xbdms' Blog

desktop

December 12, 2021

The alternatives that keep my personal information private from prying eyes.

As you might know already by looking at my previous blog posts, I'm heavily invested in privacy and anonymity and I enjoy learning new ways to keep my personal data private.

Privacy organizations and cyber-pirates

Consider joining and donating to one, several or all of the listed organizations, they actually fight for your digital freedom.

Reduce Your Footprint

  • YourDigitalRights – Delete your account or access the personal data organizations have on you using this free service.
  • Go Incognito (Premium) – The homepage for Go Incognito Premium – A guide to security, privacy & anonymity.
  • Go Incognito (Free) – Techlore is spreading spreading privacy and security to the masses. Home of Go Incognito, Surveillance Report, VPN reviews, video tutorials, software/hardware reviews, communities, and more; join us today!
  • Hitchhiker’s Guide – The Hitchhiker’s Guide to Online Anonymity.
  • Techlore Anonymity Quiz – Techlore is spreading spreading privacy and security to the masses. Home of Go Incognito, Surveillance Report, VPN reviews, video tutorials, software/hardware reviews, communities, and more; join us today!
  • AuditMyPC – Free Web tools include firewall test and speed test plus sitemap generator and other online tools for webmasters and home users.
  • BrowserSpy – BrowserSpy.dk is the place where you can see just how much information your browser reveales about you and your system. Privacy to the ultimate test.
  • AlternativeTo – AlternativeTo lets you find apps and software for Windows, Mac, Linux, iPhone, iPad, Android, Android Tablets, Web Apps, Online, Windows Tablets and more by recommending alternatives to apps you already know.
  • Do I need a VPN? – Share your privacy and security concerns, and they help you decide whether you need a commercial VPN. In some cases you don't, or Tor might be a better choice for you.
  • TheNewOil – This site is designed to help readers take back control of their data and regain their privacy online. Whether you think the digital panopticon is immoral, or whether you simply find companies stalking your every digital move creepy, this site will help you learn the basics about protecting your identity, your safety, and your data.
  • PrivacyTools – You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities. privacytools.io provides services, tools and knowledge to protect your privacy against global mass surveillance.
  • PrivacyGuides – Massive organizations are monitoring your online activities. Privacy Guides is your central privacy and security resource to protect yourself online.
  • European Alternatives – Helping you find european alternatives for digital service and products, like cloud services and SASS products.
  • AccountKiller – A directory of direct links to delete your account from web services.
  • DeleteMe – DeleteMe gets professionals to delete your data from data broker sites and scans them for you and your family. It is very expensive.
  • PrivacyDuck – Privacy Duck provides the complete manual, comprehensive removal of your personally identifying information on over 163 data mining sites.
  • ComputerWorld – How to get your personal data removed from people search websites. Read more here!
  • ThinkPrivacy – It's your data. It's time you take control of it.
  • Redact – Mass delete your messages, posts and comments on Twitter, Reddit, Discord, Facebook, and more, all from one free app.
  • SayMine – Mine helps you discover where your personal data is and manage your digital footprint. You decide where your data should or shouldn't be, they'll make it happen.
  • DeseatMe – Instantly get a list of all your accounts, delete the ones you are not using.
  • CyberToolBank – Best And Reliable Services In One Place For Free, Including Privacy Services, Doxing Tips, Hacking Tips, And Other Cybersecurity. Cybertoolbank.cc 2019-2021.
  • JustDeleteMe – A directory of direct links to delete your account from web services.
  • JustGetMyData – A directory of direct links for you to obtain your data from web services.

Projects

  • Remix Icons – Remix Icon is a set of open source neutral style system symbols elaborately crafted for designers and developers. All of their icons are free to use for both personal and commercial.
  • Search My Site – The open source search engine and search as a service for user-submitted personal and independent websites.
  • ResizePixel – Come and try their free, easy to use and mobile-friendly online photo editor. Image editing has never been easier with ResizePixel!
  • Online Background remover – Online audio/video background remover.

Security

  • MalwareTips – MalwareTips is a global community of people helping each other with their Security, Technology and Technical Support questions.

Deep Fake Software

  • avatarify – Avatars for Zoom, Skype and other video-conferencing apps.
  • DeepFaceLab – DeepFaceLab is the leading software for creating deepfakes.
  • faceswap – Deepfakes Software For All.
  • omg.lol – Browser based deep fakes in pure JavaScript.

Deep Fake Protection

Reverse Image Lookup

  • TinyEye – Find where images appear online.
  • Labnol – Reverse Google Image Search will help you find the original source of photographs, forwarded Internet memes and profile pictures on your Android mobile phone, iPhone or iPad.

Virtual Machine

  • Browser.cool – Use browser.cool: The internet, as it is supposed to be. Without restrictions by your provider, your hotel or third parties. Easier than a VPN: No setup or configuration required, directly in your browser. Ready to use in 3 minutes.
  • VirtualBox – VirtualBox is a powerful x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. Not only is VirtualBox an extremely feature rich, high performance product for enterprise customers, it is also the only professional solution that is freely available as Open Source Software under the terms of the GNU General Public License (GPL) version 2. See “About VirtualBox” for an introduction.

Open Source Router Firmware

  • OpenWRT – The OpenWrt Project is a Linux operating system targeting embedded devices. Instead of trying to create a single, static firmware, OpenWrt provides a fully writable filesystem with package management. This frees you from the application selection and configuration provided by the vendor and allows you to customize the device through the use of packages to suit any application.
  • FreshTomato – A system based on Linux, dedicated for routers with Broadcom chipset and distributed on the GPL license. This advanced system consists of a particularly friendly interface, thanks to which even inexperienced users can easily work with it.

Detect Trackers in Apps

  • Exodus Privacy – Easily detect tracker before you install random apps.
  • Plexus – Remove the fear of Android app compatibility on de-Googled devices.

Open Source RSS Feed Reader

  • Raven – Raven is a desktop news reader with flexible settings to optimize your experience. No login is required, and no personal data is collected. Just select the websites you want to curate articles from and enjoy!
  • NetNewsWire – NetNewsWire is a free and open source RSS reader for iOS.
  • Feeder – Feeder is a Android fully free/libre feed reader. It supports all common feed formats, including JSONFeed. It doesn't track you. It doesn't require any setup. It doesn't even need you to create an account! Just setup your feeds, or import them from your old reader via OPML, then get on with syncing and reading.

Open Source eBook Reader

  • Sigil – Sigil was designed to make it easy to create great ebooks using the EPUB format. If you are formatting books for your own use, or you are a professional editor publishing books on multiple platforms, then Sigil is for you. You can use Sigil to format and package your books into an EPUB that looks exactly the way you want it to using an advanced set of features that have made Sigil one of most popular EPUB editors available. This open-source and completely free software is written and supported entirely by volunteers.

Debit Card Aliases

  • Privacy – Make a unique debit card number for every single purchase online with just 1 click. Never worry again about credit card breaches, shady merchants, or sneaky subscription billing.

