Posts: 11 Threads: 4 Joined: Apr 2023 Reputation: Credits: 5€ [Donate] Hey guys, im still in my learning process but I'd love some tips on every tools I can set up to become invisible? what should I do, please guide me. I dont expect step by step, just name the process or program and ill go learn it on my own and set it up. Please and thank you Posts: 14 Threads: 0 Joined: Mar 2023 Reputation: Credits: 6.6€ [Donate] - Always use TOR and setup bridge - To secure your OS: Use tails / Whonix on VB / Whonix on Qubes - Encrypt you data on disk - Use burner mail for one time use. If you need permanent mail, use email providers that operate within the Tor network (I use torbox) - Use pgp to encrypt or sign your mail For more, check hacktowns OPsec course: http://hacktowns3sba2xavxecm23aoocvzciax...ction=ACT0 “The happiness of your life depends upon the quality of your thoughts.” Posts: 5 Threads: 0 Joined: Mar 2023 Reputation: Credits: 6.6€ [Donate] chubbyBunny Wrote: - Always use TOR and setup bridge - To secure your OS: Use tails / Whonix on VB / Whonix on Qubes - Encrypt you data on disk - Use burner mail for one time use. If you need permanent mail, use email providers that operate within the Tor network (I use torbox) - Use pgp to encrypt or sign your mail For more, check hacktowns OPsec course: http://hacktowns3sba2xavxecm23aoocvzciax...ction=ACT0 Great Response. The link you provided has a handful of useful information. Posts: 8 Threads: 1 Joined: Apr 2023 Credits: 5€ [Donate] chubbyBunny Wrote: - Always use TOR and setup bridge - To secure your OS: Use tails / Whonix on VB / Whonix on Qubes - Encrypt you data on disk - Use burner mail for one time use. If you need permanent mail, use email providers that operate within the Tor network (I use torbox) - Use pgp to encrypt or sign your mail For more, check hacktowns OPsec course: http://hacktowns3sba2xavxecm23aoocvzciax...ction=ACT0 Try to use things like proxychains and VPNs only if you can get them in an anonymous way but always follow those. Whonix on anything I think is fine too. Best wishes Posts: 16 Threads: 5 Joined: Apr 2023 Reputation: Credits: 39.92€ [Donate] 04-22-2023, 07:26 AM (This post was last modified: 04-22-2023, 07:41 AM by Woodie.) e There are a thousand ways you can fuck up with your opsec approach. The only real way to be safe is to have a solid understanding of all of the technologies that you are using. For example, if you don't understand how computer networking works. Then you won't know how mac addresses are using for transportation of data frames on level 2 of the OSI model, how the mac address is constructed into two parts, the OUI section, and the Device ID section, how the OUI can be used to identify the device manufacturer of a given device, How every mac address on a network has to be unique, how mac addresses don't like a subnet, what a subnet is, how mac address spoofing works, the differences between mac address spoofing on different operating systems, the implications of using the same spoofed or non spoofed mac address while connecting to your own home network and a hacked neighbors wifi network, and how using the same spoofed mac address on both can get you caught via modern ISP router telemetry and data collection. The above paragraph illustrates how just not understanding one small area of knowledge within tech, specifically relating to mac addresses can lead to 3+ ways you can fuck up and get caught. My point with that example, is that regardless of how many OPSEC tips, and advice you read online, on dread, or etc. You are just trusting some random persons advice with the potential difference between being free and going to prison for x number of years. So if Prison is the stakes if you get de-anonymized, then don't just base your OPSEC approach off of what people say on envoy or dread, instead invest weeks or months into learning about the various technology and theory, as that is the only way you will be able to know if the advice someone posts on Dread or Envoy is solid advice, or is flawed and will get you busted. OMEMO Fingerprint: 4DBD9949 1C634952 8C492DB8 5F6B7C31 091F01F2 B6EFDD51 AC670532 70981329 Posts: 11 Threads: 4 Joined: Apr 2023 Reputation: Credits: 5€ [Donate] Woodie Wrote: e There are a thousand ways you can fuck up with your opsec approach. The only real way to be safe is to have a solid understanding of all of the technologies that you are using. For example, if you don't understand how computer networking works. Then you won't know how mac addresses are using for transportation of data frames on level 2 of the OSI model, how the mac address is constructed into two parts, the OUI section, and the Device ID section, how the OUI can be used to identify the device manufacturer of a given device, How every mac address on a network has to be unique, how mac addresses don't like a subnet, what a subnet is, how