A1d3n
AES, 105, 106
BTC address, 105
CloudFlare, 111
creepypastas, 114
deep web hosting, 107–109
DW chats/IRCs, 105–107, 111
gpg warning, 113–114
hacktivists/activists encounter, 111–113
KIST algorithm, 113, 114
mobile devices, 115–117
non-JS webchats, 115
OMEMO plugin, 107
onion directories, 110
ooniprobe project, 114
Penetration Testing Linux distributions, 110
PHP-based chats, 107, 111, 115
privacy hacktivist, 104
Qubes, 110
terms and conditions update, technology companies, 108–109
3DES, 105, 106
Tor/I2P, 109
VPN, 113
VPS, 109
Advanced Encryption Standard (AES), 97, 100
Advanced Network Research Group (ANRG), 21
Advanced persistent threat (APT), 1, 21
AES. See Advanced Encryption Standard (AES)
Ahmia.fi, 108
Ahmia search system, 3
AI, 83
Anonymous, 79
Anonymous online, 36–39
ANRG. See Advanced Network Research Group (ANRG)
AOL Instant Messenger, 88
AOL policy, 88
APT. See Advanced persistent threat (APT)
APT28, 94
ASTM Ellan javascript HP, 34
Asymmetric cryptography, 98
Asymmetric encryption, 98–99
Atlayo, 84–85
A1d3n, 104–117
Mr. Security, 84–96
Backdoor, 57, 58, 120
BAE Systems, 7
Behavior patterns, 39
Big data methods, 22–23
Biometrics, 38
Bitcoin-based drug dealing site, 59
BlackArch, 110
Black-hat, 64, 74, 84
Blowfish, 98
Botnet, 9, 19, 24
Brave browser, 109
Brute force, 102,
BTC pipeline, Turkey, 126–127
Caesar cypher, 101, 102
Canvas tools, 16
Chinese cyber espionage, 27
Chip-off, 139
Cicada 3301, Th Stg
Anonymous and Wikileaks, 79
Book of Enoch by John Dee, 80
Da Vinci code, decipher key, 84
Dawkins fascination, 81
enlightenment, 80
ESP and SSP perception, 80
human ego, 81
“human hybrid” access, 80
imagination and pilgrimage, 79
language, 79, 83
morphogenetic fields, Sheldrake concept of, 81
open education messages, 81
PGP encrypted messages, 82
privacy, definitions of, 78
self-reliance and privacy preservation, 77–78
Simulacra and Simulation by Jean Baudril, 80
Sumerian myth, 80
technological renaissance, 76, 82–83
technology with imagination, 82
work of Bruno Borges, 79–80
C2 infrastructure, 25
Citadel, 8–9
Clearnet, 1
CloudFlare, 111
Club Hell, 96–97
Colonel Gardner, 124, 126
Commodity threats, 25
Comparison interrupted time series (C/ITS) analysis, 23
Conficker, 130
Cozy Bear, 94
Cracking, 37, 90, 100
Crossover cable, 74
Crowdstrike, 94
Cryptanalysis, 102
Crypto
containers, 9
jacking, 25
Cryptography, 104
asymmetric, 98
primer, 96
symmetric, 97
wireless, 100–101
A Cryptography primer, 96–97
Cybersecurity
of civil society organizations, 23
CrowdStrike, 118
digital hygiene, 26
epidemiology paradigm, 24
market, 63
NGOs, 26
public health interventions, 23–24
sliding scale, 136
VPN, 42
Cyber Security Assessment and Response (CyberSAR) project, 20–21
participants, 26
Dark Internet, 2
Dark net
ARPA, 57
vs. dark web, 55
vs. deep web, 31–36
for good, 57–58
infiltrate, 58–59
intelligence, 58–59
Dark web, 2
Ahmia, 3
vs. dark net, 55
Free Search Methods, 6
GitHub and SourceForge, 13
Grams, 4
hacking tools, 7
Hidden Wiki, 2–3
hybrid methods, 8
KelvinSecTeam, definition by, 54–55
mobile applications, 8
multiple exploits method, 8
Not Evil, 4–5
Onion Link, 5
SQL injection, 11
Surface Web and Dark Internet websites, 2, 7
threat intelligence, 55–56
actuarial mathematical science, 63–64
Amber Alerts, 63
catch rate, 61
degree of rigor, 63
immediate value and security growth, 59–60
insurance companies, 63
intelligence programs, 61–62
intrusion prevention services,
61