Private Cell Phone Plan

  • Mint Mobile – Mint Mobile re-imagined the wireless shopping experience and made it easy and online-only. No stores. No salespeople. Just huge direct to you savings on nationwide phone plans.

Private Hotspot

  • Calyx Institute – They mission is to educate the public about privacy in digital communications and to develop tools that anyone can use. By embracing “privacy by design,” we help make digital security and privacy more accessible to everyone.

Phone Number Aliases

  • SMSActivate – SMS activator, combining disposable virtual numbers and numbers for rent in 200 countries of the world, for registering accounts through receiving SMS.
  • SMSPva – Virtual numbers for account activations via SMS. SMS for any services: Facebook, Gmail, Instagram, Microsoft, Bing, Hotmail, Twitter, Steam, Uber.
  • 5Sim –  5SIM provides the opportunity to bypass SMS verification procedure with the help of a temporary virtual phone number without using the personal one. By purchasing virtual numbers for SMS receiving and for activating any site or app, you will register many profiles on websites by receiving a confirmation code online.
  • OnlineSim – Virtual numbers, SMS activation, activation service, SMS reception, free reception, temporary numbers, disposable numbers.
  • SMSPool – SMS verification service online from SMSPool using our non voip mobile numbers for SMS Verification worldwide. Sign up now for the highest quality SMS verifications for your accounts.
  • MySudo – Send private messages, manage multiple phone numbers and email addresses, and create custom personal identities that last as long as you need them.
  • Burner – Get a 7-day free phone number trial now with unlimited calling & texting! Use a temporary phone number for dating or online selling. Sign-up today to get a 7-day free phone number trial.
  • Silent.link – Get global mobile 4G/5G Internet access and burner UK +44 SMS number instantly and privately on any modern eSIM-compatible smartphone.

Privacy Friendly Desktop/Laptop Operating Systems

  • Solus OS – Solus is an operating system that is designed for home computing. Every tweak enables us to deliver a cohesive computing experience.
  • Serpent OS – Serpent OS is building a pioneering new Linux distribution based on modern technologies, enabling stellar features for everyone, without the price tag.
  • Ghost Spectre – Ghost Spectre makes windows 7, 8, 8.1, 10, and even 11 with great privacy and security features. Removes bloatware, privacy optimizations and performance, And has his own custom toolbox to install back certain apps. You can also install android subsystem on windows 11 with this tutorial.
  • Ghost Spectre Windows 11 Activation Fix – https://pastebin.com/raw/FPAWx85d

Privacy Friendly Mobile Operating Systems

  • GrapheneOS – The private and secure mobile operating system with Android app compatibility. Developed as a non-profit open source project.

Anti-Virus for Windows 10/11

⚠️ You do not need Bit-defender or Kaspersky on your Ghost Spectre Windows version as it will detect everything as false positive. Making Ghost Toolbox being deleted or even worst. All you need is Windows Defender, Shadow Defender, And your brain.

  • Malwarebytes – Malwarebytes protects your home devices and your business endpoints against malware, ransomware, malicious websites, and other advanced online threats. Download Malwarebytes for free and secure your PC, Mac, Android, and iOS, or take a free business trial now. It is also ranked Grade D, Read more here!
  • Bit-Defender – Bitdefender is a cybersecurity software leader delivering best-in-class threat prevention, detection, and response solutions worldwide. It is also ranked Grade B, Read more here!
  • Kaspersky – Feel truly safe online with AI-driven protection against hackers and the latest viruses, ransomware and spyware. This is also graded with B, Read more here! I also have some cracked keys if you guys want to try them out: Download Cracked Keys
  • ClamWin – Looking for free Open Source Antivirus for Windows? Download ClamWin Free Antivirus and get free virus scanning and free virus definition updates.
  • GuardedID – GuardedID eliminates your vulnerability to data theft due to keylogging attacks, a leading cause of cyber crime. Unlike anti-virus and anti-malware software, GuardedID protects your data from both known and unknown keylogger threats.

⚠️ Me and My homie cracked keys for premium access, If the key doesn’t work oh well. If you want some keys, You contact me by email and we can talk payment to gain a new key.

Privacy and Security Tools for Windows 10 and 11

  • O&O ShutUp10++: Free antispy tool for Windows 10 and 11 – With the freeware O&O ShutUp10++, unwanted Windows 10 and 11 features can be disabled and the transfer of sensitive personal data onto Microsoft prevented.
  • Simplewall: Free and lightweight Firewall – Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.
  • Safing Portmaster: Monitor and control all network activity – Safing is a software that protects your privacy online. It's so easy, anyone can use it.
  • Glasswire – GlassWire is a modern personal firewall and network monitor with over 26 million downloads. Download GlassWire free!
  • ContextMenuForWindows11 – Add Context Menu For Windows 11.
  • DefenderUI – Freeware alternative to Simple Windows Hardening, it is not FOSS and not as advanced as HC or simple HC.
  • ExplorerPatcher – This project aims to bring back a productive working environment on Windows 11.
  • Hard_Configurator – GUI to Manage Software Restriction Policies and harden Windows Home OS – or alternative Simple Windows Hardening.
  • HardenKitty – Checks and hardens your Windows configuration.
  • HardeningAuditor - Scripts for comparing Microsoft Windows compliance with the Australian ASD 1709 & Office 2016 Hardening Guides.
  • Sophia Script – The most powerful PowerShell module on GitHub for Windows fine-tuning and tweaking.
  • WSA Toolbox – A Windows 11 application to easily install and use the Windows Subsystem For Android™ package on your computer.
  • WSAGAScript – Install Google Apps (Play Store) on WSA (Windows Subsystem Android)
  • Windows11Upgrade – Windows 11 Upgrade tool that bypasses Microsoft´s requirements.
  • privacy.sexy – Enforce privacy & security best-practices on Windows and macOS.
  • windows_hardening.cmd – Script to perform some hardening of Windows 10/11.
  • wsa_pacman – A GUI package manager and package installer for Windows Subsystem for Android (WSA).
  • Bulk Crap Uninstaller – Remove large amounts of unwanted applications quickly.
  • Geek Uninstaller – Efficient and Fast, Small and Portable. 100% Free.
  • W10Privacy – Privacy made ​​easy
  • WindowsSpyBlocker – Block spying and tracking on Windows.
  • Eraser – Eraser is an advanced security tool for Windows which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
  • Recuva – Accidentally deleted an important file? Lost files after a computer crash? No problem – Recuva recovers files from your Windows computer, recycle bin, digital camera card, or MP3 player!

Windows 11 Desktop Shell

  • BlackBox – Blackbox has specific design goals, and some functionality is provided only through other applications. One example is the bbkeys hotkey application.
  • Cairo Shell – The Cairo taskbar preserves desktop area for your wallpaper and applications.
  • LiteStep – A replacement #desktop interface for Windows.
  • ReactOS Explorer – ReactOS Explorer is the default graphical shell that comes with ReactOS from version 0.2.0 forward. It is meant to be the equivalent of Windows Explorer on Windows operating systems.
  • Talisman Desktop – Talisman Desktop is a configurable Windows shell replacement introduced in 1997 by Lighttek Software.
  • win3wm – A Native Tiling Window Manager for Windows 10, Inspired by I3wm.
  • xoblite – An advanced “extended shell” for Microsoft® Windows® 10 and 11, part of the Blackbox for Windows family.

