Tor Usage goes UP PirateBay, Iran-Syria and Google-play Orbot

USCyberLabs Stats of the Tor Network Aug-27

USCyberLabs Stats of the Tor Network


Sudden rise in direct Tor users

On Tuesday 27th, Roger Dingledine drew attention to the huge increase of Tor clients running [14]. It seems that their number has doubled since August 19th according to the count of directly connecting users [15]. According to Roger this is not just a fluke in the metrics data. The extra load on the directory authorities is clearly visible [16], but it does not look that the overall network performance are affected so far [17]. The cause is still unknown, but there are already speculations about the Pirate Browser [18] or the new “anti-piracy” law in Russia which is in force since August, 1st [19]. As Roger pointed out, ?some good solid facts would sure be useful.?

[14] https://lists.torproject.org/pipermail/tor-talk/2013-August/029582.html

[15] https://metrics.torproject.org/users.html?graph=direct-users&start=2013-05-29&end=2013-08-27&country=all&events=off#direct-users

[16] https://metrics.torproject.org/network.html#dirbytes

[17] https://metrics.torproject.org/performance.html

[18] https://lists.torproject.org/pipermail/tor-talk/2013-August/029584.html

[19] https://lists.torproject.org/pipermail/tor-talk/2013-August/029583.html

Ever since the the NSA Prism program came out something else is going on in Tor. People want privacy and they will use anything they can to get it. Tor is one solution that a lot of people know about but there are other factors about the increase.

Piratebay.sx and it’s users are doing a lot more stuff with the new browser – There has not been a sustained increase in search traffic for the Pirate Browser on Google. Tor and “Tor browser” haven’t shown a spike in search, either. Could it be from users in Syria?  Also note that the Google Play Store has been unblocked in Iran, allowing distribution of Orbot/Orweb in that country to phones with the Play Store app installed (partial bootstrapping problem).

Syria had a spike from 1000 to 4000 but that’s a tiny fraction of the recent increase. Iran doubled from 4000 to 8000 which is also only a part of the increase. Is there a page listing each graph by country or overlapping them all?

The Tor Project also pushed out Orbot v12 to Google Play in the last few weeks – 2 separate updates. That would not account for all of the increase, but it could have prodded enough existing users who had not used Orbot in awhile to start the app up again. We have also seen about 75,000 new installs over the last 3 months.

So we have a lot of factors as the Tor network grows larger everyday– gATo oUt



Tor is NOT the ONLY Anonymous Network

gAtO fOuNd – this very interesting and wanted to share –

Tor does some things good, but other anonymous networks do other things better. Only when used together do they work best. And of course you want to already know how to use them should something happen to Tor and you are forced to move to another network.fin_07

Try them! You may even find something interesting you cannot find on Tor!

Anonymous networks

These are well known and widely deployed anonymous networks that offer strong anonymity and high security. They are all open source, in active development, have been online for many years and resisted attack attempts. They run on multiple operating systems and are safe to use with default settings. All are well regarded.

  • Tor – Fast anonymous internet access, hidden websites, most well known.
  • I2P – Hidden websites, anonymous bittorrent, mail, out-proxy to internet, other services.
  • Freenet – Static website hosting, distributed file storage for large files, decentralized forums.

Less well known

Also anonymous networks, but less used and possibly more limited in functionality.

  • GnuNet – Anonymous distributed file storage.
  • OneSwarm – Bittorrent, has a non-anonymous mode, requires friends for anonymity.
  • RetroShare – File-sharing, chat, forums, mail. Requires friends, and not anonymous to those friends, only the rest of the network.
  • Omemo – Distributed social storage platform. Uncertain to what extent it is anonymous.

Non-free networks

These are anonymous networks, but are not open source. Therefore their security and anonymity properties is hard to impossible to verify, and though the applications are legit, they may have serious weaknesses. Do not rely on them for strong anonymity.

  • Osiris – Serverless portal system, does not claim to provide any real anonymity.

