Deep Dive into the Dark Web - Robert Weiss (pwcrack) - DCTLV2026
Name of Training: Deep Dive into the Dark Web
Trainer(s): Robert Weiss (pwcrack)
Dates: August 10-11, 2026
Time: 8:00 am to 5:00 pm
Venue: Las Vegas Convention Center
Cost: $2,000 (USD)
Short Summary:
Participants will understand where Tor fits in the ecosystem of privacy and anonymity tools, the Tor protocol in detail, how to operate on Tor, how Hidden Services work in detail, and what can be learned about the Dark Web.
Course Description:
Participants will understand where Tor fits in the ecosystem of privacy and anonymity tools, the Tor protocol in detail, how to operate on Tor, how Hidden Services work in detail, and what can be learned about the Dark Web. We'll demonstrate the guts of how Tor works, and the variety of tools and services that integrate with Tor. Armed with this knowledge we'll explore the Dark Web.
Course Outline:
Section 1: Introduction to Privacy
- Why Privacy is Important
- Tor’s Core Philosophy on Privacy
- Anonymity Networks
- Comparison of Anonymity Networks
- What is the Dark Web?
Section 2: Anonymity, Privacy and Security Tools
- Secure Messaging Applications
- Privacy Focused Search Engines
- Privacy Focused Browsers
- Proton Mail
- Privacy Focused Distros
- Other
- Privacy Focused Search Engines
- Improving personal privacy can be daunting
- Phase 1: Low-effort, high-impact changes
- Phase 2: Changing services and habits
- Phase 3: Infrastructure changes
- Phase 4: Advanced practices
- Phase 5: Extreme privacy measures
- Phase 1: Low-effort, high-impact changes
Section 3: Tor Project
- Tor Project History
- How protocols evolve
- High-level overview of Tor
- Tor Project
- Tor Browser
- LAB: Get Tor (Laptop and Phone)
- Tor Circuits: How Tor works
Section 4: Tor in More Detail
- Centralized Services
- Tor Citizenship
- Life cycle of a Node
- LAB: Launch a Node
- Get a list of nodes
- Tor Metrics
- Torify
- Stem: Control Tor with Python
- How Tor Works (in detail)
- Control Messages
- LAB: View Control Messages
- Open Source
- Tor Protocol Documentation
- Anti-Censorship Features
Section 5: Hidden Services (The Dark Web)
- Hidden Services
- Hidden Service Descriptors
- Rendezvous Protocol
- Hidden Service Advantages
- Hardening a Hidden Service Server
- LAB: Launch a Hidden Service
- Onion Balance
- Onionshare
- Securedrop
- Tor testnet
- Attacks on Tor
Section 6: Dark Web Content
- Finding Sites and Services
- Dark Web Content
- Warning: Child Porn (How to Protect Yourself)
- Proficiency Exam
Difficulty Level:
The course is accessible to those with a Beginner knowledge. Students should bring a basic knowledge of Linux.
Beginner Definition - The student has an interest in the topic presented and general technology knowledge that a power user or undergraduate student may have acquired.
Suggested Prerequisites:
There are no prerequisites, but a basic knowledge of linux and a general idea of how public key cryptography works will be helpful.
What Students Should Bring:
To get full value from the labs, a student should have a linux laptop on which they can install Tor or a laptop that supports a linux virtual machine on which they can install Tor. A phone on which they can install the Tor Browser application is also useful.
What the Trainer Will Provide:
No specialized equipment will be provided.
Trainer(s) Bio:
Robert Weiss [pwcrack] has over two decades of experience in information security as a penetration tester. With a specialty in cryptography he has been researching the Dark Web for the last six years. A hacker conference addict, he is currently DEF CON's lead CFP and Speaker Operations Goon.
Proficiency Exam Option:
This course has the option for a proficiency certificate add-on.
The proficiency exam will consist of a written exam with a 70% threshold to pass. There will be an alternative activity for those who do not opt for the proficiency exam.
Please reach out to training@defcon.org for any questions related to the proficiency exam and certificate option.
Registration Terms and Conditions:
Trainings are refundable before July 11, 2026, minus a non-refundable processing fee of $250.
Between July 11, 2026 and August 5, 2026 partial refunds will be granted, equal to 50% of the course fee minus a processing fee of $250.
All trainings are non-refundable after August 5, 2026.
Training tickets may be transferred to another student. Please email us at training@defcon.org for specifics.
If a training does not reach the minimum registration requirement, it may be cancelled. In the event the training you choose is cancelled, you will be provided the option of receiving a full refund or transferring to another training (subject to availability).
Failure to attend the training without prior written notification will be considered a no-show. No refund will be given.
DEF CON Training may share student contact information, including names and emails, with the course instructor(s) to facilitate sharing of pre-work and course instructions. Instructors are required to safeguard this information and provide appropriate protection so that it is kept private. Instructors may not use student information outside the delivery of this course without the permission of the student.
By purchasing this ticket you agree to abide by the DEF CON Training Code of Conduct and the registration terms and conditions listed above.
Several breaks will be included throughout the day. Please note that food is not included.
All courses come with a certificate of completion, contingent upon attendance at all course sessions. Some courses offer an option to upgrade to a certificate of proficiency, which requires an additional purchase and sufficient performance on an end-of-course evaluation.
Training Justification Request – DEF CON Training
To: [Manager Name]
From: [Employee Name]
Date: [Date]
Subject: Business Justification for Attendance at DEF CON Training
Dear [manager’s name],
I am requesting approval to attend DEF CON Training, one of the cybersecurity industry's most recognized technical training programs. I’ve reviewed the options and selected a course to expand my skills with [1-2 key skills focus areas for the course].
DEF CON has been one of the world’s leading cybersecurity communities for more than three decades, known for convening industry, government, and independent experts to exchange advanced knowledge and practical skills. Building on this tradition, DEF CON Training delivers intensive courses taught by recognized global instructors. DEF CON Training courses offer hands-on instruction in a challenging, fast-paced environment. Many of the courses offered by DEF CON Training align with the National Institute of Standards and Technology (NIST) NICE Framework and Department of Defense Cyber Workforce Framework (DCWF), and attending this course will help me build and sharpen the skills required for my role.
Training: [Name of DEF CON Training Course]
Instructor/Provider: [Trainer Name(s)]
Dates: [Training Dates]
Location: Las Vegas, NV
Cost: [Course Fee]
Travel Expenses: [estimated travel & accommodations costs]
Course Description: [Copy short description of the selected class from the website here]
Trainer Bio: [Copy bio of the trainers of the selected class from the website here]
Once I’ve completed the course, I’ll be able to:
[copy student outcomes from course page where available or choose 3-4 skills or topic areas from the outline that are applicable to your current role, will help you fill a skill gap, etc.]
Business Need
As cyber threats continue to evolve, it is critical that our organization maintains current knowledge of emerging techniques and industry best practices. The selected DEF CON training aligns directly with my responsibilities in [your role/field here - for example, security operations, incident response, threat detection and hunting, application security, cloud security, risk management, security engineering].
The course will provide practical, hands-on experience that can be immediately applied to our environment and security initiatives. DEF CON training emphasizes real-world attack and defense scenarios, enabling participants to develop skills that extend beyond traditional classroom learning.
Request for Approval
I respectfully request approval and funding to attend DEF CON Training this August in Las Vegas. The knowledge, hands-on experience, and industry insights gained will directly support our cybersecurity objectives and contribute to strengthening our organization's security capabilities.
Thank you for your consideration. Please let me know if you have questions or need additional information to support this request.
Sincerely,
[Employee name]