├── .travis.yml ├── CONTRIBUTING.md └── README.md /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: ruby 3 | rvm: 4 | - 2.4.1 5 | install: 6 | - gem install awesome_bot 7 | script: 8 | - awesome_bot README.md --allow-redirect --white-list "creativecommons.org" 9 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contribution Guidelines 2 | 3 | **Your pull request should have a useful title. Please carefully read everything in [Adding to this list](#adding-to-this-list).** 4 | 5 | ## Table of Contents 6 | 7 | - [Adding to this list](#adding-to-this-list) 8 | - [Creating your own awesome list](#creating-your-own-awesome-list) 9 | - [Adding something to an awesome list](#adding-something-to-an-awesome-list) 10 | - [Updating your Pull Request](#updating-your-pull-request) 11 | 12 | ## Adding to this list 13 | 14 | Please ensure your pull request adheres to the following guidelines: 15 | 16 | - Search previous suggestions before making a new one, as yours may be a duplicate. 17 | - Make sure the item you are adding is useful (and, you know, awesome) before submitting. 18 | - Make an individual pull request for each suggestion. 19 | - Use [title-casing](http://titlecapitalization.com) (AP style). 20 | - Use the following format: `[Item Name](link)` 21 | - Link additions should be added to the bottom of the relevant category. 22 | - New categories or improvements to the existing categorization are welcome. 23 | - Check your spelling and grammar. 24 | - Make sure your text editor is set to remove trailing whitespace. 25 | - The pull request and commit should have a useful title. 26 | - The body of your commit message should contain a link to the repository. 27 | 28 | Thank you for your suggestions! 29 | 30 | ## Adding something to an awesome list 31 | 32 | If you have something awesome to contribute to an awesome list, this is how you do it. 33 | 34 | You'll need a [GitHub account](https://github.com/join)! 35 | 36 | 1. Access the awesome list's GitHub page. For example: https://github.com/sindresorhus/awesome 37 | 2. Click on the `readme.md` file: ![Step 2 Click on Readme.md](https://cloud.githubusercontent.com/assets/170270/9402920/53a7e3ea-480c-11e5-9d81-aecf64be55eb.png) 38 | 3. Now click on the edit icon. ![Step 3 - Click on Edit](https://cloud.githubusercontent.com/assets/170270/9402927/6506af22-480c-11e5-8c18-7ea823530099.png) 39 | 4. You can start editing the text of the file in the in-browser editor. Make sure you follow guidelines above. You can use [GitHub Flavored Markdown](https://help.github.com/articles/github-flavored-markdown/). ![Step 4 - Edit the file](https://cloud.githubusercontent.com/assets/170270/9402932/7301c3a0-480c-11e5-81f5-7e343b71674f.png) 40 | 5. Say why you're proposing the changes, and then click on "Propose file change". ![Step 5 - Propose Changes](https://cloud.githubusercontent.com/assets/170270/9402937/7dd0652a-480c-11e5-9138-bd14244593d5.png) 41 | 6. Submit the [pull request](https://help.github.com/articles/using-pull-requests/)! 42 | 43 | ## Updating your Pull Request 44 | 45 | Sometimes, a maintainer of this list will ask you to edit your Pull Request before it is included. This is normally due to spelling errors or because your PR didn't match the awesome-* list guidelines. [Here is a write up on how to change a Pull Request](https://github.com/RichardLitt/docs/blob/master/amending-a-commit-guide.md), and the different ways you can do that. 46 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Awesome Tor [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome) 2 | 3 | > A curated list of awesome software, articles, and other resources related to the Tor project. 4 | 5 | [Tor](https://torproject.org/) is an anonymizing TCP overlay network proxy implemented as a cryptographic mixnet. It is used for protecting the privacy of user communications in a variety of operational environments. Contributions to this list are heartily encouraged. Please see the [contribution guidelines](CONTRIBUTING.md) for details. 