Anonymous Browsing

• Introduction to OPSEC
• The Wall Street Journal article with James Kilpatrick
• Establishing Cover
• Generate a Random Name - Fake Name Generator
• Google Alerts
• The Baby Harvest book link
• YouTube - DEF CON 23 - Chris Rock - I Will Kill You
• Wiki - US Extradition Treaties
• Identify Cross Contamination
• 6 ways to delete yourself from the internet
• Google Removal Policies
• imgur - Removal info graphic
• Internet Archive
• Wiki - Right to be forgotten
• 10 Rules of OPSEC
• The Grugq's Hacker OPSEC blog
• Authorship Recognition & Evasion Methods
• Anonymouth
• JStylo-Anonymouth
• The Signature Stylometric System
• reLANG (Anti-stylometry. Use this tool to mask your personally unique writing style in order to deceive authorship detection)
• YouTube - Stylometry and Online Underground Markets
• Report on the feasibility of Internet scale author identification
• L33T Converter
• Anonymous programmers can be identified by analyzing coding style
• Hidden wiki - Anonymous writing section (need TOR)
• The Knock
• Report - The lie behind the lie detector
• antipolygraph.org
• YouTube - AntiPolygraph Channel
• YouTube - Don't Talk to the Police (worth watching)
• Case Studies of OPSEC Failures
• YouTube - OPSEC Failures of Spies

• Introduction to Live Operating System
• Rufus - To create a bootable USB/SD card with ISO
• Pendrive Linux
• Tails - Manually install to USB or SD card
• LinkName
• IronKey
• Aegis Secure Key 3z - USB 3.1 (3.0) Flash Drive
• Knoppix, Puppy Linux, Jondo Live, Tiny core linux, Windows To Go
• Create Windows 7 Live CD
• Windows 7 Live CD Download
• Wiki - Windows To Go (for enterprise)
• Ironkey - Windows To Go Drives
• Tiny Core Linux
• Puppy Linux
• Knoppix
• Knoppix Forum
• Knoppix linux live cd
• JonDo Live CD
• JonDo - End-of-Live
• Subgraph OS
• Ubuntu Privacy Mix (Live CD)
• Tails
• Tails
• Tails Encryption and privacy
• Tails & VirtualBox
• Zero days is Tails
• Tails Warning Page
• YouTube - LightEater Demo: Stealing GPG keys/emails in Tails via remote firmware infection
• Claws Mail leaks plaintext to IMAP server
• xkeyscores & Tails
• Tails Demo
• Tails Documentation
• Trusting Tails Signing Key
• Tails - Startup I2P

• Which VPN protocol is best to use? and why?
• Cryptanalysis of Microsoft's PPTP Authentication Extensions (MS-CHAPv2)
• spiegel.de - NSA leaks on ipsec
• John Gilmore on ipsec
• openvpn.net
• Wiki - OpenVPN#Encryption
• VPN Weaknesses
• Smart DNS Proxy
• Unlocator
• Website Fingerprinting: Attacking Popular Privacy Enhancing Technologies with the Multinomial Naive-Bayes Classifier (pdf)
• Touching from a Distance: Website Fingerprinting Attacks and Defenses (pdf)
• Effective Attacks and Provable Defenses for Website Fingerprinting
• Can you trust VPN providers?
• Canary Watch
• Canary example
• EFF - Mandatory Data Retention
• Secrets, lies and Snowden's email: why I was forced to shut down Lavabit
• Proxy.sh VPN Provider Sniffed Server Traffic to Catch Hacker
• HMA VPN user arrested after IP handed over to the FBI
• VPNs & Domain Name System (DNS) Leaks
• Wikileaks.org - Alternative DNS
• Transparent DNS Proxies
• Windows - How to change DNS servers
• ipleak.net (IP/DNS Detect - Test if Transparent DNS Proxy is used)
• Hack Like a Pro: How to Spoof DNS on a LAN to Redirect Traffic to Your Fake Website
• DNSCrypt.org
• SimpleDNSCrypt.org
• Pretty Bad Privacy: Pitfalls of DNS Encryption
• Setting up an OpenVPN client in Windows, Mac, iPhone & Andriod
• openvpn example config file
• Windows - OpenVPN Client Download
• iOS/iphone - OpenVPN client download
• Android - OpenVPN client download
• Setting up an OpenVPN client on Linux
• Example openvpn config
• Preventing VPN Leaks - Firewalls and kill switches
• dnsleaktest.com - DNS leak test
• A Glance through the VPN Looking Glass: IPv6 Leakage and DNS Hijacking in Commercial VPN clients (pdf)
• Windows
• Windows - How to Disable IPv6 in Windows 7
• Windows - VPNetMon
• Windows - TinyWall
• Windows - VPNCheck free edition
• Windows - Comodo Firewall - Configuring to Block All Non-VPN Traffic
• Windows - Comodo - kill switch
• Windows 10 - OpenVPN plugin to fix DNS leaks
• Windows 10 - VPN Users at Big Risk of DNS Leak
• Linux
• Linux - How to disable Ipv6 on Ubuntu, Linux Mint, Debian
• Linux - Hardening your VPN Setup with iptables
• Linux - vpn-firewall
• Linux - vpndemon
• DD-WRT kill switch
• dnsleaktest.com - How can I fix a DNS leak?
• Choosing the right VPN provider
• Beware of False Reviews - VPN Marketing and Affiliate Programs
• Which VPN Services Take your Anonymity Seriously?
• I Am Anonymous When I Use a VPN - 10 Myths Debunked
• VPN Providers
• Airvpn (Italy)
• IVPN (Gibraltar)
• Mullvad (Sweden)
• blackVPN (Hong Kong)
• NordVPN (Panama)
• Reddit - VPN
• Simple to Detailed VPN Comparison Chart
• cship.org VPN Guide
• Setting up an OpenVPN server - The fast and easy way
• turnkeylinux.org
• turnkeylinux.org - OpenVPN (free)
• AWS - Amazon Web Services
• hub.turnkeylinux.org
• Setting an OpenVPN server - Home VPN
• PiVPN.io (Raspberry Pi)

