Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

-awesome-privacy-tips


https://github.com/qaisarafridi/-awesome-privacy-tips

Last synced: 4 days ago
JSON representation

  • Intro [![Awesome](https://awesome.re/badge.svg)](https://awesome.re)

  • 2-Factor Authentication

    • Categories

      • Authenticator Pro - source two factor authentication app for Android. It features encrypted backups, icons, categories and a high level of customisation. It also has a Wear OS companion app
      • Raivo OTP - time-password (OTP) client built for iOS; Raivo OTP! - built by @tijme
      • WinAuth - users. It's open source and well-established (since mid-2010)
      • OTPClient - Hosted, Web-based)*, [Etopa](https://play.google.com/store/apps/details?id=de.ltheinrich.etopa) *(Android)*
      • Authenticator - FA Client for iOS, which never connects to the internet - built by @mattrubin.me
      • Authenticator - based OTP authenticator. Has native With GNOME Shell integration. Also available through [flathub](https://flathub.org/apps/details/com.belmoussaoui.Authenticator).
      • Authenticator - browser One-Time Password (OTP) client, supports both Time-Based One-Time Password (TOTP, specified in [RFC 6238](https://tools.ietf.org/html/rfc6238) and HMAC-Based One-Time Password (HOTP, specified in [RFC 4226](https://tools.ietf.org/html/rfc4226).
      • TrayTop - offline and compatible with Windows, Mac and Linux.
      • Authy

  • File Encryption

    • Categories

      • age - style composability
      • CryptSetup - crypt](https://wiki.archlinux.org/index.php/Dm-crypt). [EncFS](https://www.arg0.net/encfs) is a cross-platform file-based encryption module, for use within user local directories. [geli](https://www.freebsd.org/cgi/man.cgi?query=geli&sektion=8) is a disk encryption subsystem included with FreeBSD.
      • AES Crypt - weight and easy file encryption utility. It includes applications for Windows, Mac OS, BSD and Linux, all of which can be interacted with either through the GUI, CLI or programatically though an API (available for Java, C, C# and Python). Although it is well established, with an overall positive reputation, there have been some [security issues](https://www.reddit.com/r/privacytoolsIO/comments/b7riov/aes_crypt_security_audit_1_serious_issue_found/) raised recently.
      • PeaZip - platform open source file archiver utility. It allows you to create, open, and extract RAR TAR ZIP archives. It also has a [password-protection feature](https://peazip.github.io/peazip-password.html), which encrypts compressed files using AES-256, which is also compatible with most other archive utilities
      • VeraCrypt - platform disk encryption software. You can use it to either encrypt a specific file or directory, or an entire disk or partition. VeraCrypt is incredibly feature-rich, with comprehensive encryption options, yet the GUI makes it easy to use. It has a CLI version, and a portable edition. VeraCrypt is the successor of (the now deprecated) TrueCrypt.
      • BitLocker - not-bitlocker/), which could lead to your system being compromised. Similarly, Apple's [FileVault](https://support.apple.com/en-us/HT204837) on MacOS is easy and secure, but again, the source code is proprietary.

    • Categories

      • Searx - hostable search engines that use the results of multiple other engines (such as Google and Bing) at the same time. They're open source and self-hostable, although using a [public instance](https://searx.space) has the benefit of not singling out your queries to the engines used.
      • DuckDuckGo - friendly, fast and secure search engine. It's totally private, with no trackers, cookies or ads. It's also highly customisable, with dark-mode, many languages and features. They even have a [.onion](https://3g2upl4pq6kufc4m.onion) URL, for use with Tor and a [no Javascript version](https://duckduckgo.com/html/)
      • Qwant - party advertising. It returns non-biased search results, with no promotions. Qwant has a unique, but nice UI.
      • Startpage

  • Encrypted Email

    • Categories

      • OpenTechFund - Secure Email
      • Comparison or Private Email Providers - security-checklist/blob/master/README.md#emails)
      • Prism Program - to-end encrypted) - this applies to Gmail, Outlook Mail, Yahoo Mail, GMX, ZoHo, iCloud, AOL and more.
      • Skiff - to-end encrypted, open-source, and privacy-first email that also integrates Web3 features such as crypto wallets and decentralized storage. Skiff has a simple and intuitive UI, supports [mobile apps](https://skiff.com/download) on iOS and Android, and requires no personally identifiable information to sign up or create an account. Skiff offers a Pro plan with additional storage space, aliases, custom domains, and more for $8 per month that can be paid using a credit card or with a crypto wallet.

    • Self-Hosted Email

      • Mail-in-a-box - to-go self-hosted mail options include [Mailu](https://mailu.io/1.7/) and [Mail Cow](https://mailcow.email/), both of which are docker containers.

  • Anonymous Mail Forwarding

    • Self-Hosted Email

      • Mailu - catchall](https://github.com/Pro/exchange-catchall)
      • mailhero.io - in encryption, so you will need to use PGP, but it is free.
      • ForwardEmail - all email forwarding service. Easy to self-host (see on [GitHub](https://github.com/forwardemail/free-email-forwarding)), or the hosted version has a free plan as well as a ($3/month) premium plan

  • VOIP Clients

    • Self-Hosted Email

      • Mumble - latency, high quality voice chat software. You can host your own server, or use a hosted instance, there are client applications for Windows, MacOS and Linux as well as third-party apps for Android and iOS.
      • SpoofCard
      • MicroSip
      • SpoofCard

