Tor

Tor is a software suite and network that provides increased anonymity on the Internet. It creates a multi-hop proxy network and utilizes multilayer encryption to protect both the message and routing information. Tor utilizes "Onion Routing," in which messages are encrypted with multiple layers of encryption; at each step in the proxy network, the topmost layer is decrypted and the contents forwarded on to the next node until it reaches its destination. [1]

ID: S0183
Type: TOOL
Platforms: Linux, Windows, macOS
Version: 1.1
Created: 16 January 2018
Last Modified: 13 May 2020

Techniques Used

Domain ID Name Use
Enterprise T1573 .002 Encrypted Channel: Asymmetric Cryptography

Tor encapsulates traffic in multiple layers of encryption, using TLS by default.[1]

Enterprise T1090 .003 Proxy: Multi-hop Proxy

Traffic traversing the Tor network will be forwarded to multiple nodes before exiting the Tor network and continuing on to its intended destination.[1]

Groups That Use This Software

ID Name References
G0016 APT29

[2]

References