mathematical sophistication,
63
meta information, 62
return on investment, 61
risk scoring, 63
scans and trends, 62
vulnerabilities and attack information, 62
Torch, 5
traffic tracking, 59
user’s information, 7
DarpaMemex directory page, 13
DARPA’s Memex search tool, 110
Darpa software, 13–17
Data compression, 65
Da Vinci code, decipher key, 84
DaVinci tools, 15
Dawkins fascination, 81
DDoS. See Denial-of-service attacks (DDoS)
Debian Linux, 77
DeepPeep, 108
DeepSound, 67
Deep web, 1
anonymous online, 36–39
Citadel, 8–9
vs. dark net, 31–36
ElcomSoft, 9–10
EnCase, 10
hacking tools, 6–7
hybrid methods, 8
Joseph definition, 27
Kali Linux, 10–11
Maltego, 11
malware, 6, 7
Metasploit, 11–12
Nmap, 12–13
“spoofing” technique, 7
Deep Web Technologies, 108
Denial-of-service attacks (DDoS), 119
DES, 97
Dictionary attack, encrypted passwords, 89
Diffie-Hellman, 98
Digital certificate, 140
Digital hygiene, 26
Digital Insecurity in Context, 22
Digital security environment, 25
Digital steganography, 64, 65
Digital threats, 25
DNC, 93–96
DNS. See Domain Name Service (DNS)
Documented attacks, 25
Domain Name Service (DNS)
firewall, 25
leaking, 52–53
traffic, 24
Dossier Stack, 13
Dot onion sites, 48, 50
Dragonfly 2.0, 130
DuckDuckGo, 112
ECC. See Elliptical curve cryptography (ECC)
EFNet, 13
ElcomSoft, 9–10
Elliptical curve cryptography (ECC), 99
e-mail, Mr. Security, 84–96
EnCase, 10
Encryption, 7, 39, 52, 103, 104
AES, 106
algorithms, 101, 102
asymmetric, 98–99
Citadel, 9
communication, 112
data, 41, 65
Dark Web, 14–15
DeepSound, 67
deficiency of, 85
e-mail, 42
end-to-end, 41, 42, 106
hashes, one-way encryption, 99–100
keys, 42, 106
rating, 116
Steghide, 66
symmetric, 75, 97–98
traffic, 41
Website, 49
wireless, 100–101
End-to-end encryption, 41, 42, 106
EU biometrics, 39
Evil maid assault, 141
Evil Wiki, 4
EXIF data, 72
EXIF Spider attack, 72
Exploit, 6, 9, 10, 16, 62, 134
Adobe Flash, 15
Canvas, 16
cool, 128
difficult-to-detect exploit software, 17
multiple exploits method, 8
remote, 112
spoofing, 7
vulnerabilities, 12
Eyeball scanners, 38
Facebook, 28
Face scanners, 38
Fancy Bear, cyber espionage group, 84, 93, 94
FinFisher tools, 15
Fingerprint scanners, 38
Forensics, 10, 122
digital, 9
Nmap, 13
Formasaurus, 14
Free Dark Internet search methods,
6
Freenet, 34
Galaxy9
DeadWarrior420, 27–54
GmrB, 64–74
hiring hacker on, 74–75
KelvinSecTeam, 54–64
Galileo tools, 15
GCHQ, 141
GhostNet, 19
The Glass Bead Game, 80
Glorious MrBeast (GmrB)
data encryption, 64–65
DeepSound, 67
digital steganography, 64, 65
LSB process, 65
nMap, data extraction, 72–74
PasteBin, 64
reconnaissance tools, 67–72
Steghide
example, 66
installation, 65–66
stenography, 66–67
WAR file upload, 74
GmrB. See Glorious MrBeast (GmrB)
Google-backed Recorded Future, 5
Grams, 4
Guccifer 2.0, 95
Hacker, 1, 12, 36–37, 88, 91, 92
advertisements, 111
educating and training groups of, 67
GmrB (see Glorious MrBeast (GmrB))
hiring, 74–75
Internet service provider vendors, 44
non state, 42
Russian, 95
sophisticated hacker classes, 95
targeting DNC, 93
Hacktivist, 1, 104, 111
Hash algorithms, 99
Hashes, 99–100
Hashing, 97, 99, 100
HEX, 75
Hidden Service Prober (HSProbe),
14
Hidden services, 48, 50, 51
Hidden-Web crawler, 108
Hidden Wiki, 2–3, 96
HSProbe. See Hidden Service Prober (HSProbe)
HTTP/SSL/TLS, 142
“Human hybrid” access, 80
iCloud/Google, 116
Industrial Computer Systems (ICS) malware
BlackEnergy, 2014, 119
BlackEnergy 2, 2014–2015, 119
