db 2014-09-27 15:21:59
1TvYXhc6YoL1DrPbTF1aPEaLhiHhjduxz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0993 BTC
55223201a2dbef26a43dd9a19bbbcf4c5daf084e1798410f341997611502b57b 2014-09-23 13:00:48
11ohjiVPjtBk3AxXYi6Hu1u1nDy46mnXY 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.00000001 BTC
c835a7206640b10b0a3d803a8fe36d1f64ecd3933bd4b9c018bb84431359ef42 2014-09-23 12:47:26



1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0748 BTC
6242f92fd595e779918d050d889c7252877296d96b4325a7a325db22f7b3639c 2014-09-23 06:10:04




1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.1293 BTC
45b05888bb81fac7262891ba86a0e7a3552d15f514f1594f6b1642ba86fdec9c 2014-09-22 19:56:16










1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.7345 BTC
223daf20b77255cd7e208066c8a77e968fc6cdab6b7876673014df53a3ba9ffc 2014-09-22 13:03:06



1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.27 BTC

Bitcoin Wallet Vulnerability

Bitcoin Wallet Vulnerability

gATO bEeN – researching vulnerabilities in Bitcoin wallets and of course there are many but I will cover some of the basics and save the rest for my new book coming out soon. First off there are 3 basic types types of wallets, Full node, thin client and web based wallets I will not cover off line wallets for now.

Web based wallets are useless for any security minded person because they are all controlled by the system administrators of the site, even blockchain.info wallets are a problem. Roger Ver the main person at blockchain.info got pissed off and and released the names and addresses of a BitcoinStore.com customers on a public forum, then used his admin privileges to lookup peoples IP address, phone number and other personal information. money009

Why you may ask, because Roger is also the owner of BitcoinStore and accidentally refunded an extra $50  worth of Bitcoin to customers and they didn’t return it. So as much as I love blockchain.info and trust them a wee bit, but this shows that even some of the best websites wallets can become a nightmare and they can get all your data and if they choose steal your Bitcoins right out of your web-wallet or just make it public and then your mother in law will see your Bitcoin fortune and be really pissed. read more https://bitcoinhelp.net/know/more/top-seven-ways-your-identity-can-be-linked-to-your-bitcoin-address

Thin wallets are a little different because they do not have a full blockchain and relies of some other service as a middle man to communicate your transactions to and from the blockchain and your wallet -to be truthful I setup one of these middle-man servers to see if it could be done.  I found out that as a middle-man of your data I can do all kinds of nasty things to your transactions and send your wallet information that everything is OK and working fine.

So a bad actor can become one of these middle-man and have all your Bitcoins and transactions and do as they please. Some security people call it man-in-the-middle attack but it’s your own dam fault for trusting these anonymous middle-man services to all your Bitcoins. How much do you trust a complete stranger with your Bitcoin???  then by all means use a thin-client.

Full node Bitcoin wallets do not have these weaknesses but let’s say your are security conscious and even password protect your full-node wallet. Remember to back it up on your home shareable drive or even a tim drive if I gain access tothat backup your Wallet is toast. Even with Apple Time-machine I can go back in time and get a copy of your wallet wallet.dat file and drain your secure encrypted full-node wallet. This also applies to Windows users too, a simple backup can be your worse nightmare, a friend and you can also loose all your Bitcoins.

Since all Bitcoin transactions are public it is easy to trace your coins history and connect the dots and find your identities. I won’t even cover Sybil attacks or packet sniffing, forcing clock drifts on your wallet or just a simple bug in a version of core Bitcoin code. Yes the developers were even discussing liabilities if they release a buggy wallet code that open up your wallets, so if the developers are worried, I think you need to look at your wallets not once, twice but maybe 3 times and figure out your best solution to safeguard your Bitcoin wallet.

Sometimes just understanding the problems that your Bitcoin wallets have you may be able to protect it better. Oh Yeah- offline wallets, they also must connect to execute a signed transaction some of these and other attacks may be applicable to you too. There are other siple ways to read all the data from your secure thumb drive or if I’m just pissed off at you smash it with a hammer and your Bitcoin fortune is gone so be careful if your divorcing your spouse.

HD-BIP32 and Multi-sig are somewhat safer but if you trust an exchange to validate your 2-n of 3 Multi-sig you could be in trouble. Let’s not my favorite TPM- forget that the NSA has authorize thru the NIST standards that any Windows machine made after June 2015 will have a TPM chip – Trusted Computing Model – Yes I know China and the NSA have inbreeded key’s (backdoors) in these new devices but most hardware -phones-pad devices-  will have this TPM chip installed and then you will have NO security at all- Ask Germany why they will not use Windows machine’s any more -so now your Bitcoin wallet is safe – Yeah BaBy – gAtO OuT


i2p sites in the Dark Web

gAtO FoUnD – these few i2p sites from my Dark Web crawlers – there is also a lot of tunneling from Tor to i2p to keep thing really secure – why not use 2 network to hide your stuff.  You can find a lot of Russian sites that do business in the Dark Web – i2p is better at security of course they use it to hide better.

