Show Menu

Dark Web / The Onion Router Cheat Sheet (DRAFT) by [deleted]

Accessing Deep Web

This is a draft cheat sheet. It is a work in progress and is not finished yet.


There’s another Internet web riding along with the one we normally see. It’s called the Deep Web, a system of overlay networks that use the Internet infras­tru­cture but require specific software, config­uration and allowed access or author­ization to use. The Deep Web has a number of uses for business but is especially useful for hackers and cyberc­rim­inals.

The Deep Web is not indexed and lies beyond the reach of conven­tional search engines. Therefore, these deep websites are not a part of “clearnet” search results. There may be 500 times more content in the Deep Web than there is in the conven­tional web.

The Dark Web

The Dark Web is a small part of the Deep Web. The also un-indexed Dark Web uses protected or encrypted traffic. It’s a place where cyberc­rim­inals conduct their trade and legit businesses may conduct transa­ctions. Mainly, however, the protected Dark Web is a superm­arket for illicit and illegal activity. It’s a place for hackers and cyber criminals to conduct business – selling credit card inform­ation, electronic health care records and illegal drug transa­ctions.


One of the main enablers of the Dark Web is “The Onion Router” known as TOR. An onion router system has several encryption layers intended to hide the message’s source and destin­ation addresses. (See fig.1). Like an onion, TOR has several layers as shown in the figure. As web privacy continues to erode, TOR promises to maintain free speech and thought

Onion routing is a process for anonymous commun­ica­tion. TOR uses layers of encryption and a series of onion routers.

As shown in the figure – the source of the commun­ication sends the onion to Router A. Router A then determines where to send it next by removing the first layer of encryp­tion. Router A also sees the source address but does not know if it is the address of origin­ation. Router A sends the remaining data to Router B. Router B removes another layer of encryption to find out where to send it next (Router C). Router C decrypts the last layer to send the data to its final destin­ation.

Like a VPN, the secured pathway or tunnel lets users browse to public and secured Dark Web sites without conceding delicate inform­ation like IP addresses, cursor movement, your location, and other personal data stored in cookies. TOR helps to prevent deep packet analysis, and protects website data payload and header inform­ation.

TOR Router

Figure 1

Major Dark Web Uses

Botnets: a network of infected computers with malware that controls a group of private computers without the owners’ knowledge. The allocated bot may send spam email messages or with hundreds or thousands of other bots hit a website to the point where ‘denial of service’ is obtained, essent­ially shutting it down.
Bitcoi­ns:­& digital currency where encryption is used to control and regulate the creation of currency units. It also used to validate the transfer of funds, operating indepe­ndently of a control mechanism like a central bank.
Darknet market: Or “crypt­oma­rket” is a commercial website that operates using TOR.
Hacking groups & services**
Fraud services: example cash register hacking that programs the cash register to send credit and debit card inform­ation back to the hacker.
Hoaxes & unverified content
Phishing & scams
Illegal and ethically disputed pornog­raphy
Illegal animal trade
Protected social media
Journa­lism: where journa­lists report and record their findings in private
The Silk Road: was known as a large enterprise on the Dark Web, it included:
 ­ ­ ­ Secret eBay mostly for illegal drugs
 ­ ­ ­ Special crypto­graphic software
 ­ ­ ­ Anonymous interface & traceless payments
 ­ ­ ­ Connecting thousands of drug dealers with millions of users
Organi­zations that want to protect their most confid­ential inform­ation.
Multi-­nat­ional organi­zations that commun­icate in places that have fluctu­ating levels of legal privacy protec­tion.
Government groups (military) that operate in struggling geogra­phical areas that censor web use.
Reporters & whistl­ebl­owers that need anonymity and private commun­ication to hide their identity.
General consumers concerned about protecting personal privacy.