• What is Tor?
• torproject.org
• The Tor Network & Browser
• TorFlow
• Tor Browser
• How to verify signatures for packages
• Training Videos for Downloading & Installing Tor
• Tor Forum
• Tor FAQ
• Tor Blog
• Tor Bug Tracker & Wiki
• Tor's Subreddit
• Tor Design Documentation
• What should Tor be used for?
• check.torproject.org
• Tor Project Warnings
• Bittorrent over Tor isn't a good idea | Tor Blog
• Tor Overview
• Directory Authorities & Relays
• Concensus
• Tor Consensus Info Graphic
• Do you get more anonymity by running a relay?
• Configure a Tor Relay on Debian/Ubuntu
• Legal FAQ for Tor Relay Operators
• Tor Bridges
• Tor - Bridges
• bridges.torproject.org - You can get new bridges from this URL
• Extensive Analysis and Large-Scale Empirical Evaluation of Tor Bridge Discovery (pdf)
• ZMap: Fast Internet-wide Scanning and its Security Applications - paper.pdf
• Configurating a Tor Relay
• turnkeylinux.org
• tor-relay-bootstrap
• digitalocean.com
• Tor Pluggable Transport & Traffic Obfuscation
• Tor: Pluggable Transports
• Wiki - PluggableTransports
• Here is an exploration of pluggable transports, how they look on the wire
• Collection of TLS client that were studied to give meek a TLS signature
• Torrc Configuration File
• Tails example torrc file
• Tor manual
• Tor sample torrc file
• How to control which nodes (or country) are used for entry/exit?
• ISO 3166-1 alpha 2
• Running other applications through Tor
• How do I check if my application that uses SOCKS is leaking DNS requests?
• privoxy.org
• Privoxy example configuration - Tor and Privoxy
• torsocks
• socat
• ProxyChains
• proxychains-ng
• FreeCap
• WideCap
• proxifier
• Windows & Mac OS X - ProxyCap
• Stream Isolation (Whonix)
• Windows - Tortilla
• corridor
• Tor Weaknesses
• 'Tor Stinks' presentation
• 'Peeling back the layers of Tor with EgotisticalGiraffe'
• FBI Admits It Controlled Tor Servers Behind Mass Malware Attack
• Tor security advisory: "relay early" traffic confirmation attack
• One cell is enough to break Tor's anonymity
• Active attack on Tor network tried to decloak users for five months
• Why the Tor attack matters
• LASTor: A Low-Latency AS-Aware Tor Client
• Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries (pdf)
• Circuit Fingerprinting Attacks: Passive Deanonymization of Tor Hidden Services (pdf)
• Website Fingerprinting in Onion Routing Based Anonymization Networks (pdf)
• Experimental Defense for Website Traffic Fingerprinting
• A Critique of Website Traffic Fingerprinting Attacks
• Effective Attacks and Provable Defenses for Website Fingerprinting
• Low-Cost Traffic Analysis of Tor (pdf)
• Stream Isolation (Whonix)
• Bittorrent over Tor isn't a good idea
• List of Services Blocking Tor
• Conclusions on Tor and Mitigation to reduce risk
• Tor Metrics
• Tor Blog
• Tor Design Documentation
• Attacking Tor: How the NSA targets users' online anonymity
• Attacking Tor: how the NSA targets users' online anonymity
• Hidden services - The Tor darknet
• Tor: Hidden Service Protocol
• YouTube - Dr Gareth Owen: Tor: Hidden Services and Deanonymisation
• Tor2web (NO privacy & anonymity) - Access Tor Onion Services without Tor Browser
• Finding Tor hidden services
• Ahmia
• OnionLink
• Uncensored Hidden Wiki (need TOR)
• not Evil (need Tor)
• Torch (need Tor)
• Candle (need Tor)
• Memex - Project to develop Google of the Darknet
• Other Tor Apps
• Orbot: Proxy with Tor
• Orbot - Tor for Android
• Orfox: Tor Browser for Android
• IOS - Onion Browser (Tor for iPhone and iPad)
• TorMessenger
• OnionCat - a VPN-adaptor which allows to connect two or more computers or networks through VPN-tunnels

