SEARCH ENGINES
Advangle is a simple and convenient builder of complex web-search queries through Google or Bing search engines. You can save your queries in a free Advangle account to refer to later.
Bing vs Google-A tool that provides a side-by-side list and comparison of search results delivered through Bing vs. Google search engines.
iSeek-A targeted discovery tool that allows an investigator to enhance, analyze and organize searches, and see how collected information on a topic is distributed. iSeek uses natural language queries that understands the meaning and concepts embedded in the search and delivers relevant information.
Yippy (formerly Clusty) is a metasearch engine that allows investigators to index and federate documents and data sources to provide relevant big picture insights.
NerdyData-With NerdyData investigators can search for source code. The platform allows investigators to search for web technologies, advertising tags, meta descriptions and for any pattern that they want to identify on a website’s code.
PublicWWW-Allows investigators to search the source code and find related websites through the unique HTML codes they share such as widgets and publisher IDs.
Snapchat Leaks-Investigators can use this tool to find out if a Subject’s Snapchat username and phone number was released during a December 31, 2013 Snapchat database hack.
USER NAME SEARCH
Namech_k– A tool that helps investigators find an available user name. This is a useful tool to use when setting up investigative online and social media personas.
Usersearch-A tool to find the person behind a username, email address or phone number.
Namecheckr-Allows investigators to check domain and social username availability across multiple networks.
Pipl-Investigators can use Pipl to find the person behind the email address, social username or phone number.
User Sherlock-A tool to help investigators determine the identity of the owner of an unknown username in their inbox, social network or online auction site.
KnowEm-Allows investigators to check the use of a brand, product, personal name or user name on over 500 social media websites.
CARS, SHIPS AND PLANES
VINCHECK Investigators can use this tool to find out if a vehicle has been reported as stolen, but not recovered, or has been reported as a salvage vehicle.
Checkthatvin-Investigators can use this tool to know a vehicle’s title history, brand information and if it was ever junked, salvaged or declared a total loss.
Vin.Place-This site provides investigators with free access to vehicle purchase records data.
ReverseGenie-This tool allows investigators to conduct license plat searches to find owner and vehicle information.
AllVehicleData-Investigators can use this large, comprehensive and free directory to find vehicle purchase records that have been published online.
VinDecoderZ-Allows investigators to check the validity of a car and get detailed information on almost any VIN number, search car parts and check the car’s history.
MarineTraffic-Provides the investigator with a suite of tools designed to locate, monitor and reveal more about the vessels and ports that matter to their investigation.
Boat InfoWorld-Using this site investigators can get detailed vessel information on owner, hull identification number, hailing port, length, year built, boat builder and more.
Flight Tracker-This site provides an investigator with live flight data, airport delays, flight planning, flight routes, oceanic tracks and more. Investigators can search by flight, tail, airport or city.
FlightRadar24-This site provides a global tracking service that provides investigators with real-time information about thousands of aircraft around the world.
Cruise Ship Tracker-This resource allows investigators to quickly find any cruise ship to discover their position and itinerary schedule.
Container Tracker-This resource provides a direct search or a gateway to container companies so that investigators can quickly find any container to discover its position.
Air Cargo Tracker-This resource provides a direct search or a gateway to air cargo companies so that investigators can quickly find any container to discover its position.
AirNav RadarBox-Tracks flights, including private and military jets.
PlaneFinder-A global network of data feeds and antennas radars that receive data broadcast directly from aircraft for flight tracking.
Vessel Finder-Free AIS vessel tracking website that displays real time ship positions and marine traffic detected by global AIS network.
WikiRoutes-World’s public transport database edited by people on the principles of Wikipedia.
MAPS, SATELLITES & STREET VIEW
Instant Street View-Investigators can type in an address or place name to instantly see it in Google Street View.
StreetView-Investigators can use this tool to take in either a starting point and end point, or get a file of a route, or to get a playthrough of the Google streetview images that are available.
FollowYourWorld-Investigators can find out and be alerted when new imagery is available in both Google Maps and Google Earth.
