Skip to main content

πŸͺ΄ Privacy

Privacy Guides​

Privacy Tools​

Privacy Freindly Full Suites​

Guides​

DPI Bypass​

  • SpoofDPI - A simple and fast anti-censorship tool written in Go

Browsers​

  • ungoogled-chromium - Google Chromium, sans integration with Google.
    • chromium-web-store - Allows adding extensions from chrome web store on ungoogled-chromium.
  • Bromite - A Chromium fork with ad blocking and privacy enhancements.
  • Librefox - Firefox with privacy enhancements.

Privacy Extensions​

Browser Tools​

Search Engines​

Email​

Email Services​

Temporary​

  • Emaildrop - Emaildrop is a free disposable email provider.
  • 10 Minute Mail - Disposable, private mailboxes.
  • Disposable - Disposable is a robust disposable email (burner emails) - API designed to help you verify whenever email address is coming from disposable service.
  • Nada - Fast & free.
  • s.MailPro - Offering Temporary Email Service.
  • Temp Mail - Keep spam out of your mail and stay safe - just use a disposable temporary email address!
  • Tempr eMail - Similar service like Temp Mail, it's from the same provider.
  • πŸ§… GuerrillaMail

Self Hosted​

  • docker-mailserver - A fullstack but simple mailserver (smtp, imap, antispam, antivirus, ssl, etc.) - using Docker.
  • FastMail - Email, calendars and contacts done right.
  • Rainloop - SIMPLE, MODERN & FAST WEB-BASED EMAIL CLIENT.
  • Roundcube - MIME support, address book, folder manipulation, message searching and spell checking.
  • Simple Login - Email alias/forwarding and identity provider service.

Email Clients​

  • Mozilla Thunderbird - Well-known open source eMail Client from Mozilla.
  • Confidant - Another secure eMail provider, apps are planned.
  • ElectronMail - Electron based wrapper for ProtonMail & Tutanota.
  • Lavabit - Those guys are back and they are now developing their own mail protocol for secure communication.
  • p=p - Pretty Easy Privacy (p=p) - email client encrypts all communications in your email without the need for you to create new accounts.
  • Tutanota - Email client with a strong focus on security and privacy that lets you encrypt emails on all your devices.

VPN​

Services​

caution

Avoid using Private Intenet Access. On November 18, 2019, Private Internet Access announced that it would be merged into Kape Technologies.

Quote from their privacy policy (image):

...we may share your personal information with third party service providers that we may engage to improve the Service...

Self-hosted​

  • Algo VPN - A set of Ansible scripts that simplify the setup of a personal WireGuard and IPsec VPN.
  • Cloudron - A solution that allows anybody to create private clouds instantaneously.
  • DSVPN - Linux - DSVPN is a dead simple VPN, designed to address the most common use case for using a VPN.
  • Mysterium Network - Yet another self-hosted VPN.
  • Nebula - A scalable overlay networking tool with a focus on performance, simplicity and security.
  • ocserv - Cisco AnyConnect-compatible VPN server.
  • OpenConnect - Multiplatform VPN compatible with Cisco's AnyConnect. Uses well-tested, standard TLS connections which easily bypass DPI.
  • OpenVPN - OpenVPN provides flexible VPN solutions to secure your data communications, whether it's for Internet privacy, remote access for employees, securing IoT, or for networking Cloud data centers.
  • Outline by Alphabet - Not a traditional VPN but it might work with Google Cloud, AWS & more.
  • PeerVPN - PeerVPN is a software that builds virtual ethernet networks between multiple computers.
  • Pritunl - Enterprise Distributed OpenVPN and IPsec Server.
  • SoftEther VPN - Cross-platform multi-protocol VPN software.
  • Tailscale - Tailscale is a mesh VPN that makes it easy to connect your devices, wherever they are. No more fighting configuration or firewall ports.
  • vpn-at-home - 1-click, self-hosted deployment of OpenVPN with DNS ad blocking sinkhole.
  • WireGuard VPN - WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec.

Decentralized​

  • n2n - A Peer-to-peer VPN.
  • ZeroTier - Peer-to-peer multi-platform VPN.
  • tinc - Peer-to-peer VPN software with mesh routing.
  • radvpn - Decentralized VPN.
  • Mysterium Network - Claims to be world’s 1st decentralized free VPN which uses OpenVPN & WireGuard.
  • TachyonVpn - A Decentralized VPN that is secured by Tachyon Protocol.