The Dark Web is not only Tor but i2p as well. I hope this helps any researcher or educator play in the Dark Web better. Some of the content is nasty so be careful – gAtO oUt

I2P Links


eepsites – This search engine has been around for a long number of years. Also available on the clearnet via http://eepsite.com “This site provides a web interface to a database about files available within the anonymous I2P network. A dedicated, automated web crawler keeps the database up-to-date.” http://eepsites.i2p

eye.i2p – Supports somewhat advanced query options. http://eye.i2p

epsilon.i2p – “Epsilon Search is a search engine that indexes eepsites on I2P.” http://epsilon.i2p


Oniichan – Chan run by chisquare. Many categories, active-ish. http://oniichan.i2p

Anch  – “This site was made by anarchists and for anarchists. This site is  russian-speaking, except /int/, which is international.” http://anch.i2p


augenscheinlich – A blog in Germany about Net politics, surveillance, secret services, leaks, and so forth. Frequently updated as of this writing.


str4d – Home of str4d. It has guides, a blog, links, notes, and infographics. http://str4d.i2p

killyourtv.i2p – KillYourTV’s home. Including How-Tos, a blog and a description of his services.


Shadow Life – “Enjoy your stay below the radar”. Well written and lenghty posts on anonymity. Would recommend.


Cheech-Wizard – Blog of resident I2P user Cheech-Wizard, serving comics, music and thoughts.


Dark Like My Soul – fancycakes’ blog. Interesting and useful blogposts.


SIGINT – Personal site/blog of sigint.


dcherukhin – Personal blog and link list of a Russian man named Dmitriy Cherukhin. Appears to be an academic.


Raegdan’s Refuge – Yet another Russian blog.


The Anon Dog – Daily updated links to (news) articles on politics, security, revolts, etc. “h4364r’s Anonymous Daily on I2P”


Actap’s Home page – “I’m Actap from Russia. Increasing Internet censorship level in my country brought me here.” Hosts a constantly updated list of sites banned in Russia.


?labs – Anja’s “little corner on cipherspace”.


Chiron’s I2P Eepsite – Entertaining homepage of a seemingly disorganised and at times angry German I2P user with limited grasp of the English language. He has added a puzzle to his website which leads to his personal information. Confirmed to be the manliest man on I2P. Rumored to be the operator of the I2P mainframe.


sighup’s eepsite – “Homepage of sighup”. A blog, IRC logs of some irc2p channels, contact information, and some other stuff.


darrob.i2p – Personal site of darrob. Some Tahoe-LAFS related stuff.


peek-a-boo eepsite – ReturningNovice’s eepsite.


justme.i2p – Home of RandomI2PUser. Some books, music and programs available.


Meeh’s home – One or two tutorials and a description of the services run by Meeh.


Home of a Japanese I2P user.


lurker.i2p – “A non-organic lifeform”. Home of Frost, the operator of ZeroFiles. Has a blog and a hosts.txt file. http://lurker.i2p

Complication – A really old personal site. Interesting snippets from the beginning of I2P when there were just a handful of users. Hasn’t been updated in a couple of years.


Man  of Perdition – “Things your goverment & church don’t want you to   know.” Do not enter without triple-layered tinfoil hat.


Freshcoffee – Plain and simple but well crafted home of cervantes. Lists some cryptographic keys.


Schwarzwald – Quite an empty website.


Doom – Yet another empty personal website. It lists a GPG key.


luminosus – Lists some contact information.


Cable Viewer – “A Cat’s Mirror of Wikileaks Cablegate site.”


main.paraZite – A mirror of the (in)famous “paraZite”


I2P Planet – “planet.i2p is an RSS aggregator for I2P trackers, blogs, and other feeds.”


hashparty – “Home of hashparty, the blackhat hash cracking feast!”


Cool looking site in Spanish about privacy, government control, GSM, mobile phones, privacy, security, hacks, IMSI-catcher, etc.




Buråsskolan – A Swedish site (or rather, a page) about cryptoanarchy (I suppose).


anarchydocuments.i2p – A mirror of texfiles.com’s “Anarchy and General Mayhem” section.


Abusos judiciales en España – Info about abuse by courts and lawyers in Spain.


Info Security – A Russian blog on information systems security. Seems dead.


Anarplex – Darknets and cipherpunked agorism.


Lenta.i2p – Very active news blog on Russian affairs.


FreeZone – A Russian blog.


