Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
repo-3288-awesome-privacy
https://github.com/orgTestCodacy11KRepos110MB/repo-3288-awesome-privacy
Last synced: about 12 hours ago
JSON representation
-
Intro [![Awesome](https://awesome.re/badge.svg)](https://awesome.re)
-
2-Factor Authentication
-
Categories
- Raivo OTP - time-password (OTP) client built for iOS; Raivo OTP! - built by @tijme
- OTPClient - Hosted, Web-based)*, [Etopa](https://play.google.com/store/apps/details?id=de.ltheinrich.etopa) *(Android)*
- Authenticator - FA Client for iOS, which never connects to the internet - built by @mattrubin.me
- Authenticator - based OTP authenticator. Has native With GNOME Shell integration. Also available through [flathub](https://flathub.org/apps/details/com.belmoussaoui.Authenticator).
- Authenticator - browser One-Time Password (OTP) client, supports both Time-Based One-Time Password (TOTP, specified in [RFC 6238](https://tools.ietf.org/html/rfc6238) and HMAC-Based One-Time Password (HOTP, specified in [RFC 4226](https://tools.ietf.org/html/rfc4226).
- TrayTop - offline and compatible with Windows, Mac and Linux.
- Authy
- Authenticator Pro - source two factor authentication app for Android. It features encrypted backups, icons, categories and a high level of customisation. It also has a Wear OS companion app
-
-
File Encryption
-
Categories
- age - style composability
- CryptSetup - crypt](https://wiki.archlinux.org/index.php/Dm-crypt). [EncFS](https://www.arg0.net/encfs) is a cross-platform file-based encryption module, for use within user local directories. [geli](https://www.freebsd.org/cgi/man.cgi?query=geli&sektion=8) is a disk encryption subsystem included with FreeBSD.
- AES Crypt - weight and easy file encryption utility. It includes applications for Windows, Mac OS, BSD and Linux, all of which can be interacted with either through the GUI, CLI or programatically though an API (available for Java, C, C# and Python). Although it is well established, with an overall positive reputation, there have been some [security issues](https://www.reddit.com/r/privacytoolsIO/comments/b7riov/aes_crypt_security_audit_1_serious_issue_found/) raised recently.
- PeaZip - platform open source file archiver utility. It allows you to create, open, and extract RAR TAR ZIP archives. It also has a [password-protection feature](https://peazip.github.io/peazip-password.html), which encrypts compressed files using AES-256, which is also compatible with most other archive utilities
- VeraCrypt - platform disk encryption software. You can use it to either encrypt a specific file or directory, or an entire disk or partition. VeraCrypt is incredibly feature-rich, with comprehensive encryption options, yet the GUI makes it easy to use. It has a CLI version, and a portable edition. VeraCrypt is the successor of (the now deprecated) TrueCrypt.
-
-
Search Engines
-
Categories
- Searx - hostable search engines that use the results of multiple other engines (such as Google and Bing) at the same time. They're open source and self-hostable, although using a [public instance](https://searx.space) has the benefit of not singling out your queries to the engines used.
- DuckDuckGo - friendly, fast and secure search engine. It's totally private, with no trackers, cookies or ads. It's also highly customisable, with dark-mode, many languages and features. They even have a [.onion](https://3g2upl4pq6kufc4m.onion) URL, for use with Tor and a [no Javascript version](https://duckduckgo.com/html/)
- Qwant - party advertising. It returns non-biased search results, with no promotions. Qwant has a unique, but nice UI.
- Startpage
-
-
Encrypted Email
-
Categories
- OpenTechFund - Secure Email
- Comparison or Private Email Providers - security-checklist/blob/master/README.md#emails)
- Prism Program - to-end encrypted) - this applies to Gmail, Outlook Mail, Yahoo Mail, GMX, ZoHo, iCloud, AOL and more.
- Skiff - to-end encrypted, open-source, and privacy-first email that also integrates Web3 features such as crypto wallets and decentralized storage. Skiff has a simple and intuitive UI, supports [mobile apps](https://skiff.com/download) on iOS and Android, and requires no personally identifiable information to sign up or create an account. Skiff offers a Pro plan with additional storage space, aliases, custom domains, and more for $8 per month that can be paid using a credit card or with a crypto wallet.
- good email practices
-
Self-Hosted Email
- Mail-in-a-box - to-go self-hosted mail options include [Mailu](https://mailu.io/1.7/) and [Mail Cow](https://mailcow.email/), both of which are docker containers.
-
-
Anonymous Mail Forwarding
-
Self-Hosted Email
- Mailu - catchall](https://github.com/Pro/exchange-catchall)
- mailhero.io - in encryption, so you will need to use PGP, but it is free.
- ForwardEmail - all email forwarding service. Easy to self-host (see on [GitHub](https://github.com/forwardemail/free-email-forwarding)), or the hosted version has a free plan as well as a ($3/month) premium plan
- 33Mail - standing aliasing service. As well as receiving, 33Mail also lets you reply to forwarded addresses anonymously. Free plan, as well as Premium plan ($1/ month) if you'd like to use a custom domain
-
-
VOIP Clients
-
Team Collaboration Platforms
-
Self-Hosted Email
- Rocket.Chat - to-deploy, self-hosted team collaboration platform with stable, feature-rich cross-platform client apps. The UI is fast, good looking and intuitive, so very little technical experience is needed for users of the platform. Rocket.Chat's feature set is similar to Slack's, making it a good replacement for any team looking to have greater control over their data
- Slack - teams-meeting-data-privacy), [Google for Work](https://www.wired.com/story/google-tracks-you-privacy/) and [Discord](https://cybernews.com/privacy/discord-privacy-tips-that-you-should-use-in-2020/) all come with some serious privacy implications.
