onionscan
onionscan copied to clipboard
s-rah
OnionScan is a free and open source tool for investigating the Dark Web.
Some sites require logging in before seeing content - if OnionScan is configured to search for custom content and is not logged in for these scans then we produce a...
Currently we drop resources larger than 2MB because of limitations with the database - regardless of which backing store we end up with in the future, we are likely always...
Sometimes we find identifiers like Bitcoin addresses commented out in code - we still extract these because we do a very simple regex across the page snapshot. OnionScan should tell...
OnionScan should support connecting to `.i2p` eepsites - they can suffer the same opsec issues as tor hidden services.
Some of the new improvements e.g. `spider/` and bitcoin changes have dramatically increased the timing expectations for certain sites. For example scanning for onion peers in bitcoin takes a rather...
I have occasionally observed some onions serving traffic on the wrong port e.g. SSH on port 25 or SSH on port 5900 - these behaviors could be intentional or misconfigurations....
Currently running `golint` [produces many warnings](https://goreportcard.com/report/github.com/s-rah/onionscan#golint), nearly all of which relate to lack of comments on exported functions, or underscores in variable names. We should aim to align ourselves with...
I added basic support for @Microsoft Remote Desktop Protocol detection although I intend to add additional support for it to extract richer data from detected instances as @s-rah has done...
Playing with a new way of adding derived protocol info. Leaving as a PR for now.