Security

Secure Messenger

• Signal

• Briar

• Riot

• Threema

• Wire

Password Managers

:::caution

LastPass security issues - Wikipedia

:::

• Wikipedia's list of Password Managers - Overview of all password manager utilities.

• BitWarden - Open source password management solution, can be self-hosted.

• KeePassXC - KeePassXC is a community fork of KeePassX, a native cross-platform port of KeePass Password Safe.

• LessPass - Stateless open source password manager.

• 1Password - Popular cloud-hosted password manager.

• KeePass - Free, open source, light-weight, and easy-to-use password manager.

  • Plugins - A list of third-party plugins for KeePass.

  • Keepass2Android - A Password manager app for Android based on Keepass.

  • KeePassium - KeePassium combines the security of KeePass with a clean intuitive design.

• KeeWeb - Free cross-platform password manager compatible with KeePass.

• Pass - Simple GPG/Git password manager. Follows the Unix philosophy.

• Dashlane - An intuitive password manager with over with over 8 million users worldwide.

• Passbolt - Free, open source, self-hosted, extensible, OpenPGP based.

• Psono - Open source and self-hosted password manager for teams.

• Buttercup - Another open source password manager with desktop, mobile, and browser clients.

• MiniKeePass - iOS version of KeePass (unofficial).

• KeeVault - Secure, Open Source Password Management.

• LastPass (Last Choice) - LastPass remembers all your passwords, so you don't have to.

Alternate Networks

• I2P - I2P is an anonymous overlay network - a network within a network. It is intended to protect communication from dragnet surveillance and monitoring by third parties such as ISPs.

  • ANONYMOUS TORRENTING WITH I2P-SNARK: USING SNARK

• Zeronet - Open, free and uncensorable websites, using Bitcoin cryptography and BitTorrent network.

• Loki - Lokinet is an anonymous, decentralized and IP based overlay network for the internet.

• SILO - Offers complete privacy across the network (work in progress project in cooperationship with Loki).

• IPFS - A peer-to-peer hypermedia protocol designed to make the web faster, safer, and more open.

• Yggdrasil - Makes use of a global spanning tree to form a scalable IPv6 encrypted mesh network.

• cjdns - Cjdns (Caleb James DeLisle's Network Suite) - is a networking protocol and reference implementation, founded on the ideology that networks should be easy to set up.

• Freenet - Freenet is free software which lets you anonymously share files, browse and publish "freesites" (web sites accessible only through Freenet) - and chat on forums, without fear of censorship.

• GnUNet - GNUnet is a framework for secure peer-to-peer networking that does not use any centralized or otherwise trusted services.

• Psiphon - Run your own server, invite your friends, build a community, provide free and unfiltered Internet access to the world.

• Scuttlebutt - A decentralised secure gossip platform that aims to harmonize four perspectives of life: Environment reflecting Technology reflecting Community reflecting Society.

Tor

• Tor - Tor is free software and an open network that helps you defend against traffic analysis.

:::caution

I'm not responsible for the links, domains, it's content or if the provided .onion links are really the ones advertised. It's impossible for me as individual person to check every single page every second and monitor it's content.

Also be very carefull of scams. you can find the links to some scam sites on torss7t3bxd3qsxn.onion

:::

:::note Something to consider

Judge Recommends to Deny Summary Judgment Against Tor Exit Node Operator in Piracy Case - TorrentFreak

:::

:::caution

Bittorrent over Tor isn't a good idea - Tor Blog

:::

:::info If you suspect your access to the Tor network is being blocked, you may want to use bridges.

You can get latest Tor bridges from bridges.torproject.org

:::

:::tip

Just replace .onion with .onion.ws or any other domain made available by volounteers Tor2web operators.

Example: http://archivecaslytosk.onion/ => http://archivecaslytosk.onion.ws/

This connects you with Tor2web, which then talks to the onion service via Tor and relays the response back to you.

WARNING: Tor2web only protects publishers, not readers. As a reader installing Tor Browser will give you much greater anonymity than using Tor2web. Using Tor2web trades off security for convenience and usability.

:::

Web Archive

• 🧅 Archive Today |

• 🧅 Internet Archive

Misc

• 🧅 The Hidden Wiki

• 🧅 Is it up?

• 🧅 Anonet Webproxy

• 🧅 Gateway to Freenet

• 🧅 Tor links

P2P Networks

• eDonkey network - A decentralized, mostly server-based, peer-to-peer file-sharing network.