Disk & File Cleaners with Privacy Features

  • BleachBit – Shredding files and wiping unallocated disk space to minimize data remanence.
  • ExifCleaner – Removes metadata for the most popular image and video formats. It also supports PDF files and comes with batch-processing to process multiple files at once. Drag and Drop interface, easy to use.
  • Mat2 – mat2 is a metadata removal tool, supporting a wide range of commonly used file formats, written in python3: at its core, it's a library, used by an eponymous command-line interface, as well as several file manager extensions.
  • Metapho – iOS photo metadata manager app.
  • ScrambledExif  - This Android app will remove all this data before sharing. Just share a picture like you'd normally do and choose Scrambled Exif. A moment later, the share 'dialog' will reappear. Just share with the app you intended to share with in the first place. Et voilà!
  • ImagePipe – This Android app reduces image size by changing the resolution and quality of the image. It also removes exif data before sending the image. The modified image is saved in a separate folder in jpeg, png or webp format. The original image remains unchanged.

Recipes

  • No Nonsense Recipes – An ad-free recipe database with a freemium business model. Browse for free or create an account to save, search, upload your own recipes, leave comments, and more.
  • Based Cooking – Only Based cooking. No ads, no tracking, nothing but based cooking.

Browsers

  • Brave – Not a popular choice within the privacy community, But it offers a complete package out of the box on all platforms and is suitable for beginners or if setup time is a factor at the given situation. Wikipedia offers more information about it's controversies. I use this for mainly all my devices and sense i am advanced i added some flags, extensions, and tweak some settings for maximum privacy. A researcher done a trace of when you open brave to see what's the first thing it connects to. This is to confirm if it really phones home to google or not. 
  • Tor – Tor Browser is your choice if you need an extra layer of anonymity. It's a modified version of Firefox, which comes with pre-installed privacy add-ons, encryption, and an advanced proxy. It's not recommended to install additional browser addons. Plugins or addons may bypass Tor or compromise your privacy. This also if your interested in hacking related subjects like, Darkweb, Deepweb, Database Dumps, Doxes, Cracks, Leaks, And many more. It is not ideal to use it for your everyday needs, Unless you don't mind loading websites slow.
  • I2P – Anonymous peer-to-peer distributed communication layer built with open source tools and designed to run any traditional Internet service such as email, IRC or web hosting.
  • IPFS – The InterPlanetary File System (IPFS) is a protocol and peer-to-peer network for storing and sharing data in a distributed file system. IPFS uses content-addressing to uniquely identify each file in a global namespace connecting all computing devices. Try out Pinata for free!

Search Engine

  • Startpage – Search and browse the internet without being tracked or targeted. Startpage is the worlds most private search engine. Use Startpage to protect your personal data.

Torrent Search Engines

Exploit & Leaks Search Engines

  • Shodan Search Engine – Search Engine for the Internet of Everything.
  • Have I Been Pwned – Allows you to search across multiple data breaches to see if your email address or phone number has been compromised.
  • dnstwister – The anti-phishing domain name search engine and DNS monitoring service.

Email

  • ProtonMail – Based in Switzerland, founded in 2013. Free and paid plans include all security features, including end-to-end encryption, zero-access encryption, anti-phishing, anti-spam and 2FA. Own Android, iOS Apps and web interface. Paid plans enable custom domains. Accessible via Tor Network.
  • ProtonMail BridgeProtonMail Bridge is an application available to all paid users that enables the integration of your ProtonMail account with popular email clients, such as Microsoft Outlook, Mozilla Thunderbird, or Apple Mail. Bridge runs in the background by seamlessly encrypting and decrypting messages as they enter and leave your computer. The app is compatible with most email clients supporting IMAP and SMTP protocols.

Email Clients

  • Canary Mail – Canary's security suite is second to none with Seamless End-To-End Encryption, Full PGP Support, Biometric App Lock, On-Device Fetch, No Ads, No Data Mining & Open Source Mail Sync Engine. Also available for Mac.

Email Aliases

  • SimpleLogin – With email aliases , you can be anonymous online and protect your inbox against spams and phishing. Open-source. Made and hosted in Europe.

Temp Email

  • Temp Mail – Keep spam out of your mail and stay safe. Just use a disposable temporary email address, Protect your personal email address from spam with Temp-mail.

Encrypted Video & Voice Messengers

  • Jitsi – A free open-source video conferencing software for web & mobile. Make a call, launch on your own servers, integrate into your app, and more.

Encrypted Digital Notebooks

  • StandardNotes – Standard Notes is an easy-to-use encrypted note-taking app for digitalists and professionals. Capture your notes, documents, and life’s work all in one place.

Productivity & Collaboration Privacy Tools for Work

  • CryptPad – Collaboration suite end-to-end encrypted and open-source.
  • Skiff – Everything on Skiff is end-to-end encrypted. Your most sensitive data is private, decentralized, and truly owned by you.

Encrypted and Secure Instant Messaging

  • Revolt – A open-source privacy-respective discord lookalike.
  • Keybase – Keybase is for keeping everyone's chats and files safe, from families to communities to companies. MacOS, Windows, Linux, iPhone, and Android.
  • Signal – Say “hello” to a different messaging experience. An unexpected focus on privacy, combined with all of the features you expect.
  • Session – Session is a private messenger that aims to remove any chance of metadata collection by routing all messages through an onion routing network.
  • Briar – Briar doesn't rely on a central server – messages are synchronized directly between the users' devices via Bluetooth or Wi-Fi. Online sync via the Tor network is possible, too. Protecting users from surveillance.
  • Tox – Whether it's corporations or governments, there's just too much digital spying going on today. Tox is an easy to use application that connects you with friends and family without anyone else listening in. While other big-name services require you to pay for features, Tox is totally free and comes without advertising forever.
  • Element – Element is a Matrix-based end-to-end encrypted messenger and collaboration app. It’s decentralised for digital sovereign self-hosting, or through a hosting service such as Element Matrix Services. Element operates on the open Matrix network to provide interoperability and easy connections.
  • XMPP – XMPP powers emerging technologies like IoT, WebRTC, and social. No one owns XMPP. It's free and open for everyone since 1999. It's a living standard.
  • Telegram – Telegram is not end-to-end encrypted by default unless you enable secret chats. But it is good for news and to stay up to date.

Password Manager

  • Bitwarden – Bitwarden is an integrated open source password management solution for individuals, teams, and business organizations. Your private information is protected with end-to-end encryption before it ever leaves your device.

