{"id":13464431,"url":"https://github.com/seemoo-lab/opendrop","last_synced_at":"2026-02-12T00:01:49.895Z","repository":{"id":37432386,"uuid":"186575075","full_name":"seemoo-lab/opendrop","owner":"seemoo-lab","description":"An open Apple AirDrop implementation written in Python","archived":false,"fork":false,"pushed_at":"2024-06-11T10:41:13.000Z","size":111,"stargazers_count":9503,"open_issues_count":56,"forks_count":300,"subscribers_count":79,"default_branch":"master","last_synced_at":"2026-01-28T01:42:26.503Z","etag":null,"topics":["airdrop","apple","awdl","linux","macos"],"latest_commit_sha":null,"homepage":"https://owlink.org","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/seemoo-lab.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2019-05-14T08:07:50.000Z","updated_at":"2026-01-27T11:12:30.000Z","dependencies_parsed_at":"2024-06-11T12:09:34.851Z","dependency_job_id":null,"html_url":"https://github.com/seemoo-lab/opendrop","commit_stats":{"total_commits":62,"total_committers":3,"mean_commits":"20.666666666666668","dds":"0.032258064516129004","last_synced_commit":"cbc7ca46a75bb2da4af9d406732ddf2192578388"},"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/seemoo-lab/opendrop","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seemoo-lab%2Fopendrop","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seemoo-lab%2Fopendrop/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seemoo-lab%2Fopendrop/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seemoo-lab%2Fopendrop/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/seemoo-lab","download_url":"https://codeload.github.com/seemoo-lab/opendrop/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seemoo-lab%2Fopendrop/sbom","scorecard":{"id":809642,"data":{"date":"2025-08-11","repo":{"name":"github.com/seemoo-lab/opendrop","commit":"ae5ac821fb3b233df3ac800e4eb47f287f4422cf"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.3,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/19 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/createrelease.yml:1","Warn: no topLevel permission defined: .github/workflows/pythonpublish.yml:1","Warn: no topLevel permission defined: .github/workflows/pythonpublishtest.yml:1","Warn: no topLevel permission defined: .github/workflows/testpackage.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/createrelease.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/seemoo-lab/opendrop/createrelease.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/createrelease.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/seemoo-lab/opendrop/createrelease.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pythonpublish.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/seemoo-lab/opendrop/pythonpublish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pythonpublish.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/seemoo-lab/opendrop/pythonpublish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pythonpublishtest.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/seemoo-lab/opendrop/pythonpublishtest.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pythonpublishtest.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/seemoo-lab/opendrop/pythonpublishtest.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/testpackage.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/seemoo-lab/opendrop/testpackage.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/testpackage.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/seemoo-lab/opendrop/testpackage.yml/master?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/pythonpublish.yml:18","Warn: pipCommand not pinned by hash: .github/workflows/pythonpublish.yml:19","Warn: pipCommand not pinned by hash: .github/workflows/pythonpublishtest.yml:18","Warn: pipCommand not pinned by hash: .github/workflows/pythonpublishtest.yml:19","Warn: pipCommand not pinned by hash: .github/workflows/testpackage.yml:21","Warn: pipCommand not pinned by hash: .github/workflows/testpackage.yml:24","Warn: pipCommand not pinned by hash: .github/workflows/testpackage.yml:27","Warn: pipCommand not pinned by hash: .github/workflows/testpackage.yml:31","Warn: pipCommand not pinned by hash: .github/workflows/testpackage.yml:35","Warn: pipCommand not pinned by hash: .github/workflows/testpackage.yml:39","Warn: pipCommand not pinned by hash: .github/workflows/testpackage.yml:43","Info:   0 out of   8 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  11 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: GNU General Public License v3.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2024-48 / GHSA-fj7x-q9j7-g6q6"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 13 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-23T12:46:25.939Z","repository_id":37432386,"created_at":"2025-08-23T12:46:25.939Z","updated_at":"2025-08-23T12:46:25.939Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29350079,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-11T20:11:40.865Z","status":"ssl_error","status_checked_at":"2026-02-11T20:10:41.637Z","response_time":97,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["airdrop","apple","awdl","linux","macos"],"created_at":"2024-07-31T14:00:42.871Z","updated_at":"2026-02-12T00:01:49.868Z","avatar_url":"https://github.com/seemoo-lab.png","language":"Python","funding_links":[],"categories":["Python","HarmonyOS","Operating Systems"],"sub_categories":["Windows Manager","macOS/iOS"],"readme":"# OpenDrop: an Open Source AirDrop Implementation\n\n[![Release](https://img.shields.io/pypi/v/opendrop?color=%23EC6500\u0026label=release)](https://pypi.org/project/opendrop/)\n[![Language grade](https://img.shields.io/lgtm/grade/python/github/seemoo-lab/opendrop?label=code%20quality)](https://lgtm.com/projects/g/seemoo-lab/opendrop/context:python)\n\n*OpenDrop* is a command-line tool that allows sharing files between devices directly over Wi-Fi. Its unique feature is that it is protocol-compatible with Apple AirDrop which allows to share files with Apple devices running iOS and macOS. \n~~Currently (and probably also for the foreseeable future), OpenDrop only supports sending to Apple devices that are discoverable by *everybody* as the default *contacts only* mode requires [Apple-signed certificates](https://www.apple.com/certificateauthority/pdf/Apple_AAI_CPS_v6.1.pdf).