Only 7000 Tor domains exist says automated scanner, PunkSPIDER which scans the Dark Web for vulnerabilities
Last week, in a matter of hours, entire Tor anonymiser network, where privacy lovers and freedom of speech exponents congregate and try to keep out of sight, was extended across by PunkSPIDER, an automated scanner that pokes websites to discover susceptibilities on the the internet’s deepest layers, known as the Dark Web.
In an effort to improve the anonymizing networks’ security, the hackers, Alejandro Caceres and Amanda Towler set PunkSPIDER loose on the Dark Web; however, they surprisingly discovered that the Dark Web may not be as huge as estimated by the experts.
When PunkSPIDER scanned the entire Tor network last week, only about 7,000 .onion domains were found by the security tool in total. The entire scan just took only three hours to finish.
Caceres explained to Forbes that “You might notice that’s not a lot of sites. If there’s one thing we’ve learned from Memex it’s that the number of Hidden Services [sites that hide their server location using the Tor network] up at any time has been greatly overestimated.”
Careces also added that “Of those 2,100 sites roughly 50 had vulnerabilities, with 100 flaws uncovered in total. “This is lower than our normal dataset, I suspect because many .onion sites are just single-page websites with static HTML on them and hardly any kind of attack surface on the application side. Some sites were also just totally blank.”
The pair did find a number of sites on the Dark Web offering illegal content including, “a weird subset of child porn,” Caceres said. “After looking through them there is at least one that we’d like to share with law enforcement before releasing it publicly. This is the one case where we actually don’t want the website administrator to fix their site before someone in law enforcement hacks it – trust me, it’s a really bad one.”