In development

  • Phantom – Hidden Services, native IPv6 transport.
  • GlobaLeaks – Open Source Whistleblowing Framework.
  • FreedomBox – Project to create personal servers for distributed social networking, email and audio/video communications.
  • Telex – A new way to circumvent Internet censorship.
  • Project Byzantium – Bootable live distribution of Linux to set up wireless mesh nodes with commonly available hardware.
  • Hyperboria A distributed meshnet built on cjdns.

Routing Platforms

These are internets overlaid on the internet. They provide security via encryption, but only provides weak to none anonymity on their own. Only standard tools such as OpenVPN and Quagga are required to connect. Responsibility for a sufficiently anonymous setup is placed on the user and their advertised routes. More suited for private groups as things out in the open can be firewalled by other participants. Can be layered above or below other anonymity nets for more security and fun.

  • Anonet – AnoNet2, a more open replacement for AnoNet1.
  • dn42 – Another highly technical routing community.
  • CJDNS, an IPV6 overlay network that provides end to end encryption. It is not anonymous by itself.

Alternative Internet

  • Netsukuku – A project that aims to build a global P2P online network completely independent from the Internet by using Wi-Fi. The software is still in active development, although the site is no longer updated. A new site is in progress of being built.
  • Many other wireless communities building mesh networks as an alternative to the Internet, e.g. Freifunk, http://guifi.net and many more around the globe. see also

Alternative domain name systems

  • Namecoin – Cryptocurrency with the added ability to support a decentralised domain name system currently as a .bit.
  • OpenNIC – A user controlled Network Information Center offering a democratic, non-national, alternative to the traditional Top-Level Domain registries.
  • Dot-P2P – Another decentralized DNS service without centralized registry operators (at July 18, 2012 page is not accessible and has not known anything about the status of project from February 2011).

See Also


The deep Dark Web -Book Release

gATO hApPy – 

AVAILABLE @ AMAZON – http://www.amazon.com/dp/B009VN40DU

AVAILABLE @SmashWords website  @http://www.smashwords.com/books/view/247146

I learned that I hate WORD: – but it’s the general format for publishing  – text boxes- get imbedded and you can’t format to EPUB or .mobi or anything – solution after going lOcO gAtO – was copy and paste into txt editor – save as RTF then copy paste back into a new WORD document and then reformat everything from scratch – and copy over the pictures – as you can tell I had fun-..-ugh mEoW F-F-F-F as much fun as a hairball but if it get’s the message out “FREEDOM OF SPEECH IN CYBERSPACE” then we done our job, anyway I hope you read it Thank you Pierluigi a best friend a security gAtO ever had – gATO oUt

This Book covers the main aspects of the fabulous and dangerous world of -“The Deep Dark Web” . We are just two cyber specialists Pierluigi Paganini & Richard -gAtO- Amores, with one passion and two souls we wanted to explain the inner working of the deep dark web. We have had a long collaboration in this efforts to document our findings we made infiltrations into the dark places inaccessible to many to give a you the reader a clear vision on the major mystery of the dark hidden web that exist today in the Tor Onion network..

The Web, the Internet, mobile cell devices and social networking has become commonly used words that identify technological components of daily Internet user’s experience in the cyberspace. But how much do we really know about cyberspace? Very, very little, Google / Yahoo / Bing only show us 20% of the Internet the other 80% is hidden to the average user unless you know were to look.

The other 80% of the Internet is what this book is about the “Deep Dark Web”, three words with millions of interpretations, mysterious place on the web, the representation of the hell in the cyberspace but also the last opportunity to preserve freedom of expression from censorship. Authorities and corporation try to discourage the use of this untapped space because they don’t control it. We the people of the free world control this network of Tor -Onion Routers by volunteer around the world.

The Deep Dark Web seems to be full of crooks and cyber criminals, it is the hacker’s paradise, where there are no rule, no law, no identity in what is considered the reign of anonymity, but this is also the reason why many persecuted find refuge and have the opportunity to shout to the world their inconvenient truths.

The Deep Dark Web is a crowded space with no references but in reality it is a mine of information unimaginable, a labyrinth of knowledge in the book we will try to take you by the hand to avoid the traps and pitfalls hopefully illuminating your path in the dark.

