0x00sec has used Cloudflare for a while; mainly for security reasons. Cloudflare is great. And it’s secure as well. But one thing is a little annoying. Captchas.
I use Tor on a daily basis, and the two biggest problems with Tor are Exit Nodes and Captcha’s, Exit nodes have been notorious for running crafty things like sniffers, which means any non-encrypted communication can be picked up. This has put many off Tor altogether; but Tor when used correctly, can be very powerful.
Today we are announcing the new Tor address for 0x00sec. This is an internal .onion, so no exit nodes are never used (or see any unencrypted traffic). All traffic to and from this site can be completely encapsulated within Tor. That means your identity can be completely anonymous when browsing the site.
I think this is a valuable addition to 0x00sec. And I know many of you will appreciate it.
Because it is a Tor Hidden Service; SSL is a tricky topic. We have normal ‘plaintext’ + a https port open; the https is self-signed, because it gets complicated and we’d end up having to sign another certificate to the .onion. For your own sanity, I will post the checksums.
If you’re paranoid; it’s completely safe to use the plaintext non-https port 80. As this is Tor. Anything within Tor is handled by Tor’s encryption layers. So you’re good just loading the .onion as it is.
In fact; if you’re scared of javascript you can just use pupper to browse the site. Which can be modified to use a tor address + fired through proxychains.
However, I really don’t understand why people want to hide when used this forum. Protecting his anonymity and privacy through VPNs, tor network, I2P is legit when you planned to do borderline activities but for fetch 0x00sec content ? This is just a hacking community, not an underground hacktivist movement
Just kidding. One of the reasons this site is much better than Null-Byte is because we don’t censor (anything infosec related), and we don’t share data. We have our server locations in secure areas.
I also believe if you ‘hide’ the whole time; then there is no chance of anybody finding things they could use against you.
I think also having the option is nice. If worst came to worst we could close the public face of the site and just use the tor address (I’m talking about extreme global censorship); we don’t know how bad this world is going to get.
Preparation is always better than under-estimation.
@fxbg
Errrr…
You realize you are posting this 2 years later, right?
Just Wondering.
-Archangel
1 Like
pry0cc
(Leader & Offsec Engineer & Forum Daddy)
15
Yes… sadly it’s been abused, bots scraping LOTS of content. It even made our server go down a few times.
As soon as we shut down the tor listener the site is much faster and more stable. I’m still exploring more ways we can utilise tor, perhaps cloudflare?
Yea I relaized how old the post was, however, I just didn’t have any closure on the topic. Also, I had found remnants of the site on… “the dark web”… lol (tor) and was just wondering if nobody just updated the thread with a new url or if it was dead, but now I know
Also for site assets. If you are having a hard time; load 