LandsatLook-Investigators can interactively explore the USCG Landsat archive to view images, compare image features and changes through time and display configurable map information layers in combination with Landsat imagery.
GPS Visualizer-Investigators can find the latitude and the longitude of an address.
ZoomEarth-Updated daily, investigators can view NASA satellite images in a zoom-able interface.
OpenStreetCam-Investigators can get crowd-sourced street-level photographs in a location search.
GeoVisual Search-Using this tool, investigators can access public and commercial satellite imagery, detect visual similarities between scenes and recognize different types of objects across the globe.
DualMaps-Investigators can use this tool to combine synchronized Google Maps Aerial Imagery and Google Street view into one embedded control.
TerraPattern-Allows investigators to quickly scan large geographical regions for specific visual features.
TerraServer-Allows investigators to select imagery from different dates and of different resolutions. Investigators can measure surface distances and area on the images and get a number of image overlays such as road names, parks, schools, and other data.
LandViewer-Investigators can view recovered imagery from archive data in any zoom, and easily search and analyze huge amounts of the most recent earth observation data.
Military Grid System-Investigators can use this tool to locate points on Earth and display the MGRS coordinates for any point on Google Maps.
BatchGeo-Investigators can use this tool to quickly geo-code any address, visually group property information using Google maps, and produce customized maps.
MyGeoPosition-Investigators can use this tool to geocode a geoposition (latitude, longitude, elevation), create geotags, geo-metatags and kml files.
Bing Maps-This Microsoft tool is a satellite and mapping service that provides more recent and higher resolution imagery than Google.
Converting Coordinates-With this tool investigators can convert geographic coordinates between different notation styles.
Digital Globe-An easy to use satellite imagery tool.
EarthExplorer-Investigators can query and order satellite images, aerial photographs, and cartographic products through the U.S. Geological Survey.
Geograph-Provides geo-referenced images.
GeoNames-A database of location names offering a variety of different spellings in various languages.
HERE WeGo-Provides more recent satellite imagery than Google (in e.g. Iraq).
Sentinel Playground-Updated every 5-10 days with new imagery, dependent on cloud cover. Gives investigators the ability to explore a variety of GIS variables.
Wikimapia-Crowdsourced information related to geographic locations. Provides investigators with the ability to switch between Google/Bing/OSM. Massive amount of UCG information.
Yandex Maps-A Russian web mapping service providing detailed maps of the whole world. It includes a search, information about traffic jams, routing and street panoramas.
Geobased Searches
Echosec-A location-first social media geofencing platforms that allows investigators to scan social media networks to discover hyperlocal intelligence.
Livemap-Provides an interactive live map of conflict news in a variety of countries such as Afghanistan, Iraq, Syria, U.S., Ukraine, Venezuela, etc.
WarWire-Leverages inexpensive, yet powerful, technologies to help people more efficiently cover, investigate and respond to global war and crises.
Domain Names
Whoxy-Investigators can use this domain search engine’s reverse Whois tool to see a list of domain names owned by a Subject.
PubDB-A tool for investigators to find traffic stats of websites and lookup relevant information on a domain.
LandsatLook-Investigators can interactively explore the USCG Landsat archive to view images, compare image features and changes through time and display configurable map information layers in combination with Landsat imagery.
DomainCrawler-Investigators can use this site to find out domain ownership information and history.
Timer4Web-Use this site to check the history of a website’s changes, reveal all the fishy issues regarding any website and find relevant connections.
Whoisology-A tool to help investigators discover deep connections between domain names and their owners.
DNSdumpster-Investigators can discover hosts related to a domain; useful in finding visible hosts from an attackers perspective.
DomainBigData-Investigators can use this tool to find registrant and other domains owned by the same person. Get network details such as domain history, domains on the same IP and ownership.
DomainTools-Investigators can use this tool to discover domain name ownership and tech contact information.
TCPIPUTILS-For digital and fraud investigations investigators can use this tool to find out everything about a domain name, IP address or provider. Relationship information between these criteria and historical data is also available.