Cybercrime, hacktivism, intelligence, cyber warfare are all pieces of this complex puzzle in which we will try to make order, don’t forget that the Deep Dark Web has unbelievable opportunity for business and governments, it represents the largest on-line market where it is possible to sell and acquire everything, and dear reader where there is $money$  you will find also banking, financial speculators and many other sharks.

Do you believe that making  money in Deep Web is just a criminal prerogative? Wrong, the authors show you how things works in the hidden economy and which are the future perspectives of is digital currency, the Bitcoin.

This manuscript proposes both faces of the subject, it illustrates the risks but also legitimate use of anonymizing networks such as TOR adopted by journalist to send file reports before governments agents censored his work .

Here are some question we may answers to:

How many person know about the cyber criminals and their ecosystem in the deep web? 

How many have provided information on the financial systems behind the “dirty affairs”? 

How the law enforcement and governments use Dark Web?

Let’s hold your breath and start the trip in the abyss of knowledge to find answers to the above questions. We hope that with this book you can learn something new about – The Deep Dark Web.


Tor Network Directory Project

Lately we all heard of Silk Road the underground cyber marketplace were you can buy illegal drugs and guns and people say all the bad guy’s are using the dark web for crime stuff – yeah DuDe:—:. It’s is just the Tor onion network, if you want to visit the onion network just go to torproject.org and download their bundle software and go surfing in the onion network. Since there is no bing, google or yahoo in the onion network, if you want a directory of what’s out in onion land just go to the hidden wiki. “Cleaned Hidden Wiki”- http://3suaolltfj2xjksb.onion/hiddenwiki/index.php/Main_Page.

The wiki is built by one of the founders of the onion netowk the administrator of MyHiddenBlog in – (- “http://utup22qsb6ebeejs.onion/” — ) and volunteers built The “Cleaned Hidden Wiki” .It is one of the few places were you can find some of the hidden services (websites) in Tor, in other words the only websites in Tor that want to be found. You see in the Tor onion network your site is your secret, your site is hidden because there is no google or yahoo to send web crawler out into the onion network. The USCyberlabs Tor Network Directory Project will be the first time that we go out actively and collect all the websites (hidden services) that are hiding in the Tor onion network.

When I started to write about Tor and our new (“The Deep Dark Web”) -book, I was contacted by the FBI about what I was writing about Tor and the hidden services and attack vectors in Tor. They wanted to be gAtO’s bff. I must admit I was intimidated and walked a very careful line with my blog postings and my tweets. Why because the FBI want to fuck with lawful security researchers that come to close to the truth about Tor.

They do not want this mapping of the Tor onion network. Why? The mapping of the Tor onion network will show all sites even the ones that want to stay hidden. Like government sites? Like Spy sites? I mentioned Bots with Tor c&c yeah government stuff. You of course have your corporate presence in the hidden services of Tor what will these Tor website show. Maybe it’s not just the bad guy using Tor, maybe.

There are currently only 9 directory servers in the Tor infrastructure that know all the sites on Tor and getting this list is kind of hard. Tor is design not to give out directory information to just anyone. We also want more than a URL of a live site, we will gather all meta-data so we can understand what these sites are all about. Google’s web crawlers do it every second of the day so we will send out crawlers into the Tor onion network to generate our directory of Tor.

The ToR Directory Scan Project (TDS) 

The uscyberlabs TDS Project- is to scan every address possibility and to generate a directory of every single live hidden service in the ToR-.onion network.

Figuring out the rendezvous for a hidden service is complicated, we attack the problem from the side —>> so the onion URL is 16 digits 2-7 a-z  plus the .onion after the url address. It’s easy to have a simple web crawler program count and a,b,c and generate a sequential-alphabetized URL list. Now due to the ToR network things work slow – old style modem speed that you young kids are not used to. Now we feed a URL wait up to 25-35 seconds then list a positive or no-go. Once we have a live hit list of possible live hidden services then we visit manually. And build a working verified w/login and password list of every hidden service on ToR.

with 100 VM we can scan Tor in weeks with 1000 machines we can scan the Tor network within days.