• Introduction
• Windows - OpenVPN Client
• Tor Browser
• Custom Router Firmware for VPN & Tor Tunneling
• OpenWrt
• Librewrt / LibreCMC
• DD-WRT
• flashrouters.com/vpn-types (pre-built)
• Example of using dd-wrt connecting to ivpn
• Example - Tor on R7000 (dd-wrt)
• pfsense: as vitural gateway
• Creating the ultimate Tor Virtual Network (pfSense & VM)
• OPNsense
• An example of setting up a VPN client with pfSense
• Off the self VPN & Tor Routers
• tinyhardwarefirewall.com
• YouTube - Tiny Hardware Firewall Review
• Invizbox
• Anonabox
• Safeplug
• Keezel (Indiegogo)
• Shellfire Box (Indiegogo)
• DIY Hardware Tor Routers
• P.O.R.T.A.L - as Physical Gateway
• TP-Link TL-MR11U, Portable Mini 150Mbps 3G Mobile Wireless Router,2000mAh
• Guang TP-LINK TL-WR703N Mini Portable 11N 150Mbps Wi-Fi 3G Wireless Routers
• Gl.iNet Smart Router, Openwrt, 3g Modem, Mobile App Control, 16M flash Lastin Garden smart router, next generation router
• GL.iNet6416, Mini smart router with OpenWrt
• Onion Pi
• Browse Anonymously with a DIY Raspberry Pi VPN/TOR Router
• Tor on R7000 (dd-wrt)
• Tor and VPN Gateway Virtual Machines
• Whonix - Dev/Build Documentation/Physical Isolation
• pfSense
• pfSense - Advanced Privacy and Anonymity using VMs, VPNs, Tor
• pfSense - Creating the ultimate Tor Virtual Network

• Proxies - HTTP, HTTPS and SOCKS
• FoxyProxy (Firefox Add-ons)
• torGuard.net (paid proxy)
• BTGuard.com (paid proxy)
• Free HTTP/HTTPS Proxy Lists
• lagado.com - Proxy Test
• ipleak.net
• CGI proxies - Web proxy or web form proxy
• webproxy.ca
• Anonymouse.org
• hidemyass.com

• Introduction & How to Login
• OpenSSH: Manual Pages
• Microsoft bringing SSH to Windows and PowerShell
• Windows - Putty SSH Client
• SSH Socks5 Proxy Tunneling with Dynamic Ports
• Wiki - Comparison of proxifiers
• Website Fingerprinting: Attacking Popular Privacy Enhancing Technologies with the Multinomial Naive-Bayes Classifier (pdf)
• SSH Hardening
• Mozilla - Security/Guidelines/OpenSSH
• Debian - How to set up ssh so you aren't asked for a password
• OpenSSH: Manual Pages
• PGP keys for authentication
• A YubiKey NEO with a PGP key on it can be used for SSH authentication
• Generating a new SSH key and adding it to the ssh-agent
• Make a passwordless SSH Connection between OSX 10.10 Yosemite and Linux
• How to protect SSH with two-factor authentication - Google authenticator