DNSTrails-Using this large repository of historical DNS data, investigators can search complete data for current and historical mapping of internet assets.
URLscan-Investigators can use this tool to analyze websites and the resources they request in the background.
WhoIsHostingThis-This site enables investigators to get information about the web host, IP address, name servers and more.
Visual Site Mapper-Investigators can quickly view a map of any given website.
Blue Backlinks-A useful tool for investigators to get a picture of a website’s linking profile and who is linking to that website.
Backlink Checker-A tool to help investigators discover how many back-links a website has and the value of each link.
SEO Plagiarism-This tool scans the internet to discover duplications to any content an investigator submits. Often used in order to verify the integrity of written content.
BuiltWith-Using this tool, investigators can discover what was used to build a specific website.
Find Subdomains-A tool that allows investigators to discover subdomains of a target domain and to view the attack surface of a target organization.
Public Records
Black Book County Court Records-This site provides access to county court records.
Black Book Corporation Records-This site provides access to corporation records by state.
Voter Registration Records-A free research tool to study more than 60 million voter records.
Free Public Records Directory-Investigators can use this directory to find public record resources such as property records, vital records, criminal and court records, licensing and permits, and more.
SearchSystems-An organized group of links to over 55,000 databases by type and location to help investigators find property, criminal, court, birth, death, marriage, divorce records, business records and more.
Political Money Line-Investigators can use this resource to follow the money in political contributions.
Melissa Data Death Check-Investigators can check to see if a Subject died in the last 24 months.
Melissa Data Email Check-Investigators can enter a Subject’s address and discover a list of names, addresses & phones associated with an email.
Melissa Data Property Check-Investigators can enter an address and find all persons at an address or enter a Subject’s name to discover addresses associated with that name.
Melissa Data Campaign Contributions Check-Investigators can locate contributors to federal elections by ZIP code, discover amount donated and employer, and get contact and other information about Committee, candidate, party and more.
Blockchain-Provides investigators with real-time blockchain and bitcoin transaction data.
Wallet Explorer-Investigators can discover bitcoin wallet exchanges, pools, services, gambling and old/historic wallets. Useful in tracing bitcoins.
Bitcoin WhoIs–Investigators can use this tool to track who’s who in the bitcoin world, check a bitcoin wallet balance, check a bitcoin address, bitcoin transations, view and monitor bitcoin ownership and check BTC addresses to find connected websites or profiles.
IBAN Info-Investigators can use this site to check International Bank Account Numbers.
Legacy-Investigators can use this site to discover friends and relatives of a recently deceased Subject.
Death Record Search-Use this site to search for a Subject’s death record and get date of birth information.
SSN Validator-Investigators can use this tool to validate a Subject’s social security number.
U.S. Social Security Death Index-Provides investigators with a name index to deaths recorded by the Social Security Administration beginning in 1962. Current as of February 28, 2014.
Service Member Record Request-Investigators can use this page to request a Certificate verifying Active Duty Status for an individual on a specified date.
Business Lookup-Investigators can discover details for Current and Previous Businesses matching a specified company name and find businesses associated with a Subject’s name.
Domain / Website Archives
Wayback Machine-A digital library offering investigators 20+ years of web history. Content includes web pages, books and texts, audio recordings, recorded live concerts, videos, images and software programs.
Cached Pages-Using this tool, investigators can get a snapshot or a version of a web page saved at a specific time and stored by a web server as a backup copy. This is especially useful if the original page is unreachable.
Archive Today-A tool that investigators can use to take a ‘snapshot’ of a webpage that will always remain available to the investigator even if the original page disappears. Investigators can use this tool to capture tweets and any other content that may be deleted at a later date in order to preserve what was published.
VisualPing-Investigators can get an email alert if a webpage they are monitoring changes.
Follow That Page-A change detection and notification service that will send an investigator an email when a monitored page has changed.
Dark Web / Darknet / TOR
TOR Download-TOR is free software and an open network that provides access to the Dark Web .Onion sites and protect and investigator’s privacy.