I tested the unix “curl command” in Tor with sock5 and it’s very good at extracting information from a website. So a simple script in will feed all the machines and they will start the scan. Once finish we take all the results and we will have a directory of every single hidden service in Tor land.

gAtO needs your help!


CyberPeace -not- CyberWar

gAtO sEe – In the last couple of days Gen. Keith Alexander has been pushing the Cyber War agenda. -The issues around warfare are very different in cyberspace than in the physical world, and the United States is looking into “alternative strategies,” said Alexander, while not offering further details. In another place he was telling us that the CIA will not use the new cyber laws to spy on our email. Ok so you gonna be a sheep and follow the word of the government. We won’t spy on you.

Alexander said “civil liberties and privacy can work harmoniously with cybersecurity”. Come on General your a nice guy, gAtO met you —/ you have a passion but every time you bring out —/ Oops there went the Power Grid, Oops.. there went the financial sector, scare me, scare me. I know it’s your job to secure our country to protect our nation cyber infrastructure. Don’t trample on our cyber right any more please.

Hay here is a solution for you use a Tor-.onion network-(any anonymized network) to tie your power grid, and/or your financial services. If you can’t close down Silk Road in onion-land your C&C for your power grid and financial services should be invisible to everyone except on a need to know. gAtO just save you 14 trillion in R&D…//

gAtO has not heard one word about Cyber Peace from any responsible government in the world. Everyone is looking for their own cyber posture, their own cyber weapons/ budget/ programs/ money// , but not one has said let’s work together to make it better for peace, guess there is no money in Cyber Peace. Espionage, spying is the job of governments why would they destroy their own tools, weapons and just tweak our cyber-rights a wee bit, for our cyber freedoms and safety, to protect our government and you -lol.

Here is a simple idea crowd-source our problems. The one major resource in cyber-space is number of people that can see the same message. In crowd-source we can give the facts and ask anyone to help solve city budgets, ways to harvest more vegetable/per vertical/ sq.ft. Ask people how would you protect our electric grid // you be surprised by the creative answers you get, OK some may be crazy but…//. It may not be the right solution, but the power of the minds of people collaborating is what this new technology is built for. FaceBook is about ME- Twitter is about the rest of the world- but the new winner is —/ Comments /— have become more important than the article-subject itself because the conversation within in the comments shows social communication and problem solving by the masses.

Let’s change the message to CyberPeace, everyone has a solution, but remember that all your comments are the new gold so watch what you say to that troll on huffpost— gAtO oUt


Read more: Alexander: U.S. looking for offensive alternatives in cyberspace – FierceGovernmentIT http://www.fiercegovernmentit.com/story/alexander-us-looking-offensive-alternatives-cyberspace/2012-07-11#ixzz20KW1Lcf2


Latino Hacktivist on the Rise

gAtO cHeKs —  http://pastebin.com/trends“>http://pastebin.com/trends  – every day or so just to get a pulse on the hacktivist movement. One thing has change I see more and more Latinos getting involved in social cyber activist. Below is a break down of what I saw it’s good to see Latino nation using the social media for political dialog. As more of the world understands the importance of the new ways of connecting via the matrix, we will have more freedom of speech in cyberspace for everyone.

Let’s take a look at what my Latino brothers and sisters, si – Latina women are very much in the hacktivist roles all over Twitter sphere (#tangodown #dos ). Let’s take a look at today Sunday 1407 July,8 2012 –

A few post – goes out to the new cyber latino hacktivist and of course give thanks to Sweden and Italy brothers and sisters that have help the education of the spanish crowd-source with cyber hacktivist 101. But this was a big hit to -.MX Mexico is becoming a new cyber hot-bed for these cyber strikes –/ I have seen more and more hacktivist attacks at the Mexican politicals like MEGAMARCHA- against  “Public Radio International” or their message../ mAyBe nO-sI —  it’s about the PRI Mexican Party, corruption and the protesters went for both, that party and the Radio noise that helped them.

