One of our key learning objectives in our Illuminating the Dark Web course is to teach students how to conduct dark web research securely and confidently using Tor browser. Taking the time to establish a safe research environment is integral. In this blog, we'll show you how to establish a free virtual machine to better enable investigations on the dark web.
What will you need?
For our basic Tor set-up, we require the following:
Virtualisation software – either VMWare or VirtualBox are easy-to-use free options. In these instructions, we will use VirtualBox (https://www.virtualbox.org/wiki/Downloads)
TraceLabs OSINT Virtual machine (https://www.tracelabs.org/initiatives/osint-vm#downloads). Releases can be found here: https://github.com/tracelabs/tlosint-vm/releases
Tor browser download: https://www.torproject.org/download/ (After VM set-up)
For our dark web training, we recommend installing and using Tor browser within a virtual machine. Setting up a virtual environment adds an extra layer of security between your host machine (and all of the files and content stored on it) and your OSINT/Dark Web platform.
Virtualisation software does not mitigate all attack risks – if you expect to be visiting and interacting with sites that contain malicious software, then a more secure set-up is recommended. A dedicated research machine, that is kept separate from your main networks and devices, may be more appropriate. As always, conduct a thorough risk assessment of your proposed online activities during the planning phase of your investigation. That way, you will know exactly what tools and devices are required.
VirtualBox facilitates the creation and management of virtual machines (VMs), which serve as separate, contained instances of operating systems running within the host computer. When used for dark web research, VirtualBox allows investigators to run a VM that acts as a sandbox—a discrete, controlled environment where the dark web activities are confined.
Follow the steps below to install the VirtualBox.
1. On the VirtualBox downloads page (https://www.virtualbox.org/wiki/Downloads), select the package for your operating system. You will be prompted to save the file.
2. Navigate to the saved VirtualBox file and double-click or run the application. This will open up the Setup Wizard.
3. Accept the default settings as per the images below.
4. Once installation has been completed, open VirtualBox.
Installing TraceLabs Virtual Machine into VirtualBox
A VM is a software emulation of a computer, running an operating system and applications separately from the underlying physical hardware. It provides a contained environment, allowing multiple and diverse systems to operate on a single physical host, securely isolated from each other.
1. Download the tl-osint-2023.03-virtualbox-amd64.ova file from https://github.com/tracelabs/tlosint-vm/releases. It is quite a large download, so it may take some time.
2. In your VirtualBox VM Manager, select ‘Import’.
3. Select the TraceLabs OVA file that you have downloaded and choose ‘Next’.
4. Leave the Appliance settings as default and click ‘Finish’. If prompted, agree to the Software License Agreement.
The Virtual Machine import will take a few minutes. Once completed, you will see a new virtual machine on the left side of the VirtualBox manager.
Using TraceLabs VM
Double-click to start the TraceLabs VM. It will open within a new window. After loading the OS, you will be presented with a login page. Enter the following and select ‘Login’.
Installing Tor Browser in TraceLabs VM
The Tor browser is not pre-installed in the TraceLabs VM, so you will need to download and install it.
1. Open Firefox browser within your TraceLabs VM. If prompted to set up the browser, select ‘Skip Setup’ until you return to the browser window.
2. Navigate to https://www.torproject.org/download/. Select the ‘Download for Linux’ option.
3. Once the Tor zip file has finished downloading, navigate to the download location by selecting the folder icon.
4. Right-click on the download and select ‘Extract to’ – select an easy-to-remember destination like ‘Desktop’.
5. Once Tor has been extracted, navigate to the tor-browser folder. If you extracted Tor to your Desktop, you will be able to see the folder there. Open the folder, and double-click start-tor-browser.desktop to open Tor browser. If prompted, select the option to mark Tor browser as executable.
6. To add a Tor browser icon to your list of applications, right-click within the tor-browser folder and select ‘Open Terminal Here’. This will open a terminal window within the tor-browser folder. Type the following command into the window and press enter.
7. You will now be able to see Tor browser icon in your list of applications (to view applications, click on the blue dragon symbol in the top left of your VM window). You can start typing to search for applications. Clicking on the icon will open a new Tor browser window.
Tor browser is now installed in your TraceLabs VM, and you are ready to begin learning about how to safely navigate the dark web!
To support your OSINT collection and analytical capability uplift, please don’t hesitate to contact us at firstname.lastname@example.org to learn about our off-the-shelf and bespoke training offerings, including 'Illuminating the Dark Web' Course. This course is also available as an on-demand course via our Academy.