Temp File Uploading

  • AnonFiles – Upload your files anonymously and free on AnonFiles.
  • OneTime – Files are uploaded on the server in an encrypted form. Only the one who has a correct URL can decrypt them (even the site owner can't). Files are permanently deleted from the server after the first view. No logs are recorded.
  • Send – Send let’s you share files with end-to-end encryption and a link that automatically expires to ensure your important documents don’t stay online forever.
  • AnonArchive – AnonArchive is a 100% free to use, anonymous and private file storage, distribution and sharing platform. The road to a more private tomorrow.
  • OnionShare – OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network.
  • Syncthing – Syncthing is a continuous file synchronization program. It synchronizes files between two or more computers in real time, safely protected from prying eyes. Your data is your data alone and you deserve to choose where it is stored, whether it is shared with some third party, and how it's transmitted over the internet.
  • Bitwarden Send – Bitwarden Send is a trusted way to securely share information directly with anyone with end-to-end encryption.
  • sql.gg – Fully anonymous Resilient file hosting.

Authenticator 2FA (TOTP)

  • Raivo OTP – A native, lightweight, non-commercial and secure time-based (TOTP) & counter-based (HOTP) two-factor client that syncs your tokens across all of your Apple devices.
  • Aegis Authenticator – Aegis Authenticator is a free, secure and open source app for Android to manage your 2-step verification tokens for your online services.

Hardware Authenticator 2FA (Security Key)

  • OnlyKey – OnlyKey is an open source alternative to YubiKey. OnlyKey natively supports: a hardware password manager, multiple two-factor methods (FIDO2, TOTP, and Yubico® OTP), passwordless SSH login, and OpenPGP.

Pastebin

  • Privatebin – PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data.
  • 0bin – 0bin is a client-side-encrypted open source alternative pastebin. You can store code/text/images online for a set period of time and share with the world. Featuring burn after reading, history, clipboard.

File Encryption

⚠️ Always use Full Disk Encryption on all your drives instead of encrypting folders.

  • VeraCrypt – VeraCrypt is free open-source disk encryption software for Windows, Mac OS X and Linux. In case an attacker forces you to reveal the password, VeraCrypt provides plausible deniability. In contrast to file encryption, data encryption performed by VeraCrypt is real-time (on-the-fly), automatic, transparent, needs very little memory, and does not involve temporary unencrypted files.
  • GNU Privacy Guard: Email Encryption – GnuPG allows you to encrypt and sign your email data and communications.
  • 7-Zip – File archiver with a high compression ratio and built-in encryption functionality.
  • Cryptomator – Cryptomator encrypts your data quickly and easily. Afterwards you upload them protected to a cloud service.
  • Hat – Client-side browser encryption to encrypt your data quickly and easily. Afterwards you upload them protected to a cloud service.
  • Picocrypt - Uses the secure XChaCha20 cipher and the Argon2id key derivation function to provide a high level of security, even from three-letter agencies like the NSA. Simply drop your files, enter a password, and hit Start to encrypt.

Desktop/Laptop/Server Backup Application

  • Déjà Dup – A personal backup tool to protect against accidental data loss.

Photo & Video Storage

  • Ente – Ente is an encrypted data storage provider that provides a safe space to store your personal memories.

File Cloud Storage

  • MEGAZero Knowledge Encryption (User-Controlled End-to-End Encryption). All your data on MEGA is encrypted with a key derived from your password; in other words, your password is your main encryption key. MEGA does not have access to your password or your data. Using a strong and unique password will ensure that your data is protected from being hacked and gives you total confidence that your information will remain just that – yours. MEGA recommends generating a unique strong password and storing it using a password manager such as: Bitwarden Keepass

VPN

This article is not sponsored by any entity.

⚠️ A VPN is not a bulletproof solution and should not be used for anonymity, but rather privacy. Read VPNs Aren't Magical—Here's Why for more details.

  • Mullvad VPN – Mullvad is a VPN service that helps keep your online activity, identity, and location private. Only €5/month – They accept Bitcoin, cash, bank wire, credit card, PayPal, and Swish.

DNS

  • NextDNS – NextDNS protects you from all kinds of security threats, blocks ads and trackers on websites and in apps and provides a safe and supervised Internet for kids — on all devices and on all networks.

Torrent Clients

  • qBittorrent – The qBittorrent project aims to provide an open-source software alternative to µTorrent.

Github & Gitlab Alternatives

  • Codeberg – Codeberg is founded as a Non-Profit Organization, with the objective to give the Open-Source code that is running our world a safe and friendly home, and to ensure that free code remains free and secure forever.

Netflix, Disney+, Hulu, Amazon Prime Video Alternatives

  • Plex – Plex is a one stop destination to stream movies, tv shows, sports & music. Check good movies to watch on Plex and stream all your personal media libraries on every device.

YouTube Alternatives

  • Invidious – Alternative frontend for YouTube without ads and tracking.
  • Piped – An alternative privacy-friendly YouTube frontend which is efficient by design.
  • NewPipe – The lightweight YouTube experience for Android. A forked of NewPipe with SponsorBlock + Return YouTube Dislike.
  • FreeTube – FreeTube is a YouTube client for Windows, Mac, and Linux built around using YouTube more privately. You can enjoy your favorite content and creators without your habits being tracked. All of your user data is stored locally and never sent or published to the internet. FreeTube grabs data by scraping the information it needs (with either local methods or by optionally utilizing the Invidious API). With many features similar to YouTube, FreeTube has become one of the best methods to watch YouTube privately on desktop.
  • Odysee – Explore a whole universe of videos on Odysee from regular people just like you!
  • Open Video Downloader – A cross-platform GUI for youtube-dl made in Electron and node.js.

Decentralized Social Networks

Privacy Friendly Translation Tools

  • Lingva Translate – Alternative front-end for Google Translate, serving as a Free and Open Source translator with over a hundred languages available
  • Libre Translate – Free and Open Source Machine Translation API. 100% self-hosted, no limits, no ties to proprietary services. Run your own API server in just a few minutes.

Privacy-Friendly World Maps Alternatives

  • OpenStreetMap – OpenStreetMap is a map of the world, created by people like you and free to use under an open license. Try out the mobile alternatives for iOS & Android: OsmAnd or Organic Maps

Android Keyboard Alternatives That Respect Your Privacy

Cryptocurrency: A privacy-enhanced cryptocurrency for anonymity

  • Coinbase – Coinbase is a secure online platform for buying, selling, transferring, and storing cryptocurrency.
  • Robinhood – Commission-free Stock Trading & Investing App.
  • CakeWallet – Monero.com by Cake Wallet allows you to safely store, send, receive, and exchange your XMR.
  • CoinJoin – CoinJoin is an open-source way to mix bitcoins. They believe financial privacy is possible and necessary. The CoinJoin system allows anyone to send bitcoin and receive fresh bitcoins in return at another address. No logs, no surveillance, just complete privacy.
  • Bitcoin Blender – Bitcoin Blender is a Tor hidden service that uses smart technology to erase your Bitcoin history and make your transactions 100% anonymous. Bitcoin Blender completely removes any connection you have with the coins you buy or sell, meaning nobody can use Blockchain Analysis to track you down.