VPS Hosting Providers​

  • Bulletproof Hosting
  • BlueAngelHost - Ignores DMCA requests, starts with 2,50€ a month, servers are based in Sofia.
  • CyberHour - Rusian based host provider which allows Warez.
  • FlokiNET - Designed for Whistleblower, ignores DMCA requests, starts with 2,99€ a month, servers are located in Bukarest, Reykjavik or Helsinki. Servers are known to be slow.
  • Hostkey - Dedicated Servers & more.
  • HostPlay - Russian based VPS, starting for 15,44€ a month.
  • KnownSRV.com - They use offshore data centers in Romania, Luxembourg and the Netherlands.
  • NetEngi - Rent professional web hosting of high quality and cheap price with cPanel.
  • Offshore Servers - Ignores DMCA requests, no name required for the registration, starting with 8,17€ a month. Servers are located in Moskow or Warschau.
  • Inferno Solutions - VPS, Dedicated Server & more. Multiple server located around the world. Starts with 4,54€ a month.
  • ProHoster - Provides a free domain, starts with 0,00€, multiple server locations, e.g. Moskow, New York, Amsterdam.
  • RapidLeechHost.com - RapidLeechHost only allows warez linking on their offshore plans, using servers based in Netherlands.
  • SharkServe - DDoS protection, Bitcoin & Co.
  • SporeStack - Truly Hidden Hosting.
  • Warez Hosting - Private & Anonymous VPS Hosting!
  • WebCare360 - Powerful Offshore cpanel shared hosting provider.
  • WRZHost.com - WrzHost specializes in allowing warez, and acts as a safe-haven for people wanting to start warez-related projects with anonymity. They offer shared hosting, Linux VPS’s and dedicated servers.

Proxy​

Reverse Proxies​

Proxy Sites​

Operating Systems​

Linux​

  • Tails - Tails is a live operating system that you can start on almost any computer from a USB stick or a DVD.
  • Qubes OS - Qubes OS is a security-oriented operating system.
  • Fedora Workstation - Fedora Workstation is a secure, reliable, and user-friendly Linux distribution developed by the Fedora Project.
  • kloak - Keystroke-level online anonymization kernel: obfuscates typing behavior at the device level.
  • The practical linux hardening guide - This guide details the planning and the tools involved in creating a secure Linux production systems - work in progress project!

Windows​

Android​

SMS​

Virtual Phone Numbers​

  • Burner - Rent a temporary phone number and give it out to whomever you want.
  • Esendex.com.au - (Registration required) - Bulk SMS provider.
  • Free Online Phone - Just use one of the numbers listed, then select one of the numbers and you can see the SMS that reach that number.
  • FreePhoneNum - The service offers a very temporary number for verification or any other purpose.
  • Freevirtualnumber.skycallbd - Receive Free SMS Online For Any SMS verification.
  • GetFreeSMSNumber - Free Receive SMS Online.
  • Getsms - (RU) - Russian service to get virtual SMS numbers.
  • Google Voice - Navigate to Google Voice and register or select a phone number via fake account (works without phone number verification).
  • Hs3x - Receive SMS Online For Free.
  • MyTrashmobile - Receive text messages for online verifications as in WhatsApp or Facebook.
  • Online SIM - (RU) - Russian paid service to send and get SMS.
  • Proovl - Send and Receive SMS - As Easy As You'd Expect!
  • Receive SMS Online - Virtual numbers from United States, United Kingdom, Sweden, Canada and more.
  • Receive SMS - Free service to verify your membership without giving out my own number.
  • Receive-a-sms - Get your text messages through the internet with a free virtual phone number Stay anonymous with FREE phone verification, terms and conditions apply.
  • Receive-sms-free - Receive SMS Online,Get SMS numbers Online, Temporary phone numbers, Disposable Mobile numbers, Get SMS Online, Virtual Phone Online, Receive Voice.
  • Receive-sms-now) - (RU) - Russian and international numbers online.
  • Receive-sms-online.com - Another free SMS provider.
  • Receive-SMS - Webservice to vie SMS.
  • Receive-smsonline - Free Receive SMS Online, does not work with Google phone verification!
  • Receivefreesms.net - Receive SMS Online.
  • ReceiveFreesms - Receive SMS Online For FREE. Get Free SMS here to Verify your Services and APP. Receive Free sms text Online Worldwide.
  • ReceiveSMS - Receive Your SMS Online With Our Virtual Numbers For Free! Without Registration!
  • Receivesmsonline.in - Get SMS online for free, it will not work with Google phone number verification!
  • Receivesmsonline - A free service for receiving SMS messages and voice mails online. There is no need to register.
  • Receivesmsverification - Receive SMS Online without register. You can receive SMS online for free. Receive bypass sms without registration, Verify whatsapp, LINE, any type of account.
  • sms-online.co - Receive SMS Online for Free, will not work with Google number registration!
  • Sms-receive - Receive SMS and voice mail online.
  • SMS.INK - RU - Share SMS.
  • Smsc - (needs registration) - Offers Russian and Ukrainian numbers.
  • SMSFinder - SMS service located in USA, UK, France, Canada, Sweden.
  • Smska - (RU) - Yet another free russian virtual number provider.
  • Smsreceivefree - Temporary SMS and Disposable Numbers.
  • SMSToolsOnline - Yet another free SMS service.
  • Sonetel - Free and paid service for virtual sms numbers.
  • Tempsms - (RU) - Keep spam out of your phone and stay safe - just use a free disposable temporary phone number!
  • Zadarma - The Zadarma VoIP project enables you to setup your business telephone system without the heavy hardware and wiring expenses.