• Gnutella - P2P network behind the popular LimeWire file sharing app.

• FastTrack - Protocol used by the Kazaa, Grokster, iMesh, and Morpheus file-sharing programs.

• Napster - Peer-to-peer file sharing Internet service that emphasized sharing digital audio files, typically audio songs, encoded in MP3 format.

• IPFS - Distributed Web - Peer-to-peer distributed file system that seeks to connect all computing devices with the same system of files.

• Kad - The Kad network is a peer-to-peer (P2P) - network that implements the Kademlia P2P overlay protocol.

Router Firewalls

• OpenWRT - The OpenWrt Project is a Linux operating system targeting embedded devices.

• VyOS.io - VyOS is a Linux-based network operating system that provides software-based network routing, firewall, and VPN functionality.

• GufW

• FlatPak

• IPFire

• Endian Firewall

• pfSense

• LibreCMC

• Opensense

• gl-inet

Antivirus

:::tip Overall Strategy

• Diversify your analysis approach.

• Don't rely on the results from a single tool.

• Run everything with as few privileges as necessary.

• APT investigations must be seperated from commodity malware, otherwise you give malware authors "ideas".

• Treat everything like it could be malicious until you have enough evidence to suggest otherwise.

:::

• ⭐ Awesome Malware Analysis - Malware analysis tools / resources

• ⭐ How to Avoid Malware Guide

• ⭐ Malwarebytes, IOBit or Immunet - Anti-Malware / Antivirus

• ⭐ AdwCleaner or Ultra Adware Killer - Anti-Adware

• ⭐ VirusTotal**, VirSCAN, BitBaan, Joe Sandbox, MetaDefender or Jotti - Analyze suspicious files / URLs / Telegram Bot / Uploader

• ⭐ URL Void, ThreatStop, Scamadviser, SiteSheck, IsLegitSite or Google Safe Browsing - Check Site Legitimacy

• Antivirus Kaspersky Cloud or Adaware Antivirus - Antivirus

• MCShield - Removable Drive Antivirus

• Should I Remove It? - Easily Find & Remove Adware, Spyware ect.

• Wise Anti-Malware - Anti-Malware

• Rewind - Immediate Virus Infection Counter Measures

• Spybot or SUPERAntiSpyware - Anti-spyware

• LMT Anti-Logger - Anti-Loggers (e.g. Keyloggers)

• VT4Browsers - Easily Scan Downloads

• Cuckoo - Malware Analysis Tool

• WireShark - Network Protocol Analyzer

• PacketTotal - PCAP / Network Analysis

• should-i-trust - Evaluates OSINT Signals for a Domain

• Phish.ly - Scan Suspicious Emails

• Amnpardaz - Scan EXE Files

• testsafebrowsing - Safe Browsing Testing Links

• QuickSand - PDF / Document Malware Scanner

• Dangerzone - Convert dangerous PDF to safe PDF

• ThreatMap - Live Malware Distribution Map

• Web Of Trust - Check Website Safety

• Virus Checker - Virus Check for Downloads

• Malware Search+++ - Malware Search Extension

• Malware Analysis Search

• VirusShare - Search / Share Malware Samples

• SigThief - Signature Test

• Awesome Penetration Testing - Penetration Testing Index

• ClamAV - An open source antivirus engine for detecting trojans, viruses, malware & other malicious threats.

VirusTotal alternatives

• Any-Run - Run files in a sandbox.

• Thread Minder - Allow analysts to find additional information on indicators of compromise (IOC) - such as domain names, IP's and more.

• ThreatCrowd - Search engine for threats, show correlations of submitted entries eg IP, hashes, domains etc.

• URLScan - Check the website.

• Sooty - SOC Analyst Tool.

• Hybrid-Analysis - alternative - The free version is normally good enough.

Virtualisation

• FireJail - Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf.

• FlatPak - Standalone apps for Linux are here!

• KVM - KVM (for Kernel-based Virtual Machine) - is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V).

• Sandboxie - Install and run programs in a virtual sandbox (software based) - environment without writing to the hard drive itself.

• Virtualbox - VirtualBox is a general-purpose full virtualizer for x86 hardware, targeted at server, desktop and embedded use.

• VMWare - (paid) - Closed source, but maybe the most reliable and used program for creating/booting up a virtual machine.

Checksum verification

• OpenHashTab - File hashing shell extension for Windows.

• GtkHash - A cross-platform desktop utility for computing message digests or checksums.