Become a System Administrator

  • LandChad – A site dedicated to turning internet peasants into Internet Landlords by showing them how to setup websites, email servers, chat servers and everything in between.

Blog Software for Self and Managed Hosting

  • Write.as – Simple writing platform built to preserve and spread your words. Start writing and publishing now & no signup required.

Secure Web Hosting & Domain Provider

  • Namecheap – Register domain names at Namecheap. Buy cheap domain names and enjoy 24/7 support. With over 13 million domains under management, you know you’re in good hands.
  • 1984Hosting – 1984 is green, ethical web hosting that protects it's user's privacy. 1984 offers: VPS & shared hosting services, FreeDNS, and unlimited storage & bandwidth.

Privacy and Security for ShareX Image & File Host

⚠️ The ShareX Image Host Community is incompetent and cannot secure a server or their sources. Some of which these image has gotten data breached or source got leaked by one of their old admins or a random user. They also like to be in drama and ddos. The average developer in the sharex image host community is between ages 13-16. They also can’t afford actual VDS/VPS, Which that means is they use free credits VPS that offers that like Vultr, Digital Ocean, Google Cloud, Azure, And Linode. Probably some of them have ip logging in their source as some of them do. I will provide the ones with the best list of security and that will respect your privacy.

Join the Image Host Community Discord Servers:

Reliability

⚠️ Imgur.com had a databreach on November 24, 2017.

  • Imgur – Imgur is an American online image sharing and image hosting service with a focus on social gossip that was founded by Alan Schaaf in 2009. The service has hosted viral images and memes, particularly those posted on Reddit. I will recommend to use Imgur for reliability due to some people having money issues or Just not being up for years. (Also they require phone number, So use the phone number alias list.)

⚠️ E.Z.Host had a databreach and it is ran by a 16 year african-american kid. But it is still up and he hired some developers to add some cool features..

  • E.Z.Host – E-Z.Host is a private image host that you can get access to by either paying, or applying for free.

Reliability & Security

  • Tixte – Tixte is a place to store and share your best moments – screenshots, game replays, family photos, and everything else
  • Upload.Systems – The superior image hosting, with support for Windows, macOS and Linux via a variety of applications. 700+ premium domains and climbing. A strong team of developers and support staff to help you along the way.
  • Tesla.sexy – tesla.sexy is a high-quality, private image host with many features.
  • ShareX Hosting – Effortlessly deploy custom ShareX file uploaders using your own domain name. Simple, yet powerful with no advanced technical or coding skills required.
  • Catbox – The cutest free file host you've ever seen.
  • Image Uploader – A sharex compatible image uploader built for speed.

Privacy, Reliability, & Security

  • Horizon.pics – A fast, zero knowledge end-to-end encrypted, privacy-friendly, reliable and highly-customizable invite-only sharex image & file host.
  • File.Glass – Fileglass is a blazing fast, privacy-centric and free file host with focus on speed, reliability and security. With support for ShareX and more.
  • sxcu – sxcu.net is a free anonymous cloud based file uploader and link shortener service for ShareX and similar screen capturing platforms, with a variety of custom vanity domains to choose from.
  • Tiny.rip – Fast, Easy, and beautiful image sharing.

Self-Host Your Own

  • Ass – The superior self-hosted ShareX server.
  • xBackBone – XBackBone is a simple and lightweight PHP file manager that support the instant sharing tool ShareX and *NIX systems. It supports uploading and displaying images, GIF, video, code, formatted text, pdf, and file downloading and uploading. Also have a web UI with multi user management, media gallery and search support.
  • PHP-Uploader – A PHP uploader with Discord embed and Twitter card support.
  • PHP-Uploader – A php sharex uploader with discord embed function/twitter card support.
  • Zipline – Zipline is a ShareX/file upload server that is easy to use, packed with features and can be setup in one command!
  • Share – Simple yet advanced uploader. Allows users to upload files,images, and text with moderation tools for admins. Can be used for friends and family or just for you. Built with integration, like ShareX but more uploaders will be officially supported.

Privacy Policies Analysis Tools

  • airsend – Privacy Policies of Top Messaging Apps reviewed.
  • Privacy Parrot – AI tool reads privacy policies, tells you which sites sell your info.
  • Privee – Google Chrome extension using machine learning to summarize privacy policies.
  • Terms of Service; Didn't Read – Quickly analyze / review or explain ToS to the community which gets listed.

MAC Address Changer

  • Technitium MAC Address Changer – Technitium MAC Address Changer (TMAC) is a freeware utility to instantly change or spoof MAC Address of any network card (NIC).
  • BAT script – Randomly change the Mac Address on Windows.
  • easymacchanger – Change the network identity of your device.
  • MAC Address Tool – Windows tool allowing users to change the MAC-address of network adapters through a registry key.
  • macchanger – A Bash based MAC address changer.
  • Spoof – Easily spoof your MAC address in macOS, Windows, & Linux!
  • SpoofMAC – Change your MAC address for debugging for OS X, Windows, and Linux.

Online Leak and Fingerprint tests

Online Virus Scanners

Virus Total Scanners

⚠️Keep in mind that Virus Total is owned by Google.

  • VTSCAN – Scan a file directly from your terminal using VirusTotal API.
  • VTHC – A Windows Explorer context menu extension that allows you to query the Virus Total malware scanning service simply by right-clicking on a file.

URL shorteners

  • Btfy – A Privacy-focused custom URL shortener and branded links.
  • Cuttly – Makes link management easier than ever, and advanced analytics allow you to understand what is happening with your links.
  • Goshorly – Fast and easy URL shortener to self-host.
  • Kutt – A free and open source URL shortener with custom domains and stats.
  • LSTU – An open source URL shortening service.
  • Pauperial – Simple website for make short link.
  • Polr – A quick, modern, and open-source link shortener.
  • SmallLinks – URL Shortener Built with PostgreSQL, Redis and Kafka.
  • Teknik – Teknik was created to provide our users free services that they can trust.
  • YoURLs – A small set of PHP scripts that will allow you to run your own URL shortening service.

URL Unshortener

  • Link Unshortener – Mac app that expands shortened web links, following redirects until it reveals the destination URL. Never again click a link before you know where it's going!
  • URL Shortener Unshortener Userscript – Adds small button next to shortened URLs on eg. Twitter and other sites that will replace the shortened URLs with their real locations and vice-versa. Useful for when you don't want to blindly click links.

TLS/SSL ciphers

  • testssl.sh – A free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws.
  • BlackLight – A Real-Time Website Privacy Inspector.
  • TLS support – Tool for debugging client TLS version and cipher support issues.

Plagiarism Checker

Well worth searching your GitHub URL with Google Scholar, which is a great way to find out if your code has made it into any academic publications.

Browser Fingerprinting

Canvas Fingerprinting

  • AdTechMadness – “Overview of Google’s Picasso”.
  • Antoinevastel – “Picasso based canvas fingerprinting”.
  • Dali.js – Dali.js, Picasso-like device attestation payload.
  • FingerprintJS – “How Does Canvas Fingerprinting Work?”.
  • Google Research – Picasso: Lightweight Device Class Fingerprinting for Web Clients.