mac address spoofing works, the differences between mac address spoofing on different operating systems, the implications of using the same spoofed or non spoofed mac address while connecting to your own home network and a hacked neighbors wifi network, and how using the same spoofed mac address on both can get you caught via modern ISP router telemetry and data collection. The above paragraph illustrates how just not understanding one small area of knowledge within tech, specifically relating to mac addresses can lead to 3+ ways you can fuck up and get caught. My point with that example, is that regardless of how many OPSEC tips, and advice you read online, on dread, or etc. You are just trusting some random persons advice with the potential difference between being free and going to prison for x number of years. So if Prison is the stakes if you get de-anonymized, then don't just base your OPSEC approach off of what people say on envoy or dread, instead invest weeks or months into learning about the various technology and theory, as that is the only way you will be able to know if the advice someone posts on Dread or Envoy is solid advice, or is flawed and will get you busted. how secure is a cash bought laptop, with nothing linking to personal life, with burner data simcards that get changed religiously? Posts: 16 Threads: 5 Joined: Apr 2023 Reputation: Credits: 39.92€ [Donate] 04-22-2023, 07:36 PM (This post was last modified: 04-22-2023, 07:40 PM by Woodie.) scripto3 Wrote: Woodie Wrote: e There are a thousand ways you can fuck up with your opsec approach. The only real way to be safe is to have a solid understanding of all of the technologies that you are using. For example, if you don't understand how computer networking works. Then you won't know how mac addresses are using for transportation of data frames on level 2 of the OSI model, how the mac address is constructed into two parts, the OUI section, and the Device ID section, how the OUI can be used to identify the device manufacturer of a given device, How every mac address on a network has to be unique, how mac addresses don't like a subnet, what a subnet is, how mac address spoofing works, the differences between mac address spoofing on different operating systems, the implications of using the same spoofed or non spoofed mac address while connecting to your own home network and a hacked neighbors wifi network, and how using the same spoofed mac address on both can get you caught via modern ISP router telemetry and data collection. The above paragraph illustrates how just not understanding one small area of knowledge within tech, specifically relating to mac addresses can lead to 3+ ways you can fuck up and get caught. My point with that example, is that regardless of how many OPSEC tips, and advice you read online, on dread, or etc. You are just trusting some random persons advice with the potential difference between being free and going to prison for x number of years. So if Prison is the stakes if you get de-anonymized, then don't just base your OPSEC approach off of what people say on envoy or dread, instead invest weeks or months into learning about the various technology and theory, as that is the only way you will be able to know if the advice someone posts on Dread or Envoy is solid advice, or is flawed and will get you busted. how secure is a cash bought laptop, with nothing linking to personal life, with burner data simcards that get changed religiously? Fairly safe, the main risk with buying hardware that is used or refurbished is the chance that whoever previously owned it got it infected with a root kit that is able to persist a hard drive/ssd replacement. My personal mitigation to this, is that I buy second hand think pads that are compatible with the "heads" custom hardened bios firmware. You can go on Ebay or a similar site and search for a specific thinkpad model that is compatible, and switch the filter to looking specifcally for sellers offering local pickup within so many Kilometers/miles. Once you find a few sellers that are selling a large stock of old think pads, shoot them a message and say that you aren't certain which thinkpad you want to go with and you have a few in mind and ask if it would be possible to drive down to their business location (which is typically a pc repair shop or a warehouse) and ask to see each of the laptops. Once you are there, make it clear that you are only interested in the specific model that is heads compatible that you are planning to modify for hacking ops. This way there is zero chance of law enforcement intercepting the laptop and tampering with it in any way. And I swap out most of the components for new components that some rootkits persist within, for example swapping out the hard drive, the CPU, the ram, and removing the WiFi card. And once that is all done, I gut the computer and