facts vs. myth (see Robert M. Lee)
Havex, 2013, 118
Industroyer/Crash Override, 2016, 120
Stuxnet, 2010, 117–118
Triton, 2017, 121–122
Industrial control systems (ICS), 1
Information Security Consortium, 62
Infosec, 122
Internet private investigative (Internet PI), 56
Interrupted time series (ITS) analysis, 23
Intute, 108
I2P Dark Internet, 7
Jailbreak, 142
Kali Linux OPS, 1, 10–11, 65, 110
Kernel Informed Socket Transport (KIST) algorithm, 113
KeyPass backup, 116
Keys, 14, 98, 101
decryption, 42, 102
encryption, 42, 106
long, 105, 106
registry, 120
school, 45
LANMAN, 97
Least significant bit (LSB) process,
65
Lee, Robert M. (ICS)
accidental attack, 138
APT, 128
BTC pipeline, Turkey, 126–127
circuit breaker system vulnerabilities, 135
Colonel Gardner, 124, 126
conficker and slammer, 130
Crash Override, 130, 133, 138
cyberspace warfare operations officer, 122
DDD ports, 125
Defence, 136
defender and intelligence analyst, 123
Dragonfly 2.0, 130
Dragos, Inc., CEO and founder of, 122
education, 122
e-mail servers and skate environments, 129
HDMI communicates, 135
ICS network protocols, 134
Iranian nuclear reactors, 129
IT security best practices, 137
Norse cyber attack, 125
operational risk, 128–129
Passcode’s “Influencers,” 122
physical engineering process, 131
power grids failure, 123
ransomware, 128, 131
Russian cyber attack, 126
Russian IP address, 124–125
Sam worm, 130
skating environment, hijack, 133
Staples Center, 124
tradecraft and capabilities, 137
Ukraine power grid attack, 122, 132
Linux, 12, 52
Debian, 77
Kali, 1, 10, 65, 110
nMap, 74
Penetration Testing, 108, 110
Lulz, 143
Maltego, 11
Malware, 6–8, 15, 58, 90
anti-virus and anti-malware tools, 9
attacks, 22, 24, 25
ecosystems, 21, 24
FinFisher, 15
detection at NGOs, 21
families, characterization, 24–25
ICS (see Industrial Computer Systems (ICS) malware)
sample collection, 59
Stuxnet, 99
updates, 9
Man-in-the-middle, 143
MD4, 100
MD5, 100
Memex Project, 13
MetaCarta, 14
Metadata, 95, 108
Metasploit, 11–12
Monas Hieroglyphica, 80
Morphogenetic fields, Sheldrake concept of, 81
Mr. Security, 84–96
MVP ends, 37
Network Mapper (Nmap), 12–13
NIST, 97
nMap, data extraction, 72–74
Nonce, 144
Non-Windows hacker tools, 119
Norse cyber attack, 125
Northrop Grumman, 7
NotEvil, 4–5, 108
NSA radar, 35
NSO Pegasus system, 16
Offensive security, 1
Off-The-Record (OTR) plugin, 107
Onion Link, 5
Open-source intelligence (OSINT) tools, 1
OpSec, 144
ParrotSec, 110
Passcode’s “Influencers,” 122
Password cracking, 90
Password managers, 144
Pegasus software, 16–17
Penetration Testing Linux distributions, 108, 110
Penetration testing (pentest) software, 6
PGP. See Pretty Good Privacy (PGP)
PGP encrypted messages, 82
Phishing
attack, 25, 90, 90, 93
e-mail, 88, 89, 92, 94, 132
message, 93
spear-phishing, 75, 84, 90, 93
PKI. See Public essential infrastructure (PKI)
Plaintext, 103
Podesta emails, 84, 85, 96
Pretty Good Privacy (PGP), 9, 82, 84, 98, 99, 113
Protonmail, 42
Public essential infrastructure (PKI), 99
Pwned, 145
“Quasi- experimental” design, 23
Qubes, 110
RADIUS. See Remote authentication server (RADIUS)
Rail fence cypher, 101
Rainbow table, 146
Ransomware, 22, 128, 131
RAT. See Remote access tool (RAT)
RC4, 98
RCS. See Remote control system (RCS)
Reconnaissance tools, 67–72
Red team, 128
Regular phishing, 75
Remote access tool (RAT), 118
Remote authentication server (RADIUS), 100
Remote control system (RCS), 15