Top 50 Dark Web Sites-Investigators can see the highest ranked Dark Web .Onion domains including top newly discovered Dark Web domains and other Dark Web information.
OnionScan-A free open source tools for investigating the Dark Web. Investigators can use this resource to monitor and track Dark Web sites.
ZeroNet-ZeroNet is a decentralized web-like network of peer-to-peer users with built in TOR-functionality for privacy. There is a Reddit community which offers support for ZeroNet.
Chip Mixer-A service that lets you hide your identity when transacting the Blockchain; allows you to remain untraceable and safe on the Internet, Deep, and Dark Web.
Online Cameras
Insecam-Using this directory of online security cameras investigators can watch live street, traffic, parking, airport, office, road, beach and earth online webcams.
Dronestagr.am-This site provides a resource to find photos and videos taken by drones to get a birds-eye view of various locations.
EarthCam-Using this resource, investigators can view high-res video streams of various locations from unparalleled vantage points.
Opentopia-This site provides investigators with access to available webcams from around the world. Some webcams are from security cams in companies or semi-public places. Others are from private individuals who simply forgot to secure their webcam.
Thingful-Using this resource, investigators can find and use open IoT data from around the world.
Buildings
Emporis-Investigators can get building data and construction projects information, including building, design and construction images from this resource.
Skyscraper Page-This site provides a buildings database resource for investigators who want building information, illustrations and diagrams. The database contains nearly 100,000 skyscrapers and buildings from around the world.
Periscope
Scopedown-Investigators can use this tool to download videos from Periscope thus saving the transmission.
Zamzar-An online file converter that allows investigators to convert filed without downloading a software tool and supports over 1,000 different conversion types.
Email Address
Hunter-Investigators can use this tool to find a Subject’s corporate email address & verify the deliverability of an email address.
FindAnyEmail-Investigators can use this tool to find a Subject’s corporate email address.
Norbert-Investigators can use this tool to find a Subject’s corporate email address.
DomainBigData-Investigators can use this tool to search by any email address, domain, IP or registrant name to reveal its identity or owner.
MailTester-With this tool investigators can enter an email address to verify if it exists or if there are problems with it.
Verifalia-Using this tool, investigators can verify an email address in real-time to see whether it’s properly formatted, and whether its mailbox exists and can accept new emails.
Email Format-Email Format allows investigators to find the email address formats in use at thousands of companies.
Have I been pwned?-Investigators can check to see if a Subject’s account has been compromised in a data breach.
Hacked Emails-Investigators can anonymously check to see if an email address has ever been compromised in a security breach.
Ashley Madison Leaks-Investigators can use this tool to see if a Subject’s email address and profile was compromised in the Ashley Madison hack.
Documents
GoogleDocs-Allows investigators to perform keyword queries to search through publicly viewable Google Docs.
Pastebin-Allows investigators to upload and share text online such as source code. There are thousands of pastebins online, often geared towards particular groups or focuses.
PasteAlert-PasteAlert is a simple system to search pastebin.com and set up alerts. Investigators can set up alerts and receive an email whenever their search queries are found in new pastebin entries.
CourtListener-Investigators can search this database of millions of PACER documents and dockets. PACER is an electronic public access service of U.S. federal court documents.
Cryptome-This controversial site collects information about freedom of expression, privacy, cryptography, dual-use technologies, national security, intelligence and government secrecy. Some of the documents may be classified.
FreeOCR-OCR allows investigators to extract text from an image and convert it into an editable text document. Text will still need to be proofread as errors may arise during the recognition and translation process.
Converti.co-An advanced tool that allows investigators to convert files to any format.
IP & Website Analysis
Passive DNS-Collects, stores and analyses data from thousands of passive DNS collection sensors.
Censys.io-Find and analyze every reachable server and device on the Internet.
GEO IP Tool-Check your own IP. Useful to find out if your VPN is working.
IP Addresses
ViewDNS-Using this tools investigators can gather data about a given website or IP address.