remove the Speaker, microphone and remove the web camera if possible, if the web camera can't be removed, then I deattach the ribbon cable that connects it to the motherboard. then I ping up a hardware SPI flasher for flashing the heads custom bios firmware onto the bios chips on the motherboard (there are guides you can find on google on how to do that for a specific thinkpad model). once you flash the bios chip to neuter intel management engine spying bullshit and replace the bios firmware with a hardened version that verifies cryptographically that your boot files haven't been tampered with by a person entering your home or by a rootkit writing to your boot files to infect the operating system. and I confirm it is working how it should, then I pick up some PC-7 non-conductive epoxy as it has decent thermal transfer so it won't cause your laptop to overheat if you apply it wrong. I basically, then swap out the CMOS battery for a new one so I can use the computer for alteast the next 5 years before having to replace it. And then I seal the PC from being able to be opened with PC-7 epoxy and if the ram in deattachable and not soldered in, then I apply some PC-7 epoxy to the sides of the ram card slot so that it is impossible to remove it for a cold boot attack to extract encryption keys. Tip, you can cure the PC-7 epoxy in 2 hours if your home oven goes down to I think 150 degrees faranheight and just make sure you remove the battery before putting it in the oven as that is the only component on think pads that will get severely damaged or explode at that temperature. EDIT: if you do the oven curing method for the PC-7 epoxy, then wait at least an hour for the motherboard to gradually return to room temperature before powering on. Also, if you want to be safe, you can just let it cure at room temperature which takes around 48 hours. With the oven, it takes around 2 hours. and 1 additional hour to cool down. I wasn't patient so I did that approach. OMEMO Fingerprint: 4DBD9949 1C634952 8C492DB8 5F6B7C31 091F01F2 B6EFDD51 AC670532 70981329 Posts: 11 Threads: 4 Joined: Apr 2023 Reputation: Credits: 5€ [Donate] Woodie Wrote: scripto3 Wrote: Woodie Wrote: e There are a thousand ways you can fuck up with your opsec approach. The only real way to be safe is to have a solid understanding of all of the technologies that you are using. For example, if you don't understand how computer networking works. Then you won't know how mac addresses are using for transportation of data frames on level 2 of the OSI model, how the mac address is constructed into two parts, the OUI section, and the Device ID section, how the OUI can be used to identify the device manufacturer of a given device, How every mac address on a network has to be unique, how mac addresses don't like a subnet, what a subnet is, how mac address spoofing works, the differences between mac address spoofing on different operating systems, the implications of using the same spoofed or non spoofed mac address while connecting to your own home network and a hacked neighbors wifi network, and how using the same spoofed mac address on both can get you caught via modern ISP router telemetry and data collection. The above paragraph illustrates how just not understanding one small area of knowledge within tech, specifically relating to mac addresses can lead to 3+ ways you can fuck up and get caught. My point with that example, is that regardless of how many OPSEC tips, and advice you read online, on dread, or etc. You are just trusting some random persons advice with the potential difference between being free and going to prison for x number of years. So if Prison is the stakes if you get de-anonymized, then don't just base your OPSEC approach off of what people say on envoy or dread, instead invest weeks or months into learning about the various technology and theory, as that is the only way you will be able to know if the advice someone posts on Dread or Envoy is solid advice, or is flawed and will get you busted. how secure is a cash bought laptop, with nothing linking to personal life, with burner data simcards that get changed religiously? Fairly safe, the main risk with buying hardware that is used or refurbished is the chance that whoever previously owned it got it infected with a root kit that is able to persist a hard drive/ssd replacement. My personal mitigation to this, is that I buy second hand think pads that are compatible with the "heads" custom hardened bios firmware. You can go on Ebay or a similar site and search for a specific thinkpad model that is compatible, and switch the filter to looking specifcally for sellers offering local pickup within so many Kilometers/miles. Once you find a few sellers that are selling a large stock of old think pads, shoot them a message and say that you aren't certain which thinkpad you want to go with and you have a few in