Data leaks​

  • ⭐ Have I been pwned? - Check if you have an account that has been compromised in a data breach.
  • ⭐ GhostProject.fr - Free Database Lookup of Recent 1.4 billion password breach compilation, GhostProject allows you to Search by email or username.
  • ⭐ Firefox Monitor - Have your accounts been leaked or stolen in a data breach? Find out at Firefox Monitor.
  • I Got Phished - Collecting information regarding users that became victims of a phishing attack by entering their password on a phishing website.
  • LeakCheck - Paid database engine to check if your eMail, online accounts have been compromised.
  • Snusbase - Paid Database Search Engine to check for latest database breaches.
  • Leak Lookup - Data Breach Search Engine
  • leakpeek - Data Breach Search Engine

DNS​

  • Snopyta - Finland based non-profit DNS that doesn't keep.
  • UncensoredDNS - An uncensored alternative to the internet providers filtered DNS servers.
  • Digitale Gesellschaft - Another uncensored DNS servers.
  • AppliedPrivacy - A privacy conscious DNS service.
  • NixNet - Uncensored DNS that doesn't keep logs.
  • DNSCrypt + Manager - A protocol to improve DNS security.
  • Stubby - Stubby is the name given to a mode of using getdns which enables it to act as a local DNS Privacy stub resolver (using DNS-over-TLS).
  • YogaDNS - YogaDNS automatically intercepts DNS requests at the system level and allows you to process them over user-defined DNS servers using modern protocols and flexible rules.

Cloud based​

Social Media​

  • Fake-It 3.0 - Generate full fake identities with random Name, Address, SSN, Credit Card, Phone Number, and more!
  • Fake Data - Fake data generator.
  • Forget - Automatically deletes your old posts that everyone has forgotten about.
  • Keybase - Keybase Extension Brings End-to-End Encrypted Chat To Twitter, Reddit & GitHub.
  • Reddit PowerDeleteSuite - Delete old reddit posts.
  • Nuke Reddit History - Firefox add-on - + Chrome extension
  • Random AI generated profile pictures - Random AI generated profile pictures.
  • ShadowCrypt - Chrome extension that brings encrypted messaging to Internet sites such as Reddit, Facebook or Twitter., it is a bit outdated but still works. (Keep in mind that this extension has a security hole which might reveal your encrypted messages).
  • Social Amnesia - Deletes Twitter and Reddit content based on your terms.
  • TweetDelete - Protect your privacy by automatically deleting posts older than a specified age from your Twitter feed.
  • TweetEraser - Delete Twitter Posts in Bulk
  • Framapiaf - Mastodon instance of Framasoft - A nonprofit organization focusing on free-software alorisation.
  • Mamot - Mastodon instance of the La Quadrature du Net - A French advocacy group that promotes digital rights and freedoms of citizens.
  • Mastodon - Mastodon is an open-source self-hosted, federated social media networking service.
  • MeWe - Google+ replacement.
  • Movim - Movim is a social network, based on XMPP, with Chat and chatrooms, news & communities features.
  • Nitter - Nitter is a free and open source alternative Twitter front-end focused on privacy.
  • Pleroma - Host your own social media.
  • social.privacytools.io - Mastodon instance by PrivacyTools, a volunteer-run privacy centered collective.
  • Stream.io - Tries to combine all social networks into one place (currently beta).
  • NextCloudTalk - Basically, Hangouts via NextCloud.
  • Jitsi - Decrentralized chat, eMail platform.
  • JMP.chat
  • Whereby - Anoher video calling app focused on privacy and usability.

