hello all,im new here and just wanna share my findings while on the net while searching for security and and whitehat hacking tutorials, you might find this useful , i know some of you know's about this,but im still
sharing for the benefit of new comers like me interested in security and hacking: )
Ultimate? Well, not really. It is a moving target. That's why it's a "kit" and it will keep changing. Links on this page are useful for researchers, activists and campaigners. Know that the internet is not secure, no matter what tools you use. Sail as safe as you can. Check you have your basics covered first. It's your first line of defense.
If you wish to protect yourself from governmental (and corporate) spying, know about the internet's concealed interests. The global surveillance industry is estimated at $5 billion a year. It might be best to use services based outside of the "five eyes" (United Kingdom, the United States, Canada, Australia, and New Zealand), where these governments have no direct jurisdiction—bearing in mind that other governments may have their own surveillance programs, and anything you share publicly might be scooped up by security agencies anyway. And we can make that harder and more expensive by using encryption.
Whatever service or tool you choose, Terms and Conditions May Apply, and (depending on your context and purpose) do not make yourself stand out like a "Big Red A-Team Tank Vehicle" on the internet highway: Browsers talk too much.
Step 1: Email
It is unlikely that PGP (GPG) encryption will protect your emails from the NSA, although there are plenty of examples of law enforcement unable to break PGP encryption, and then trying to force them to hand over their keys.
Claws Mail (windows, linux, nix)
GnuPG (windows, linux)
GPG4Win (windows)
Sylpheed (windows, linux, mac and other nix)
Thunderbird (windows, linux, mac)
TorBirdy
Disposable Email
To avoid spam and send one-time only messages, for example for registrations, you can use a disposable email address.
anonbox.net (disposable)
yopmail (disposable)
Step 2: Browsers
Choose your browser carefully. This is no easy feat, but there is good news too: Writing exploits in general is getting harder. After installation, fix tracking.
AdBlock Plus
Duck Duck Go (anonymous search)
NoScript
You can also add a Tor Browser bundle bundle as an "anonymising" browser. If so, also install another browser for registrations that do not allow signing up with Tor (and use a disposable email address during that registration).
Step 3: Search Engine
Duck Duck Go (anonymous search)
YaCy (distributed search)
Step 4: VPN's
f and when you include VPN in your set-up, get one that you can pay for with bitcoins or anonymous coupons. And you can consider chaining.
How to Chain VPNs for Complete Anonymity
Howto VPN Linux
Howto VPN Mac
Howto VPN Windows
Tor plus VPN
VPN & DNS Leakage
Step 5: Anonymising Operating Systems
Liberté Linux (LiveUSB, CD, VirtualBox)
Tails (DVD, USB)
VirtualBox (virtualiser, windows, mac, linux, solaris)
Whonix (VirtualBox)
Step 6: Distributed Systems
FreedomBone
GNUnet (file sharing)
I2P (generic tunnel)
Tahoe-LAFS (file sharing)
The Free Haven Project (file sharing)
The Free Network (file sharing)
The Tor Project (tunnel/http)
YaCy (distributed search)
Step 7: Social Media
Twitter has been and still is a great tool, but it is a center for activists and that makes it a target for "authorities", to try and get personal data on us. Pump.io is a microblog service software that's similar, but it is decentralised. You can set one up yourself, or set up an account on one of the known pumps (see navbar on that site) that has twitter installed as social medium to send to, sign up for twitter using anonymous browsing (Tor or VPN), and update your twitter status from the pump account.
Facebook can be useful for organising campaigns because it is free, allows for high levels of engagement, and people are used to it. BUT, it is involved in supporting the surveillance state, your campaign may be suspended at any time, your data is no longer your data (it is owned by facebook and many people can see it – How to organize on facebook safely and securely) and you are supporting a centralised networking system. Alternatives are crabgrass (riseupdotnet runs on it), diaspora, foxglove, jappix, movin and lorea.
Diaspora
Friendica
In the Facebook aquarium
Just Delete Me
Lorea
The Dark side of Google
Step 8: Mobile Security
For security reasons, you should always try to use the current version of these tools. The included version of some tools may be more recent than the version that was used to create the corresponding Hands-on Guide. In such cases, the user interface of that tool may differ differ slightly from what is shown in the Guide.
Basic Security Setup for Android Devices
Android Privacy Guard (APG) for Android Devices
Cryptonite for Android Devices
Gibberbot for Android Devices
K9 and APG for Android Devices
KeePassDroid for Android Devices
ObscuraCam for Android Devices
Orbot for Android Devices
Orweb for Android Devices
TextSecure for Android Devices
credits to:https://lilithlela.cyberguerrilla.org/?page_id=2917
8 Responses
Nice resource list for the young ninja.
this is a really informative guide thank you cyber
hehe i like the young ninja (cyberhitchiker) thank you for appreciating my share guys: )
Is PGP really so easily breakable for NSA and other law enforcement organisations? I felt safe using it, especially OTR for xmpp protocol.
I would say No PGP is not safe anymore, in the news last week was talk of Truecrypt being broken. "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues" Official Post on:Sourceforge . The only safe encryption is quantum encryption and we wont get that for 20 years maybe.
However some encryption is better than no encryption.
i agree with you on that sir cyberhitchhiker,tnx for the info: )
good stuff!
Followed. Good luck for your next post.
Regards,
Jacob
Share Your Thoughts