mind and ask if it would be possible to drive down to their business location (which is typically a pc repair shop or a warehouse) and ask to see each of the laptops. Once you are there, make it clear that you are only interested in the specific model that is heads compatible that you are planning to modify for hacking ops. This way there is zero chance of law enforcement intercepting the laptop and tampering with it in any way. And I swap out most of the components for new components that some rootkits persist within, for example swapping out the hard drive, the CPU, the ram, and removing the WiFi card. And once that is all done, I gut the computer and remove the Speaker, microphone and remove the web camera if possible, if the web camera can't be removed, then I deattach the ribbon cable that connects it to the motherboard. then I ping up a hardware SPI flasher for flashing the heads custom bios firmware onto the bios chips on the motherboard (there are guides you can find on google on how to do that for a specific thinkpad model). once you flash the bios chip to neuter intel management engine spying bullshit and replace the bios firmware with a hardened version that verifies cryptographically that your boot files haven't been tampered with by a person entering your home or by a rootkit writing to your boot files to infect the operating system. and I confirm it is working how it should, then I pick up some PC-7 non-conductive epoxy as it has decent thermal transfer so it won't cause your laptop to overheat if you apply it wrong. I basically, then swap out the CMOS battery for a new one so I can use the computer for alteast the next 5 years before having to replace it. And then I seal the PC from being able to be opened with PC-7 epoxy and if the ram in deattachable and not soldered in, then I apply some PC-7 epoxy to the sides of the ram card slot so that it is impossible to remove it for a cold boot attack to extract encryption keys. Tip, you can cure the PC-7 epoxy in 2 hours if your home oven goes down to I think 150 degrees faranheight and just make sure you remove the battery before putting it in the oven as that is the only component on think pads that will get severely damaged or explode at that temperature. EDIT: if you do the oven curing method for the PC-7 epoxy, then wait at least an hour for the motherboard to gradually return to room temperature before powering on. Also, if you want to be safe, you can just let it cure at room temperature which takes around 48 hours. With the oven, it takes around 2 hours. and 1 additional hour to cool down. I wasn't patient so I did that approach. This is everything I needed to hear! I bought my current laptop brand new with cash. Hey mind if i send you a message privately please? Posts: 11 Threads: 4 Joined: Apr 2023 Reputation: Credits: 5€ [Donate] scripto3 Wrote: Woodie Wrote: scripto3 Wrote: Woodie Wrote: e There are a thousand ways you can fuck up with your opsec approach. The only real way to be safe is to have a solid understanding of all of the technologies that you are using. For example, if you don't understand how computer networking works. Then you won't know how mac addresses are using for transportation of data frames on level 2 of the OSI model, how the mac address is constructed into two parts, the OUI section, and the Device ID section, how the OUI can be used to identify the device manufacturer of a given device, How every mac address on a network has to be unique, how mac addresses don't like a subnet, what a subnet is, how mac address spoofing works, the differences between mac address spoofing on different operating systems, the implications of using the same spoofed or non spoofed mac address while connecting to your own home network and a hacked neighbors wifi network, and how using the same spoofed mac address on both can get you caught via modern ISP router telemetry and data collection. The above paragraph illustrates how just not understanding one small area of knowledge within tech, specifically relating to mac addresses can lead to 3+ ways you can fuck up and get caught. My point with that example, is that regardless of how many OPSEC tips, and advice you read online, on dread, or etc. You are just trusting some random persons advice with the potential difference between being free and going to prison for x number of years. So if Prison is the stakes if you get de-anonymized, then don't just base your OPSEC approach off of what people say on envoy or dread, instead invest weeks or months into learning about the various technology and theory, as that is the only way you will be able to know if the advice someone posts on Dread or Envoy is solid advice, or is flawed and will get you busted. how secure is a cash bought laptop, with nothing linking to personal life, with burner data simcards that get changed religiously? Fairly safe, the