SLS.i2p – Yet another Russian blog. Seems to cover politics.


Antheogen – A Russian site about psychoactive funghi (I think)



PaTracker 1.7 aka Postman’s I2P tracker, or simply Postman. I2P’s main torrent tracker. Has been up for years. Very active, very reliable. Lots of good stuff.


DifTracker – A large body of French content


exotrack.i2p – Deserted but functional.


Myttk – A Russian torrent site.


Welterde – Opentracker that has been up for a number of years.


Chisquare’s opentracker announce URL


An opentracker run by KillYourTV


A Russian opentracker.


Les Hérétiques – Very well-designed collection of French literature, including detailed descriptions. Mostly (only?) EPUB files.


lib.i2p – A modest (~500) collection of Russian ebooks.


Free Book Library – 20045 books, 410 comics, 33 magazines, 134 textbooks. Warning: Facebook Like button on page!


Gusion – A modest collection of ebooks (~290). Mostly fiction. Uses the Calibre ebook management software.


Library  Genesis – I2P leaf of the Library Genesis project (now nearing 1 million ebooks).


Document Heaven – “Document Heaven wants to be an eepsite, which collects links and magnet links to scientific or otherwise interesting non-fictional papers, documents and books. This eepsite is hosted in the spirit of the Guerilla Open Access Manifesto.”


Cheech-Wizard – An index of music and comics uploaded by Cheech-Wizard to Postman.


amidoinitrite – Manga, music, books, Youtube.


lyncanthrope.i2p – French movies and music


openmusic.i2p – An open directory with some gigabytes of music. http://openmusic.i2p

mp3arc – Fairly big open directory of “hard music”. At least 800 albums (haven’t counted them). Sorted by artist. http://mp3arc.i2p

Anonymix – “Multitracks, Acapellas, Instrumentals, and More” for download. Requires registration. http://anonymix.i2p

leecher.i2p – Some popular TV series including The Walking Dead, The Simpsons, South Park, and more. http://leecher.i2p

serien.i2p – An index of German TV series available via torrents. http://serien.i2p


VEscudero’s Service for Buying and Selling Bitcoins – Very well established and reputable Bitcoin trader. http://bitcoiner.i2p

LTC Guild – Litecoin mining pool. http://ltcguild.i2p

Darsek – “virtual card, internet payment processor and money transfer system”. http://darsek.i2p

?x5 – “?x5 Investment Fund is an Offshore entity outside your jurisdiction, managed by veteran investment gurus.” http://pix5.i2p


ChemHack’s – “Apothecary and Potions”. Currently selling homemade GHB and Suboxone http://chemhack.i2p

Darknet Products – Selling virtual machines and bootable USBs. http://darknet-products.i2p


id3nt – I2P’s main microblogging service. http://id3nt.i2p

Jisko – Another microblogging service. Hasn’t been around as long as id3nt, but has frequent and constant activity. http://jisko.i2p

Visibility – Fully functional social network. Active (read: not dead), but could do with more users. “You can add friends, upload files, share images, write blogs, create pages, add bookmarks, create polls, and more…” http://visibility.i2p


I2Play – “Welcome! I2Play provides anonymous gaming services over I2P. Admittedly the selection of games that can be played over I2P is reasonably small due to the requirement that they be tolerant of lag, but that doesn’t stop us trying!” OpenTTD and Tetrinet. http://i2play.i2p

I2P Chess Client – “Here you can play chess with other users and robots either in casual  play or for ranking.  Also, you can interact with the users through the  chat rooms. You don’t need to install any other program, you just need  to register using the link, enter and play!” http://chess.i2p


ZeroFiles – A file and image host with a 10mb upload limit. http://zerofiles.i2p

Gallery – Not exactly an image host pur sang, but it hosts images. About 40k of them. http://gallery.i2p

open4you – A Russian/English site offering free hosting. http://open4you.i2p

Blackhosting – A Russian hosting provider that accepts Bitcoin. http://blackhosting.i2p/en/


ZZZ – The main developers forum of I2P. http://zzz.i2p

i2p2.i2p – I2P’s project page. Go here for the nitty gritty on how I2P works. http://www.i2p2.i2p

trac – I2P bug reporting and general ticket creation. http://trac.i2p2.i2p

stats.i2p – “The home for I2P statistics”. Has been around since forever. http://stats.i2p

BigBrother – Distributed network statistics gathering. http://bigbrother.i2p

sponge – Home of I2P for Android, Seedless, and sponge himself. http://sponge.i2p

echelon – Your #1 source for I2P plugins. http://echelon.i2p

Plugins – “An app-store for I2P plugins” http://plugins.i2p

I2P Plugins – Yet another source of plugins. http://stats.i2p/i2p/plugins

AyuDownloader – “AyuDownloader is an Plugin using the EepGet class from i2p developers to download larger files easy from Eepsites.” http://ayudownloader.i2p