6 | 7 | # Contents 8 | 9 | - [Android-based tools](#android-based-tools) 10 | - [Apple iOS-based tools](#apple-ios-based-tools) 11 | - [Articles](#articles) 12 | - [Bridge tools](#bridge-tools) 13 | - [Conference presentations and talks](#conference-presentations-and-talks) 14 | - [Development and research tools](#development-and-research-tools) 15 | - [End-user tools](#end-user-tools) 16 | - [File sharing](#file-sharing) 17 | - [Funding](#funding) 18 | - [Messaging](#messaging) 19 | - [Offensive tools](#offensive-tools) 20 | - [Onion service tools](#onion-service-tools) 21 | - [Operating System distributions](#operating-system-distributions) 22 | - [Pluggable transports](#pluggable-transports) 23 | - [Relay operator tools](#relay-operator-tools) 24 | - [Tor controller interfaces](#tor-controller-interfaces) 25 | - [Tor protocol implementations](#tor-protocol-implementations) 26 | - [Tor server hardening tools](#tor-server-hardening-tools) 27 | - [Tunneling tools](#tunneling-tools) 28 | - [Web browser-based tools](#web-browser-based-tools) 29 | - [Whistleblowing](#whistleblowing) 30 | 31 | # Android-based tools 32 | 33 | - [Orbot](https://guardianproject.info/apps/orbot/) - Provides Tor on the Android platform. 34 | - [Orfox](https://guardianproject.info/apps/orfox/) - Provides Tor Browser on the Android platform. 35 | - [Tor Onion Proxy Library](https://github.com/thaliproject/Tor_Onion_Proxy_Library) - Provides a JAR and an AAR for embedding a Tor Onion service proxy into a Java or Android program. 36 | 37 | # Apple iOS-based tools 38 | 39 | - [Tor.framework](https://github.com/iCepa/Tor.framework) - The easiest way to embed Tor in your iOS application. 40 | - [iCepa](https://github.com/iCepa/iCepa) - Apple iOS system-wide VPN based Tor client. 41 | 42 | # Articles 43 | 44 | - [Anonbib](https://www.torproject.org/getinvolved/volunteer.html.en#project-anonbib) - List of important papers in the field of anonymity. It's also a set of scripts to generate the website from Latex (bibtex). If we're missing any important papers, please let us know! 45 | - [Connecting to an authenticated Onion service](https://github.com/AnarchoTechNYC/meta/wiki/Connecting-to-an-authenticated-Onion-service) - Guided procedure written for laypeople describing how to configure a Tor client to connect to authenticated Onion services. 46 | - [Scaling Tor hidden services](https://www.benthamsgaze.org/2015/11/17/scaling-tor-hidden-services) - Article on scaling Onion services. 47 | 48 | # Bridge tools 49 | 50 | - [BridgeDB](https://www.torproject.org/getinvolved/volunteer.html.en#project-bridgedb) - Backend bridge distributor, handling the various pools they're distributed in. This was actively developed until Fall of 2010. 51 | 52 | # Conference presentations and talks 53 | 54 | - [How Tor Users Got Caught - Defcon 22](https://www.youtube.com/watch?v=eQ2OZKitRwc) - 4 examples of people who have used Tor for illegal activities and how they were caught. Multiple de-anonymization attacks are shown at the end of the video. 55 | - [How governments have tried to block Tor - 2011](https://www.youtube.com/watch?v=DX46Qv_b7F4) - Iran blocked Tor handshakes using Deep Packet Inspection (DPI) in January 2011 and September 2011, an oldy but goody. 56 | - [State Of The Onion - 2014](https://www.youtube.com/watch?v=8w6gbD7LIPs) - Covers technical, social, economic, political and cultural issues pertaining to anonymity, the Tor Project and the ecosystem surrounding our communities. 57 | - [The Tor Network - 2013](https://www.youtube.com/watch?v=-VUyuFH9CbI) - Roger Dingledine and Jacob Appelbaum discuss contemporary Tor Network issues related to censorship, security, privacy and anonymity online. 58 | - [Tor: Hidden Services and Deanonymisation - 2014](https://www.youtube.com/watch?v=HQXRURfrf8w) - This talk presents the results from what we believe to be one of the largest studies into Tor Hidden Services (The Darknet) to date. 59 | 60 | # Development and research tools 61 | 62 | - [Chutney](https://www.torproject.org/getinvolved/volunteer.html.en#project-chutney) - Integration test suite that spawns a local tor network, checking the interactions of its components. 63 | - [Compass](https://www.torproject.org/getinvolved/volunteer.html.en#project-compass) - Web and command line application that filters and aggregates the Tor relays based on various attributes. 64 | - [DocTor](https://www.torproject.org/getinvolved/volunteer.html.en#project-doctor) - Notification service that monitors newly published descriptor information for issues. This is primarily a service to help the tor directory authority operators, but it also checks for a handful of other issues like sybil attacks. 