IP2Location-Investigators can find the IP geolocation, ISP, net speed, domain and usage type on a website visitor.
IPFingerprints-This tool allows investigators to find the approximate geolocation of an IP address along with some other useful relevant information.
Wigle.Net-Investigators can use this tool to get information about different wireless hotspots around the world. In addition, cell tower data is uploaded and displayed.
IPV6 Locator-Investigators can use this tool to discover IP address and geolocation information.
Shodan-Investigators can use Shodan to discover which of a Subject’s devices are connected to the Internet and where they are located. This information can be used to understand a Subject’s digital footprint.
ThreatCrowd-Investigators can use this tool to find and research artifacts relating to cyber threats.
I Know-Investigators can discover what Subject downloaded through a Subject’s IP address.
Images, Videos and Metadata
Amnesty YouTube Dataviewer-Provides a reverse image (video still) search and exact uploading time.
ExifTool-A platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files.
Foca-A tool used mainly to find metadata and hidden information in the documents it scans.
FotoForensics-An image forensics tool that is simple, web based. Public access, information not private.
Image Forensics-A web-based image forensics tool that can easily identify fake or doctored images.
InVid-A toolkit provided to help journalists verify content on social networks. It saves time and helps journalists and investigators be more efficient in their fact-checking and debunking tasks on social networks especially when verifying videos and images.
Jeffrey’s Image Metadata Viewer-Forensically provides a set of free tools for digital image forensics. It includes clone detection, error level analysis, meta data extraction and more. It helps investigators see details that would otherwise be hidden.
Reveal Image Verification Assistant-A forensic tool that provides eight filters to detect sill images alterations.
Videos
Downsub-A tool that allows investigators to download videos they find on the internet, including videos found on YouTube.
YouTube Comment Scraper-A tool that allows investigators to download (scrape) all comments from a given YouTube video. The results include the comment text, username, date and other information.
YouTube Geo Search-A tool that allows investigators to search YouTube videos using location.
Deturl-A tool that helps investigators download YouTube and other streaming sites.
Phone Number
Twillo-This tool allows investigators to discover details about a Subject or business behind a phone number.
CallerID Test-Using this tool, investigators can look up the caller ID for any number.
CallerID Service-Investigators can use this tool to identify the name of an inbound caller; delivering the caller ID name to a handset when receiving a call, if caller ID enabled.
TrueCaller-Investigators can use this tool to find out who was trying to contact a Subject if the investigator has access to a Subject’s phone records.
NumberGuru-Allows investigators to see where a phone number is located and who the owner is.
CellRevealer-Investigators can use this free reverse lookup site to find information about a number’s owner.
TextMagic-Using this tool investigators can extract personal data from phone numbers.
Munitions & Weapons
ITrace-Free open guide by Conflict Armament Research that provides lots of information on different kinds of munitions and weapons presented graphically on a map format.
Trace Online Removal Request
Lumen-Collects and analyzes legal complains and requests for removal of online materials. Allows the study of the prevalence of legal threats.
Hash ID
Unknown Hash ID-If you come across a hash but don’t know what it is this tool will identify the type.
Business & Government
LittleSis-A free database of who-knows-who at the heights of business and government.
ALTERNATIVE WEBSITES
NEWS & POLITICS
Refugeeresettlementwatch.wordpress.com
ECONOMY
SCIENCE & TECH
HEALTH
INTERNATIONAL
SURVIVAL & PREPPING
GUNS
FORUMS
LINK AGGREGATORS
YOUTUBE CHANNELS
PRIVACY TOOLS
PRIVACY LOVING EMAIL PROVIDERS
Interesting Email Providers Under Development
Confidant Mail – An open-source non-SMTP cryptographic email system optimized for large file attachments. It is a secure and spam-resistant alternative to regular email and online file drop services. It uses GNU Privacy Guard
(GPG) for content encryption and authentication, and TLS 1.2 with ephemeral keys for transport encryption.