- RetroShare - to-1 chats with text and rich media using decentralized chat rooms, with a mail feature for delivering messages to offline contacts. A channels feature makes it possible for members of different teams to stay up-to-date with each other, and to share files. Also includes built-in forums, link aggregations, file sharing and voice and video calling. RetroShare is a bit more complex to use than some alternatives, and the UI is quite *retro*, so may not be appropriate for a non-technical team
- Element - focused messenger using the Matrix protocol. The Element client allows for group chat rooms, media sharing voice and video group calls.
- variety of clients - popular options include: [The Longe](https://thelounge.chat/) (Web-based), [HexChat](https://hexchat.github.io/) (Linux), [Pidgin](https://pidgin.im/help/protocols/irc/) (Linux), [WeeChat](https://weechat.org/) (Linux, terminal-based), [IceChat](https://www.icechat.net/) (Windows), [XChat Aqua](https://xchataqua.github.io/) (MacOS), [Palaver](https://palaverapp.com/) (iOS) and [Revolution](https://github.com/MCMrARM/revolution-irc) (Android)
- Dialog
-
Notable Mentions
-
-
Browser Extensions
-
Notable Mentions
- uBlock Origin - chrome] \ [Firefox][ublock-firefox]
- ScriptSafe - safe-chrome] \ [Firefox][script-safe-firefox]
- Temporary Containers - Account Containers, let's you isolate cookies and other private data for each web site. **Download**: [Firefox](https://github.com/stoically/temporary-containers)
- WebRTC-Leak-Prevent - rtc-chrome]. For Firefox users, you can do this through [browser settings](https://www.privacytools.io/browsers/#webrtc). Test for WebRTC leaks, with [browserleaks.com/webrtc](https://browserleaks.com/webrtc)
- First Party Isolation - US/firefox/addon/first-party-isolation/)
- Privacy-Oriented Origin Policy - US/firefox/addon/privacy-oriented-origin-policy/) \ [Source](https://github.com/claustromaniac/poop)
- Privacy Redirect - US/firefox/addon/privacy-redirect/) / [Chrome](https://chrome.google.com/webstore/detail/privacy-redirect/pmcmeagblkinmogikoikkdjiligflglb)
- Site Bleacher - US/firefox/addon/site-bleacher/) \ [Chrome](https://chrome.google.com/webstore/detail/site-bleacher/mlcfcepfmnjphcdkfbfgokkjodlkmemo) \ [Source](https://github.com/wooque/site-bleacher)
- HTTPZ - Everywhere) <br>**Download**: [Firefox](https://addons.mozilla.org/en-US/firefox/addon/httpz/)
- Lightbeam - firefox] \ [Source][lightbeam-source]
- Firefox Multi-Account Containers - Account Containers lets you keep parts of your online life separated into color-coded tabs that preserve your privacy. Cookies are separated by container, allowing you to use the web with multiple identities or accounts simultaneously. **Download**: [Firefox](https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/)
- CSS Exfil Protection - exfil-protection/ibeemfhcbbikonfajhamlkdgedmekifo) \ [Firefox](https://addons.mozilla.org/en-US/firefox/addon/css-exfil-protection/) \ [Source](https://github.com/mlgualtieri/CSS-Exfil-Protection)
- Privacy Essentials - essentials-chrome] \ [Firefox][privacy-essentials-firefox]
- Self-Destructing Cookies - destructing-cookies-chrome] \ [Firefox][self-destructing-cookies-firefox] \ [Opera][self-destructing-cookies-opera] \ [Source][self-destructing-cookies-source]
- User Agent Switcher - Agent string, making it appear that you are on a different device, browser and version to what you are actually using. This alone does very little for privacy, but combined with other tools, can allow you to keep your fingerprint changing, and feed fake info to sites tracking you. Some websites show different content, depending on your user agent.<br>**Download**: [Chrome](https://chrome.google.com/webstore/detail/user-agent-switcher/bhchdcejhohfmigjafbampogmaanbfkg) \ [Fireforx](https://addons.mozilla.org/firefox/addon/user-agent-string-switcher/) \ [Edge](https://microsoftedge.microsoft.com/addons/detail/cnjkedgepfdpdbnepgmajmmjdjkjnifa) \ [Opera](https://addons.opera.com/extensions/details/user-agent-switcher-8/) \ [Source](https://github.com/ray-lothian/UserAgent-Switcher/)
- Web Archives - US/firefox/addon/view-page-archive/) \ [Chrome](https://chrome.google.com/webstore/detail/web-archives/hkligngkgcpcolhcnkgccglchdafcnao) \ [Edge](https://microsoftedge.microsoft.com/addons/detail/apcfghlggldjdjepjnahfdjgdcdekhda) \ [Source](https://github.com/dessant/web-archives)
- Flagfox - US/firefox/addon/flagfox/)
- AmIUnique Timeline - chrome] \ [Firefox][amiunique-firefox]
- arkenfox wiki
- Decentraleyes - party CDN. Improves privacy and load times. Works out-of-the-box and plays nicely with regular content blockers. **Download**: [Chrome][decentraleyes-chrome] \ [Firefox][decentraleyes-firefox] \ [Opera][decentraleyes-opera] \ [Pale Moon][decentraleyes-pale-moon] \ [Source][decentraleyes-source]
- Skip Redirect - on tries to extract the final url from the intermediary url and goes there straight away if successful <br>**Download**: [Firefox](https://addons.mozilla.org/en-US/firefox/addon/skip-redirect/) \ [Source](https://github.com/sblask/webextension-skip-redirect)
- Privacy Badger - parties from secretly tracking where you go and what pages you look at. **Download**: [Chrome][privacy-badger-chrome] \ [Firefox][privacy-badger-firefox]
- LocalCDN - US/firefox/addon/localcdn-fork-of-decentraleyes/)
- LocalCDN - US/firefox/addon/localcdn-fork-of-decentraleyes/)
-
-
Mobile Apps
-
Notable Mentions
- DPI Tunnel
- RethinkDNS + Firewall - source ad-blocker and firewall app for Android 6+ (does not require root)
- Haven - snowden-haven-app/)
- FlutterHole
- SnoopSnitch - the-air updates
- TrackerControl
- Greentooth - disable Bluetooth, then it is not being used. Saves battery, and prevent some security risks
- PrivateLock
- CamWings - camera-cover-set-ii)
- ScreenWings
- Catch the Man-in-the-Middle - 1 fingerprints of the the SSL certificates seen from your device, and the certificate seen from an external network. If they do not match, this may indicate a man-in-the-middle modifying requests
- F-Droid - Droid is an installable catalogue of FOSS applications for Android. The client enabled you to browse, install, and keep track of updates on your device
- Blokada - does-blokada-work/).
