:: Overview ::
Despite the intrusion of massive surveillance programs like PRISM
mass-use of Stingray
devices, as well as the potential threat of weak to mid-tier
encryption equating to no encryption because of things like Bullrun
, it's still the
case that you may find personal privacy on the internet a priority, or further that
since the state is allowed to see everyone's personal information, that everyone else
should be allowed to see the same information, meaning offensive measures as well as
defensive measures are necessary. Well this is a good starting point for your future
of being put on a government watch list because below are a bunch of various tools
for "educational" implimentations of fuckery.
For information on internet rights, visit the EFF
Jameson Lopp has an extrodinarily robust write-up
for physical OpSec worth reading.
Be wary of dark patterns
and the use of cyber phrenology
The defense for anonymity
on Shiichan offers good support for the notion of privacy.
, show how it is easy and banal
; same with cryptography
Norse's live feed
is linked for realtime attack visualization.
Basic home network security - router
, and Windows security
:: Defense ::
Secure systems and networks.
are the only email services I trust (why no others
, or Qubes
) are all operating systems that can be placed on
and booted from removable media that also create a secure and trusted end node.
, and Beaker
are secure darknet clients (different respective nets).
• Don't use a VPN
unless it's Cryptostorm
are privacy-ensuring dark currencies.
is a self-destructing
desktop (expensive but works for paranoid people).
for secure password generation and management.
are robust drive encryption tools.
• Breakdown of messenger apps
by how secure they really are.
are robust IDS's.
are anti-forensic device whitelisters.
is a tool for determining if system files have been tampered with.
• GNU MAC Changer
are good MAC address spoofers.
• Debloat Firefox
and use secure addons
, or use IceCat
and check your fingerprint
are good steganography
• Arbitrarily generate new identitie
), valid credit cards
, and phone services
• Security Snobs
- exclusively use Abloy
locks for physical security.
• Earth Class Mail
and Traveling Mailbox
are re-mailers for physical mail.
are secure cellular phone devices.
and Silent Pocket
are faraday product manufacturers.
- you should strongly consider getting a concealed carry
:: Offense ::
is an OSINT assistant with similar possible uses as Maltego
is an IP address geographical locator.
is the most robust geotag and location tool amalgamator.
are useful whitepage-like databases.
is useful for background checks.
scrapper for images.
lookup for domains.
• Various other webdox
Interdiction and attrition.
are powerful network analyzers.
are robust penetration testing tools.
are login brute-forcers for remote authentication.
• Online Hash Crack
is a cloud-based cracking service.
• GUID Generator
gen's serial numbers for some software.
is a common remote access tool (plus the removal tool
• Dangerous Kitten
's skiddie hackpack is surprisingly comprehensive.
is the skiddie god-tool; it's a free DoS web service.
Databases and dumps.
is a large zero-day exploit database.
are the de facto exploit databases.
is a large hash database.
is an old MD5 database.
is an IoT exploit search engine / database.
• Device default password database
database for software serial keys.
• The NVD
is a useful tool for investigating known exploits.
• Equation group exploits
leaked a couple years ago.
• Learn to War Drive
• Pick all kinds of lock
) just like Bosnian Bill
• USB Killer
kills laptops at will by simply pluging it in.
• Get a millitary-grade briefcase EMP bomb
:: Misc ::
lets you check if your past email accounts have been compromised.
lets you view onion websites in clearnet browsers (nullifies privacy).
, or at least some shell scripting
It's good to know about DNSSEC root key split
and about secret sharing
Be lazy, use pentesting cheatsheet
Be faceless, share website logins with BugMeNot
Learn some scripting and hacking with wargames
Work on your reverse-engineering skills with Crackmes