Introducing: A Tor Address for 0x00sec!

announcement
0x00sec
hidden
dotonion
torservice

(Security Architect & Founder) #1

0x00sec has used Cloudflare for a while; mainly for security reasons. Cloudflare is great. And it’s secure as well. But one thing is a little annoying. Captchas.

I use Tor on a daily basis, and the two biggest problems with Tor are Exit Nodes and Captcha’s, Exit nodes have been notorious for running crafty things like sniffers, which means any non-encrypted communication can be picked up. This has put many off Tor altogether; but Tor when used correctly, can be very powerful.

Today we are announcing the new Tor address for 0x00sec. This is an internal .onion, so no exit nodes are never used (or see any unencrypted traffic). All traffic to and from this site can be completely encapsulated within Tor. That means your identity can be completely anonymous when browsing the site.

I think this is a valuable addition to 0x00sec. And I know many of you will appreciate it.

Because it is a Tor Hidden Service; SSL is a tricky topic. We have normal ‘plaintext’ + a https port open; the https is self-signed, because it gets complicated and we’d end up having to sign another certificate to the .onion. For your own sanity, I will post the checksums.

If you’re paranoid; it’s completely safe to use the plaintext non-https port 80. As this is Tor. Anything within Tor is handled by Tor’s encryption layers. So you’re good just loading the .onion as it is.

##Address
nullxvxy6kasmy2r.onion

##Checksums

SHA1

83 AF 98 30 47 C0 48 72 55 EB E8 DE 27 5D 27 4A
79 9C 87 27

SHA256

AA 52 1C E8 71 72 02 2F 72 3C B6 99 29 06 E0 16
24 F4 B2 09 73 39 85 77 EA 97 F5 9A 94 39 5B F5

I hope you all find this very helpful :slight_smile:

Have a good one! And as always - stay snappy

EDIT:
So just a quick check up. Who is using the new address?

  • Yes! It Rocks!
  • Nah, I hate privacy. And TOR.

0 voters

- pry0cc


(oaktree) #2

Now we can all see how ugly Discourse is without JavaScript!


(Security Architect & Founder) #3

If you enable scripts it’s fine :stuck_out_tongue: Also for site assets. If you are having a hard time; load 0x00sec.org and click through the captcha.


(oaktree) #4

Discourse is javascript heavy. The site displays a bid weird with no-script on.


(Merozey) #5

I think this is a very good and also powerful addon to this site!


(Security Architect & Founder) #6

Thank you! I agree :slight_smile: I knew you’d like it.


(Security Architect & Founder) #7

In fact; if you’re scared of javascript you can just use pupper to browse the site. Which can be modified to use a tor address + fired through proxychains.


#8

Great initiative @pry0cc.

However, I really don’t understand why people want to hide when used this forum. Protecting his anonymity and privacy through VPNs, tor network, I2P is legit when you planned to do borderline activities but for fetch 0x00sec content ? This is just a hacking community, not an underground hacktivist movement :smile:

Best,
Nitrax


(Security Architect & Founder) #9

Not yet :wink:

Just kidding. One of the reasons this site is much better than Null-Byte is because we don’t censor (anything infosec related), and we don’t share data. We have our server locations in secure areas.

I also believe if you ‘hide’ the whole time; then there is no chance of anybody finding things they could use against you.

I think also having the option is nice. If worst came to worst we could close the public face of the site and just use the tor address (I’m talking about extreme global censorship); we don’t know how bad this world is going to get.

Preparation is always better than under-estimation.

- pry0cc


( X2tf) #10

Well i see this site 95% without js


(Security Architect & Founder) #11

Agreed. Also if you’re a lucky insider you’ll know about offline.0x00sec.org

Which is just insanely basic snapshots in pure 100% static html + CSS no linked scripts or JavaScript of any sort.

This is totally on the DL rn.


(fxbg) #13

51%20PM


#14

@fxbg
Errrr…
You realize you are posting this 2 years later, right? :face_with_raised_eyebrow:
Just Wondering.

-Archangel


(Security Architect & Founder) #15

Yes… sadly it’s been abused, bots scraping LOTS of content. It even made our server go down a few times.

As soon as we shut down the tor listener the site is much faster and more stable. I’m still exploring more ways we can utilise tor, perhaps cloudflare?


(fxbg) #16

Yea I relaized how old the post was, however, I just didn’t have any closure on the topic. Also, I had found remnants of the site on… “the dark web”… lol (tor) and was just wondering if nobody just updated the thread with a new url or if it was dead, but now I know


(Security Architect & Founder) #17