- XPrivacyLua
- AFWall+ - grained control over which Android apps are allowed to access the network
- Fing App
- Fing App
- Nethunter Catalogue
-
-
Bonus #1 - Alternatives to Google
-
Notable Mentions
- SkyScanner
- SkyScanner
- SkyScanner
- Brave - privacy/)), [Vivaldi](https://vivaldi.com)
- Cloudflare
- SkyScanner
- Private Kit
- Geometric Weather
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
- SkyScanner
-
-
Online Tools
-
Notable Mentions
- Should I Remove It?
- Phish.ly
- Hardenize
- Is Legit?
- Deseat Me - Instantly get a list of all your accounts, delete the ones you are not using
- 10 Minute Mail
- MXToolBox Mail Headers
- Am I FloCed?
- Site Report
- IP Leak Test
- Blocked.org
- Panopticlick - ons protect you against online tracking techniques, and if your system is uniquely configured—and thus identifiable
- Virus Total - suspicious web resources (by URL, IP, domain or file hash) to detect types of malware (*note: files are scanned publicly*)
-
-
Password Managers
-
Categories
- Password Safe
- PassBolt - hosted, extensible and OpenPGP based. It is specifically good for development and DevOps useage, with integrations for the terminal, browser and chat, and can be easily extended for custom usage, and deployed quickly with Docker
- 1Password - featured cross-platform password manager with sync. Free for self-hosted data (or $3/ month hosted). Be aware that 1Password is not fully open source, but they do regularly publish results of their independent [security audits](https://support.1password.com/security-assessments), and they have a solid reputation for transparently disclosing and fixing vulnerabilities
-
-
Browsers
-
Categories
- LibreWolf
- Bromite - respecting fork of Chromium for Android. Comes with built-in adblock and additional settings for hardening.
- Mull - Fenix (Android), [Firefox Focus](https://support.mozilla.org/en-US/kb/focus) (Android/ iOS), [DuckDuckGo Browser](https://help.duckduckgo.com/duckduckgo-help-pages/mobile/ios/) (Android/ iOS), [Orbot](https://guardianproject.info/apps/orbot/) + [Tor](https://www.torproject.org/download/#android) (Android), [Onion Browser](https://onionbrowser.com/) (iOS)
- Nyxt - project.org/), [Ungoogled-Chromium](https://github.com/Eloston/ungoogled-chromium), [Basilisk Browser](https://www.basilisk-browser.org/) and [IceCat](https://www.gnu.org/software/gnuzilla/)
- Firefox Configuration for Privacy and Performance
- Tor Browser - impossible for you to be tracked by your ISP/ provider. It does make every-day browsing a little slower, and some sites may not work correctly. As with everything there are [trade-offs](https://github.com/Lissy93/personal-security-checklist/issues/19)
- extensions
- Firefox Configuration for Privacy and Performance
-
-
Encrypted Messaging
-
Categories
- Signal - to-use, functioning similar to WhatsApp - with instant messaging, read-receipts, support for media attachments and allows for high-quality voice and video calls. It's cross-platform, open-source and totally free. Signal is [recommended](https://twitter.com/Snowden/status/661313394906161152) by Edward Snowden, and is a perfect solution for most users
- Surespot - messenger)s been removed from the list, since development has halted.
- OpenPGP
- not easy - bit key IDs](https://evil32.com/) - they are too short to be secure. There have also been vulnerabilities found in the OpenPGP and S/MIME, defined in [EFAIL](https://efail.de/), so although it still considered secure for general purpose use, for general chat, it may be better to use an encrypted messaging or email app instead.
- Surespot - messenger)s been removed from the list, since development has halted.
- Surespot - messenger)s been removed from the list, since development has halted.