Ipredia – “Home of IprediaOS”. An operating system for I2P. “IprediaOS  is a fast, powerful and stable operating system based on Linux that  provides an anonymous environment. All network traffic is automatically  and transparently encrypted and anonymized.”  http://ipredia.i2p

Projects.i2p – Projects.i2p is a community-focused projet management site for I2P  coding projects, providing optional wikis, forums, document management, bug tracking and much, much more. If you’d like to host a project here, please contact one of the site admins, either on I2P’s IRC network, or via e-mail. http://projects.i2p

Repo – “This site is a central information hub for repository hosting services around I2P.” http://repo.i2p

git.repo.i2p – A public, anonymous Git hosting site. http://git.repo.i2p

Deadman – iMule repository. http://deadman.i2p


ExitProxy – Run by Russians. Multiple IPs available. http://exitproxy.i2p

Meeh’s Tor outproxy – “I have a outpoxy free for use. With this you should be able to access both .i2p/.onion and clearnet sites.”



PasteThis.i2p – Has been up for at least a year. Stable and actively used. http://pastethis.i2p

ZeroBin – “ZeroBin is a minimalist, opensource online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.” http://zerobin.i2p


Salt Wiki – The main I2P Wiki as of writing. A valuable resource with a big and broad variety of information. Also available as a Tor hidden service http://salt.i2p/wiki/index.php/Main_Page

Satori – “This is a wiki dedicated to cryptographic, anonymity, and security information.” http://satori-wiki.i2p

The Darknet Wiki – Seems underdeveloped and deserted. http://darknet-wiki.i2p

wiki.meeh.i2p – Good resource with information not found elsewhere. “This is a wiki for i2p and how to use its functions and services.” http://wiki.meeh.i2p

rus.i2p – Main Wiki for Russian I2P users. http://rus.i2p

??????????? – Another Russian Wiki. This one seems oriented towards more technical subjects. http://progromore.i2p

WikiI2p-ES – A wiki for latinos. http://lawiki.i2p/wiki-es

I2P Tutorials – Tutorials in German. http://tutorials.i2p

I2P/Tor Workshop Notes – “By the less than anonymous Adrian Crenshaw”. http://irongeeks.i2p

PrivacyHawk – A useful resource for tutorials on a variety of topics. “Welcome to PrivacyHawk’s Growing List of  Tutorials”. http://privacyhawk.i2p


stats.i2p – The oldest and most popular addressbook service of I2P. Curated. http://stats.i2p

I2P Name Registery – Second most popular addressbook service. “Domain name registrations will not be rejected based on content.” http://inr.i2p

I2Host- Yet another jumper service. http://i2host.i2p


Postman’s mail service aka mail.i2p. Has been online since 2004 with no breaks. Solid email provider. http://hq.postman.i2p

Mumble server by TronDev. Voice chat for the darknet. http://salt.i2p/wiki/index.php/TronDev_Mumble_Server

i2p-bote – Distributed secure email – http://i2pbote.i2p or http://plugins.i2p/i2pbote

Inscrutable XMPP – Also available as a Tor hidden service. Includes information on connecting to Inscrutable XMPP with various clients. http://inscrutable.i2p

Salt XMPP – See the wiki for a tutorial, configuration, client list, etc. Also available as a Tor hidden service. http://salt.i2p/xmpp.html + http://salt.i2p/wiki/index.php/Salt_xmpp

Inscrutable and Salt have S2S (between one another) and multi-user chat.

Haste XMPP – Also available as a Tor hidden service and on the clearnet http://haste.i2p

I2P Chat – A web chat run by who.i2p. Almost only Russians in here. http://who.i2p/chat/

Salt NNTP – Text only NNTP server. Also available as a Tor hidden service. http://salt.i2p/nntp.html + http://salt.i2p/wiki/index.php/Salt_nntp (tutorial)


Marcadores – A link list by a Latino user – http://marcadores.i2p

Null – Link list (and blog) by 77@0x7@0x01. Nice retro design. http://null.i2p

The Anon Dog – Excellent link list with descriptions. http://theanondog.i2p/cgi-bin/eepsites.py

Who is up? – Uptime checker by a Russian. http://who.i2p

Perv – One of the older uptime checkers. http://perv.i2p

identiguy aka eepstatus – Stable. http://identiguy.i2p


forum.i2p – I2P’s oldest forum. The most active forum in the I2P anglosphere. http://forum.i2p

forum.salt.i2p – Salt’s forum. http://forum.salt.i2p

forum.rus.i2p – Main forum for Russian I2P users. Very active. http://forum.rus.i2p