  • Team Collaboration Platforms

    • Self-Hosted Email

      • Rocket.Chat - to-deploy, self-hosted team collaboration platform with stable, feature-rich cross-platform client apps. The UI is fast, good looking and intuitive, so very little technical experience is needed for users of the platform. Rocket.Chat's feature set is similar to Slack's, making it a good replacement for any team looking to have greater control over their data
      • Slack - teams-meeting-data-privacy), [Google for Work](https://www.wired.com/story/google-tracks-you-privacy/) and [Discord](https://cybernews.com/privacy/discord-privacy-tips-that-you-should-use-in-2020/) all come with some serious privacy implications.
      • RetroShare - to-1 chats with text and rich media using decentralized chat rooms, with a mail feature for delivering messages to offline contacts. A channels feature makes it possible for members of different teams to stay up-to-date with each other, and to share files. Also includes built-in forums, link aggregations, file sharing and voice and video calling. RetroShare is a bit more complex to use than some alternatives, and the UI is quite *retro*, so may not be appropriate for a non-technical team
      • Element - focused messenger using the Matrix protocol. The Element client allows for group chat rooms, media sharing voice and video group calls.
      • variety of clients - popular options include: [The Longe](https://thelounge.chat/) (Web-based), [HexChat](https://hexchat.github.io/) (Linux), [Pidgin](https://pidgin.im/help/protocols/irc/) (Linux), [WeeChat](https://weechat.org/) (Linux, terminal-based), [IceChat](https://www.icechat.net/) (Windows), [XChat Aqua](https://xchataqua.github.io/) (MacOS), [Palaver](https://palaverapp.com/) (iOS) and [Revolution](https://github.com/MCMrARM/revolution-irc) (Android)
      • Dialog

    • Notable Mentions

  • Browser Extensions

    • Notable Mentions

      • ScriptSafe - safe-chrome] \ [Firefox][script-safe-firefox]
      • Temporary Containers - Account Containers, let's you isolate cookies and other private data for each web site. **Download**: [Firefox](https://github.com/stoically/temporary-containers)
      • WebRTC-Leak-Prevent - rtc-chrome]. For Firefox users, you can do this through [browser settings](https://www.privacytools.io/browsers/#webrtc). Test for WebRTC leaks, with [browserleaks.com/webrtc](https://browserleaks.com/webrtc)
      • First Party Isolation - US/firefox/addon/first-party-isolation/)
      • Privacy-Oriented Origin Policy - US/firefox/addon/privacy-oriented-origin-policy/) \ [Source](https://github.com/claustromaniac/poop)
      • Privacy Redirect - US/firefox/addon/privacy-redirect/) / [Chrome](https://chrome.google.com/webstore/detail/privacy-redirect/pmcmeagblkinmogikoikkdjiligflglb)
      • Site Bleacher - US/firefox/addon/site-bleacher/) \ [Chrome](https://chrome.google.com/webstore/detail/site-bleacher/mlcfcepfmnjphcdkfbfgokkjodlkmemo) \ [Source](https://github.com/wooque/site-bleacher)
      • HTTPZ - Everywhere) <br>**Download**: [Firefox](https://addons.mozilla.org/en-US/firefox/addon/httpz/)
      • Skip Redirect - on tries to extract the final url from the intermediary url and goes there straight away if successful <br>**Download**: [Firefox](https://addons.mozilla.org/en-US/firefox/addon/skip-redirect/) \ [Source](https://github.com/sblask/webextension-skip-redirect)
      • Lightbeam - firefox] \ [Source][lightbeam-source]
      • uBlock Origin - chrome] \ [Firefox][ublock-firefox]
      • Firefox Multi-Account Containers - Account Containers lets you keep parts of your online life separated into color-coded tabs that preserve your privacy. Cookies are separated by container, allowing you to use the web with multiple identities or accounts simultaneously. **Download**: [Firefox](https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/)
      • CSS Exfil Protection - exfil-protection/ibeemfhcbbikonfajhamlkdgedmekifo) \ [Firefox](https://addons.mozilla.org/en-US/firefox/addon/css-exfil-protection/) \ [Source](https://github.com/mlgualtieri/CSS-Exfil-Protection)
      • Privacy Essentials - essentials-chrome] \ [Firefox][privacy-essentials-firefox]
      • Self-Destructing Cookies - destructing-cookies-chrome] \ [Firefox][self-destructing-cookies-firefox] \ [Opera][self-destructing-cookies-opera] \ [Source][self-destructing-cookies-source]
      • User Agent Switcher - Agent string, making it appear that you are on a different device, browser and version to what you are actually using. This alone does very little for privacy, but combined with other tools, can allow you to keep your fingerprint changing, and feed fake info to sites tracking you. Some websites show different content, depending on your user agent.<br>**Download**: [Chrome](https://chrome.google.com/webstore/detail/user-agent-switcher/bhchdcejhohfmigjafbampogmaanbfkg) \ [Fireforx](https://addons.mozilla.org/firefox/addon/user-agent-string-switcher/) \ [Edge](https://microsoftedge.microsoft.com/addons/detail/cnjkedgepfdpdbnepgmajmmjdjkjnifa) \ [Opera](https://addons.opera.com/extensions/details/user-agent-switcher-8/) \ [Source](https://github.com/ray-lothian/UserAgent-Switcher/)
      • Web Archives - US/firefox/addon/view-page-archive/) \ [Chrome](https://chrome.google.com/webstore/detail/web-archives/hkligngkgcpcolhcnkgccglchdafcnao) \ [Edge](https://microsoftedge.microsoft.com/addons/detail/apcfghlggldjdjepjnahfdjgdcdekhda) \ [Source](https://github.com/dessant/web-archives)
      • Flagfox - US/firefox/addon/flagfox/)
      • AmIUnique Timeline - chrome] \ [Firefox][amiunique-firefox]
      • arkenfox wiki
      • Decentraleyes - party CDN. Improves privacy and load times. Works out-of-the-box and plays nicely with regular content blockers. **Download**: [Chrome][decentraleyes-chrome] \ [Firefox][decentraleyes-firefox] \ [Opera][decentraleyes-opera] \ [Pale Moon][decentraleyes-pale-moon] \ [Source][decentraleyes-source]
      • Skip Redirect - on tries to extract the final url from the intermediary url and goes there straight away if successful <br>**Download**: [Firefox](https://addons.mozilla.org/en-US/firefox/addon/skip-redirect/) \ [Source](https://github.com/sblask/webextension-skip-redirect)
      • LocalCDN - US/firefox/addon/localcdn-fork-of-decentraleyes/)