main risk with buying hardware that is used or refurbished is the chance that whoever previously owned it got it infected with a root kit that is able to persist a hard drive/ssd replacement. My personal mitigation to this, is that I buy second hand think pads that are compatible with the "heads" custom hardened bios firmware. You can go on Ebay or a similar site and search for a specific thinkpad model that is compatible, and switch the filter to looking specifcally for sellers offering local pickup within so many Kilometers/miles. Once you find a few sellers that are selling a large stock of old think pads, shoot them a message and say that you aren't certain which thinkpad you want to go with and you have a few in mind and ask if it would be possible to drive down to their business location (which is typically a pc repair shop or a warehouse) and ask to see each of the laptops. Once you are there, make it clear that you are only interested in the specific model that is heads compatible that you are planning to modify for hacking ops. This way there is zero chance of law enforcement intercepting the laptop and tampering with it in any way. And I swap out most of the components for new components that some rootkits persist within, for example swapping out the hard drive, the CPU, the ram, and removing the WiFi card. And once that is all done, I gut the computer and remove the Speaker, microphone and remove the web camera if possible, if the web camera can't be removed, then I deattach the ribbon cable that connects it to the motherboard. then I ping up a hardware SPI flasher for flashing the heads custom bios firmware onto the bios chips on the motherboard (there are guides you can find on google on how to do that for a specific thinkpad model). once you flash the bios chip to neuter intel management engine spying bullshit and replace the bios firmware with a hardened version that verifies cryptographically that your boot files haven't been tampered with by a person entering your home or by a rootkit writing to your boot files to infect the operating system. and I confirm it is working how it should, then I pick up some PC-7 non-conductive epoxy as it has decent thermal transfer so it won't cause your laptop to overheat if you apply it wrong. I basically, then swap out the CMOS battery for a new one so I can use the computer for alteast the next 5 years before having to replace it. And then I seal the PC from being able to be opened with PC-7 epoxy and if the ram in deattachable and not soldered in, then I apply some PC-7 epoxy to the sides of the ram card slot so that it is impossible to remove it for a cold boot attack to extract encryption keys. Tip, you can cure the PC-7 epoxy in 2 hours if your home oven goes down to I think 150 degrees faranheight and just make sure you remove the battery before putting it in the oven as that is the only component on think pads that will get severely damaged or explode at that temperature. EDIT: if you do the oven curing method for the PC-7 epoxy, then wait at least an hour for the motherboard to gradually return to room temperature before powering on. Also, if you want to be safe, you can just let it cure at room temperature which takes around 48 hours. With the oven, it takes around 2 hours. and 1 additional hour to cool down. I wasn't patient so I did that approach. This is everything I needed to hear! I bought my current laptop brand new with cash. Hey mind if i send you a message privately please? If I took out the drive, everyting listed above inc cpu out of my current laptop. cant I turn it into something compatible with the heads hardened firmware? Posts: 16 Threads: 5 Joined: Apr 2023 Reputation: Credits: 39.92€ [Donate] scripto3 Wrote: scripto3 Wrote: Woodie Wrote: scripto3 Wrote: Woodie Wrote: e There are a thousand ways you can fuck up with your opsec approach. The only real way to be safe is to have a solid understanding of all of the technologies that you are using. For example, if you don't understand how computer networking works. Then you won't know how mac addresses are using for transportation of data frames on level 2 of the OSI model, how the mac address is constructed into two parts, the OUI section, and the Device ID section, how the OUI can be used to identify the device manufacturer of a given device, How every mac address on a network has to be unique, how mac addresses don't like a subnet, what a subnet is, how mac address spoofing works, the differences between mac address spoofing on different operating systems, the implications of using the same spoofed or non spoofed mac address while connecting to your own home network and a hacked neighbors wifi network, and how using the same spoofed mac address on both can get you caught via modern ISP router telemetry and data collection. The above paragraph illustrates how just not understanding one