- XMPP - to-end encryption](https://en.wikipedia.org/wiki/OMEMO), which is based on the [Double Ratchet Algorithm](https://en.wikipedia.org/wiki/Double_Ratchet_Algorithm) that is used in Signal. For more hands-on information and to register an account you can visit [JoinJabber](https://joinjabber.org). Below you can find a list of OMEMO-enabled clients for all the major platforms.<br><br><table><thead><tr><th>Program</th><th>Linux</th><th>MacOS</th><th>Windows</th><th>Android</th><th>iOS</th></tr></thead><tbody><tr><td><a href="https://gajim.org">Gajim</a> (<a href="https://gajim.org/download/#install-instructions">OMEMO plugin</a>)</td><td>✓</td><td><a href="https://dev.gajim.org/gajim/gajim/-/wikis/help/Gajim-on-macOS">~</a></td><td>✓</td><td></td><td></td></tr><tr><td><a href="https://dino.im">Dino</a> ✆</td><td>✓</td><td></td><td><a href="https://github.com/LAGonauta/dino/releases">✓</a></td><td></td><td></td></tr><tr><td><a href="https://conversations.im">Conversations</a> / <a href="https://blabber.im">Blabber</a> ✆</td><td></td><td></td><td></td><td>✓</td><td></td></tr><tr><td><a href="https://monal-im.org">Monal IM</a></td><td></td><td>✓</td><td></td><td></td><td>✓</td></tr><tr><td><a href="https://beagle.im">Beagle IM</a> / <a href="https://siskin.im">Siskin IM</a> ✆</td><td></td><td>✓</td><td></td><td></td><td>✓</td></tr></tbody></table>
- Surespot - messenger)s been removed from the list, since development has halted.
-
-
P2P Messaging
-
Categories
- Peer-to-Peer - down or forced to turn over data. There are P2P networks available that are open source, E2E encrypted, routed through Tor services, totally anonymous and operate without the collection of metadata.
- Cwtch - tor-messenger) *(deprecated)*, [TorChat2](https://github.com/prof7bit/TorChat) *(deprecated)*, [Ricochet](https://ricochet.im) *(deprecated)*
-
-
Email Clients
-
Self-Hosted Email
- FairEmail - featured and easy mail client for Android. Supports unlimited accounts and email addresses with the option for a unified inbox. Clean user interface, with a dark mode option, it is also very lightweight and consumes minimal data usage
- K-9 Mail - 9 is open source, very well supported and trusted - k9 has been around for nearly as long as Android itself! It supports multiple accounts, search, IMAP push email, multi-folder sync, flagging, filing, signatures, BCC-self, PGP/MIME & more. Install OpenKeychain along side it, in order to encrypt/ decrypt emails using OpenPGP
- p≡p - to-end encrypted mail client, for "automatic privacy". It has some nice features, however it is not open source
-
-
Email Security Tools
-
Self-Hosted Email
- Email Privacy Tester - receipts or other tracking data your mail client allows to be sent back to the sender. The system is open source ([on GitLab](https://gitlab.com/mikecardwell/ept3)), developed by [Mike Cardwell](https://www.grepular.com/) and trusted, but if you do not want to use your real email, creating a second account with the same provider, should yield identical results
- DKIM Verifier - mail header, in order to help spot spoofed emails (which do not come from the domain that they claim to)
- Enigmail - on, enabling the use of OpenPGP to easily encrypt, decrypt, verify and sign emails. Free and open source, Enigmail is compatible with Interlink Mail & News and Postbox. Their website contains thorough documentation and quick-start guides, once set up it is extremely convenient to use.
-
-
Virtual Phone Numbers
-
Self-Hosted Email
- Silent.link - wide roaming. No data is required at sign-up. Affordable pricing, with payments and top-ups accepted in BTC. Requires an eSim-compatible device
- Crypton.sh
- Jmp.chat
-
-
Virtual Private Networks
-
Notable Mentions
- Azire - security-checklist/issues/140).
- IVPN - source apps and website. Strong ethics: no trackers, no false promises, no surveillance ads. Accepts various payment methods including crypotcurrencies.
- ProtonVPN - friendly native mobile and desktop apps. ProtonVPN is one of the few "trustworthy" providers that also offer a free plan
- OVPN - proven VPN service with support for Wireguard and OpenVPN support, and optional ad-blocking. Running on dedicated hardware, with no hard drives
- Read more about fingerprinting
- VPN leaks
- What is a DNS leak - to-fix-a-dns-leak.html)*
- Outline - wide access to the free and open internet. And since you have full control over the server, you can be confident that there is no logging or monitoring happening. However it comes at the cost of anonymity, especially if it's only you using your instance.
- Streisand
-
-
Self-Hosted Network Security
-
Notable Mentions
- Technitium - invasive content at it's source. Technitium doesn't require much of a setup, and basically works straight out of the box, it supports a wide range of systems (and can even run as a portable app on Windows). It allows you to do some additional tasks, such as add local DNS addresses and zones with specific DNS records. Compared to Pi-Hole, Technitium is very lightweight, but lacks the deep insights that Pi-Hole provides, and has a significantly smaller community behind it
-
-
Mix Networks
-
Notable Mentions
- Mix networks - to-trace communications, by encrypting and routing traffic through a series of nodes. They help keep you anonymous online, and unlike VPNs -there are no logs
- here
-
-
Proxies
-
Notable Mentions
- free
- Malicious Proxies - use the Tor network.
