Your IP:
logo Internet Trench Warfare -- Updated 2018/12/3 Back to Snerx -- Contact us on our official Discord. ======================================================================================
:: Overview :: Despite the intrusion of massive surveillance programs like PRISM and DCSNet, the mass-use of Stingray devices, as well as the potential threat of weak to mid-tier encryption equating to no encryption because of things like Bullrun, it's still the case that you may find personal privacy on the internet a priority, or further that since the state is allowed to see everyone's personal information, that everyone else should be allowed to see the same information, meaning offensive measures as well as defensive measures are necessary. Well this is a good starting point for your future of being put on a government watch list because below are a bunch of various tools for "educational" implimentations of fuckery. For information on internet rights, visit the EFF or FSF. Jameson Lopp has an extrodinarily robust write-up for physical OpSec worth reading. Be wary of dark patterns and the use of cyber phrenology. The defense for anonymity on Shiichan offers good support for the notion of privacy. Demystify hacking, show how it is easy and banal; same with cryptography. Norse's live feed is linked for realtime attack visualization. Basic home network security - router, ports, and Windows security. :: Defense :: Secure systems and networks.Paranoid and Bitmessage are the only email services I trust (why no others). • Tails, TENS, or Qubes (with AEM) are all operating systems that can be placed on and booted from removable media that also create a secure and trusted end node. • Tor, I2P, and Beaker are secure darknet clients (different respective nets). • Don't use a VPN unless it's Cryptostorm. • Monero and Zcash are privacy-ensuring dark currencies. • ORWL is a self-destructing desktop (expensive but works for paranoid people). • KeePassXC and diceware for secure password generation and management. • VeraCrypt and dm-crypt are robust drive encryption tools. • Breakdown of messenger apps by how secure they really are. Immunization.Snort and Samhain are robust IDS's. • usbkill/silk-guardian are anti-forensic device whitelisters. • Chkrootkit is a tool for determining if system files have been tampered with. • GNU MAC Changer/Technitium are good MAC address spoofers. • Debloat Firefox and use secure addons, or use IceCat and check your fingerprint(s). • OpenPuff and f5stego are good steganography tools. • Arbitrarily generate new identitie(s), valid credit cards, and phone services. Physical defense.Security Snobs - exclusively use Abloy locks for physical security. • Earth Class Mail and Traveling Mailbox are re-mailers for physical mail. • Blackphone and Librem are secure cellular phone devices. • MOSequipment and Silent Pocket are faraday product manufacturers. • Firearms - you should strongly consider getting a concealed carry license.
:: Offense :: Doxumentation.Datasploit is an OSINT assistant with similar possible uses as Maltego. • Infosniper is an IP address geographical locator. • GeoHack is the most robust geotag and location tool amalgamator. • FastPeopleSearch/TruePeopleSearch are useful whitepage-like databases. • InstantCheckmate is useful for background checks. • Metadata scrapper for images. • BrowserLeaks/Whois lookup for domains. • Various other webdox tools. Interdiction and attrition.Wireshark and Nmap are powerful network analyzers. • Nikto2 and Metasploit are robust penetration testing tools. • Hydra and Medusa are login brute-forcers for remote authentication. • Online Hash Crack is a cloud-based cracking service. • GUID Generator gen's serial numbers for some software. • DarkComet is a common remote access tool (plus the removal tool). • Dangerous Kitten's skiddie hackpack is surprisingly comprehensive. • Vbooter is the skiddie god-tool; it's a free DoS web service. Databases and is a large zero-day exploit database. • CVE/ExploitDB are the de facto exploit databases. • is a large hash database. • CMD5 is an old MD5 database. • Shodan is an IoT exploit search engine / database. • Device default password database(s). • database for software serial keys. • The NVD is a useful tool for investigating known exploits. • Equation group exploits leaked a couple years ago. Physical offense. • Learn to War Drive or SkyJack. • Pick all kinds of lock(s) just like Bosnian Bill. • USB Killer kills laptops at will by simply pluging it in. • Get a millitary-grade briefcase EMP bomb for fun. :: Misc :: HIBP? lets you check if your past email accounts have been compromised. Tor2web lets you view onion websites in clearnet browsers (nullifies privacy). Learn programming, or at least some shell scripting. It's good to know about DNSSEC root key split and about secret sharing in general. Be lazy, use pentesting cheatsheet(s). Be faceless, share website logins with BugMeNot/Login2/fakeaccount. Learn some scripting and hacking with wargames. Work on your reverse-engineering skills with Crackmes.