small area of knowledge within tech, specifically relating to mac addresses can lead to 3+ ways you can fuck up and get caught. My point with that example, is that regardless of how many OPSEC tips, and advice you read online, on dread, or etc. You are just trusting some random persons advice with the potential difference between being free and going to prison for x number of years. So if Prison is the stakes if you get de-anonymized, then don't just base your OPSEC approach off of what people say on envoy or dread, instead invest weeks or months into learning about the various technology and theory, as that is the only way you will be able to know if the advice someone posts on Dread or Envoy is solid advice, or is flawed and will get you busted. how secure is a cash bought laptop, with nothing linking to personal life, with burner data simcards that get changed religiously? Fairly safe, the main risk with buying hardware that is used or refurbished is the chance that whoever previously owned it got it infected with a root kit that is able to persist a hard drive/ssd replacement. My personal mitigation to this, is that I buy second hand think pads that are compatible with the "heads" custom hardened bios firmware. You can go on Ebay or a similar site and search for a specific thinkpad model that is compatible, and switch the filter to looking specifcally for sellers offering local pickup within so many Kilometers/miles. Once you find a few sellers that are selling a large stock of old think pads, shoot them a message and say that you aren't certain which thinkpad you want to go with and you have a few in mind and ask if it would be possible to drive down to their business location (which is typically a pc repair shop or a warehouse) and ask to see each of the laptops. Once you are there, make it clear that you are only interested in the specific model that is heads compatible that you are planning to modify for hacking ops. This way there is zero chance of law enforcement intercepting the laptop and tampering with it in any way. And I swap out most of the components for new components that some rootkits persist within, for example swapping out the hard drive, the CPU, the ram, and removing the WiFi card. And once that is all done, I gut the computer and remove the Speaker, microphone and remove the web camera if possible, if the web camera can't be removed, then I deattach the ribbon cable that connects it to the motherboard. then I ping up a hardware SPI flasher for flashing the heads custom bios firmware onto the bios chips on the motherboard (there are guides you can find on google on how to do that for a specific thinkpad model). once you flash the bios chip to neuter intel management engine spying bullshit and replace the bios firmware with a hardened version that verifies cryptographically that your boot files haven't been tampered with by a person entering your home or by a rootkit writing to your boot files to infect the operating system. and I confirm it is working how it should, then I pick up some PC-7 non-conductive epoxy as it has decent thermal transfer so it won't cause your laptop to overheat if you apply it wrong. I basically, then swap out the CMOS battery for a new one so I can use the computer for alteast the next 5 years before having to replace it. And then I seal the PC from being able to be opened with PC-7 epoxy and if the ram in deattachable and not soldered in, then I apply some PC-7 epoxy to the sides of the ram card slot so that it is impossible to remove it for a cold boot attack to extract encryption keys. Tip, you can cure the PC-7 epoxy in 2 hours if your home oven goes down to I think 150 degrees faranheight and just make sure you remove the battery before putting it in the oven as that is the only component on think pads that will get severely damaged or explode at that temperature. EDIT: if you do the oven curing method for the PC-7 epoxy, then wait at least an hour for the motherboard to gradually return to room temperature before powering on. Also, if you want to be safe, you can just let it cure at room temperature which takes around 48 hours. With the oven, it takes around 2 hours. and 1 additional hour to cool down. I wasn't patient so I did that approach. This is everything I needed to hear! I bought my current laptop brand new with cash. Hey mind if i send you a message privately please? If I took out the drive, everyting listed above inc cpu out of my current laptop. cant I turn it into something compatible with the heads hardened firmware? only if your laptop model is compatible with heads. google "heads bios firmware" and go to the github and check the compatibility matrix to see if your device is supported. there are a limited number of old thinkpad models that are supported. OMEMO Fingerprint: 4DBD9949 1C634952 8C492DB8 5F6B7C31 091F01F2 B6EFDD51 AC670532 70981329 |