Besides Mexico, you have a push at UASD from a few sources with the Spanish hacktivist–/  a -DoX from Columbia I think  and a plan for the Olympics cyber lulz. From the Latino community this is a big show and tell on pasternBin.com  — gAtO oUt


.02.) Mexico 1. http://pastebin.com/CRu8raYU #PrimaveraMexicana—— #Anonymous #Opmexico #Megamarcha #ExigimosDemocracia #PrimaveraMexicana#PrimaveraMexicana


.01.) Mexico MEGAMARCHA –MEGAMARCHA! this was the new dump: http://pastebin.com/HcCN7kCv

  2. MEGAMARCHA VS el pri a le horas que usteden quierena empezamos:


Latino Hacktavist- gAtOmAlO2

Latino Hacktavist- @gAtOmAlO2


1.) Mexico 1. #Anonymous México. #OpMarchaPacifica – Untitled  http://pastebin.com/S8kZ02Ua

2.) Operación #OPSalvemos a la #UASD, Gracias por Leer esto #Op Salvemos la UASD. —http://pastebin.com/z1qTzz3n

3.) FALSA BANDERA OLIMPIADAS 2012 (NUEVOS AÑADIDOS) -Olympic Plans Overview — This is a planing stage Olympics latino based in London http://pastebin.com/T5Gu6p6s

4.) A spanish DoX – DOXEO JUAN PABLO FRANZONI http://pastebin.com/2WGmPgcx 

5.) Dominican Anonymous.-Anonymous Explica como esta hackiando la pagina de la UASD. http://pastebin.com/G5yE6uGr  — Administrators or webmaster of the site of the #UASD

6.) Mexico – Leaks Name & Password http://pastebin.com/GjTGdC6k -@Anonymousbr11  @Anon_central @AnonymousOIC  Target:http://www.isc.gob.mx


The Deep Dark Web -Book

gAtO sAy -mEoW you all- we have a new book coming out soon “The Deep Dark Web” and just wanted to write this as the foreword for the book, I thought it was interesting …//looking for peer review of book…write us

This book is to inform you about “The Deep Dark Web”. We hear that it’s a bad place full of crooks and hackers, but it is more a place were you have total anonymity as an online-user and yes there are ugly places in the dark web but it’s a small part of it. What it really is all about it’s freedom of expression, freedom of speech worldwide, supported by “us/we” the users of the network. It’s not controlled by any government, but blocked by a few like Syria, Iran, Ethiopia, China to name a few governments that want to deny their own people free access to information, to speak freely about their grievances and unite to tear down there walls of oppression.

Pierluigi and I (gAtO) share a passion for cyber security we write different blogs Pierluigi has http://securityaffairs.co/wordpress/ and my site is uscyberlabs.com . We also write at other blogs and print media. We did’nt know it at the time but, we were writing cyber history as the 2011- 2012 cyber explosion took off we were at ground zero writing about Stuxnet, HBGrays, the LulzPirates, Anonymous but the Arab Spring was an awaking :

The recent revolution in Egypt that ended the autocratic presidency of Hosni Mubarak was a modern example of successful nonviolent resistance. Social Media technologies provided a useful tool for the young activist to orchestrate this revolution. However the repressive Mubarak regime prosecuted many activists and censored a number of websites. This made their activities precarious, making it necessary for activists to hide their identity on the Internet. The anonymity software Tor was a tool used by some bloggers, journalists and online activists to protect their identity and to practice free speech.

Today we have lot’s of anonymity communication tools I2P, Freenet, Gnunet and Tor to name a few. Why did the TorProject.org Tor-.onion network become the facto application to get free, private, anonymized Internet access. My conclusion is it’s humble beginnings with “Naval Research Project & DARPA (Defense Advanced Research Project Agency) ” sponsored, maybe you heard of DARPA they kinda created the Internet a long time ago. The government wanted to have a communication secure media that would piggy-bak on the establish Internet. From my point of view when they saw how good this worked the government used it to allow it’s agents to quietly use the network for CIA covert operations (just to name a few alphabet soup government agencies that use it). For example a branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently. Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations.