  • Mobile Apps

  • Firewalls

    • Notable Mentions

      • AFWall+ - Rooted) | Android Firewall+ (AFWall+) is an advanced iptables editor (GUI) for rooted Android devices, which provides very fine-grained control over which Android apps are allowed to access the network
      • SimpleWall
      • OpenSnitch - app basis. GNU/Linux port of the Little Snitch application firewall
      • NetGuard - Fi and/or mobile connection
      • NoRoot Firewall
      • Little Snitch - app basis
      • Uncomplicated Firewall
      • Gufw - overhead, under active maintenance and backed by a strong community. Installable through most package managers, or compile from [source](https://answers.launchpad.net/gui-ufw)
      • OpenSense

  • Virtual Private Networks

    • Notable Mentions

      • Mullvad
      • Streisand
      • Azire - security-checklist/issues/140).
      • IVPN - source apps and website. Strong ethics: no trackers, no false promises, no surveillance ads. Accepts various payment methods including crypotcurrencies.
      • ProtonVPN - friendly native mobile and desktop apps. ProtonVPN is one of the few "trustworthy" providers that also offer a free plan
      • OVPN - proven VPN service with support for Wireguard and OpenVPN support, and optional ad-blocking. Running on dedicated hardware, with no hard drives
      • Read more about fingerprinting
      • VPN leaks
      • What is a DNS leak - to-fix-a-dns-leak.html)*
      • Outline - wide access to the free and open internet. And since you have full control over the server, you can be confident that there is no logging or monitoring happening. However it comes at the cost of anonymity, especially if it's only you using your instance.
      • Tor

  • Self-Hosted Network Security

    • Notable Mentions

      • E2guardian
      • Firezone - source self-hosted VPN and firewall built on WireGuard®.
      • Technitium - invasive content at it's source. Technitium doesn't require much of a setup, and basically works straight out of the box, it supports a wide range of systems (and can even run as a portable app on Windows). It allows you to do some additional tasks, such as add local DNS addresses and zones with specific DNS records. Compared to Pi-Hole, Technitium is very lightweight, but lacks the deep insights that Pi-Hole provides, and has a significantly smaller community behind it
      • SquidGuard - in for Squid and uses blacklists to define sites for which access is redirected
      • Pre-configured security boxes

  • Proxies

  • DNS Clients

    • Notable Mentions

      • DNScrypt-proxy 2 - BSD, Linux, Solaris, Windows, MacOS & Android) | A flexible DNS proxy, with support for modern encrypted DNS protocols including DNSCrypt V2, DNS-over-HTTPS and Anonymized DNSCrypt. Also allows for advanced monitoring, filtering, caching and client IP protection through Tor, SOCKS proxies or Anonymized DNS relays.
      • DNS Cloak - proxy 2 on an iPhone.
      • Nebulo - root, small-sized DNS changer utilizing DNS-over-HTTPS and DNS-over-TLS. *(Note, since this uses Android's VPN API, it is not possible to run a VPN while using Nebulo)*
      • Unbound - BSD, Linux, Windows & MacOS) | Validating, recursive, caching DNS resolve with support for DNS-over-TLS. Designed to be fast, lean, and secure Unbound incorporates modern features based on open standards. It's fully open source, and recently audited. *(For an in-depth tutorial, see [this article](https://dnswatch.com/dns-docs/UNBOUND/) by DNSWatch.)*

  • Ad Blockers

    • Notable Mentions

      • DN66 - based host and ad blocker for Android. Easy to configure, but the default config uses several widely-respected host files. aimed at stopping ads, malware, and other weird stuff
      • BlockParty - wide ad-blocking. Can be customized with custom host lists, primarily aimed for just ad-blocking
      • Ad Block Radio
      • uMatrix - development-has-ended/) being actively maintained**. Another light-weight browser extension, for Chromium and Firefox browsers. uMatrix acts more like a firewall, giving you the option for super fine-grained control over every aspect of resource blocking. It is possible to use both uBlock (for simple/ cosmetic ad blocking) and uMatrix (for detailed JavaScript blocking) at the same time
      • AdGuardHome - platform DNS Ad Blocker, similar to Pi Hole, but with some additional features, like parental controls, per-device configuration and the option to force safe search. This may be a good solution for families with young children.
      • Diversion - blocking, Dnsmasq logging, Entware and pixelserv-tls installations and more on supported routers running [Asuswrt-Merlin firmware](https://www.asuswrt-merlin.net/), including its forks
      • hBlock - compliant shell script, designed for Unix-like systems, that gets a list of domains that serve ads, tracking scripts and malware from multiple sources and creates a hosts file (alternative formats are also supported) that prevents your system from connecting to them. Aimed at improving security and privacy through blocking advert, tracking and malware associated domains
      • RethinkDNS + Firewall - blocker and a firewall for Android 6+ (no root required)
      • TrackStop with PerfectPrivacy
      • Private Internet Access - 9242873-13842740), and [NordVPN](https://www.kqzyfj.com/l5115shqnhp4E797DC8467D69A6D) also have ad-block features.