Fingerprinting measurement

  • Am I Unique – Basic information a user's browser configuration and how trackable it is.
  • BrowserLeaks – Gallery of testing tools that show what browser data can be leaked.
  • Cookie-Editor – Extension to quickly create, edit and delete cookies without leaving your tab.
  • DeviceInfo – Web browser security testing, privacy testing, and troubleshooting tool.
  • EFF CoverYourTracks – EFF project that allows you to understand how easy it is to identify and track your browser.
  • HUMAN Security – “Inside Anti-Detection Browsers and Account Takeovers”.
  • Privacy Analyzer – Tool lists information that any website, advertisement, and widget can collect from your web browser.
  • User-Agent Switcher – Spoofs & Mimics User-Agent strings.

Other Fingerprinting

  • FingerprintJS – “Incognito Mode Detection: Detecting Visitors Who Browse in Private Mode”.
  • Jesse Li – “Detecting incognito mode in Chrome 76 with a timing attack”.

Passive Fingerprinting

  • nmap – Nmap Reference Guide on OS Detection.
  • p0f – Passive fingerprinting of TCP/IP communications.

TLS Fingerprinting

  • Salesforce Blog – “TLS Fingerprinting with JA3 and JA3S”.
  • ja3 – JA3 is a method for creating SSL/TLS client fingerprints for threat intelligence.
  • ja3er – ja3er is a project about collecting and sharing JA3 hashes.
  • jarm – JARM is an active Transport Layer Security (TLS) server fingerprinting tool.

Literary Archives & Libraries

  • Adelaide University – Contains Classic books on Literature, Philosophy, Science, History, Exploration and Travel in ePUB format or for reading online.
  • The Anarchist Library – An archive focusing on anarchism, anarchist texts, and texts of interest for anarchists, in PDF, plaintext, and EPUB formats.
  • Bookyards library – Has ebooks and other items. eBooks are PDF.
  • Classic Reader – Online library of thousands of free books by authors such as Dickens, Austen, Shakespeare and many others.
  • Century Past Library – A site aggregating links to many public domain books of historical and scientific interest, as well as magazines and other periodicals. While we cannot recommend the books and articles that make use of the Internet Archive's DRM-restricted borrowing service, the majority of the works listed here are available free of charge as PDF downloads.
  • DigiLibraries – No cost eBooks library, with over 20.000 Free eBooks.
  • The Dunyazad Digital Library – A personal collection of DRM-free ebooks of history and adventure.
  • Ebooks.com – Has DRM-free ebooks as well as ones restricted with DRM. However, you can filter search results to only show you the DRM-free ones.
  • E-Books Directory – No cost eBooks, documents, and lectures from all over the internet, available in PDF format and organized by subjects.
  • Free-ebooks.net – Free eBooks in various formats.
  • Free Tamil eBooks – No cost eBooks in the Tamil language.
  • Global Grey – DRM-free libre and public domain eBooks in several formats.
  • Internet Archive – Free Books from a variety of sources, most available as scanned PDFs and OCRed plain text. More that 2,000,000 books available. Please note that we do not recommend their eBook lending program, which is DRM-encumbered and managed through a non-free client.
  • Internet Sacred Text Archive – Books about religion, mythology, folklore and the esoteric.
  • Library of Congress – Historical books, images, and music from America. Books are normally scanned to PDF but the text is often available on-line.
  • ManyBooks.net – No charge eBooks, in a variety of formats, mostly from Project Gutenberg. They provide excerpts and sometimes a book description. They allow readers to leave book reviews.
  • Marxists Internet Archive – Books and articles by hundreds of writers, Marxist and non-Marxist. Some of the books have an option of PDF download, but the PDF version is the webpage printed to a PDF file and thus not very suitable for most ebook readers.
  • Mutopia – Hosts thousands pieces of music – free to download, modify, print, copy, distribute, perform, and record – all in the Public Domain or under Creative Commons licenses, in PDF, MIDI and other formats.
  • OBOOKO – Hundreds of ebooks for direct download at no charge. Fiction and non-fiction. Authors may publish books on the site free of charge.
  • Planet eBook – Free classic literature that has fallen out of copyright. Available in PDF format.
  • PDFBooksWorld – Distributes public domain books in PDF format.
  • Project Gutenberg – Is the original purveyor of DRM-free eBooks. The project aims to encourage the creation and distribution of eBooks that will be readable on any device you choose. When you obtain an eBook, you should not be locked into using one particular eBook reader. Instead, you should have the freedom to read that book on any device. All of the material available through Project Gutenberg is free of charge, including the complete works of William Shakespeare, Peter Pan, and the United States Declaration of Independence.
  • Project Gutenberg Australia – Provides books that are public domain in Australia.
  • Project Gutenberg Canada – Canada has different copyright laws than the US. These eBooks are public domain in Canada. Content is HTML and TXT.
  • Project Runeberg – A volunteer effort to create free electronic editions of classic Nordic (Scandinavian) literature and make them openly available over the Internet.
  • PublicBookshelf – Over 540 books to read using a built-in, easy-to-read book format, specializing in all types of romance books including classics and contemporary.

Renascence Editions specializes in English works written between 1477 and 1799. PDF or HTML, generally, and an excellent source for works in Early Modern English.

  • Snewd – A great source of professionally edited public domain texts in a variety of ebook formats.
  • Standard Ebooks – Produces new and attractive editions of ebooks sourced from Project Gutenberg with additional proofing, using modern typography, updated font kerning, and in the latest ebook formats.
  • Smart Study – Post with more than 1,000 open textbooks and learning resources for various subjects
  • epubBooks – Offers gratis books, with a focus on high-quality formatting and images that work reliably on a variety of devices.

