{"id":16195279,"url":"https://github.com/tethik/tamperfree","last_synced_at":"2026-05-02T06:40:00.631Z","repository":{"id":146621948,"uuid":"64748484","full_name":"Tethik/tamperfree","owner":"Tethik","description":"A tool for verifying static content Tor Hidden Service websites.","archived":false,"fork":false,"pushed_at":"2016-10-30T16:09:59.000Z","size":48,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-02-13T18:37:45.911Z","etag":null,"topics":["hidden-services","python","selenium","tor"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Tethik.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-08-02T10:40:30.000Z","updated_at":"2024-12-25T16:34:24.000Z","dependencies_parsed_at":null,"dependency_job_id":"c7d4d000-f9f8-4222-b580-8a7726099fb1","html_url":"https://github.com/Tethik/tamperfree","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tethik%2Ftamperfree","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tethik%2Ftamperfree/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tethik%2Ftamperfree/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tethik%2Ftamperfree/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Tethik","download_url":"https://codeload.github.com/Tethik/tamperfree/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247685598,"owners_count":20979085,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hidden-services","python","selenium","tor"],"created_at":"2024-10-10T08:26:56.477Z","updated_at":"2026-05-02T06:39:55.605Z","avatar_url":"https://github.com/Tethik.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"*Please note that this is a prototype only. As such I don't want to make any promises of any real security. There may be bugs and/or security vulnerabilities*.\n\n# tamperfree\nA tool for verifying static content Tor Hidden Service websites using requests\nthat are indistinguishable from real visitor requests. The idea is that by running\nthis tool often enough you can detect if the site is being tampered with. This could\nfor example be useful as having at least some guarantee that a javascript crypto\nclient has integrity.\n\n# install\nYou will need Xvfb in order to run this program. It's so that selenium, the \nframework used to control Tor Browser, can run the browser without a visible \nwindow (headless).\n\nOn fedora:\n\n`dnf install xorg-x11-server-Xvfb`\n\nThen clone the repository.\n\n`git clone https://github.com/Tethik/tamperfree`\n\nInstall as a python package.\n\n`python setup.py install`\n\nI plan to eventually package this nicely as an rpm.\n\n## usage\nTo update/download the latest tor browser version for selenium to use. By default it\nwill be stored in a \".tamperfree_data\" directory along with any future stamps. \n\n`tamperfree update_browser`\n\nFirst \"stamp\" the site. This will save a secure hash of every path visited on\nthe website.\n\n`tamperfree stamp \u003conionurl\u003e`\n\nTo then verify it, run the following command. It will fetch a new set of hashes\nand compare them to the ones that were stamped earlier. It will tell you which\npath has been tampered with, which paths were missing or which were added.\n\n`tamperfree verify \u003conionurl\u003e`\n\n# testing\nMake sure you have the test requirements installed.\n\n`pip -r test-requirements.txt`\n\nYou can then run the tests via.\n\n`py.test`\n\nI manually test using my own burn service: http://npjhj3yqy7e7xntn.onion\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftethik%2Ftamperfree","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftethik%2Ftamperfree","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftethik%2Ftamperfree/lists"}