65 | - [ExitMap](https://www.torproject.org/getinvolved/volunteer.html.en#project-exitmap) - Scanner for the Tor network by Philipp Winter to detect malicious and misconfigured exits. 66 | - [Fingerprint Central](https://fpcentral.tbb.torproject.org/) - Website aimed at studying the diversity of browser fingerprints and providing developers with data to help them design good defenses. 67 | - [Metrics](https://www.torproject.org/getinvolved/volunteer.html.en#project-metrics) - Processing and analytics of consensus data, provided to users via the metrics portal. This has been under active development for several years by Karsten Loesing. 68 | - [OnionScan](https://onionscan.org/) - Help operators of Onion services find and fix operational security issues with their location-hidden services. 69 | - [Onionoo](https://www.torproject.org/getinvolved/volunteer.html.en#project-onionoo) - JSON based protocol to learn information about currently running Tor relays and bridges. 70 | - [Relay Search ("Atlas")](https://metrics.torproject.org/rs.html) - Web application to discover Tor relays and bridges, providing useful information on how relays are configured along with graphics about their past usage, formerly "Atlas." ([Source code](https://gitweb.torproject.org/atlas.git)) 71 | - [Shadow](https://www.torproject.org/getinvolved/volunteer.html.en#project-shadow) - Discrete-event network simulator that runs the real Tor software as a plug-in. Shadow is open-source software that enables accurate, efficient, controlled, and repeatable Tor experimentation. 72 | - [setup-tor](https://github.com/tor-actions/setup-tor) - Set up GitHub Actions workflow with a specific version of Tor. 73 | - [Tor Bulk Exitlist (TorBEL)](https://www.torproject.org/getinvolved/volunteer.html.en#project-torbel) - Provides a method of identifying if IPs belong to exit nodes or not. This is a replacement for TorDNSEL which is a stable (though unmaintained) Haskell application for this purpose. The initial version of TorBEL was started in GSOC 2010 but since then the project has been inactive. 74 | - [TorFlow](https://www.torproject.org/getinvolved/volunteer.html.en#project-torflow) - Library and collection of services for actively monitoring the Tor network. These include the Bandwidth Scanners (measuring throughput of relays) and SoaT (scans for malicious or misconfigured exit nodes). 75 | - [Tor Path Simulator (TorPS)](https://www.torproject.org/getinvolved/volunteer.html.en#project-torps) - Tool for efficiently simulating path selection in Tor. It chooses circuits and assigns user streams to those circuits in the same way that Tor does. TorPS is fast enough to perform thousands of simulations over periods of months. 76 | - [TorBot](https://github.com/DedSecInside/TorBot) - Python web crawler for Dark and Deep Web. Actively maintained and can be used in Docker container (dockerfile provided). 77 | 78 | # End-user tools 79 | 80 | - [GetTor](https://www.torproject.org/getinvolved/volunteer.html.en#project-gettor) - E-mail autoresponder providing Tor's packages over SMTP. This has been relatively unchanged for quite a while. 81 | - [Ooni Probe](https://www.torproject.org/getinvolved/volunteer.html.en#project-ooni) - Censorship scanner, checking your local connection for blocked or modified content. 82 | - [Tor Controller (for Kubernetes)](https://github.com/kragniz/tor-controller) - Expose applications deployed in Kubernetes clusters via Tor Onion services. 83 | - [Tor2web](https://www.torproject.org/getinvolved/volunteer.html.en#project-tor2web) - Allows Internet users to browse websites running in Tor hidden services. It trades user anonymity for usability by allowing anonymous content to be distributed to non-anonymous users. 84 | - [TorBirdy](https://www.torproject.org/getinvolved/volunteer.html.en#project-torbirdy) - Torbutton for Thunderbird and related Mozilla mail clients. 85 | - [TorCheck](https://www.torproject.org/getinvolved/volunteer.html.en#project-torcheck) - Site for determining if the visitor is using Tor or not. 86 | - [multitor](https://github.com/trimstray/multitor) - Shell scripts to automate creation of multiple Tor instances, load-balanced with HAProxy. 