Journalist got a hold of this tool and they too were able to file reports before governments agents censored their interviews and film footage. The EFF (Electronic Frontier Foundation) got a hold of the Tor-networks and promoted it to maintaining civil liberties online. When the common business executive visited a foreign country (like China know to monitor foreigners Internet access) they now had a way to securely connect to their corporate HQ data-center without being monitored and giving away IP (Intellectual Properties). The Tor-Network became to good and the bad guy’s moved in to keep their illegal business safer from the law. The Internet Cyber-criminal has used the claer-web since the start so of course they went over to the Tor-.onion network because it works if you use it right and keeps you anonymous online.

With all this happening and the “Year of the Hack 2011” you can see why security geeks like Pierluigi and I became intrigued with this subject and we teamed up to write this manuscript hoping to answer some of the questions our friends, and peers were asking us about this mysterious hidden world call the deep dark web. We outlined a table of content and started to write about it in our blogs and the story unfolds from here to you. We hope to educate you on how this network works without too much geek talk (ok just a little). We cover the cyber criminals and their ecosystem we cover the financial currency (bitCoins) that is replacing fiat currencies all over the world during this unstable financial times. We tried to cover all the good , the bad and the ugly of the .onion network. We hope it will answer some of your questions but I am sure that more question will come up so feel free to come to our websites and give us a shout and ask your questions about the deep dark web…. – gAtO oUT 


The future of the Deep Dark Web

gAtO tHiNk’S  –In todays world we want a little freedoms a little privacy online and more people will use encrypted methods to browse the web.-  Julian Assange said it best-I paraphrase-, in society we as a online-person have an expectation to certain rights of privacy and just want 3 basic things:

1.) Freedom of Communication

2.) Freedom of Movement

3.) Freedom of Economics

In todays world our technology-culture encourages people to give away every detail of our life away. On Facebook, Twitter, LinkedIn we tell people all kind of personal information. \\ everything you tell these website now belongs to them legally and they will do whatever they want with this data. They also want your shopping habits your reading habits and now they want to integrate it with other sites to extract more information. You don’t think so, how many cookies do you have on your computer??? -( I bet you don’t have a clue) what were you doing at 5:30pm last tuesday??? – Google knows, Facebook knows, Twitter knows —> they all know. They all know your friends and your enemies.

Today’s we are tied to cyberspace with almost ever aspect of our lives – Social – Economy – Culture – Political – Ethics – Money – Want’s – Desires – Greed – So me gAtO I want a secure -Freedom of Communication -Tor anonymized type networks for some of my personal questions.

 As more people use encrypted methods to browse the Web, it will become trickier for law enforcement agencies to intercept private communications in real-time, causing them to focus instead on tapping data that is stored in the cloud, according to the draft of an academic paper by a former privacy advisor to the Clinton Administration.

So this means that the legal beagles want to scare you more and more. I was just reading a post were someone said I don’t like to cruise the dark web because I’m afraid of Identity Theft…// In Tor-.onion network your secure with your identity, but if you log in to Facebook and start to give away your information well you just defeated what a Tor-style network does for you your anonymity is now gone.

Some segment of cyber-world will never need secure communication but we must ask what are our human values online? Are we ready to let everyone know the truth about oneself. The technology for anonymized network is here to stay and it’s not good or bad, but it’s powerful and a bit complicated. The watchers of the Watch need to keep our eye’s open for this one gATo oUt  



Cyber Intelligence Monitor Tor Network Services -live

gATO wAnTeD –to find a way to gather cyber intelligence on the ToR network you know how and who is using it, the status of the relays that provide you with your security and anonymity. We can see users by countries the User Metric port. We can monitor ToR relays by countries, relays with exit, fast, guard and stable flags, also the relay version and platform all in one age view. This is remarkable power to monitor events in the onionLand environment. One feature I love is to monitor by languages lake farsi and chinese or english this will give you a history of the usage by culture and events. We can build a model of all these parameters to monitor the deepWeb. If the deepWeb is so secretive where are these tools in the clearWeb? Now there are hidden ToR-relays but we will talk about those later.