  • Host Block Lists

    • Notable Mentions

      • Hosts by StevenBlack - maintained consolidated and extending hosts files from several well-curated sources. You can optionally pick extensions to block p0rn, Social Media, gambling, fake news and other categories
      • No Google
      • Energized - maintained lists, available in all common formats, with millions of hosts included
      • SomeoneWhoCares/ Hosts - to-date host list, maintained by Dan Pollock - to make the internet not suck (as much)
      • iBlockList - for) for blocking content based on certain topics, inducing: spam, abuse, political, illegal, hijacked, bad peers and more

  • Network Analysis

  • Intrusion Detection

    • Notable Mentions

      • picosnitch
      • Zeek
      • OSSEC - based intrusion detection system, that performs log analysis, integrity checking, monitoring, rootkit detection, real-time alerting and active response
      • Kismet
      • Snare

  • Pre-Configured Mail-Servers

    • Notable Mentions

      • Mail-in-a-box - to-deploy fully-featured and pre-configured SMTP mail server. It includes everything from webmail, to spam filtering and backups
      • Docker Mailserver - stack but simple mailserver (smtp, imap, antispam, antivirus, ssl...) using Docker. Very complete, with everything you will need, customizable and very easy to deploy with docker

  • File Drop

    • Notable Mentions

      • Instant.io - to-peer based solution, using [Web Torrent](https://webtorrent.io). For specifically transferring images, [Up1](https://github.com/Upload/Up1) is a good self-hosted option, with client-side encryption. Finally [PsiTransfer](https://github.com/psi-4ward/psitransfer) is a feature-rich, self-hosted file drop, using streams.
      • FileSend - day retention. Files are secured with client-side AES-256 encryption and no IP address or device info is logged. Files are permanently deleted after download or after specified duration. Developed by [StandardNotes](https://standardnotes.org/?s=chelvq36), and has built-in integration with the SN app.
      • OnionShare

  • Browser Sync

    • Notable Mentions

      • Unmark - host it, or use their [managed service](https://unmark.it) which has a free and paid-for tier
      • Reminiscence - hosted bookmark and archive manager. Reminiscence is more geared towards archiving useful web pages either for offline viewing or to preserve a copy. It is a web application, that can be installed with Docker on either a local or remote server, although it has a comprehensive and well-documented REST API, there is currently [no browser extension](https://github.com/kanishka-linux/reminiscence/wiki/Browser-Addons)
      • Shiori
      • NextCloud Bookmarks - US/firefox/addon/freedommarks/) (Firefox) and [OwnCloud Bookmarks](https://chrome.google.com/webstore/detail/owncloud-bookmarks/eomolhpeokmbnincelpkagpapjpeeckc) (Chrome).

  • Metadata Removal Tools

  • Data Erasers

    • Notable Mentions

      • nwipe - platform) | C-based secure light-weight disk eraser, operated through the easy-to-use CLI or a GUI interface
      • Hard Disk Scrubber - 5020, DoD 5220.22-M, and Random Data
      • OW Shredder
      • shred
      • Secure Remove
      • `dd` - wsv /dev/sdd`. An effective method of erasing an SSD, it to use [hdparm](https://en.wikipedia.org/wiki/Hdparm) to issue a [secure erase](https://en.wikipedia.org/wiki/Parallel_ATA#HDD_passwords_and_security) command, to your target storage device, for this, see step-by-step instructions via: [wiki.kernel.org](https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase). Finally, `[srm](https://www.systutorials.com/docs/linux/man/1-srm/)` can be use to securely remove files or directories, just run `srm -zsv /path/to/file` for a single pass over.

  • Video Platforms

    • Notable Mentions

      • youtube-dl - dl-gui](https://github.com/MrS0m30n3/youtube-dl-gui) (gui). For just audio, there is [PodSync](https://podsync.net/)
      • BitTube - to-peer, decentralized, censorship-free, ad-free video sharing and live streaming platform based on IPFS and blockchain technology
      • BitChute
      • Petey Vid - biased video search engine. Unlike normal search engines it indexes videos from a lot of sources, including Twitter, Veoh, Instagram, Twitch, MetaCafe, Minds, BitChute, Brighteon, D-Tube, PeerTube, and many others.

  • News Readers and Aggregation

    • Notable Mentions

      • RSSOwl - based RSS reader, with powerful organisation features
      • Tonic - you can use throwaway accounts for posting.

  • Proxy Sites

    • Notable Mentions

      • NewPipe - respecting YouTube client for Android.
      • Invidious - focused, open source alternative frontend for YouTube. It prevents/ reduces Google tracking, and adds additional features, including an audio-only mode, Reddit comment feed, advanced video playback settings. It's super lightweight, and does not require JavaScript to be enabled, and you can import/ export your subscriptions list, and customize your feed. See list of [Invidious Public Instances](https://github.com/iv-org/invidious/wiki/Invidious-Instances).
      • Nitter - end focused on privacy, it prevents Twitter from tracking your IP or browser fingerprint. It does not include any JavaScript, and all requests go through the backend, so the client never talks directly to Twitter. It's written in Nim, is super lightweight, with multiple themes and a responsive mobile version available, as well as customizable RSS feeds. Uses an unofficial API, with no rate limits or and no developer account required.
      • Libreddit - end for Reddit written in Rust. Massively [faster than Reddit](https://github.com/spikecodes/libreddit#speed) by not including ads, trackers or bloat. Libreddit can be deployed and selfhosted through `cargo`, Docker and Repl.it and proxies all requests through the back-end. Libreddit currently implements most of Reddit's functionalities that don't require users to be signed in.
      • WebProxy - blocked content. The service is maintained by [DevroLabs](https://devrolabs.com/), who also run the [OnionSite](https://onionsite.weboproxy.com/) web proxy, they claim to that all traffic is 256-bit SSL-encrypted, but this cannot be verified - never enter any potentially personally identifiable information, and use it purely for consuming content.
      • FreeTube - feel desktop app. It is built upon the [Invidious](https://invidious.io/) API.