87 | 88 | # File sharing 89 | 90 | - [OnionShare](https://onionshare.org/) - Open source tool that lets you securely and anonymously share a file of any size. 91 | - [ZeroNet](https://zeronet.io/) - Decentralized Web site and Web application platform based on the BitTorrent protocol with Bitcoin-like blockchain that has built-in support for anonymization through Tor. 92 | 93 | # Funding 94 | 95 | - [OnionTip](https://github.com/DonnchaC/oniontip) - Web app which parses Tor relay data to allow users to tip volunteers in cryptocurrency for running relay(s) in a fair and open way. 96 | 97 | # Messaging 98 | 99 | - [Briar](https://briarproject.org/) - Peer-to-peer encrypted messaging and forums over various transports, including Bluetooth, clearnet Wi-Fi, or the Tor network. 100 | - [Ricochet](https://ricochet.im/) - Jabber-based client that creates an Onion service used to rendezvous with your contacts without revealing your location or IP address. 101 | - [TorChat-Mac](https://github.com/javerous/TorChat-Mac) - Mac OS X native TorChat client. 102 | - [TorChat](https://github.com/prof7bit/TorChat) - Decentralized anonymous instant messenger on top of Tor Hidden Services. 103 | 104 | # Offensive tools 105 | 106 | - [ToRat](https://github.com/lu4p/ToRat) - Cross-platform remote administration tool written in Go using Tor as a transport mechanism. 107 | - [dos-over-tor](https://github.com/skizap/dos-over-tor) - Proof of concept denial of service over Tor stress test tool. 108 | - [oregano](https://github.com/nametoolong/oregano) - Python module that runs as a machine-in-the-middle (MITM) accepting Tor client requests. 109 | - [Offensive Tor Toolkit](https://github.com/atorrescogollo/offensive-tor-toolkit) - Series of tools written in Go that simplify the use of Tor for typical exploitation and post-exploitation tasks. 110 | 111 | # Onion service tools 112 | 113 | - [Enterprise Onion Toolkit](https://github.com/alecmuffett/eotk) - Tool for assisting in large-scale deployments of HTTP(S) Onion sites as an official Onionspace presence for existing clearnet websites. 114 | - [OnionBalance](https://github.com/DonnchaC/onionbalance) - Load-balancing and redundancy for Tor hidden services. 115 | - [Stormy](https://github.com/glamrock/stormy) - Easy creation of Tor Onion services ("Location-Hidden Services"), currently under heavy development. 116 | - [Vanguards](https://github.com/mikeperry-tor/vanguards) - Version 3 Onion service guard discovery attack mitigation script (intended for eventual inclusion in Tor core). 117 | - [goldy/tor-hidden-service](https://hub.docker.com/r/goldy/tor-hidden-service) - Docker container capable of providing multiple simultaneous Onion services in either Version 2 or Version 3 format, along with added support for Vanguards. 118 | 119 | # Operating System distributions 120 | 121 | - [The Amnesic Incognito Live System (TAILS)](https://www.torproject.org/getinvolved/volunteer.html.en#project-tails) - Live CD/USB distribution preconfigured so that everything is safely routed through Tor and leaves no trace on the local system. 122 | - [Whonix](https://whonix.org/) - Desktop operating system that can be run in various configurations, which routes the entire user's desktop environment and OS through Tor. 123 | - [tor-ramdisk](https://www.torproject.org/getinvolved/volunteer.html.en#project-torramdisk) - uClibc-based micro Linux distribution whose sole purpose is to securely host a Tor server purely in RAM. 124 | 125 | # Pluggable transports 126 | 127 | - [Flash Proxy](https://www.torproject.org/getinvolved/volunteer.html.en#project-flash-proxy) - Pluggable transport using proxies running in Web browsers to defeat address-based blocking. 128 | - [Obfsproxy](https://www.torproject.org/getinvolved/volunteer.html.en#project-obfsproxy) - Obfuscating proxy that shapes Tor traffic, making it harder for censors to detect and block Tor, with implementations in C and Python. 129 | - [ScrambleSuit](https://www.cs.kau.se/philwint/scramblesuit/) - Python module for Obfsproxy suitable for either Tor, VPN, SSH, or any other application that supports SOCKS. 130 | - [Stegotorus](https://sri-csl.github.io/stegotorus/) - Masks traffic from a Tor client to the entry point into the Tor network such that it looks like ordinary HTML traffic. 131 | 132 | # Relay operator tools 133 | 134 | - [Anonymizing Relay Monitor (Arm)](https://www.torproject.org/getinvolved/volunteer.html.en#project-arm) - `top`-like terminal status monitor for Tor, intended for command-line aficionados, SSH connections, and anyone with a TTY terminal. 