Simplified Chinese zh_CN

In the clearWeb everybody knows everything in the deepWeb only the few know it and anonymity. Maybe there is more transparency in the darkWeb that we it give credit the tor-citizens are creating a new world with it’s own rules. The reason you can’t find the good stuff is you don’t know how to look. If it was easy everyone would be doing it. If you want onionLand cyber intelligence try these sites they may provide some of the clues to the deepWeb – gAtO oUt 

All monitoring sites are in the clearWeb

Tor Network Status


ToR Metric Portal – Users


ToR-Relay Status -Live -Atlas


Tor Relay Status



In the clearWeb everybody knows everything in the deepWeb only the few know it and anonymity.


ToR-Relays -DeepWeb Info

Inspector –information about ToR-Relays

gAtO iS hApPy pUpPy – found the ToR Inspector site in the .onion. This site has information about all ToR-Relays around the world and it indicates if this ToR-Relay is BAD-GOOD-ERROR-REJECT status. Let’s say that you are planning an adventure into ToR land the (paranoid securitytechy-talk) thing about ToR that you have to remember is the Entry Node into ToR and the Exit Relay out of ToR. ToR- the .Onion is legal.

ToR security: When you go into ToR the .onion your computer must enter the -ToR-Matrix- so the first ToR-Relay is your entry point and when you leave the .onion your Exit-Relay is logged by your ISP. All they know is that you went into ToR and you left. They don’t know anything about your session in the deepWeb. Using the ToR network is not illegal so far today anywhere. In places like the middle east and China it’s becoming a problem for these governments so they try mess with the ToR-Relays all the time. On this site [1]ToR Relay Inspector you can see if your entry and exit -TOR-Relays are working good and have not been compromised.

IP - Router Details- Version-Platform Tor-Relay-information




With the tools on this page I can look at all the US ToR-Relays, or Russia, China I can see their status, I can see the current version of the relay so I know what can happened – Think of it as as Patch-management on the fly, we see the OS platform of the relay: Here is a clearWeb Example>of a ToR-Relay>



Now that we know all this information about my ToR-Relay I may want to be active and select my own Entry-Exit ToR-Relay, on this page I can create an exclude-Entry-&-Exit-Node so when I can tell my ToR connection what to use. In a place like China were the government is always bring to find and corrupt ToR-Relays this is a great tool. As security people we need to look at this project which is Donation Only funding and help them. The DeepWeb is open just like Pandora the masses are exploring it and once they feel free and safe it may help them just like it did in the Arab Spring. gAtO know the deepWeb is being used by the bad guy’s too but just like a tool. With a hammer you can build a house or use it to hit mouses for gAtO dinner- This is a good page for any Security Reseracher to learn but some bad things are I can see the IP of all the Relays and maybe I can now do a DDoS attack to keep that Relays down – A government can use this tool to see every ToR-Relay in their country and DDoS them, maybe-sI-nO- gAtO oUt


InspecTor / ExcludeNodes generator

[1] http://xqz3u5drneuzhaeo.onion/users/badtornodes/

The following list provides information about relays that have been checked for injecting content over HTTP-connections.

Furthermore it allows you to create a string, that is used to prohibit your Tor client to use specific nodes when building circuits.

For more information you should read this useful HowTo.

If a relay is marked good, it doesn’t mean it is good at all, but the test went well. It could modify content under special circumstances.

This list is not complete (and won’t be), but will get updated regularly. New nodes appear every day and we also recheck known ones.

Note: This is not a real-time test, it was created a few hours or days ago.


For contact or to report suspicious nodes you know about, just use badtornodes@TorPM.

(GnuPG Public Key with fingerprint BBE0 C6B1 1245 07C9 8C48 2D67 1B4F 850B 0E1A 29E8)

I won’t publish the source code of this service in its actual state. If you have no trust in this list, don’t use it.