• I2P Introduction
• A Gentle Introduction to How I2P Works - I2P
• i2pwiki.i2p (need i2p)
• Garlic Routing and "Garlic" Terminology
• I2P Installing & Secure Configuration
• Download - I2P (Debian / Linux recommended)
• Browser Configuration
• Tor Browser
• Foxy proxy add-on
• foxyproxy.xml
• i2pwiki.i2p (need i2p)
• identiguy.i2p (need i2p)
• i2p FAQ (need i2p)
• I2P Server Setup
• Auto generate i2p routers (cloud-based)
• I2P Strengths & Weaknesses
• Comparison of I2P & Tor
• I2P's Threat Model

• JonDonym
• Introduction
• JonDonym - Home Page
• JonDonym Software Downloads
• JonDonym - state of the anonymization services
• JonDonym on law enforcement
• ANONdroid - JonDonym proxy client for Android
• Installing & Secure Configuraton
• Install JonDo and JonDoFox for Windows (Desktop / Portable)
• Install JonDo and JonDoFox for Debian (Recommended)
• Install JonDo for Linux/BSD
• Payment
• Benefits of JonDonym
• Bullet Proof Hosting Services (BPHS)
• Offshore Hosting and Server Providers

• Outbound Firewall Bypassing - The Fundermentals
• airvpn.org - example of a provider that offers ports specifically for bypassing firewall
• JonDoym
• digitalocean.com
• Outbound Bypassing
• Tunneling through HTTP proxies
• Example - Proxy Auto-Config or PAC
• Proxytunnel
• BarbaTunnel
• Super Network Tunnel (paid)
• Cntlm (Windows that need NTLM Authentication)
• Port Sharing & Knocking
• SSLH - Applicative protocol multiplexer
• SSLH - Debian - Share same port for HTTPS, SSH and OpenVPN
• SSLH - CentOS/RHEL - How to setup
• OpenVPN Sharing a TCP Port with SSL on NGINX and Apache
• Port Knocking - implementations (knockknock)
• Cloaking & Obfuscating
• Stunnel - a proxy designed to add TLS encryption functionality to existing clients and servers
• Howto - OpenVPN cloaking with Stunnel or Obfsproxy (Debian)
• Tunnel SSH Connections Over SSL Using 'Stunnel' On Debian 7 / Ubuntu 13.10
• Stunnel - Examples (Windows / Unix)
• Tor - obfsproxy & Pluggable Transports (can be used with SSH and OpenVPN)
• Psiphon.ca (iOS, Windows, Android)
• Dnscat2
• Dnscat2 - Tunneling data and commands over DNS to bypass firewalls
• VPN over DNS
• iodine - DNS tunnel
• Remote login - Virtual Network Computing (VNC) & Remote Desktop Protocol (RDP)
• Wiki - Virtual Network Computing (VNC)
• Wiki - Remote Desktop Protocol
• Chrome Remote Desktop (need Chrome)
• Apache Guacamole - a clientless remote desktop gateway (recommended)
• Inbound Bypassing - Reverse shells, SSH remote tunneling & remote login
• Reverse Shell Cheat Sheet
• teamviewer.com

• Strengths & Weaknesses: (User -> Tor -> SSH/VPN/JonDonym -> Internet
• Stream Isolation
• Nested VPNs - Strengths & Weaknesses
• Wiki - Onion routing
• Wiki - List of US Extradition Treaties
• How to setup proxy chains
• proxychains - original - not updated in years
• proxychains-ng (new generation)
• Windows & Mac OS X - ProxyCap
• Windows & Mac OS X - Proxifier
• Wiki - Comparison of proxifiers
• How to setup - (User -> SSH -> Tor -> Internet)
• Whonix - Connecting to SSH before Tor
• Tor & SSH
• How to setup - (User -> Tor -> SSH/VPN/JonDonym -> Internet)
• With Transproxy
• TransparentProxy through TOR
• P.O.R.T.A.L (Personal Onion Router to Assure Liberty)
• Stream Isolation (Whonix)
• Transparent Proxy Leaks
• Ra's Tor Gateway
• Windows - Tortilla - transparently routes all TCP and DNS traffic through Tor
• With Whonix
• Whonix - Connecting to Tor before a proxy
• Whonix - Connecting to Tor before SSH
• Whonix - Advice on leak protection
• Using other applications with JonDo
• Isolating Proxy Concept
• Setting up nested services (3+ hops)
• pfsense - Creating nested chains of VPNs & Tor
• Creating pfSense VMs as VPN clients
• NordVPN - Onion over VPN
• NordVPN - The Most Comprehensive Tor Browser Guide 2018
• NordVPN - No logs policy
• torvpn.com
• AirVPN
• Privatoria.net
• IVPN.net
• BestVPN.com