  • Budgeting Tools

    • Notable Mentions

      • HomeBank - party port for Mac OS)
      • EasyBudget - to-use app open source budgeting app. It doesn't have all the features that alternatives offer, but it does simple budget management and planning very effectively
      • GnuCash - featured cross-platform accounting application, which works well for both personal and small business finance. First released in 1998, GnuCash is long standing and very stable, and despite a slightly dated UI, it's still a very popular option. Originally developed for Linux, GnuCash is now available for Windows, Mac and Linux and also has a well rated official [Android app](https://play.google.com/store/apps/details?id=org.gnucash.android&hl=en)

  • Mobile Operating Systems

    • Notable Mentions

      • Aurora Store
      • Google tracks you
      • custom ROM - free mobile OS that can be [flashed](https://www.xda-developers.com/how-to-install-custom-rom-android/) to your device.
      • GrapheneOS - support).
      • CalyxOS
      • LineageOS - source operating system for various devices, based on the Android mobile platform - Lineage is light-weight, well maintained, supports a wide range of devices, and comes bundled with [Privacy Guard](https://en.wikipedia.org/wiki/Android_Privacy_Guard)
      • Replicant OS - featured distro, with an emphasis on freedom, privacy and security. [OmniRom](https://www.omnirom.org/), [Resurrection Remix OS](https://resurrectionremix.com/), and [Paranoid Android](http://paranoidandroid.co/) are also popular options. Alternatively, [Ubuntu Touch](https://ubports.com/) is a Linux (Ubuntu)- based OS. It is secure by design and runs on almost any device, - but it does fall short when it comes to the app store.

  • Linux Defences

    • Notable Mentions

      • Firejail - bpf. Written in C, virtually no dependencies, runs on any modern Linux system, with no daemon running in the background, no complicated configuration, and it's super lightweight and super secure, since all actions are implemented by the kernel. It includes security profiles for over 800 common Linux applications. FireJail is recommended for running any app that may potential pose some kind of risk, such as torrenting through Transmission, browsing the web, opening downloaded attachments
      • ClamTk - end for ClamAV, making it an easy to use, light-weight, on-demand virus scanner for Linux systems

  • Online Tools

  • Bonus #1 - Alternatives to Google

  • Encrypted Cloud Storage

    • Notable Mentions

      • Peergos - to-peer end-to-end encrypted global filesystem with fine grained access control. Provides a secure and private space online where you can store, share and view your photos, videos, music and documents. Also includes a calendar, news feed, task lists, chat and email client. Fully open source and self-hostable (or use hosted solution, £5/month for 50 GB)
      • Internxt - knowledge cloud storage service based on best-in-class privacy and security. Made in Spain. Open-source mobile and desktop apps. 10GB FREE and Paid plans starting from €0.99/month for 20GB.
      • FileN - to-end encrypted affordable cloud storage made in Germany. Open-source mobile and desktop apps. 10GB FREE with paid plans starting at €0.92/month for 100GB.
      • IceDrive - platform apps. Starts as £1.50/month for 150 GB or £3.33/month for 1 TB

  • Encrypted Messaging

    • Categories

      • Surespot - messenger)s been removed from the list, since development has halted.
      • Signal - to-use, functioning similar to WhatsApp - with instant messaging, read-receipts, support for media attachments and allows for high-quality voice and video calls. It's cross-platform, open-source and totally free. Signal is [recommended](https://twitter.com/Snowden/status/661313394906161152) by Edward Snowden, and is a perfect solution for most users
      • Surespot - messenger)s been removed from the list, since development has halted.
      • OpenPGP
      • not easy - bit key IDs](https://evil32.com/) - they are too short to be secure. There have also been vulnerabilities found in the OpenPGP and S/MIME, defined in [EFAIL](https://efail.de/), so although it still considered secure for general purpose use, for general chat, it may be better to use an encrypted messaging or email app instead.
      • Surespot - messenger)s been removed from the list, since development has halted.
      • XMPP - to-end encryption](https://en.wikipedia.org/wiki/OMEMO), which is based on the [Double Ratchet Algorithm](https://en.wikipedia.org/wiki/Double_Ratchet_Algorithm) that is used in Signal. For more hands-on information and to register an account you can visit [JoinJabber](https://joinjabber.org). Below you can find a list of OMEMO-enabled clients for all the major platforms.<br><br><table><thead><tr><th>Program</th><th>Linux</th><th>MacOS</th><th>Windows</th><th>Android</th><th>iOS</th></tr></thead><tbody><tr><td><a href="https://gajim.org">Gajim</a> (<a href="https://gajim.org/download/#install-instructions">OMEMO plugin</a>)</td><td>✓</td><td><a href="https://dev.gajim.org/gajim/gajim/-/wikis/help/Gajim-on-macOS">~</a></td><td>✓</td><td></td><td></td></tr><tr><td><a href="https://dino.im">Dino</a> ✆</td><td>✓</td><td></td><td><a href="https://github.com/LAGonauta/dino/releases">✓</a></td><td></td><td></td></tr><tr><td><a href="https://conversations.im">Conversations</a> / <a href="https://blabber.im">Blabber</a> ✆</td><td></td><td></td><td></td><td>✓</td><td></td></tr><tr><td><a href="https://monal-im.org">Monal IM</a></td><td></td><td>✓</td><td></td><td></td><td>✓</td></tr><tr><td><a href="https://beagle.im">Beagle IM</a> / <a href="https://siskin.im">Siskin IM</a> ✆</td><td></td><td>✓</td><td></td><td></td><td>✓</td></tr></tbody></table>
      • Surespot - messenger)s been removed from the list, since development has halted.
      • Surespot - messenger)s been removed from the list, since development has halted.