Become Your Own Email Provider with Mail-in-a-Box
Take it a step further and get control of your email with this easy-to-deploy mail server in a box. Mail-in-a-Box lets you become your own mail service provider in a few easy steps. It’s sort of like making your own gmail, but one you control from top to bottom. Technically, Mail-in-a-Box turns a fresh cloud computer into a working mail server. But you don’t need to be a technology expert to set it up.
Privacy Email Tools
gpg4usb – A very easy to use and small portable editor to encrypt and decrypt any text-message or -file. For Windows and Linux. GPG tutorial.
Mailvelope – A browser extension that enables the exchange of encrypted emails following the OpenPGP encryption standard.
Enigmail – A security extension to Thunderbird and Seamonkey. It enables you to write and receive email messages signed and/or encrypted with the OpenPGP standard.
TorBirdy – This extension configures Thunderbird to make connections over the Tor anonymity network.
Email Privacy Tester – This tool will send an Email to your address and perform privacy related tests.
EMAIL CLIENTS
Thunderbird – Mozilla Thunderbird is a free, open source, cross-platform email, news, and chat client developed by the Mozilla Foundation. Thunderbird is an email, newsgroup, news feed, and chat (XMPP, IRC, Twitter) client.
Claws Mail is a free and open source, GTK+-based email and news client. It offers easy configuration and an abundance of features. It is included with Gpg4win, an encryption suite for Windows.
K-9 Mail – An independent mail application for Android. It supports both POP3 and IMAP mailboxes, but only supports push mail for IMAP.
GNU Privacy Guard – Email Encryption. GnuPG is a GPL Licensed alternative to the PGP suite of cryptographic software. Tutorial. Use GPGTools for Mac OS X.<
Mailpile (Beta) – A modern, fast web-mail client with user-friendly encryption and privacy features.
EMAIL ALTERNATIVES
I2P-Bote is a fully decentralized and distributed email system. It supports different identities and does not expose email headers. Currently (2015), it is still in beta version and can be accessed via its web application interface or IMAP and SMTP. All bote-mails are transparently end-to-end encrypted and, optionally, signed by the sender’s private key.
Bitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers. It is decentralized and trustless, meaning that you need-not inherently trust any entities like root certificate authorities. It uses strong authentication which means that the sender of a message cannot be spoofed, and it aims to hide “non-content” data.
Retroshare creates encrypted connections to your friends. Nobody can spy on you. Retroshare is completely decentralized. This means there are no central servers. It is entirely Open-Source and free. There are no costs, no ads and no Terms of Service.
PRIVACY LOVING BROWSERS
Tor Browser is your choice if you need an extra layer of anonymity. It’s a modified version of Firefox, it comes with pre-installed privacy add-ons, encryption and an advanced proxy.
Brave the new open source browser automatically blocks ads and trackers, making it faster and safer than your current browser. Brave is based on Chromium.
Firefox is fast, reliable, open source and respects your privacy.
Configure these add ons and make your Firefox browser even safer.
ixquick.eu – Returns the top results from multiple search engines. Based in the Netherlands.
Stop Tracking with “Privacy Badger”<
Block Ads and Trackers with “uBlock Origin”
Automatically Delete Cookies with “Cookie AutoDelete”
Encryption with “HTTPS Everywhere”<
Block Content Delivery Networks with “Decentraleyes”
Stop cross-site requests with “uMatrix”<
Be in total control with “NoScript Security Suite”
PRIVACY LOVING SEARCH ENGINES
searx – An open source metasearch engine, aggregating the results of other search engines while not storing information about its users. No logs, no ads and no tracking.
StartPage – Google search results, with complete privacy protection. Behind StartPage is an european company that has been obsessive about privacy since 2006.
DuckDuckGo – The search engine that doesn’t track you. Some of DuckDuckGo’s code is free software hosted at GitHub, but the core is proprietary. The company is based in the USA
findx – Open Source. No logging. No tracking. Transparent algorithms. Hosted in Europe.
Qwant – Qwant’s philosophy is based on two principles: no user tracking and no filter bubble. Qwant was launched in France in February 2013. Privacy Policy.