eBook Publishers

  • 0s&1s – Both a digital publisher and a distributor of e-books published by twenty-seven different independent presses in the United States and Canada—including Black Balloon Publishing, Coach House Books, Red Hen Press, and Tin House Books.
  • Angry Robot – Sells a variety of DRM-free science fiction and fantasy novels
  • Apress – Publisher of IT-related technical books. .
  • Baen Ebooks – Sells DRM-free ebooks from an assortment of science fiction and fantasy publishers, including Baen Books, Del Rey, and Tor. They also offer a number of no-cost downloads in their “Free Library”.
  • Le Bélial – A French publishing platform free of DRM.
  • Blackstone Publishing – Releases DRM-free books through a variety of retailers.
  • BookRefine – A DRM-free publisher that takes a strong stance against copyright trolling and sending DMCA takedown notices.
  • Bragelonne – A DRM-free download of their ebooks for customers who first purchased it through a DRM service.
  • BWB Texts – A New Zealand-based publisher.
  • Carina Press – A digital-first imprint from Harlequin covering many genres.
  • Flat World Knowledge – The world's largest publisher of free and open college textbooks.
  • Goal Publications – A queer-owned publisher of young adult literature, catering specifically to the furry fandom.
  • Homeless Book – DRM-free publisher offering a wide range of books on politics and political theory in Italian.
  • Inside Outsider Publications – Specializes in publishing fiction which deals with environmental and social issues.
  • Liber Liber – A non-profit publisher of Italian-language ebooks.
  • Lost Art Press – A small Midwestern publishing company that seeks to help the modern woodworker learn traditional hand-tool skills. They sell boutique hard copies as well as DRM-free PDF downloads of nearly all of their books.
  • Manning eBooks – Publishes computer books for professionals—programmers, system administrators, designers, architects, managers and others.
  • New Internationalist – A not-for-profit cooperative to report on the issues of world poverty and inequality; to focus attention on the unjust relationship between the powerful and powerless worldwide; to debate and campaign for the radical changes necessary to meet the basic needs of all; and to bring to life the people, the ideas and the action in the fight for global justice.”
  • No Starch Press – Publishes and sells DRM-free ebooks, on a wide range of non-fiction topics and howto guides.
  • OR Books – A progressive anti-DRM publisher
  • Packt Publishing – Offers DRM-free books for IT professionals.
  • The Pragmatic Bookshelf – Has DRM-free books by and for programmers in a variety of formats.
  • Propaganda Yayınları – An independent publishing house specializing in Turkish languages works on political and socioeconomic issues, including feminism, anarchism, economics, and philosophy.
  • Publie.net – A French publisher that offers most titles DRM-free displaying a smiley face icon.
  • Rocky Nook – Is digital photography-focused publisher that offers all ebooks without DRM.
  • Rosenfeld Media – Sells DRM-free ebooks about user experience design and also includes a DRM-free digital copy with every physical book they sell.
  • Saga Press – A sci-fi and fantasy imprint of Simon & Schuster. Their ebooks are all DRM-free.
  • Sher Music Co. – Publishes jazz and Latin music real books and method books, and their ebooks are DRM-free.
  • SIGNAL 8 PRESS – A publishing company focusing on East Asia and the Pacific Rim which publishes engaging novels, short story collections, and nonfiction written in English.
  • Sophia Institute Press – Publishes faithful Catholic classics and new Catholic books by the enduring figures of the Catholic intellectual tradition.
  • Springer Science+Business Media – An international publisher of books on science, technology, and medicine.
  • Star Trek Books – A subsidiary of Simon & Schuster. Their ebooks are all DRM-free.
  • Take Control Books – Offers highly practical, tightly focused ebooks covering Apple products.
  • Tor/Forge/Tom Doherty Associates – Science fiction and fantasy publisher of Macmillan, sells DRM-free books.
  • XML Press – A publisher of technical communications books whose ebooks are all DRM-free.
  • Zubaan Books – An Indian feminist publishing house that sells DRM-free materials.

Individual Authors and Books

  • An Anarchist FAQ – A comprehensive introduction into the philosophy of anti-authoritarianism and anarchism. Licensed under the GNU FDL.
  • Anna Galore – A french writer who offers most of her novels and short stories DRM-free.
  • Blake Crouch – A suspense writer who has made it to the top ten Kindle bestseller list.
  • Craphound – Author's site. Fiction and non-fiction by Cory Doctorow.
  • Diane Duane – Wrote the 'So You Want to be a Wizard' series and sells copies of not only the original published version but also a new updated version which is only available at her site.
  • Green Comet – A novel of love and adventure on an inhabited comet, and its sequel, Parasite Puppeteers, are available to download in various formats, including ePub and OGG under the free culture CC-BY-SA license.
  • IPv6-Handbuch – Is a small German ebook shop selling books on IPv6.
  • J.A. Konrath – An author of detective novels and suspense novels.
  • Kanika G – Self-publishes DRM-free children's books.
  • Libreleft Books – Publishes Laurel L. Russwurm's free culture licensed mystery novels.
  • Philippe Aigrain – An internet activist involved with La Quadrature du Net.
  • Lessig.org – Lawrence Lessig's author page, whereat his eBooks may be freely downloaded.
  • Rory Price – Has written a DRM-free novel with software freedom as a major theme.
  • Simon Hayes – Writes the popular comedic space opera ‘Hal Spacejock’ and the 'Hal Junior' series.
  • Stories for My Little Sister – Free original kids' books written and illustrated by a team of two sisters. These are available for children of all ages.
  • Sustainable Energy – Without the Hot Air by David MacKay — A readable discussion (with actual metrics!) of our options for energy development.
  • Thomas A. Knight – An independent, self-publishing author of fantasy novels, all available for purchase DRM Free.
  • Thomas Galvin – Is self-described as being “an author who spends far too much time thinking about vampires” and you can find his works on his website.

Graphic Novels & Comic Books

  • Comic Book Plus – Comic books in CBR/CBZ. Requires free registration.
  • Comics Fu – A platform for creating digital comic stores.
  • comiXology – Sells comics and offers DRM-free backups on select titles.
  • Dynamite Entertainment – Sells DRM-free comics and graphic novels.
  • Panel Syndicate – A pay-what-you want website for comics by artist Marcos Martin and writer Brian K. Vaughan.
  • Rebellion Publishing – A digital publisher of ebooks, graphic novels, and comic books.
  • Thrillbent – A digital comics site created by award-winning comics writer Mark Waid and television writer/producer extraordinaire John Rogers.

Educational materials and Books for students and researchers

  • BookBoon – Publishes over 200 textbooks that students can download totally for free.
  • Light and Matter – Introductory physics textbooks in available in HTML and PDF. Released under both Creative Commons and the GFDL.
  • Linear Algebra – A first course – A free linear algebra textbook available in PDF and released under the GFDL.
  • Michael Willems Photography – DRM-free photography teaching books. Use discount code “FSF” for a 15% checkout discount.
  • Linear Algebra – A free linear algebra textbook in PDF format. Licensed under both Creative Commons and the GFDL.
  • Motion Mountain – Free physics textbook available in PDF. Released under Creative Commons.
  • OpenEdition – Free academic books and journals in HTML format
  • OpenStax College – A nonprofit organization committed to improving student access to quality learning materials. They provide free textbooks, developed and peer-reviewed by educators to ensure they are readable and accurate.
  • TechBooksForFree.com – Free programming and computer science books.
  • Wikiversity – A Wikimedia Foundation project devoted to learning resources, learning projects, and research for use in all levels, types, and styles of education from pre-school to university, including professional training and informal learning.