  • PGP Managers

    • Notable Mentions

      • EnigMail - inc.com), integrates natively within mail app
      • p≡p - to-use decentralied PGP encryption for Android, iOS, Thunderbird, Enigmail, and Outlook. Popular solution for enterprises
      • SeaHorse

  • Password Managers

    • Categories

      • Password Safe
      • PassBolt - hosted, extensible and OpenPGP based. It is specifically good for development and DevOps useage, with integrations for the terminal, browser and chat, and can be easily extended for custom usage, and deployed quickly with Docker
      • 1Password - featured cross-platform password manager with sync. Free for self-hosted data (or $3/ month hosted). Be aware that 1Password is not fully open source, but they do regularly publish results of their independent [security audits](https://support.1password.com/security-assessments), and they have a solid reputation for transparently disclosing and fixing vulnerabilities

  • Browsers

    • Categories

      • LibreWolf
      • Bromite - respecting fork of Chromium for Android. Comes with built-in adblock and additional settings for hardening.
      • Mull - Fenix (Android), [Firefox Focus](https://support.mozilla.org/en-US/kb/focus) (Android/ iOS), [DuckDuckGo Browser](https://help.duckduckgo.com/duckduckgo-help-pages/mobile/ios/) (Android/ iOS), [Orbot](https://guardianproject.info/apps/orbot/) + [Tor](https://www.torproject.org/download/#android) (Android), [Onion Browser](https://onionbrowser.com/) (iOS)
      • Nyxt - project.org/), [Ungoogled-Chromium](https://github.com/Eloston/ungoogled-chromium), [Basilisk Browser](https://www.basilisk-browser.org/) and [IceCat](https://www.gnu.org/software/gnuzilla/)
      • Firefox Configuration for Privacy and Performance
      • extensions
      • Firefox Configuration for Privacy and Performance

  • P2P Messaging

    • Categories

      • Peer-to-Peer - down or forced to turn over data. There are P2P networks available that are open source, E2E encrypted, routed through Tor services, totally anonymous and operate without the collection of metadata.

  • Email Clients

    • Self-Hosted Email

      • FairEmail - featured and easy mail client for Android. Supports unlimited accounts and email addresses with the option for a unified inbox. Clean user interface, with a dark mode option, it is also very lightweight and consumes minimal data usage
      • K-9 Mail - 9 is open source, very well supported and trusted - k9 has been around for nearly as long as Android itself! It supports multiple accounts, search, IMAP push email, multi-folder sync, flagging, filing, signatures, BCC-self, PGP/MIME & more. Install OpenKeychain along side it, in order to encrypt/ decrypt emails using OpenPGP
      • p≡p - to-end encrypted mail client, for "automatic privacy". It has some nice features, however it is not open source

  • Email Security Tools

    • Self-Hosted Email

      • Email Privacy Tester - receipts or other tracking data your mail client allows to be sent back to the sender. The system is open source ([on GitLab](https://gitlab.com/mikecardwell/ept3)), developed by [Mike Cardwell](https://www.grepular.com/) and trusted, but if you do not want to use your real email, creating a second account with the same provider, should yield identical results
      • DKIM Verifier - mail header, in order to help spot spoofed emails (which do not come from the domain that they claim to)

  • Virtual Phone Numbers

    • Self-Hosted Email

      • Silent.link - wide roaming. No data is required at sign-up. Affordable pricing, with payments and top-ups accepted in BTC. Requires an eSim-compatible device
      • Crypton.sh
      • Jmp.chat

  • Mix Networks

    • Notable Mentions

      • Mix networks - to-trace communications, by encrypting and routing traffic through a series of nodes. They help keep you anonymous online, and unlike VPNs -there are no logs
      • here

  • DNS

    • Notable Mentions

      • NextDNS - blocking, privacy-protecting, censorship-bypassing DNS. Also comes with analytics, and the ability to shield kids from adult content
      • Full List of Public DoH Servers - Hosted also has a [good list](https://awesome.tilde.fun/d/23-list-of-dns-servers
      • this article - and-security-focused-dns-resolver/).
      • OpenNIC - focused DNS
      • Clean Browsing - based Content Filtering
      • DNS leak test
      • Quad9 - funded, performant DNS with a strong focus on privacy and security and easy set-up, however questions have been raised about the motivation of some of the financial backers.
      • CloudFlare - class protection. They have native cross-platform apps, for easy set-up.

  • Router Firmware

    • Notable Mentions

      • Tomato - router.com), [LibreCMC](https://librecmc.org) and [DebWRT](http://www.debwrt.net)

  • Cloud Hosting

    • Notable Mentions

      • Vindo - managed virtual private servers and domain registration
      • Private Layer - grade, high-speed offshore dedicated servers, they own their own data centres, have a solid privacy policy and accept anonymous payment
      • 5 eyes
      • 1984 - shore dedicated servers. [Orange Website](https://www.orangewebsite.com) specialises in protecting online privacy and free speech, hosted in Iceland. [RackBone](https://rackbone.ch) (previously [DataCell](https://datacell.is)) provides secure and ethical hosting, based in Switzerland. And [Bahnhof](https://www.bahnhof.net) offers high-security and ethical hosting, with their data centres locates in Sweden. Finally [Simafri](https://www.simafri.com/anonymous) has a range of packages, that support Tor out of the box

  • Domain Registrars

  • DNS Hosting

  • Digital Notes

    • Notable Mentions

      • Cryptee - text documents. Cryptee has encryption and anonymity at its core, it also has a beautiful and minimalistic UI. You can use Cryptee from the browser, or download native Windows, Mac OS, Linux, Android and iOS apps. Comes with many additional features, such as support for photo albums and file storage. The disadvantage is that only the frontend is open source. Pricing is free for starter plan, $3/ month for 10GB, additional plans go up-to 2TB
      • Turtle - host it yourself (see [repo](https://github.com/turtl)), or use their hosted plan (free edition or $3/ month for premium)
      • Logseq - first, open-source knowledge base that works on top of local plain-text Markdown and Org-mode files
      • SafeRoom

  • Cloud Productivity Suites

    • Notable Mentions

      • NextCloud - hosted productivity platform, with a strong community and growing [app store](https://apps.nextcloud.com). NextCloud is similar to (but arguably more complete than) Google Drive, Office 365 and Dropbox, originally it was a fork from [OwnCloud](https://owncloud.org/), but since have diverged. Clear UI and stable native apps across all platforms, and also supports file sync. Supports encrypted files, but you need to configure this yourself. Fully open source, so you can self-host it yourself (or use a hosted solution, starting from $5/ month)
      • Sandstorm - hosting web apps. Once you've set it up, you can install items from the Sandstorm [App Market](https://apps.sandstorm.io/) with -click, similar to NextCloud in terms of flexibility
      • Skiff Pages - to-end encrypted, privacy-first collaborative document, note-taking, and wiki product. Skiff Pages has a modern, easy-to-use UI and supports rich text documents with embedded content. Skiff also supports end-to-end encrypted file upload and sharing ([Skiff Drive](https://skiff.com/drive)), as well as workspaces for multiple users to collaborate. [Skiff Pages is available](https://skiff.com/download) on web, iOS, and Android.

