This article was originally published on Medium on February 19th, 2024.
Edit 4/12/24: I am working on a Part 2! Follow and stay tuned! I am also now on Infosec Exchange and will be posting the same content I do on X. Follow me here: @DarkWebInformer
There are numerous REALLY GOOD sites for intelligence on the Darknet/Dark Web, so if I did not mention a certain one, I apologize. Feel free to add your favorites in the comments!
As I was writing this article, I realized it started to get bigger and bigger, so I am making this a part 1, with another part or 2 or 3.. coming at a later date. Ransomware and Forums will also be on a separate article as dedicated time to that would make this article massive.
I will briefly go into some of these resources you should know about when doing Cyber Threat Intelligence, along with some screenshots. A lot of these I will go into further in a future Medium article, as most deserve their own. Some of these have a Clearnet address, but all of them have a .onion address and most have no Clearnet address whatsoever.
Regretfully, I am unable to share .onion links, otherwise Medium will close my account. I am looking for clarification on this from their support team, but I have not received an answer. If there is a Clearnet location all you really need to do is a web search using the names below, same can be said for a .onion only site.. but with a little more effort involved.
Whether you are a researcher or someone who just enjoys exploring the Dark Web, I hope these resources are of assistance to you.
Resources by Category and Sorted Alphabetically are:
Link Sharing and News:
- Dark.Fail — This site is on both the Clearnet and Dark Web. Dark.Fail provides authentic links to various Darknet websites. This allows users to reach legitimate links, keeping scammers away from using phishing links.
2. DarknetLive — Is on the Clearnet and Dark Web. This site is owned by the Incognito Darknet Market admin and provides news on vendor arrests and other illegal Dark web news. The warning message at the top of the screen regarding Bohemia has been there for a long time even after Bohemia finished exit scamming.
3. DarkNet Trust — Is a Dark Web only site that provides authentic links to various Darknet websites, similar to Dark.Fail. DarkNet Trust does have ads, which Dark.Fail does not.
4. Dread — Is a Dark Web only site. Dread is arguably the #1 resource by far on the Darknet. It is like Reddit, but for illegal Darknet activities. The admins go by the names HugBunter and Paris. It was launched in 2018 and has tens of thousands of registered users. If you are doing cyber threat intelligence, you need to visit Dread!
5. Tor.Fish — Is on the Clearnet and Dark Web. Tor.Fish is again similar to DarkNet Trust and Dark.Fail but has some ads. It is also extremely helpful in showing Cryptos supported for Darknet Markets, Features and PGP from the Markets. It also contains Vendor Stores and other various useful resources.
6. tor.taxi — Is on the Clearnet and Dark Web. tor.taxi is also fairly similar to Dark.Fail, DarkNet Trust and Tor.Fish. tor.taxi is an anti-phishing resource, meaning they provide authentic links to Dark Web sites that someone may try to use for phishing purposes to steal things such as your crypto.
Darknet Marketplaces:
- Archetyp — Archetyp is a Darknet marketplace only on the Dark Web but has a Clearnet link that allows you to get to a permanent mirror if the main .onion is down. Archetyp is arguably the #1/#2 market and is a drug only marketplace. I covered Archetyp in depth on Medium, click here to view that Medium article.
2. BidenCash — BidenCash can be found on the Clearnet and Dark Web. BidenCash sells CC+CVVs for users who want to use these stolen card numbers for buying things online or in store with a fraudulent card. BidenCash provides everything you need and not just a CC number; this includes names, addresses, phone numbers, etc. BidenCash is said to be one of the top markets for CC and CVVs after Joker’s Stash retired in February of 2021.
3. Brian’s Club — Brian’s Club like BidenCash is also one of the biggest markets for fraud. It is also one of the oldest markets and is said to have been founded sometime in 2014. It is a Clearnet and Dark Web site that is similar to BidenCash in that it sells CCs, CVV2, Dumps, Fullz and other fraudulent services such as SSN and DOB listings. This allows someone to do many malicious things, which can have an impact on someone’s life for an exceedingly long time.