The Holocaust Forum – “Open and civilized debate on the Holocaust”. http://holocaust.i2p


Salty Pad – An I2P Etherpad instance. http://oniichan.i2p/ep/pad/

Infinote – For use with an Infinote client. Might be better than Etherpad. No Javascript required. http://str4d.i2p/services/infinote/


KillYourTV’s SKS OpenPGP Keyserver http://killyourtv.i2p/sks

Inscrutable’s SKS OpenPGP Public Key Server http://keys.inscrutable.i2p

Echelon’s I2P OpenPGP Public Key Server. http://keys.echelon.i2p


Tabak – 1 page of information on.. tabacco. In Russian. An i2p-bote address is listed too. http://tabak.i2p

Anonet2 – The Anonet darknet. http://anonet2.i2p

q.i2p – “The I2P URL-Shortener” http://q.i2p

INTUIT.ru – A mirror of intuit.ru, which is.. something. In Russian. http://intuit.i2p

A hit counter for your eepsite. http://who.i2p/counter.html

BitTot – Yeah.. don’t tell Putin about this. http://bitot.i2p

La lique des trolles – I don’t have a clue what this is about. Some French closed forum. http://dumpteam.i2p

zzzot – See for yourself. http://encryptedphreak.i2p

MPAA NOTICE. http://mpaa.i2p

Does what it says on the tin. http://nyancat.i2p

SYNDIE (An open source system for operating distributed forums):

syndie-project.i2p – Syndie project website http://www.syndie.i2p

Syndie Documentation Project – A project to revive Syndie’s documentation and make the software easier to use. http://fomjl7cori4juycw55kdlczpgzzhme6nox6zykokuiov6t5lxhvq.b32.i2p







A table of known Syndie archives. http://wiki.meeh.i2p

Syndie Gateway. http://mosfet.i2p


The I2P IRC network aka irc2p – The biggest, most well known, most active IRC network in I2P. It works out of the box. Simply start I2P and point your IRC client to irc://

Nameless – An IRC network with some interesting anonymity enhancing features. Servers: irc.stream.i2p, irc.puredev.i2p, irc.philabs.i2p, irc.dlms.i2p

Single server networks belonging to particular users:





Dark Web Bitcoin and other nasty stuff

Dark Web Bitcoin and other nasty stuff

gAtO bEeN - analyzing my Dark Web data and it’s worst then ever. Besides the usual crap like human sex slaves, drugs and guns. There seems to be a lot of newer sites that look like terrorist sites, some preaching and asking for donations and of course Bitcoin is the currency of the Dark Web. bitcoin-gollum

Of course there are some sites that are a joke and looks like a government operation gone sour. I am sure they will catch small wanna be script kiddies but the real treasure is in other sites that are linked from these terrorist sites that require login information and no way to register. But in some of the paste-sites reveal it’s pretty easy to gain access via other that can vouch for you. The good part is I found a way to code my login info to my crawlers so this is going to be my next target.

monitoring the dark web:

  • Mapping the hidden services directory by deploying nodes in the distributed hash table (DHT);
  • Customer data monitoring by looking for connections to non-standard domains;
  • Social site monitoring to spot message exchanges containing new dark web domains;
  • Hidden service monitoring of new sites for ongoing or later analysis;
  • Semantic analysis to track future illegal activities and malicious actors; and
  • Marketplace profiling to gather information about sellers, users and the kinds of good exchanged.

The funny part is you been hearing about DARPA Memex dark web tool and that all LE are using it, so how come Law Enforcement allow these terrorist sites and these children sex slave sites to function. I found over 22,000 Bitcoin addresses, so it should be easy to start to map these and try to follow the Bitcon to the bad guys. I’m sure some are using full-node Bitcoin wallets and it’s pretty easy to match it to an IP address. So why does MemEx and LE allow this.

From a year ago when I last crawled the Dark Web I can see that a few sites have been taken down by DOJ- good for them, but new ones pop up in a New York minuet and they keep operating normally of course they have to re-brand and get the new .onion url out in paste site and BB sites.

I am cleaning up my 400,000 URL and start to crawl by next week – if I got 400k from just 17k of sites this new crawl should deliver millions of new Dark Web sites -and so the fun begins –  gAtO OuT


Dark Web and Bitcoin Intelligence Project

Dark Web Intelligence- The Digital Undergound

Project Athena

Executive Summary

I have over 400,00 of Dark Web URL and Web-content plus 2-3 million URL and content of historical data from a few years back – available today.  

Project Athena will offer customers the ability to monitor Dark Web activities and provided alerts and warnings when credit cards or banking account information (or any other keyword you choose) is posted for sale or dumped in the Tor and i2p network dark marketplaces. We also offer the optional service for attainment of compromised data from dark web sellers, this is optional and customers are encouraged to seek legal advice before requesting this service.

