How to Detect Misconfigurations in ‘Anonymous’ Dark Web Sites with OnionScan

Configuring onion services for the first time can be tricky. A surprising number of system administrators make seemingly trivial mistakes that ultimately lead to catastrophic cases of de-anonymizing supposedly anonymous sites on the dark web. OnionScan is a tool designed to identify common misconfigurations in onion services and aid us in understanding how to fix them. As security researcher @x0rz demonstrated in an article on securing onion services, websites are often de-anonymized all too easily. He utilized software such as cURL, a command-line tool used for transferring data using... more

Uncategorized