  • Backup and Sync

    • Notable Mentions

      • secure the server - use a strong password, keep your credentials safe and enable 2FA.
      • SpiderOak - in
      • FileRun - hosted file explorers, with cross-platform sync capabilities.

  • Virtual Machines

    • Notable Mentions

      • VirtualBox - rich virtualization product, supporting x86 and AMD64/Intel64 architectures. Available for Windows, MacOS, Linux and BSD, and free for both personal and enterprise use. VirtualBox is backed by a strong community, and has been under active development since 2007.
      • Xen Project - 1 hyperviser for multiple operating systems using the same hardware - very useful for servers, as it allows for fully independent virtual Linux machines
      • QEMU
      • VMWare - V](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v), which is a native Windows product, developed by Microsoft.

  • Social Networks

    • Notable Mentions

      • cost of our privacy - but you, the user should be able to choose with whom you share what, and that is what the following sites aim to do.
      • Discourse - hostable discussion platform you can use as a mailing list, discussion forum or long-form chat room.
      • Mastodon - source, distributed across independent servers, and with no algorithms that mess with users timelines
      • Minds
      • Vero - source) A mobile-based social network, whose USP is that they have "No Ads. No Data Mining. No Algorithms." Since Vero is not open source, it is not possible to verify the validity of these claims
      • tweaks - respecting client - such as [Reditr](http://reditr.com/). Other main-stream social networking sites do not respect your privacy, so should be avoided, but if you choose to keep using them see [this guide](https://proprivacy.com/guides/social-media-privacy-guide) for tips on protecting your privacy

  • Blogging Platforms

    • Notable Mentions

      • Bear Blog - first, no-nonsense, super-fast blogging platform. [Repo on GitHub](https://github.com/HermanMartinus/bearblog).
      • Movim - source](https://github.com/movim/movim) web frontend for XMPP that supports decentralized blogging and chatrooms.
      • Standard Notes

  • Cryptocurrencies

  • Crypto Wallets

    • Notable Mentions

      • Trezor - platform, offline, crypto wallet, compatible with 1000+ coins. Your private key is generated on the device, and never leaves it, all transactions are signed by the Trezor, which ensures your wallet is safe from theft. There are native apps for Windows, Linux, MacOS, Android and iOS, but Trezor is also compatible with other wallets, such as Wasabi. You can back the Trezor up, either by writing down the seed, or by duplicating it to another device. It is simple and intuitive to use, but also incredible customisable with a large range of advanced features.
      • Electrum - standing Python-based Bitcoin wallet with good security features. Private keys are encrypted and do not touch the internet and balance is checked with a watch-only wallet. Compatible with other wallets, so there is no tie-in, and funds can be recovered with your secret seed. It supports proof-checking to verify transactions using SPV, multi-sig and add-ons for compatibility with hardware wallets. A decentralized server indexes ledger transactions, meaning it's fast and doesn't require much disk space. The potential security issue here would not be with the wallet, but rather your PC - you must ensure your computer is secure and your wallet has a long, strong passphrase to encrypt it with.
      • Samourai Wallet - source, Bitcoin-only privacy-focused wallet, with some innovative features.<br>Samourai Wallet works under any network conditions, with a full offline mode, useful for cold storage. It also supports a comprehensive range of privacy features including: STONEWALL that helps guard against address clustering deanonymization attacks, PayNym which allows you to receive funds without revealing your public address for all to see, Stealth Mode which hides Samourai from your devices launcher, Remote SMS Commands to wipe or recover your wallet if device is seized or stolen, and Whirlpool which is similar to a coin mixer, and OpenDime is also supported for offline USB hardware wallets.
      • Sparrow Wallet - on the contrary it attempts to provide as much detail as possible about your transactions and UTXOs, but in a way that is manageable and usable.
      • Atomic Wallet - does-atomic-wallet-offer-hardware-wallet-integration) hardware wallets yet. Therefor, it may only be a good choice as a secondary wallet, for storing small amounts of your actively used currency
      • Metamask - based app means that you need to stay vigilant with what services you give access to.

  • Crypto Exchanges

    • Notable Mentions

      • LocalBitcoins - to-person exchange, find people local to your area, and trade directly with them, to avoid going through any central organisation. Primarily focused on Bitcoin, Ethereum, Ripple and LiteCoin, as it gets harder to find people near you selling niche alt-coins
      • RoboSats - to-peer experience and makes use lightning hold invoices to minimize custody and trust requirements. The deterministically generated avatars help users stick to best privacy practices.
      • BaseFEX - coins, [Binance](https://www.binance.com/en/register?ref=X2BHKID1) has a wide range of currencies, and ID verification is not needed for small-value trades.

