Quick reference
| Need | Solution | URL |
|---|---|---|
| Search .onion | Ahmia | clean index |
| Check if data leaked | HaveIBeenPwned | API |
| Markets | DarkOwl (paid) | — |
| Forums | Onionscan (cli) | docker run --rm -it onionscan -service http://forum.onion |
| Credentials | DeHashed (freemium) | — |
| Search .onion | TOR Link | https://tor.link |
| Scanner services | OnionScan | https://github.com/s-rah/onionscan |
| Verified directory | Dark.fail | https://dark.fail |
| Old searcher | Torch | (only .onion) |
| Scraper onion | DarkDump | https://github.com/josh0xA/darkdump |
Specialized tools
| Tool | Function | URL | Requirement |
|---|---|---|---|
| Ahmia | .onion searcher | https://ahmia.fi | Web browser |
| OnionScan | Service scanner | https://github.com/s-rah/onionscan | Tor installed |
| Dark.fail | Verified directory | https://dark.fail | Tor Browser |
| Torch | Old searcher | (only .onion) | Tor Browser |
| DarkDump | Onion scraper | https://github.com/josh0xA/darkdump | Python + Tor |
Dark web OPSEC
Use Tails OS
Boot from a Tails OS USB drive. Tails is amnesic — it leaves no trace on the host machine after shutdown.
Never combine VPN and Tor
Do not use a VPN together with Tor. This creates traffic correlation opportunities that reduce anonymity rather than increasing it.
Use bridges if Tor is blocked
If the Tor network is blocked in your location, configure obfs4 or other pluggable transport bridges before connecting.
Set NoScript to maximum
Disable all scripts with NoScript set to its maximum restriction level. JavaScript is the primary attack vector for browser fingerprinting and deanonymization.
Do not resize the browser window
Never maximize or resize the Tor Browser window. Window dimensions contribute to a unique browser fingerprint.