135 | - [Weather](https://www.torproject.org/getinvolved/volunteer.html.en#project-weather) - Provides automatic notification to subscribed relay operators when their relay's unreachable. 136 | - [ansible-relayor](https://github.com/nusenu/ansible-relayor) - An Ansible role for Tor Relay Operators. 137 | - [tor-relay-bootstrap](https://github.com/micahflee/tor-relay-bootstrap) - Script to bootstrap a Debian server to be a set-and-forget Tor relay. 138 | - [tor_box](https://github.com/CMoncur/tor_box) - An all-inclusive Tor configuration for Raspberry Pi, serves as both a relay and personal Tor network. 139 | 140 | # Tor controller interfaces 141 | 142 | - [Bine](https://github.com/cretz/bine) - Go library for accessing and embedding Tor clients and servers. 143 | - [PHP TorControl](https://github.com/dunglas/php-torcontrol) - PHP library to control a Tor server. 144 | - [Stem](https://www.torproject.org/getinvolved/volunteer.html.en#project-stem) - TorProject's official Python controller library for scripts and controller applications using Tor. 145 | - [tor.rb](https://github.com/dryruby/tor.rb) - Ruby library for interacting with the Tor anonymity network. 146 | - [txtorcon](https://txtorcon.readthedocs.io/) - TorProject's official implementation of the control-spec for Tor using the Twisted networking library for Python (supports Py2, PyPy and Py3). 147 | 148 | # Tor server hardening tools 149 | 150 | - [Tlsdate](https://www.torproject.org/getinvolved/volunteer.html.en#project-tlsdate) - Secure parasitic rdate replacement maintained by the Tor Project that sets the local clock by securely connecting with TLS to remote servers and extracting the remote time out of the secure handshake. 151 | - [onion-grater](https://github.com/Whonix/onion-grater) - Whitelisting filter for dangerous Tor control protocol commands. 152 | 153 | # Tunneling tools 154 | 155 | - [dnscrypt-proxy](https://github.com/DNSCrypt/dnscrypt-proxy) - DNS proxy server supporting arbitrary DNS, DNSCrypt v2, DNS-over-TLS, and DNS-over-HTTPS queries that can be torified with a two-line configuration change (`force_tcp = true` and `proxy = socks5://127.0.0.1:9050` or similar). 156 | - [tor_ssh.sh](https://gitlab.com/grownetics/devops/blob/master/tor_ssh.sh) - One command to enable SSH access via Tor to any server. 157 | - [Torsocks](https://www.torproject.org/getinvolved/volunteer.html.en#project-torsocks) - Utility for adapting other applications to work with Tor. 158 | - [Tortilla](https://www.crowdstrike.com/resources/community-tools/tortilla-tool/) - Open source tool that allows users of Windows OS devices to securely, anonymously, and transparently route all TCP/IP and DNS traffic through Tor. 159 | - [tun2tor](https://github.com/iCepa/tun2tor) - Rust library to provide a virtual `utun` (userspace tunnel) interface to Tor. 160 | 161 | # Web browser-based tools 162 | 163 | - [HTTPS Everywhere](https://www.eff.org/https-everywhere) - Firefox and Chrome extension that automatically switches to HTTPS connections with many major websites if those are available that ships in Tor Browser. 164 | - [NoScript](https://noscript.net/) - Javascript execution blocking Firefox extension that ships in Tor Browser. 165 | - [Tor Browser](https://www.torproject.org/getinvolved/volunteer.html.en#project-torbrowser) - Easy-to-use, portable package of Tor, HTTPS-Everywhere, NoScript, TorLauncher, Torbutton, and a Firefox fork, all preconfigured to work together out of the box. 166 | 167 | # Tor protocol implementations 168 | 169 | - [haskell-tor](https://github.com/GaloisInc/haskell-tor) - Haskell implementation of the Tor protocol. 170 | - [node-Tor](https://github.com/Ayms/node-Tor) - Javascript implementation of the Tor (or Tor like) anonymizer project. 171 | 172 | # Whistleblowing 173 | 174 | - [GlobaLeaks](https://www.globaleaks.org/) - Free software intended to enable secure and anonymous whistleblowing initiatives. 175 | - [SecureDrop](https://github.com/freedomofpress/securedrop) - Open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. 176 | 177 | # License 178 | 179 | [![CC-BY](https://mirrors.creativecommons.org/presskit/buttons/88x31/svg/by.svg)](https://creativecommons.org/licenses/by/4.0/) 180 | 181 | This work is licensed under a [Creative Commons Attribution 4.0 International License](https://creativecommons.org/licenses/by/4.0/). 182 | --------------------------------------------------------------------------------