The deep web is an ecosystem full of platforms where threat actors play an active role in various layers, such as communication, sharing, and illegal trade. Moreover, APT groups operate in multiple layers of the deep web through sharing and darknet channels.
In this post, we will discuss the “Monitoring Deep Web“ in terms of the security pros and the sector.
ONIOFF
Onioff is a tool that allows you to effortlessly control which .onion connections are active. Extremely useful for automation and monitoring, and it is an open-source tool.
Previously removed .onion links can be tracked with daily queries.
GitHub page: https://github.com/k4m4/onioff
Thedevilseye
The Devils Eye extracts the onion links and descriptions that users search on the deep web, and it makes it without using Tor.
It is possible to reach various darknet platforms by giving a keyword. Different traces belong of threat actors can be found on these platforms.
Application page: https://github.com/rly0nheart/thedevilseye
RansomWatch
ransomwatch.org is a once-daily crawled website of the largest ransomware sites on the dark web. It is being developed as a monitoring tool for security researchers, analysts, and journalists. It just takes a screenshot.
Thanks to the service, it is possible to have .onion links belonging to threat actors.
Hunchly Daily Dark Web Report
Finding good research targets on the dark web sometimes seems like a daunting task. Hunchly shares daily dark web reports to support the community. This allows analysts to access new .onion extensions and gain new resources for their research.
Registration must be created at the Hunchly website to get a link to a spreadsheet that you can download or view online each day.
Newly discovered, crashed, or online services are shared in the daily list. The records from 2017 to the present are archived and shared for statistical data extraction.