We follow the money in the Dark Web, Project Athena will also track Bitcoin usage in the dark web. Since it is the prime source of all dark web transactions, this data combine with our Bitcoin Blockchain tools will give you the data and insight into any cyber investigation.

We use cyber sock puppets in the dark web marketplaces to gather intelligence and target data. These persona’s called cyber sock puppets play a role and team up to gather information. We can also provide you with training and manuals on setting up a Deep Web Investigation Environment with all our tools and how to social-engineering with sock puppets to gather cyber intelligence.

These are all passive methods of investigations, but we can also perform active probes into dark web websites which are very different in the code below and how what network protocol allows.

The Artemis Search engine does 2-two things, one is search of the data from the crawlers and the web crawlers that are basicly BotNets that you send out to gather intelligence in the networks. We gather network data, metadata and website content and extract the URL, Email, Bitcon Addresses, ip2 Addresses and many other type of data, but we can do custom keyword for any investigation subject matter that you may need to use.

Project Athena web crawlers tool -Artemis- scrape the Dark Web (Tor-i2p Network) for metadata and content information of any website we find. This data is stored in Databases so it can be used as a front end to any analytical software to extract the dark web players and websites or any data point you are looking for. It can also provide a simple dark web search engine for investigation into dark web activities.

Since the Tor and i2p network hide websites and information, we must be creative in using our crawlers with keywords to find active websites that are part of the target investigation and then dig deep into them extracting every cyber breadcrumb they have. This is all passive crawlers so no violations are committed.

Bad Guys Methods: Some sites only go up for a few hours every day, some sites use graphics only so our search crawlers can not pick them up their web content, they even imbed content in the graphics so even if you have the graphics without the right password you cannot decode the graphics. Some other sites are Login only sites, getting into those sites is by recommendation only so establishing cyber sock puppets and having them be accepted is the only way to get into these private stolen goods websites. We also do active operations with sock puppets to find new websites by social-engineering methods.

We design and develop cyber dark web sock puppets as aliases and define roles for them to play. These active sock-puppets can be your best way to gathering intelligence to real sites that are selling goods and services or known wire transfer for terroist organizations. In the dark web websites are called hidden services, so finding them without active sock puppets operations is almost inpossible.

The Dark Web is tied to Bitcoin as a monetery value transfer network and one of our new cyber financial data point we will focus on. With our new Bitcoin BlockChain tools working with our Artemis crawlers we can map Bitcoin transactions sometimes down to an IP address.

Bitcoin mapped to the Dark Web

Bitcoin mapped to the Dark Web

Business Case:

The business purpose is to offer a service to banks, financial intuitions, and private persons to monitor activity on the Dark Web to provide alerts and warnings when credit cards and banking accounts are compromised and posted for sale.

Granted, some clients, and potential clients, initially, may not want “the service” to be involved in buying compromised cards back, but they might at some point in the business relationship. BitCoin tracking is important, as you well recognize, to develop the human side of the investigation and would involve creating Sock Puppets and employment of other anti-fraud investigation techniques.

But, for initial marketing efforts, being able to “get a meeting” with a bank executive by letting he or she know that there are indications that bank accounts and credit information is being sold is a first step. Then the pitch would be,

“Let us monitor the Dark Web for you, to provide alerts and warnings so you can respond appropriately, and in a timely manner!”


Table of Contents

Dark Web Intelligence……….. 1

Project Athena……….. 1

Executive Summary – Project Athena:……. 6

Business Case:……. 7

Bitcoin – Financial Side of the Dark Web :……. 8

A Private http://blockexplorer.com type blockchain to DB tool…… 8

Bitcoin Account Types:….. 8

Dine and Ditch Wallet:….. 9

Store-Hold Wallet:….. 9

Web-Wallet….. 9

Step by Step list – Dark Web Intelligence focus……. 9

Technology Required – Dark Web Tools……. 10

  • Tor….. 10
  • 2 private Tor-Relays – entry and exit….. 10
  • Artemis – Tor Search Engine -w/ Privoxy and Popili Proxies….. 10
  • BlockChain 2 DB tool – to keep all Block-Chain queries PRIVATE….. 10
  • IRC – OnionCat – BitMessenger….. 10
  • Bitcoin….. 10
  • VPN….. 10
  • i2p….. 10
  • secure email….. 10
  • PGP key for encryption….. 10
  • 3-5 Dark Web Sock Puppets – Buyer/Hacker/wingMan – Roles….. 10