Payment​

Anonymous Cryptocurrency Exchanges​

  • Binance - Hong Kong-based exchange.
  • Changelly - (iOS app) - Cryptocurrency exchange service that allows for instant transfers from one cryptocurrency wallet to another across various cryptocurrencies.
  • ShapeShift - (iOS App) - Claims to not collect any data!
  • Tornado - (Beta!) - Audit but still in beta!

Domain Names​

  • Domainr - Domainr allows you to find domain names and short URLs. Instantly check availability and register for all top-level domains.
  • xip.io - Magic domain name that provides wildcard DNS for any IP address.
  • Namecheap - Namecheap accepts Bitcoin and offers domain registration, hosting, email, SSL certs, and a variety of other products.
  • Njalla - Privacy-focused domain registration service based in Nevis.
  • OrangeWebsite - Anonymous domain registration services and also accepts cryptocurrency payments, based in Iceland.

Secure PasteBin alternatives​

Metadata cleaner​

  • mat2 - mat2 cleans metadata.
  • CCleaner - Bundleware - Make sure CCLeaner is blocked via firewall - It removes unused files from your system.
  • Bleachbit - Unless CCleaner it works on all operating systems and is fully open source but comes with less "cleaning features".
  • ExifTool - Most reliable photo exif cleaning tool.
  • Exiv2 - Exiv2 is a C++ library and a command line utility to manage image metadata.
  • ExifTool by Phil Harvey - Read, Write and Edit Meta Information!
  • ExifTool GUI - Adds a GUI to ExifTool by Phil Harvey.
  • Exif Purge - EXIF Purge is a small portable application to remove EXIF meta data from multiple images at once.

TOTP​

Secure Messenger​

Password Managers​

caution
  • Wikipedia's list of Password Managers - Overview of all password manager utilities.
  • BitWarden - Open source password management solution, can be self-hosted.
  • KeePassXC - KeePassXC is a community fork of KeePassX, a native cross-platform port of KeePass Password Safe.
  • LessPass - Stateless open source password manager.
  • 1Password - Popular cloud-hosted password manager.
  • KeePass - Free, open source, light-weight, and easy-to-use password manager.
    • Plugins - A list of third-party plugins for KeePass.
    • Keepass2Android - A Password manager app for Android based on Keepass.
    • KeePassium - KeePassium combines the security of KeePass with a clean intuitive design.
  • KeeWeb - Free cross-platform password manager compatible with KeePass.
  • Pass - Simple GPG/Git password manager. Follows the Unix philosophy.
  • Dashlane - An intuitive password manager with over with over 8 million users worldwide.
  • Passbolt - Free, open source, self-hosted, extensible, OpenPGP based.
  • Psono - Open source and self-hosted password manager for teams.
  • Buttercup - Another open source password manager with desktop, mobile, and browser clients.
  • MiniKeePass - iOS version of KeePass (unofficial).
  • KeeVault - Secure, Open Source Password Management.
  • LastPass (Last Choice) - LastPass remembers all your passwords, so you don't have to.