-
-
DNS
-
Notable Mentions
- SecureDNS - in ad block and additional privacy features. Supports DoH, DoT and DNSCrypt. It is not as performant as some of the bigger players, but still a good option in terms of security
- NextDNS - blocking, privacy-protecting, censorship-bypassing DNS. Also comes with analytics, and the ability to shield kids from adult content
- Full List of Public DoH Servers - Hosted also has a [good list](https://awesome.tilde.fun/d/23-list-of-dns-servers
- this article - and-security-focused-dns-resolver/).
- OpenNIC - focused DNS
- Clean Browsing - based Content Filtering
- DNS leak test
- CloudFlare - class protection. They have native cross-platform apps, for easy set-up.
-
-
Firewalls
-
Notable Mentions
- NetGuard - Fi and/or mobile connection
- NoRoot Firewall
- Little Snitch - app basis
- Uncomplicated Firewall
-
-
Ad Blockers
-
Notable Mentions
- Diversion - blocking, Dnsmasq logging, Entware and pixelserv-tls installations and more on supported routers running [Asuswrt-Merlin firmware](https://www.asuswrt-merlin.net/), including its forks
- hBlock - compliant shell script, designed for Unix-like systems, that gets a list of domains that serve ads, tracking scripts and malware from multiple sources and creates a hosts file (alternative formats are also supported) that prevents your system from connecting to them. Aimed at improving security and privacy through blocking advert, tracking and malware associated domains
- RethinkDNS + Firewall - blocker and a firewall for Android 6+ (no root required)
- TrackStop with PerfectPrivacy
- Private Internet Access - 9242873-13842740), and [NordVPN](https://www.kqzyfj.com/l5115shqnhp4E797DC8467D69A6D) also have ad-block features.
-
-
Host Block Lists
-
Notable Mentions
- SomeoneWhoCares/ Hosts - to-date host list, maintained by Dan Pollock - to make the internet not suck (as much)
- iBlockList - for) for blocking content based on certain topics, inducing: spam, abuse, political, illegal, hijacked, bad peers and more
-
-
Router Firmware
-
Notable Mentions
- Tomato - router.com), [LibreCMC](https://librecmc.org) and [DebWRT](http://www.debwrt.net)
-
-
Network Analysis
-
Notable Mentions
-
-
Intrusion Detection
-
Cloud Hosting
-
Notable Mentions
- Vindo - managed virtual private servers and domain registration
- Private Layer - grade, high-speed offshore dedicated servers, they own their own data centres, have a solid privacy policy and accept anonymous payment
- 5 eyes
-
-
Domain Registrars
-
Notable Mentions
- Orange Website - eyes jurisdiction (in Iceland)
-
-
DNS Hosting
-
Notable Mentions
-
-
Digital Notes
-
Notable Mentions
- Cryptee - text documents. Cryptee has encryption and anonymity at its core, it also has a beautiful and minimalistic UI. You can use Cryptee from the browser, or download native Windows, Mac OS, Linux, Android and iOS apps. Comes with many additional features, such as support for photo albums and file storage. The disadvantage is that only the frontend is open source. Pricing is free for starter plan, $3/ month for 10GB, additional plans go up-to 2TB
- Turtle - host it yourself (see [repo](https://github.com/turtl)), or use their hosted plan (free edition or $3/ month for premium)
- Logseq - first, open-source knowledge base that works on top of local plain-text Markdown and Org-mode files
-
-
Cloud Productivity Suites
-
Notable Mentions
- NextCloud - hosted productivity platform, with a strong community and growing [app store](https://apps.nextcloud.com). NextCloud is similar to (but arguably more complete than) Google Drive, Office 365 and Dropbox, originally it was a fork from [OwnCloud](https://owncloud.org/), but since have diverged. Clear UI and stable native apps across all platforms, and also supports file sync. Supports encrypted files, but you need to configure this yourself. Fully open source, so you can self-host it yourself (or use a hosted solution, starting from $5/ month)
- Sandstorm - hosting web apps. Once you've set it up, you can install items from the Sandstorm [App Market](https://apps.sandstorm.io/) with -click, similar to NextCloud in terms of flexibility
- Skiff Pages - to-end encrypted, privacy-first collaborative document, note-taking, and wiki product. Skiff Pages has a modern, easy-to-use UI and supports rich text documents with embedded content. Skiff also supports end-to-end encrypted file upload and sharing ([Skiff Drive](https://skiff.com/drive)), as well as workspaces for multiple users to collaborate. [Skiff Pages is available](https://skiff.com/download) on web, iOS, and Android.
-
-
Backup and Sync
-
Notable Mentions
- secure the server - use a strong password, keep your credentials safe and enable 2FA.
-
-
Encrypted Cloud Storage
-
Notable Mentions
- Peergos - to-peer end-to-end encrypted global filesystem with fine grained access control. Provides a secure and private space online where you can store, share and view your photos, videos, music and documents. Also includes a calendar, news feed, task lists, chat and email client. Fully open source and self-hostable (or use hosted solution, £5/month for 50 GB)
- Internxt - knowledge cloud storage service based on best-in-class privacy and security. Made in Spain. Open-source mobile and desktop apps. 10GB FREE and Paid plans starting from €0.99/month for 20GB.
- FileN - to-end encrypted affordable cloud storage made in Germany. Open-source mobile and desktop apps. 10GB FREE with paid plans starting at €0.92/month for 100GB.
-
-
File Drop
-
Notable Mentions
- FileSend - day retention. Files are secured with client-side AES-256 encryption and no IP address or device info is logged. Files are permanently deleted after download or after specified duration. Developed by [StandardNotes](https://standardnotes.org/?s=chelvq36), and has built-in integration with the SN app.