4. Incognito Market — Incognito Market is a drug only darknet marketplace and only on the Dark Web. It shares the #1/#2 market with Archetyp. Incognito Market states the following on their .onion. “Incognito Market is a market with a focus on both ease of use and security. With a small, dedicated staff team and nothing useless or bloated to slow you down. Be a part of something bigger and enjoy the nice UI/UX!”
5. Nemesis Market — Nemesis market is a darknet market on the Dark Web. You can visit the Clearnet URL to find updated mirrors in case the main .onion goes down. While it “looks like” there are a lot of advertisements, Nemesis Market is a Top 5 marketplace. Aside from Drug listings (it allows the sale of Fentanyl), it also allows listings for: Counterfeits and Forgeries, Fraud, Hacking and more.
6. Torzon Market — Torzon Market is also a Top 5 Darknet market on the Dark Web and has a link rotator for mirrors on the Clearnet. Like Nemesis Market, Torzon also provides listings for Counterfeits, Drugs, Fraud, Hacking and more.
Miscellaneous Resources:
- The Drug User’s Bible Extended Edition — While this can be found on the Dark Web, it can also be found on the Clearnet by buying it off Amazon or other retail websites. The Drug User’s Bible details drug safety information covering different substance classes. It was written by Dominic Milton Trott and goes over Harm Reduction, Risk Mitigation, Personal Safety and more. It contains 641 pages of valuable information, especially if you are a drug user, are thinking about doing drugs or just want to learn about drugs. Do not knock this resource, you will be surprised once you start reading it!
2. The Darknet Market Bible — The DNM Bible provides information on how to remain safe when buying on the dark web. It can be found on the Dark Web and Clearnet. However, an updated version is only found on the Dark Web. You should 100% be reading and following this if you plan to make any type of purchase on any darknet market.
Resources That are Currently Offline, but are Very Useful When They Come Back:
- Recon — Recon is owned by the Dread admin and is a Dark Web only site. Recon is the largest Darknet Market vendor archive service and multi marketplace search engine, providing up to date content from the majority of established markets all in one place. The platform allows you to cross reference vendor details, listings, statistics, and marketplace addresses. This is all accomplished through years of data archiving from past marketplaces and the integration of an API system for active markets to easily share their public vendor and listing data to us on a regular basis. Recon has been down for quite a long time and the Dread admin just doesn’t have the development time to put into two major resources.
2. Kilos — Kilos is a Dark Web only search engine, established in November 2019. Kilos possibly evolved from the well-known dark web search engine “Grams,” which ceased operations in 2017. Both Grams and Kilos are dark web search engines that clearly imitate the well-known design and functionalities of the Google search engine. In a clever play on words, both follow a naming convention inspired by units of measure. Kilos also has been down for an extended period of time.
Again, this may seem like a lot may be missing here and that’s because there is. Don’t under estimate the “Dark Web”, you will be surprised by how many different resources are out there, but as I said earlier Forums, Ransomware, and other links will be posted on another article!!
I hope you enjoyed this article and I’m happy to see everyone reading my previous ones. See you next time!!! 👋
DISLCAIMER NOTE: Using the Darknet and Dark Web is at your own risk. Act appropriately by using good OpSec. If a Clearnet link has a .onion link available.. use the .onion link for maximum identity protection. Keep in mind that even though I have provided you with genuine resources, an owner of any of these resources can always provide fake links at any moment. Please do your due diligence when doing anything on the Dark Web.
I currently only post on the links below. Please give a clap here and follow me on all my socials to see lots of things from the Dark Web. I regularly post on X/Twitter.
Medium: https://medium.com/@DarkWebInformer
X/Twitter: https://twitter.com/DarkWebInformer
Infosec Exchange: https://infosec.exchange/@DarkWebInformer
GitHub: https://github.com/DarkWebInformer
LinkedIn: https://linkedin.com/in/DarkWebInformer
Telegram Channel: https://t.me/TheDarkWebInformer
Telegram Contact: https://t.me/D4rkWebInformer
#Darknet #DarkWeb #Ransomware #DarkWebInformer #Leaks #Cybercrime #Cybersecurity #Underground #Medium