~~\nWe support contacts-only devices by using extracted AirDrop credentials (keys and certificates) from macOS via our [keychain extractor](https://github.com/seemoo-lab/airdrop-keychain-extractor).\n\n## Disclaimer\n\nOpenDrop is experimental software and is the result of reverse engineering efforts by the [Open Wireless Link](https://owlink.org) project.\nTherefore, it does not support all features of AirDrop or might be incompatible with future AirDrop versions.\nOpenDrop is not affiliated with or endorsed by Apple Inc. Use this code at your own risk.\n\n\n## Requirements\n\nTo achieve compatibility with Apple AirDrop, OpenDrop requires the target platform to support a specific Wi-Fi link layer.\nIn addition, it requires Python \u003e=3.6 as well as several libraries.\n\n**Apple Wireless Direct Link.**\nAs AirDrop exclusively runs over Apple Wireless Direct Link (AWDL), OpenDrop is only supported on macOS or on Linux systems running an open re-implementation of AWDL such as [OWL](https://github.com/seemoo-lab/owl).\n\n**Libraries.**\nOpenDrop relies on a current version of [libarchive](https://www.libarchive.org).\nmacOS ships with a rather old version, so you will need to install a newer version, for example, via [Homebrew](https://brew.sh):\n```bash\nbrew install libarchive\n```\nOpenDrop automatically sets `DYLD_LIBRARY_PATH` to look for the Homebrew version. You may need to update the variable yourself if you install the libraries differently.\n\nLinux distributions should ship with more up-to-date versions, so this won't be necessary.\n\n\n## Installation \n\nInstallation of the Python package [release](https://pypi.org/project/opendrop/) is straightforward using `pip3`:\n```\npip3 install opendrop\n```\n\nYou can also install the current development version by first cloning this repository, and then installing it via `pip3`:\n```\ngit clone https://github.com/seemoo-lab/opendrop.git\npip3 install ./opendrop\n```\n\n\n## Usage\n\nWe briefly explain how to send and receive files using `opendrop`.\nTo see all command line options, run `opendrop -h`.\n\n### Sending a File or a Link\n\nSending a file is typically a two-step procedure. You first discover devices in proximity using the `find` command.\nStop the process once you have found the receiver.\n```\n$ opendrop find\nLooking for receivers. Press Ctrl+C to stop ...\nFound  index 0  ID eccb2f2dcfe7  name John’s iPhone\nFound  index 1  ID e63138ac6ba8  name Jane’s MacBook Pro\n```\nYou can then `send` a file (or link, see below) using \n```\n$ opendrop send -r 0 -f /path/to/some/file\nAsking receiver to accept ...\nReceiver accepted\nUploading file ...\nUploading has been successful\n```\nInstead of the `index`, you can also use `ID` or `name`.\nOpenDrop will try to interpret the input in the order (1) `index`, (2) `ID`, and (3) `name` and fail if no match was found.\n\n**Sending a web link.** Since v0.13, OpenDrop supports sending web links, i.e., URLs, so that receiving Apple devices will immediately open their browser upon accepting. \n(Note that OpenDrop _receivers_ still only support receiving regular files.)\n\n```\n$ opendrop send -r 0 -f https://owlink.org --url\n```\n\n### Receiving Files\n\nReceiving is much easier. Simply use the `receive` command. OpenDrop will accept all incoming files automatically and put received files in the current directory.\n```\n$ opendrop receive\n```\n\n\n## Current Limitations/TODOs\n\nOpenDrop is the result of a research project and, thus, has several limitations (non-exhaustive list below). I do not have the capacity to work on them myself but am happy to provide assistance if somebody else want to take them on.\n\n* *Triggering macOS/iOS receivers via Bluetooth Low Energy.* Apple devices start their AWDL interface and AirDrop server only after receiving a custom advertisement via Bluetooth LE (see USENIX paper for details). This means, that Apple AirDrop receivers may not be discovered even if they are discoverable by *everyone*.\n\n* *Sender/Receiver authentication and connection state.* Currently, there is no peer authentication as in Apple's AirDrop, in particular, (1) OpenDrop does not verify that the TLS certificate is signed by [Apple's root](opendrop/certs/apple_root_ca.pem) and (2) that the Apple ID validation record is correct (see USENIX paper for details). In addition, OpenDrop automatically accepts any file that it receives due to a missing connection state.\n\n* *Sending multiple files.* Apple AirDrop supports sending multiple files at once, OpenDrop does not (would require adding more files to the archive, modify HTTP /Ask request, etc.).\n\n\n## Our Papers\n\n* Alexander Heinrich, Matthias Hollick, Thomas Schneider, Milan Stute, and Christian Weinert. **PrivateDrop: Practical Privacy-Preserving Authentication for Apple AirDrop.** *30th USENIX Security Symposium (USENIX Security ’21)*, August 14–16, 2019, virtual Event. [Paper](https://www.usenix.org/conference/usenixsecurity21/presentation/heinrich) [Website](https://privatedrop.github.io) [Code](https://github.com/seemoo-lab/privatedrop)\n* Milan Stute, Sashank Narain, Alex Mariotto, Alexander Heinrich, David Kreitschmann, Guevara Noubir, and Matthias Hollick. **A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link.** *28th USENIX Security Symposium (USENIX Security ’19)*, August 14–16, 2019, Santa Clara, CA, USA. [Paper](https://www.usenix.org/conference/usenixsecurity19/presentation/stute)\n\n\n## Authors\n\n* **Milan Stute** ([email](mailto:mstute@seemoo.tu-darmstadt.de), [web](https://seemoo.de/mstute))\n* **Alexander Heinrich**\n\n\n## License\n\nOpenDrop is licensed under the [**GNU General Public License v3.0**](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fseemoo-lab%2Fopendrop","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fseemoo-lab%2Fopendrop","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fseemoo-lab%2Fopendrop/lists"}