Phase I……. 10

Phase II……. 10

Phase III……. 10

Active Buy….. 11

Extract CC Data….. 11

Dark Web data Collection -Tor- Bitcoin – E-Mails & I2P -……. 11

Understanding the Block Chain……….. 12

The Value of Decentralized Consensus……. 12

Decentralized Applications: The Next Big Thing……. 13


Sock Puppet  – Gaining Anonymous Access into the Dark Web – ??……. 15

Create Your Own User Names….. 15

Setting-Up Your Sock Puppet Environment….. 15

Best Usage Practices of Sock Puppet Identities….. 15

Setting-Up Onion Mail:….. 15

Create Your Own User Names?….. 15

Motivation – WHY do you need a Dark Web Sock Puppet (SP):……. 15

Dark Web Methods:……. 16

Dark Web Communication:……. 16

IRC – Private Message – BitMessenger -……. 16

Sock Puppet -> Start Here: ?……. 17

STEP 1: Research Intelligence Exchange:….. 17

STEP 2: Setup an email account for your sock poppet using onion mail:….. 17

STEP 3: Copy and paste site information about PGP public:….. 17

STEP 4: Setup PGP:….. 17

STEP 5: Transfer file:….. 17

STEP 6: Establish Your Presence on a Private Message Board:….. 17

STEP 7: Set-Up a secure public Jabber/XMPP federated server on hyperboria using rows.io….. 17

Best Usage Practices of Sock Puppet Identities ?Protecting Your Sock Puppet:….. 18

Completing Your Research- Operation:….. 18

Setting-Up Onion Mail:……. 19

[1.0] What’s Onion Mail:….. 19

[1.1] Why should I use Onion Mail?….. 19

[2.0] Sending emails….. 19

[2.1] Special addresses:?….. 20

[3.0] Communicating with the server:….. 20

[3.1] Spam List:….. 21

[4.0] Dealing with unwanted messages with X-Notice headers:….. 21

[5.0] Create your OnionMail address:….. 22

[6.0] Use PGP messages:….. 22

[7.0] Virtual M.A.T. Protocol and simple mail addresses:….. 22

[8.0] Virtual M.A.T. in Tor network:….. 23

[9.0] User configuration:….. 23

[10.0] Mailing lists:….. 23

[11.0] How to know the user limits:….. 24

[12.0] iam.onion addresses and server address:….. 24

[13.0] Special Mail RULEZ files:….. 24

[14.0] Rulez files as newsletter:….. 25

Dark Web Sock Puppet Setup……….. 26

Sock Puppet  -Insertion into the Dark Web -……. 26

Sock Puppet Information….. 26

Start inserting your Sock Puppet into this webSite :….. 26

email setup in the Dark Web –Onion Mail:….. 26

Dark Web Communication:……. 26

Paste Site:….. 26

Reason-:….. 27

PGP setup:……. 27

Reason-:….. 27

File transfer:……. 27

Reason:….. 27

Private Message Board:……. 27

Reason:….. 27

Jabber:……. 27

Reason:….. 27

Sock Puppet ways & methods:……. 28

Project Athena mission is to collect all Dark Web metadata & financial information and map it out………… 29

Dark Web Stats Pre-Crawl Feb 4, 2015:….. 29

Bitcoin Big Winner in the Dark Web….. 29

USSOCOM Monitoring Bitcoin in the clear web NOT the Dark Web:….. 29

Your secret ownership is encrypted:….. 30

Tax Problem:….. 31

The POWER of the Block-Chain:….. 31

Why we need Dark Web Bitcoin Data:….. 31

Dark Web Tool Setup……….. 33

Overview of Tool Setup for Dark Web Collection project……. 33

Technology Required -……. 33

  • Tor….. 33
  • 2 private Tor-Relays – entry and exit….. 33
  • Artemis – Tor Search Engine -w/ Privoxy and Popili Proxies….. 33
  • BlockChain 2 DB tool – to keep all Block-Chain queries PRIVATE….. 33
  • IRC….. 33
  • Bitcoin….. 33
  • VPN….. 33
  • i2p….. 33
  • secure email….. 33
  • PGP key for encryption….. 33
  • 3-5 Dark Web Sock Puppets – Buyer/Hacker/wingMan – Roles….. 33

Why use Amazon VPS service for my crawlers:….. 33

notes for setting everything up for Dark Web crawlers and Artemus search engine…….. 34