- OnionShare
-
-
Browser Sync
-
Notable Mentions
- NextCloud Bookmarks - US/firefox/addon/freedommarks/) (Firefox) and [OwnCloud Bookmarks](https://chrome.google.com/webstore/detail/owncloud-bookmarks/eomolhpeokmbnincelpkagpapjpeeckc) (Chrome).
-
-
PGP Managers
-
Metadata Removal Tools
-
Notable Mentions
- Exif - magazine-just-accidentally-revealed-where-john-mca-5965295) to.
- may reveal the location
-
-
Data Erasers
-
Notable Mentions
- Hard Disk Scrubber - 5020, DoD 5220.22-M, and Random Data
- OW Shredder
- shred
- Secure Remove
- `dd` - wsv /dev/sdd`. An effective method of erasing an SSD, it to use [hdparm](https://en.wikipedia.org/wiki/Hdparm) to issue a [secure erase](https://en.wikipedia.org/wiki/Parallel_ATA#HDD_passwords_and_security) command, to your target storage device, for this, see step-by-step instructions via: [wiki.kernel.org](https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase). Finally, `[srm](https://www.systutorials.com/docs/linux/man/1-srm/)` can be use to securely remove files or directories, just run `srm -zsv /path/to/file` for a single pass over.
-
-
Virtual Machines
-
Notable Mentions
- VirtualBox - rich virtualization product, supporting x86 and AMD64/Intel64 architectures. Available for Windows, MacOS, Linux and BSD, and free for both personal and enterprise use. VirtualBox is backed by a strong community, and has been under active development since 2007.
- Xen Project - 1 hyperviser for multiple operating systems using the same hardware - very useful for servers, as it allows for fully independent virtual Linux machines
- QEMU
- VMWare - V](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v), which is a native Windows product, developed by Microsoft.
-
-
Social Networks
-
Notable Mentions
- cost of our privacy - but you, the user should be able to choose with whom you share what, and that is what the following sites aim to do.
- Discourse - hostable discussion platform you can use as a mailing list, discussion forum or long-form chat room.
- Mastodon - source, distributed across independent servers, and with no algorithms that mess with users timelines
- Minds
- Vero - source) A mobile-based social network, whose USP is that they have "No Ads. No Data Mining. No Algorithms." Since Vero is not open source, it is not possible to verify the validity of these claims
- tweaks - respecting client - such as [Reditr](http://reditr.com/). Other main-stream social networking sites do not respect your privacy, so should be avoided, but if you choose to keep using them see [this guide](https://proprivacy.com/guides/social-media-privacy-guide) for tips on protecting your privacy
-
-
Video Platforms
-
Notable Mentions
- BitTube - to-peer, decentralized, censorship-free, ad-free video sharing and live streaming platform based on IPFS and blockchain technology
- BitChute
- Petey Vid - biased video search engine. Unlike normal search engines it indexes videos from a lot of sources, including Twitter, Veoh, Instagram, Twitch, MetaCafe, Minds, BitChute, Brighteon, D-Tube, PeerTube, and many others.
-
-
Blogging Platforms
-
Notable Mentions
- Bear Blog - first, no-nonsense, super-fast blogging platform. [Repo on GitHub](https://github.com/HermanMartinus/bearblog).
- Movim - source](https://github.com/movim/movim) web frontend for XMPP that supports decentralized blogging and chatrooms.
- Standard Notes
-
-
News Readers and Aggregation
-
Notable Mentions
- Tonic - you can use throwaway accounts for posting.
-
-
Proxy Sites
-
Notable Mentions
- Nitter - end focused on privacy, it prevents Twitter from tracking your IP or browser fingerprint. It does not include any JavaScript, and all requests go through the backend, so the client never talks directly to Twitter. It's written in Nim, is super lightweight, with multiple themes and a responsive mobile version available, as well as customizable RSS feeds. Uses an unofficial API, with no rate limits or and no developer account required.
- Libreddit - end for Reddit written in Rust. Massively [faster than Reddit](https://github.com/spikecodes/libreddit#speed) by not including ads, trackers or bloat. Libreddit can be deployed and selfhosted through `cargo`, Docker and Repl.it and proxies all requests through the back-end. Libreddit currently implements most of Reddit's functionalities that don't require users to be signed in.
- WebProxy - blocked content. The service is maintained by [DevroLabs](https://devrolabs.com/), who also run the [OnionSite](https://onionsite.weboproxy.com/) web proxy, they claim to that all traffic is 256-bit SSL-encrypted, but this cannot be verified - never enter any potentially personally identifiable information, and use it purely for consuming content.
- FreeTube - feel desktop app. It is built upon the [Invidious](https://invidious.io/) API.
- Invidious - focused, open source alternative frontend for YouTube. It prevents/ reduces Google tracking, and adds additional features, including an audio-only mode, Reddit comment feed, advanced video playback settings. It's super lightweight, and does not require JavaScript to be enabled, and you can import/ export your subscriptions list, and customize your feed. See list of [Invidious Public Instances](https://github.com/iv-org/invidious/wiki/Invidious-Instances).