  • Virtual Credit Cards

  • Desktop Operating Systems

    • Notable Mentions

      • Qubes OS - source security-oriented operating system for single-user desktop computing. It uses virtualisation, to run each application in its own compartment to avoid data being leaked. It features [Split GPG](https://www.qubes-os.org/doc/split-gpg/), [U2F Proxy](https://www.qubes-os.org/doc/u2f-proxy/), and [Whonix integration](https://www.qubes-os.org/doc/whonix/). Qubes makes is easy to create [disposable VMs](https://www.qubes-os.org/doc/disposablevm/) which are spawned quickly and destroyed when closed. Qubes is [recommended](https://twitter.com/Snowden/status/781493632293605376) by Edward Snowden
      • Whonix - Whonix is based on Debian, [KickSecure](https://www.whonix.org/wiki/Kicksecure) and [Tor](https://www.whonix.org/wiki/Whonix_and_Tor)
      • Parrot - based operating system, that is geared towards security, privacy and development. It is fully-featured yet light-weight, very open. There are 3 editions: General Purpose, Security and Forensic. The Secure distribution includes its own sandbox system obtained with the combination of [Firejail](https://firejail.wordpress.com/) and [AppArmor](https://en.wikipedia.org/wiki/AppArmor) with custom security profiles. While the Forensics Edition is bundled with a comprehensive suite of security/ pen-testing tools, similar to Kali and Black Arch
      • Alpine Linux - oriented, lightweight distro based on musl libc and busybox. It compiles all user-space binaries as position-independent executables with stack-smashing protection. Install and setup may be quite complex for some new users
      • Septor - based distro with the KDE Plasma desktop environment, and Tor baked-in. Designed for surfing the web anonymously, and completing other internet-based activities (with Thunderbird, Ricochet IM, HexChat, QuiteRSS, OnionShare). Septor is light-weight, but comes bundled with all the essential privacy + security utilities (including: Gufw, Ark, Sweeper, KGpg, Kleopatra, KWallet, VeraCrypt, Metadata Anonymisation Toolkit and more).
      • TENS OS - kodachi/) and [IprediaOS](https://www.ipredia.org). (Avoid systems that are not being actively maintained)

  • Windows Defences

  • Anti-Malware

    • Notable Mentions

      • Armadito - based anti-virus and malware detection for Windows and Linux. Supports both ClamAV signatures and YARA rules. Has a user-friendly interface, and includes a web-based admin panel for remote access.

  • Code Hosting

    • Notable Mentions

      • SourceHut - based build pipelines. Can be self-hosted, or used through the managed instance at [sr.ht](https://sr.ht/)
      • Codeberg - managed instance of [Forgejo](https://forgejo.org)
      • Gogs - hosted git platform, written in Go

  • Bonus #4 - Self-Hosted Sysadmin

  • Bonus #5 - Self-Hosted Development Tools

    • Notable Mentions

      • Docker
      • Request Bin - Inspect HTTP requests and Debug webhooks
      • Judge0 - A web compiler accessed through either an API of web-IDE, for executing trusted or untrusted code

  • Bonus #7 - Raspberry Pi/ IoT Security Software

    • Notable Mentions

      • KeePass Portable - Portable password manager. For hardware-encrypted password manager, see [HardPass 2.0](https://hackaday.io/project/21227-hardpass02-hardware-passwd-manager-w-smart-card)

  • More Awesome Software Lists

  • News & Updates

    • Notable Mentions

  • Final Notes

  • Bonus #2 - Open Source Media Applications

  • Home Automation

Programming Languages
JavaScript 14 Python 8 Go 5 C 5 Shell 3 Java 3 TypeScript 3 Objective-C 2 C# 2 HTML 1
Categories
Bonus #1 - Alternatives to Google 37 Browser Extensions 23 Mobile Apps 20 Virtual Private Networks 11 Online Tools 11 Ad Blockers 10 2-Factor Authentication 9 Firewalls 9 Encrypted Messaging 9 DNS 8 Mobile Operating Systems 7 Team Collaboration Platforms 7 Browsers 7 Desktop Operating Systems 6 Crypto Wallets 6 Windows Defences 6 File Encryption 6 Data Erasers 6 Social Networks 6 Proxy Sites 6 Final Notes 5 Host Block Lists 5 Intrusion Detection 5 Encrypted Email 5 Self-Hosted Network Security 5 Digital Notes 4 VOIP Clients 4 Proxies 4 Video Platforms 4 Virtual Machines 4 Encrypted Cloud Storage 4 Metadata Removal Tools 4 Browser Sync 4 DNS Clients 4 More Awesome Software Lists 4 Search Engines 4 Virtual Credit Cards 4 Cloud Hosting 4 Code Hosting 3 Cloud Productivity Suites 3 Blogging Platforms 3 Virtual Phone Numbers 3 Email Clients 3 Budgeting Tools 3 Password Managers 3 File Drop 3 Crypto Exchanges 3 PGP Managers 3 Anonymous Mail Forwarding 3 Bonus #5 - Self-Hosted Development Tools 3 Backup and Sync 3 Email Security Tools 2 News Readers and Aggregation 2 Pre-Configured Mail-Servers 2 Network Analysis 2 Linux Defences 2 Mix Networks 2 Bonus #2 - Open Source Media Applications 2 Bonus #4 - Self-Hosted Sysadmin 1 Home Automation 1 News & Updates 1 DNS Hosting 1 P2P Messaging 1 Anti-Malware 1 Bonus #7 - Raspberry Pi/ IoT Security Software 1 Cryptocurrencies 1 Domain Registrars 1 Router Firmware 1 Intro [![Awesome](https://awesome.re/badge.svg)](https://awesome.re) 1
Sub Categories
Notable Mentions 280 Categories 43 Self-Hosted Email 22 License 2 Important Considerations 1 Thank you 1 Contributors 1
Keywords
privacy 15 security 8 adblock 6 firefox 6 android 5 firewall 5 javascript 4 mail 3 vpn 3 proxy 3 ios 3 chromium 3 smtp 3 linux 3 protection 3 extension 3 open-source 3 webrtc 3 windows 3 wireguard 3 email 3 networking 3 self-hosted 3 golang 3 otp 3 dns 3 dns-over-https 3 dnscrypt 3 ad-blocker 3 awesome 3 mailserver 2 docker 2 macos 2 imap 2 server 2 python 2 trojans 2 ransomware 2 cloud 2 network 2 shadowsocks 2 android-firewall 2 android-app 2 censorship-circumvention 2 webextension 2 blocker 2 tracking 2 ipad 2 iphone 2 block 2