Rivest, Shamir, and Adleman (RSA), 98
Robots, 28–30
Root, 29, 82, 127
Rootkit, 15
RSA. See Rivest, Shamir, and Adleman (RSA)
Russian cyber attack, 126
Salting, 147
Sam worm, 130
Sandworm, 119, 120
Script kiddies, 138
Search engines, 2–6
SecDev Foundation, 19
SecureWorks, 93
Security budget, 60
Security suites, 6
SHA1, 100
ShadowNet, 19
Shodan, 147–148
Side channel attack, 148
Signature, 99, 104, 111
Slammer, 130
Smoking Gun, 96
Sniffing, 148
Social context, 25
Social engineering, 25
Spear-phishing, 75, 84, 90, 93
Spiders, 28
Spoofing technique, 7, 94
Spyware, 52
SQL injection, 10–11
SQLMap, 10
Startling, 40
Startpage, 112
State actor, 149
Steganography, 64, 65
Steghide
example, 66
installation, 65–66
Stenography, 66–67
Straight cable, 74
Substitution-permutation networks, 103–104
Surface Web, 2
Symmetric cryptography, 97
Symmetric encryption, 75, 97–98
Tails, 50, 52–54
Targeted Threat Index (TTI), 25
TCAP IP protocols, 32, 37
TCP, 75
Technological renaissance, 76, 82–83
Telegram’s Super Secret Chats, 116
The Unknowns, 84, 96
Threat Intelligence providers, 58–59
Threat model, 25, 39, 42, 43
3DES, 97
Th Stg. See Cicada 3301, Th Stg
Token, 150
Tor
anonymity, 33–34
BitTorrent, 46
Black Eyed Peas, 44
browser, 34, 49, 50
cloud, 34
CNN dot com, 46–47, 50
cracking, 38
darknet, 35–36, 51–52
definition, 45
dot onion sites, 48, 50
geolocation with IP addresses, 46
hidden services, 48, 50, 51
hiding location, 46
multiple proxy servers, 37
proxy classes, 51
quicktime flash, 49
quote-unquote darknet, 51
relays, 47–49, 51
routing information, 33
secret service, 45
services, 31–33
Starbucks Wifi VPN, 43
tails, 50, 52–54
Tor Project dot org, 49
traffic analysis, 46
Trilla, 47
Triola, 47
U.S. Naval Research Laboratory, 45
Tor Browser Bundle, 50
Torch search system, 5, 108
TorSearch, 4
Traffic analysis, 104
TTI. See Targeted Threat Index (TTI)
Two-factor authentication (2FA), 90, 92
Twofish, 98
UCLA, 108
UDP, 75
Unified Extensible Firmware Interface (UEFI), 15
US presidential campaign, 85–96
Verification (ditch), 151
Vigenere, 101
Virtual private networks (VPNs)
A1d3n, 113
Black Eyed Peas Tor, 44
browsing history, 39–40
Cammi, 43
confidentiality, 40, 41
corporate privacy protection, 41
data encryption, 41
Eidi, 44
government’s surveillance, 43
IP address, 39
ISP advertisers, 42
jurisdiction, 43
Kamm’s system, 39
Kubelik origin, 45
lease lines, 40
local area networks, 40
monopolistic Internet service provider, 43
non state hackers, 42
Privacy Badger cookie, 45
Protonmail, 42
sensitive information protection, 43
servers, 37
speed data integrity, 40
startling, 40
Virus, 8, 53, 117
VPNs. See Virtual private networks (VPNs)
Vulnerability (Vuln), 16, 62, 128, 134, 136, 137
circuit breaker system, 135
CyberSAR, 21
Dark Web site, 11
Metasploit, 11
Siemens Patches Vulnerabilities, 120
SQL injection, 10
zero-day, 118
of Web sites, 57
Walton, Greg
big data methods, 22–23
Chinese cyber espionage, 27
CyberSAR project, 20–21
data collection, 23
DNS, 24
epidemiology, 23–24
malware detection at NGOs, 21
malware families, characterization, 24–25
Oxford’s Cyber Security CDT programme, 21
SecDev Foundation, 19–20
third sector vs. corporate/government sectors, 26
Tibetan NGOs, 19
Warez, 152
WAR files, 74
WEP, 100
Whaling, 90
White hat, 152
Wikileaks, 79, 87, 94, 95
Wireless cryptography, 100–101
WordPress site, 28, 30
Worm, 134
WPA, 100
WPA2-Enterprise, 100
WPA2-PSK, 100
Zero-day, 63, 118
Zeropoint, 21