• Staying safe while on public wifi hotspots
• Travel Router - TP-Link TL-MR3020 Portable 3G/4G Wireless N Router (2.4 GHz, 150Mbps, USB2.0, Travel Router (AP))
• GL.iNet6416, Mini smart router with OpenWrt (recommended)
• Finding public Wifi hotspots
• wigle.net
• Android
• Android - Wigle Wifi Wardriving
• Android - Wifi Analyzer
• Android - Wifi Scanner
• Physical hotspot scanner - Canary
• Wifi Pineapple
• Windows
• Windows - Vistumbler
• Windows - Acrylic Wifi
• Windows - Wifi/WLAN Monitor
• Windows - Cain & Abel
• Windows - Lizardsystems Wifi Scanner
• Windows - WirelessNetView
• High Gain 24db Directional Parabolic Grid 802.11 Antenna
• Kali/Debian - Kismet
• List WarDriving Software
• Boosting Wifi range
• Antenna
• High Power USB-Yagi Plug and Play directional WiFi Antenna 802.11n 2200mW
• 14 Element WiFi Yagi Antenna
• Biquad Yagi 2.4GHz – Andrew McNeil (custom made, recommended)
• Panel
• Alfa AWUS036H High power 1000mW 1W 802.11b/g High Gain USB Wireless Long-Rang WiFi network Adapter
• Cantenna 2.4GHz – Andrew McNeil
• Directional Wireless Panel Antenna 19dBi
• NanoStation® M
• Ubiquiti NanoStation locoM2 2.4GHz Indoor/Outdoor airMax 8dBi CPE
• Ubiquiti Nanostation NSM5, 5GHz, 802.11a/n Hi-power 20 dBm Minimum, 2x2 MIMO AirMax TDMA PoE Station
• USB Dongle
• Alfa AWUS036NHA (Debian/Kali & Windows)
• TP-Link N150 Wireless High Gain USB Adapter (TL-WN722N), Version 2.0
• DIY
• 4nec2 antenna modeler and optimizer software
• YouTube - kreosan
• YouTube - andrew mcneil
• Biquad Antenna
• Build Double BiQuad sector antenna for 2.4GHz/Wifi/WLAN
• 2.4GHz 30dBm 802.11b/g SMA Signal Booster / Range Extender for Wifi/WLAN Wireless AP and Routers
• Omni-Directional Wifi Antennas
• Wibberduck-5 - Router Range Extender antenna rubber duck
• Directional Wireless Antenna Products
• New WiFi Record: 237 Miles
• Mount a WiFi Antenna on a Satellite Dish
• How are Wifi users geo located?
• Moocherhunter
• Moocherhunter - Demo video
• OSWA - Download
• YouTube - Navizon Indoor Triangulation System (Indoor Geo Location)
• NSA tool - Nightstand Wireless Exploitation / Injection Tool
• Police Using Planes Equipped with Dirtbox to Spy on your Cell Phones
• Long Range Repeater
• Catch n Share WiFi Extender kit for High Power USB-Yagi TurboTenna antenna 2200mW

• Cellular Networks Weaknesses
• IMSI catchers
• DIY - IMSI Catcher (GSM Base Station with the BeagleBone Black, Debian GNU/Linux and a USRP)
• DIY - IMSI Catcher Software - OpenBTS
• Android IMSI-Catcher Detector
• Android - Snoopswitch
• Signalling System No7 (SS7)
• Wiki - Signalling System No. 7
• YouTube - Tobias Engel: SS7: Locate. Track. Manipulate
• SS7 hack explained: what can you do about it?
• Cell Phone Tapping: How It Is Done and Will Anybody Protect Subscribers
• Search and Neutralize. How to Determine Subscriber’s Location
• Taking Up the Gauntlet for SS7 Attacks
• How to Intercept a Conversation Held on the Other Side of the Planet (Slides)
• Cellular Privacy, SS7 Security Shattered at 31C3
• 60 Minutes - Hacking Your Phone (Video)
• Mobile & Cell Phone Weaknesses
• Wiki - Baseband processor
• YouTube - DeepSec 2010: All your baseband are belong to us by Ralf Philipp Weinmann
• Report - Baseband Attacks: Remote Exploitation of Memory Corruptions in Cellular Protocol Stacks (pdf)
• NSA tracking cellphone locations worldwide, Snowden documents show
• EFF - The Problem with Mobile Phones
• How the NSA Built Its Own Secret Google
• replicant
• Sim card firm links GCHQ and NSA to hack attacks
• How you are geo located when using a cellular network
• Android Location Strategies
• o2/Voda Mini Voice Repeater (mitigate geo location)