YOUTUBE – Video……. 35

torrc configuration file:….. 36

artemis is installed….. 37

sudo apt-get install tor….. 39

To run TOR as a different USER….. 39

checking if Tor is working….. 40

curl information for the crawlers:….. 41

How to use SOCKS proxy….. 44

tor tor-geoipdb privoxy:….. 44

Proxy setup Tor….. 46

CookieAuthentication 1….. 51

info httpproxy:….. 51

setup Privoxy port:….. 54

Onion00 and torStatus – PRIVATE Tor Public Node list for research….. 59

OnionOO setup……. 59

  1. Installing the metrics database….. 60

1.1. Preparing the operating system….. 60

Make Sun’s Java the default…… 62

1.2. Configuring the database….. 62

1.3. Importing relay descriptor tarballs….. 64

1.4. Importing relay descriptors from a local Tor data directory….. 65

1.5. Importing GeoIP information….. 65

1.6. Pre-calculating relay statistics….. 66

1.7. Generating network status information….. 66

1.8. Importing sanitized bridge descriptors….. 67

1.9. Importing Torperf performance data….. 67

1.10. Importing GetTor statistics….. 68

1.11. Migrating from an earlier metrics database schema….. 68

1.11.1. Migrating from metrics-web 0.0.1….. 69

  1. Installing the graphing engine….. 70
  2. Installing the metrics website….. 71

3.1. Configuring Apache HTTP Server….. 72

3.2. Configuring Apache Tomcat….. 73

999……….. 75



Visualization of Bitcoins in the Dark Web

gAtO is – working on a new toy for my Artemis Tor Search engine. I found these cool open source tools -CirCos data visualization- to map out my data visually and creating some cool points for any research.

Bitcoin mapped to the Dark Web

Bitcoin mapped to the Dark Web

Follow the money -> so a Bitcoin map of all the Tor websites I find may be cool, but we can also map it with email and PGP keys and Litecoin and other currencies. Anything we collect from the crawlers which is metadata and content we will be able to map it out on as many data points(keywords) and you want. Bitcoin and the Dark Web – Oh yeah I wrote a book–> – gAtO was right and WROTE the book 1 ½ years ago – Bitcoin in the Dark Web. – Now were going to add sock puppets and some social engineering to find the really good data in the Dark Web – Oh yeah DARPA MEMEX nice try I even have historical Dark Web data and my tools work today-  Were also collecting i2p data so it should be good for any cyber hunter – gAtO oUt.


Bitcoin in the Dark Web

Bitcoin in the Dark Web – Digital Underground

gAtO wAs – asked to check the Dark Web (Tor-i2p) with my Artemis Tor-i2p search engine to see how Bitcoin is doing, and the answer was shocking. I dug around and got a base of 2,000 Tor URL out of those 1,400 we OK and I came back with 17,000 new URL from this first run. Just checking on the Bitcoin keyword it got the biggest hits followed by CC (credit cards) and other stolen good and services. black_bots_

Were the Dark Web was more about Porn a year ago it has changed direction and has become a Bitcoin value transfer network for any information you are looking for and the transactions are all Bitcoin now. As we seen the white cola world adoption of Bitcoin in the clear web has made it more powerful in the Dark Web. More stolen properties, more coin mixer and not only Bitcoin but Litecoin and DogeCoin are becoming more popular to trading in goods and services.

As the DOJ has shut down Silk Road and other drug sites new one have popped up but the thing I seen the most from my crawlers is that more and more trades or goods and services have gone to Bitcoins exclusive as the currency of the Dark Web. Security of transactions are becoming more complex with escrow serves popping up all over the place and even Dark Banks for your Bitcoins and wallets.

We are planing a big sweep of the Dark Web 10 crawls (total of up to 5 million Dark Web URL and website content) for any and all Bitcoin addresses and then use my new designed Blockchain tools to look at all the Bitcoin transactions and see if we can follow the money to an IP address of the bad guys. Hopefully this will open new ways of finding Bitcoins in the Dark Web and help LE get the bad guys. – gAto OuT


Multiple Bitcoin wallets for a Business with Multiple Locations

gAtO wOrKiNg - on the business side, so I needed to create this Presentation to explain how my hd-wallet would work in a business.

Let’s say you have 8 Hair Salons and you wanted each store to have Bitcoin as a source of payment. Easy with my HD-wallet system you can safely deploy different Bitcoin wallets to all the stores and still maintain control of all the Bitcoins that your 8 Hair Salons take in. 

My KickStarter Project- https://www.kickstarter.com/projects/949677390/bitcoin-business-wallet

Your accountant will love the reporting of every BitcoinUserWalletTransaction – and of course the BIG question – Who do you call when your Bitcoin transaction does not work. We give you the tools to query the blockchain and get the answers to solve the problems.

Security – Privacy – Control – Management – Accountability

Simple GUI interface so anyone can use it – No Bitcoin Programing NeededEasy deployment all in your server, so you have total security. I also included Intelligent Multi-Sig Workflow to make Multi-sig wallets easy to use, approve and use by everyone.  Any input would be welcome – gAtO OuT 

Slide 1
Slide 2
Slide 3
Slide 4
Slide 5
Slide 6
Slide 7
SLide 8
SLide 9
Slide 10
Slide 11
SLide 12
SLide 13
SLide 14
Slide 15
Slide 16