How To Stay Anonymous While Hacking (Part 1)
Anonymity & Security

How To Stay Anonymous While Hacking (Part 1)

How to stay anonymous? This is a somewhat tricky question to answer due to many factors being involved.

A cafe will more than likely have CCTV and depending on where you sit your laptop screen could be visible to the cameras therefor if you’re using Linux your laptop will stand out compared to OS X or Windows.

Using pubic Wi-Fi is a good idea, only if you’re using Tails/Qubes
But tor is a no in this situation because you will kill your cards.

So, let’s talk about Kali.

It can be booted from a USB but that also means every time you boot from the USB you’re going to have to set up OpenVPN, Firefox, and maybe some other shit.

MacChanger: First Step to Anonymity 

wlan0/1 | eth0 < your network interface may be different.

Wireless :

ifconfig wlan0/1 (note current MAC Address)
ifconfig wlan0/1 down
macchanger -r wlan0
ifconfig wlan0/1 up
ifconfig wlan0/1 (confirm spoofed MAC Address)

Wired :

ifconfig eth0 (note current MAC Address)
ifconfig eth0 down
macchanger -r eth0
ifconfig eth0 up
ifconfig eth0 (confirm spoofed MAC Address)


sudo apt-get install openvpn

How to stay anonymous while hacking 1

Firefox Settings: Adding upto anonymity

Allow First-Party Cookies Only

Third-Party Cookies are only used for Advertising and Tracking purposes.

network.cookie.cookieBehavior : 1
network.cookie.lifetimePolicy : 3
network.cookie.lifetime.days  : 1

Enable Tracking Protection

Blocks tracking scripts.

privacy.trackingprotection.enabled ; true
privacy.trackingprotection.pbmode.enabled ; true

Disable Plugins

Plugins expose information about your system. Flash should NEVER be enabled or used if you’re
using a VPN or Proxy. In fact, Flash Player shouldn’t be used either way IMO.

If you have Flash enabled, it will reveal your real IP Address & Operating System.

plugin.state.flash : 0 : 0
plugin.scan.plid.all : false

Hardware Fingerprinting

Hardware Acceleration uses your GPU when possible, thus leaking information about your hardware.

gfx.direct2d.disabled : True
layers.acceleration.disabled : True

Font Fingerprinting

Spoofing your system info is easy, but if your fonts are being leaked it’s easy for a website to identify what operating system you’re actually using.

browser.display.use_document_fonts : 0

Disable Access to Webcam & Microphone

media.navigator.enabled : False : False
camera.control.face_detection.enabled : False

Disable WebRTC (Leaks IP Addresses)

WebRTC exposes the IP Address behind a VPN/Proxy.

media.peerconnection.enabled : False
media.peerconnection.identity.enabled : False
media.peerconnection.turn.disable : True
media.peerconnection.use_document_iceservers : False
media.navigator.enabled : False
media.getusermedia.screensharing.enabled : False
media.getusermedia.screensharing.allowed_domains : Blank : False : False

Disable Telemetry

Telemetry collects and sends your browsing data to Mozilla. This feature is used to “improve”
your browsing experience but some users may want to opt-out.

toolkit.telemetry.archive.enabled : False
toolkit.telemetry.cachedClientID : Blank
toolkit.telemetry.enabled : False
toolkit.telemetry.previousBuildID : Blank
toolkit.telemetry.server : Blank
toolkit.telemetry.unified : False

Disable Health Reporting

Same as above.

datareporting.healthreport.about.reportUrl : Blank
datareporting.healthreport.about.reportUrlUnified : Blank
datareporting.healthreport.documentServerURI : Blank
datareporting.healthreport.infoURL : Blank
datareporting.healthreport.logging.consoleEnabled : False
datareporting.healthreport.service.enabled : False
datareporting.healthreport.uploadEnabled : False
datareporting.policy.dataSubmissionEnabled : False
datareporting.policy.dataSubmissionEnabled.v2 : False

Firefox Add-Ons

These above will help you getting your anonymity shield strong! NoScript & Random Agent Spoofer need to be configured which can take a couple minutes. You also need to know what systems to exclude from RAS to prevent suspicion from admins.

Browsers I’ve Removed :

– All Opera & SeaMonkey Browsers (hardly anyone uses them)

– Edge Browsers (Edge is basically Internet Explorer)

– All Console Browsers (do I really have to say?)

– All iOS Browsers (read info bellow)

– Windows Phone Browsers (read info bellow)

– All Firefox OS Browsers (discontinued OS by Mozilla)

– Unix Browsers (most UNIX systems are commercial)

– All Linux Browsers (suspicious)

– All x86 versions of Windows (nobody uses 32-bit Windows)

Browsers I Kept :

– All WOW64 Browsers on Windows x64 (WOW64 = x86 Browser on x64 System)
– Chrome, Firefox & Safari for OS X (Yosemite/El Capitan)
– Chrome & Firefox for Windows (7/10 x 64)
– I’m sure nobody really uses Windows 8 right?

Also Read: How to be An0Nymous on Kali Linux by using Anonsurf module

How to stay anonymous while hacking (Part 1)

There is no point spoofing your info to match browsers on iOS devices because websites will be able to tell you’re not using iOS due to your browser capabilities. Thus being suspicious and quite obvious you’re spoofing your system info. The same for other browsers/systems.

Take into consideration you would have to do that every time you boot into Kali.

I’ve described some more topics in my next article. Check it here:

If you liked reading the article, please comment and share too!

The following two tabs change content below.

Anuj Mishra

Admin, Founder & Chief Editor at HackeRoyale
Engineer. Blogger. Ethical hacker. Penetration Tester. Deep Webbie. Bug hunter. Security Analyst. Web Developer. Techie. Programmer. Foodie. Music Lover. Traveller. Enthusiast.

Comment Now !