Alternate Networks​

  • I2P - I2P is an anonymous overlay network - a network within a network. It is intended to protect communication from dragnet surveillance and monitoring by third parties such as ISPs.
  • Zeronet - Open, free and uncensorable websites, using Bitcoin cryptography and BitTorrent network.
  • Loki - Lokinet is an anonymous, decentralized and IP based overlay network for the internet.
  • SILO - Offers complete privacy across the network (work in progress project in cooperationship with Loki).
  • IPFS - A peer-to-peer hypermedia protocol designed to make the web faster, safer, and more open.
  • Yggdrasil - Makes use of a global spanning tree to form a scalable IPv6 encrypted mesh network.
  • cjdns - Cjdns (Caleb James DeLisle's Network Suite) - is a networking protocol and reference implementation, founded on the ideology that networks should be easy to set up.
  • Freenet - Freenet is free software which lets you anonymously share files, browse and publish "freesites" (web sites accessible only through Freenet) - and chat on forums, without fear of censorship.
  • GnUNet - GNUnet is a framework for secure peer-to-peer networking that does not use any centralized or otherwise trusted services.
  • Psiphon - Run your own server, invite your friends, build a community, provide free and unfiltered Internet access to the world.
  • Scuttlebutt - A decentralised secure gossip platform that aims to harmonize four perspectives of life: Environment reflecting Technology reflecting Community reflecting Society.

Tor​

  • Tor - Tor is free software and an open network that helps you defend against traffic analysis.
caution

I'm not responsible for the links, domains, it's content or if the provided .onion links are really the ones advertised. It's impossible for me as individual person to check every single page every second and monitor it's content.

Also be very carefull of scams. you can find the links to some scam sites on torss7t3bxd3qsxn.onion

info

If you suspect your access to the Tor network is being blocked, you may want to use bridges.

You can get latest Tor bridges from bridges.torproject.org

tip

Just replace .onion with .onion.ws or any other domain made available by volounteers Tor2web operators.

Example: http://archivecaslytosk.onion/ => http://archivecaslytosk.onion.ws/

This connects you with Tor2web, which then talks to the onion service via Tor and relays the response back to you.

WARNING: Tor2web only protects publishers, not readers. As a reader installing Tor Browser will give you much greater anonymity than using Tor2web. Using Tor2web trades off security for convenience and usability.

Web Archive​

Misc​

P2P Networks​

  • eDonkey network - A decentralized, mostly server-based, peer-to-peer file-sharing network.
  • Gnutella - P2P network behind the popular LimeWire file sharing app.
  • FastTrack - Protocol used by the Kazaa, Grokster, iMesh, and Morpheus file-sharing programs.
  • Napster - Peer-to-peer file sharing Internet service that emphasized sharing digital audio files, typically audio songs, encoded in MP3 format.
  • IPFS - Distributed Web - Peer-to-peer distributed file system that seeks to connect all computing devices with the same system of files.
  • Kad - The Kad network is a peer-to-peer (P2P) - network that implements the Kademlia P2P overlay protocol.

Router Firewalls​

Antivirus​

Overall Strategy
  • Diversify your analysis approach.
  • Don't rely on the results from a single tool.
  • Run everything with as few privileges as necessary.
  • APT investigations must be seperated from commodity malware, otherwise you give malware authors "ideas".
  • Treat everything like it could be malicious until you have enough evidence to suggest otherwise.

VirusTotal alternatives​

  • Any-Run - Run files in a sandbox.
  • Thread Minder - Allow analysts to find additional information on indicators of compromise (IOC) - such as domain names, IP's and more.
  • ThreatCrowd - Search engine for threats, show correlations of submitted entries eg IP, hashes, domains etc.
  • URLScan - Check the website.
  • Sooty - SOC Analyst Tool.
  • Hybrid-Analysis - alternative - The free version is normally good enough.

Virtualisation​

  • FireJail - Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf.
  • FlatPak - Standalone apps for Linux are here!
  • KVM - KVM (for Kernel-based Virtual Machine) - is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V).
  • Sandboxie - Install and run programs in a virtual sandbox (software based) - environment without writing to the hard drive itself.
  • Virtualbox - VirtualBox is a general-purpose full virtualizer for x86 hardware, targeted at server, desktop and embedded use.
  • VMWare - (paid) - Closed source, but maybe the most reliable and used program for creating/booting up a virtual machine.

Checksum verification​

  • OpenHashTab - File hashing shell extension for Windows.
  • GtkHash - A cross-platform desktop utility for computing message digests or checksums.