-
-
Cryptocurrencies
-
Notable Mentions
-
-
Crypto Wallets
-
Notable Mentions
- Trezor - platform, offline, crypto wallet, compatible with 1000+ coins. Your private key is generated on the device, and never leaves it, all transactions are signed by the Trezor, which ensures your wallet is safe from theft. There are native apps for Windows, Linux, MacOS, Android and iOS, but Trezor is also compatible with other wallets, such as Wasabi. You can back the Trezor up, either by writing down the seed, or by duplicating it to another device. It is simple and intuitive to use, but also incredible customisable with a large range of advanced features.
- Electrum - standing Python-based Bitcoin wallet with good security features. Private keys are encrypted and do not touch the internet and balance is checked with a watch-only wallet. Compatible with other wallets, so there is no tie-in, and funds can be recovered with your secret seed. It supports proof-checking to verify transactions using SPV, multi-sig and add-ons for compatibility with hardware wallets. A decentralized server indexes ledger transactions, meaning it's fast and doesn't require much disk space. The potential security issue here would not be with the wallet, but rather your PC - you must ensure your computer is secure and your wallet has a long, strong passphrase to encrypt it with.
- Samourai Wallet - source, Bitcoin-only privacy-focused wallet, with some innovative features.<br>Samourai Wallet works under any network conditions, with a full offline mode, useful for cold storage. It also supports a comprehensive range of privacy features including: STONEWALL that helps guard against address clustering deanonymization attacks, PayNym which allows you to receive funds without revealing your public address for all to see, Stealth Mode which hides Samourai from your devices launcher, Remote SMS Commands to wipe or recover your wallet if device is seized or stolen, and Whirlpool which is similar to a coin mixer, and OpenDime is also supported for offline USB hardware wallets.
- Sparrow Wallet - on the contrary it attempts to provide as much detail as possible about your transactions and UTXOs, but in a way that is manageable and usable.
- Atomic Wallet - does-atomic-wallet-offer-hardware-wallet-integration) hardware wallets yet. Therefor, it may only be a good choice as a secondary wallet, for storing small amounts of your actively used currency
- Metamask - based app means that you need to stay vigilant with what services you give access to.
-
-
Crypto Exchanges
-
Notable Mentions
- LocalBitcoins - to-person exchange, find people local to your area, and trade directly with them, to avoid going through any central organisation. Primarily focused on Bitcoin, Ethereum, Ripple and LiteCoin, as it gets harder to find people near you selling niche alt-coins
- RoboSats - to-peer experience and makes use lightning hold invoices to minimize custody and trust requirements. The deterministically generated avatars help users stick to best privacy practices.
- BaseFEX - coins, [Binance](https://www.binance.com/en/register?ref=X2BHKID1) has a wide range of currencies, and ID verification is not needed for small-value trades.
-
-
Virtual Credit Cards
-
Notable Mentions
-
-
Budgeting Tools
-
Notable Mentions
- EasyBudget - to-use app open source budgeting app. It doesn't have all the features that alternatives offer, but it does simple budget management and planning very effectively
-
-
Mobile Operating Systems
-
Notable Mentions
- Google tracks you
- custom ROM - free mobile OS that can be [flashed](https://www.xda-developers.com/how-to-install-custom-rom-android/) to your device.
- GrapheneOS - support).
- CalyxOS
- LineageOS - source operating system for various devices, based on the Android mobile platform - Lineage is light-weight, well maintained, supports a wide range of devices, and comes bundled with [Privacy Guard](https://en.wikipedia.org/wiki/Android_Privacy_Guard)
- Replicant OS - featured distro, with an emphasis on freedom, privacy and security. [MmniRom](https://www.omnirom.org/), [Recursion Remix](https://forum.xda-developers.com/remix), and [Paranoid Android](http://paranoidandroid.co/) are also popular options. Alternatively, [Ubuntu Touch](https://ubports.com/) is a Linux (Ubuntu)- based OS. It is secure by design and runs on almost any device, - but it does fall short when it comes to the app store.
-
-
Desktop Operating Systems
-
Notable Mentions
- Qubes OS - source security-oriented operating system for single-user desktop computing. It uses virtualisation, to run each application in its own compartment to avoid data being leaked. It features [Split GPG](https://www.qubes-os.org/doc/split-gpg/), [U2F Proxy](https://www.qubes-os.org/doc/u2f-proxy/), and [Whonix integration](https://www.qubes-os.org/doc/whonix/). Qubes makes is easy to create [disposable VMs](https://www.qubes-os.org/doc/disposablevm/) which are spawned quickly and destroyed when closed. Qubes is [recommended](https://twitter.com/Snowden/status/781493632293605376) by Edward Snowden
- Whonix - Whonix is based on Debian, [KickSecure](https://www.whonix.org/wiki/Kicksecure) and [Tor](https://www.whonix.org/wiki/Whonix_and_Tor)
- Parrot - based operating system, that is geared towards security, privacy and development. It is fully-featured yet light-weight, very open. There are 3 editions: General Purpose, Security and Forensic. The Secure distribution includes its own sandbox system obtained with the combination of [Firejail](https://firejail.wordpress.com/) and [AppArmor](https://en.wikipedia.org/wiki/AppArmor) with custom security profiles. While the Forensics Edition is bundled with a comprehensive suite of security/ pen-testing tools, similar to Kali and Black Arch
- Alpine Linux - oriented, lightweight distro based on musl libc and busybox. It compiles all user-space binaries as position-independent executables with stack-smashing protection. Install and setup may be quite complex for some new users
- Septor - based distro with the KDE Plasma desktop environment, and Tor baked-in. Designed for surfing the web anonymously, and completing other internet-based activities (with Thunderbird, Ricochet IM, HexChat, QuiteRSS, OnionShare). Septor is light-weight, but comes bundled with all the essential privacy + security utilities (including: Gufw, Ark, Sweeper, KGpg, Kleopatra, KWallet, VeraCrypt, Metadata Anonymisation Toolkit and more).