Guides connected to privacy, security or anonymity

Security Guides

IoT Security

iOS Privacy Guides

Privacy Guides

Hardening Guides

Anonymity Guides

Data Collection and Telemetry Studies

“Best practice” Guides

Anti-censorship Guides

Opsec

Other interesting guides and books

Book Resources

Dev Books

Privacy relevant books and papers

DRM Free Book Stores

  • Beam Book Store – Sells DRM-free books in German. Some books are distributed with a buyer-unique watermark, although this watermark does not limit book usage.
  • Book View Café – Sells ebooks without DRM or an EULA
  • The Bundle of Holding – Is a DRM-free bookselling site that sells time-limited, DRM-free offers of tabletop roleplaying game rulebook .PDFs and RPG-related ebooks.
  • Chicago Shorts – DRM-free ebooks, passages and short stories selected by the University of Chicago.
  • Closed Circle – Small DRM-free ebook store, direct from the authors themselves. Specializing in fantasy.
  • Delphi Classics – sells copies of classic texts edited and formatted as ebooks. All epub files are – DRM-free, but not the .mobi files.
  • Ediciones Babylon – Spanish books and ebooks free of DRM.
  • Editions Fleurus – A French publishing house with over 1000 titles available.
  • Elegant Solutions Software and Publishing Company – eBooks in a few portable formats.
  • The Fifth Imperium – CD-ROM images, mostly the images are of the free CD-ROMs included with some Baen Books. Baen Books allows the CD-ROMs to be copied and distributed for free. Every CD-ROM contains several complete novels in HTML format, and some have extras, like MP3 readings. All CD-ROMs also contain artwork for the CD-ROM itself.
  • Girlebooks – A resource for classic and contemporary ebooks by female writers.
  • Humble Bundle (Books) – Sells collections of DRM-free ebooks, with two bundles available at any point in time.
  • Immatériel.fr – A French distributor of ebooks that indicates DRM-free titles with smiley faces.
  • Lektu – A Spanish-language DRM-free ebook store. In addition to books, it has audiobooks, ecomics, and music.
  • U.S. Government Bookstore – Offers both print and DRM-free digital publications from across the entire US federal government, ranging from art and travel to business, education, and history.
  • Weightless Books – An independent DRM-free ebooksite devoted to ebooks of all sorts.

Scanning and Pentesting

  • ACSTIS – ACSTIS helps you to scan certain web applications for AngularJS Client-Side Template Injection (sometimes referred to as CSTI, sandbox escape or sandbox bypass). It supports scanning a single request but also crawling the entire web application for the AngularJS CSTI vulnerability.
  • BruteShark – A Network Forensic Analysis Tool (NFAT) that performs deep processing and inspection of network traffic (mainly PCAP files, but it also capable of directly live capturing from a network interface).
  • DroneSploit – A pen-testing console framework dedicated to drones.
  • Infection Monkey – A semi automatic pen testing tool for mapping/pen-testing networks. Simulates a human attacker.
  • Is website Vulnerable – Finds publicly known security vulnerabilities in a website's front-end JavaScript libraries.
  • OWASP Testing Checklist – List of some controls to test during a web vulnerability assessment. Markdown version may be found here.
  • PTF – The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
  • Pentest Tool LITE, OS tool to analyse page for most common issues – You can use it as command line utility installed as global package through npm or yarn, or you can use web app.
  • KeyCDN Tools – Verify if a URL is delivered through the HTTP/2 network protocol.
  • PhpSploit – Full-featured C2 framework which silently persists on web server via evil PHP oneliner. Built for stealth persistence, with many privilege-escalation & post-exploitation features.
  • Recon-ng – Recon-ng is a full-featured Web Reconnaissance framework written in Python. Recon-ng has a look and feel similar to the Metasploit Framework.
  • Spyse – Spyse is an OSINT search engine that provides fresh data about the entire web. All the data is stored in its own DB for instant access and interconnected with each other for flexible search.
  • padding-oracle-attacker – Padding-oracle-attacker is a CLI tool and library to execute padding oracle attacks (which decrypts data encrypted in CBC mode) easily, with support for concurrent network requests and an elegant UI.
  • sqlmap – SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
  • w3af – W3AF is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities.
  • ZAP – The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

HTTPS News

This section is not finished.

  • HTTPS wrongly gets advertised as secure, which is not the case, there are bunch of scenarios in which HTTPS fails to protect the users. Self-hosting won't solve much because even self-hosted setup would have to talk to the outside world in the end.
  • Proxies like Squid can do HTTPS intercepting. Certificate transparency effectively solves this because certain browsers, currently only Safari and Chrome require all new certificates be submitted to multiple certificate transparency lists - if it encounters a certificate that isn't, it’ll show a warning page before establishing the TLS session. This doesn’t stop interception at all, but the first time it happens that some huge website notices a certificate they didn’t authorize and/or should be blocked by their CAA records, it’ll be a large event with disastrous consequences for the CA, likely triggering immediate within under <48 hours removal from publicly trusted CA lists. This happened already, see here. Countries could ban HTTPS.
  • Tor network helps against many vulnerabilities HTTPS has. With Tor, every domain generates their own public/private key pair (which represents the domain itself) hence making it impractical for actors to break all of them (in fact, breaking even one of the 128-bit ed25519 keys would be a breakthrough in cryptography).

Tor News

This section is not finished.

  • Tor is not perfect same like any other protocol it has weaknesses but depending on how you count far less than most other known protocols. This argument makes it worth alone to suggest using the tor network.
  • JavaScript among some other old and outdated web-standard are among the highest threat to the tor network, this is not really a tor network issue because tor simply need to fallback to older standards to not entirely breaking the web as we know it.
  • Tor does not encrypted inbound traffic, for this you would need I2P. You can use I2P together with Tor but it is more configuration trouble.
  • Content is encrypted between client and nodes but not from exit relay to server. The anonymity relies on servers, the more servers the more anonymous the user is because he can easily hide in the mass. However, if someone compromise hundreds of Tor Relays the entire privacy aspect will be lowered or even compromised.
  • HTTPS redirects can be blocked so Tor isn't a fail-safe alternative.
  • Using a browser add-on that rewrites the URL request before it's sends a GET request is paramount to security. If relying on the initial request to redirect after the fact the resulting method could be overwritten by an exploited endpoint.
  • Combining Invisible Internet Project alias I2P and Freenet for file-sharing could help solve some, but not all problems.
  • The biggest problem with Tor is that it is not really usable in the real world due to how it works, most websites simply ban Tor traffic, or you get spammed with CAPTCHAs. Some ISPs directly flag you if you use the tor network which means you are classified as possible threat which makes you more unique among – normal – users.

Major problems while using Tor

  • Constantly reCaptcha requests, which you need to solve. Almost every captcha system is at some point privacy invasive by design.
  • Lots of providers throttle your internet connection once they detect, unusual, traffic. This can make you more likely a target because you stick out like a needle from the mass.
  • Security pages, like banking often entirely block connections coming from Tor users which makes it impossible to use Tor on eg. your banking page. Trying to workaround this often results in more fingerprinting and restrictions.

Tools

  • Nipe – Nipe is a script to make Tor Network your default gateway.

iOS Privacy, Anonymity, & Security List

iOS Shell

  • ish – Simple Linux Shell for iOS.
  • more coming soon…

Amazon FireTV (Android Based) Privacy, Anonymity, & Security List

  • coming soon…

Amazon FireHD (Android Based) Privacy, Anonymity, & Security List

  • coming soon…

Conclusion

You've reached the end of my list—I hope you were able to discover an alternative or two along the way! If you disagree with any of my choices or just want to talk to me, feel free to send me an email.

Contact Me