- TENS OS - kodachi/) and [IprediaOS](https://www.ipredia.org). (Avoid systems that are not being actively maintained)
-
-
Windows Defences
-
Anti-Malware
-
Notable Mentions
- Armadito - based anti-virus and malware detection for Windows and Linux. Supports both ClamAV signatures and YARA rules. Has a user-friendly interface, and includes a web-based admin panel for remote access.
-
-
Code Hosting
-
Bonus #2 - Open Source Media Applications
-
Notable Mentions
-
-
Bonus #4 - Self-Hosted Sysadmin
-
Notable Mentions
-
-
Bonus #5 - Self-Hosted Development Tools
-
Notable Mentions
- Docker
- Request Bin - Inspect HTTP requests and Debug webhooks
- Judge0 - A web compiler accessed through either an API of web-IDE, for executing trusted or untrusted code
-
-
Bonus #7 - Raspberry Pi/ IoT Security Software
-
Notable Mentions
- KeePass Portable - Portable password manager. For hardware-encrypted password manager, see [HardPass 2.0](https://hackaday.io/project/21227-hardpass02-hardware-passwd-manager-w-smart-card)
- hardware-based security solutions
- SquidGuard - Fast and free URL redirector, which can work well as a home caching server
-
-
More Awesome Software Lists
-
News & Updates
-
Notable Mentions
-
-
Final Notes
-
Important Considerations
-
Contributors
-
License
- ![Attribution 4.0 International - privacy/blob/main/LICENSE)
- Creative Commons, CC BY 4.0
-
Thank you
-
-
DNS Clients
-
Notable Mentions
- Nebulo - root, small-sized DNS changer utilizing DNS-over-HTTPS and DNS-over-TLS. *(Note, since this uses Android's VPN API, it is not possible to run a VPN while using Nebulo)*
- Unbound - BSD, Linux, Windows & MacOS) | Validating, recursive, caching DNS resolve with support for DNS-over-TLS. Designed to be fast, lean, and secure Unbound incorporates modern features based on open standards. It's fully open source, and recently audited. *(For an in-depth tutorial, see [this article](https://dnswatch.com/dns-docs/UNBOUND/) by DNSWatch.)*
-
-
Linux Defences
-
Notable Mentions
- ClamTk - end for ClamAV, making it an easy to use, light-weight, on-demand virus scanner for Linux systems
-
-
Home Automation
-
Notable Mentions
-
Programming Languages
Categories
Bonus #1 - Alternatives to Google
38
Browser Extensions
24
Mobile Apps
18
Online Tools
13
Virtual Private Networks
9
2-Factor Authentication
8
Encrypted Messaging
8
Browsers
8
DNS
8
Team Collaboration Platforms
7
Mobile Operating Systems
6
Desktop Operating Systems
6
Social Networks
6
Crypto Wallets
6
Windows Defences
6
Encrypted Email
6
Proxy Sites
5
Data Erasers
5
Final Notes
5
File Encryption
5
Ad Blockers
5
VOIP Clients
4
Search Engines
4
More Awesome Software Lists
4
Firewalls
4
Intrusion Detection
4
Anonymous Mail Forwarding
4
Virtual Machines
4
Password Managers
3
Bonus #5 - Self-Hosted Development Tools
3
Digital Notes
3
Blogging Platforms
3
Email Security Tools
3
Cloud Productivity Suites
3
Code Hosting
3
Virtual Phone Numbers
3
Email Clients
3
Video Platforms
3
Bonus #7 - Raspberry Pi/ IoT Security Software
3
Encrypted Cloud Storage
3
Crypto Exchanges
3
Virtual Credit Cards
3
Cloud Hosting
3
Host Block Lists
2
File Drop
2
P2P Messaging
2
Proxies
2
Mix Networks
2
DNS Clients
2
Metadata Removal Tools
2
PGP Managers
2
Intro [![Awesome](https://awesome.re/badge.svg)](https://awesome.re)
1
Self-Hosted Network Security
1
Budgeting Tools
1
Bonus #4 - Self-Hosted Sysadmin
1
News Readers and Aggregation
1
Network Analysis
1
Router Firmware
1
Linux Defences
1
Home Automation
1
News & Updates
1
DNS Hosting
1
Bonus #2 - Open Source Media Applications
1
Anti-Malware
1
Backup and Sync
1
Browser Sync
1
Domain Registrars
1
Cryptocurrencies
1
Sub Categories
Keywords
privacy
9
firefox
6
security
4
extension
4
awesome
3
chromium
3
otp
3
webextension
3
javascript
3
gtk3
2
hotp
2
totp
2
webrtc
2
addon
2
android
2
python
2
windows
2
email
2
open-source
2
linux
2
wireguard
2
app
2
2fa
2
client
2
ios
2
vpn
2
swift
2
voip
1
fingerprinting
1
noscript
1
voicechat
1
opera
1
server
1
quality-voice-chat
1
protection
1
macos
1
scriptsafe
1
gaming
1
cross-platform
1
cmake
1
audio
1
ublock
1
ublock-origin
1
blacklist
1
browser-extension
1
blocker
1
block
1
slack
1
real-time
1
mit
1