MetaGer – An open source metasearch engine, which is based in Germany. It focuses on protecting the user’s privacy.
VPN’S
PLEASE NOTE: Using a VPN will not make you anonymous. But it will give you a better privacy. A VPN is not a tool for illegal activities. Don’t rely on a “no log” policy to save you. Nothing is ANONYMOUS!
ENCRYPTED VIDEO & VOICE MESSENGER
Signal is a mobile app developed by Open Whisper Systems. The app provides instant messaging, as well as voice and video calling. All communications are end-to-end encrypted. Signal is free and open source, enabling anyone to verify its security by auditing the code. The development team is supported by community donations and grants. There are no advertisements, and it doesn’t cost anything to use.
Wire is an app developed by Wire Swiss GmbH. The Wire app allows users to exchange end-to-end encrypted instant messages, as well as make voice and video calls. Wire is free and open source, enabling anyone to verify its security by auditing the code. The development team is backed by Iconical and they will monetize in the future with premium features/services.
Caution: The company keeps a list of all the users you contact until you delete your account.
Linphone is an open source SIP Phone and a free voice over IP service, available on mobile and desktop environments and on web browsers. It supports ZRTP for end-to-end encrypted voice and video communication
Jitsi – Jitsi is a free and open source multiplatform voice (VoIP), videoconferencing and instant messaging application.
Tox – A free and open-source, peer-to-peer, encrypted instant messaging and video calling software.
Ring (formerly SFLphone) – Gives you a full control over your communications and an unmatched level of privacy.
FILE SHARING
OnionShare is an open source tool that lets you securely and anonymously share a file of any size. It works by starting a web server, making it accessible as a Tor onion service, and generating an unguessable URL to access and download the files. It doesn’t require setting up a server on the internet somewhere or using a third party filesharing service. You host the file on your own computer and use a Tor onion service to make it temporarily accessible over the internet.
Magic Wormhole – Get things from one computer to another, safely. This package provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. The two endpoints are identified by using identical “wormhole codes”: in general, the sending machine generates and displays the code, which must then be typed into the receiving machine. The codes are short and human-pronounceable, using a phonetically-distinct wordlist. The receiving side offers tab-completion on the codewords, so usually only a few characters must be typed. Wormhole codes are single-use and do not need to be memorized.
ENCRYPTED CLOUD STORAGE SERVICES
If you are currently using Cloud Storage Services like Dropbox, Google Drive, Microsoft OneDrive or Apple iCloud you should pick an alternative here.
Seafile offers 100 GB Storage for $10/month but also gives you the opportunity to host on your own server. Your data is stored in Germany or with Amazon Web Service in the US for the cloud version. Encrypt files with your own password.
If you are currently using Cloud Storage Services like Dropbox, Google Drive, Microsoft OneDrive or Apple iCloud you should pick an alternative here
Seafile offers 100 GB Storage for $10/month but also gives you the opportunity to host on your own server. Your data is stored in Germany or with Amazon Web Service in the US for the cloud version. Encrypt files with your own password.
Nextcloud – Similar functionally to the widely used Dropbox, with the difference being that Nextcloud is free and open-source, and thereby allowing anyone to install and operate it without charge on a private server, with no limits on storage space or the number of connected clients.<
Least Authority S4 – S4 (Simple Secure Storage Service) is Least Authority’s verifiably secure off-site backup system for individuals and businesses. 100% client-side encryption and open source transparency. 250GB for $9.95/month or 5TB for $25.95/month. Servers are hosted with Amazon S3 in the US.
Muonium – Free encrypted cloud storage for your files.
SELF-HOSTED CLOUD SERVER SOFTWARE
If you are currently using a Cloud Storage Services like Dropbox, Google Drive, Microsoft OneDrive or Apple iCloud you should think about hosting it on your own.
Seafile is a file hosting software system. Files are stored on a central server and can by synchronized with personal computers and mobile devices via the Seafile client. Files can also be accessed via the server’s web interface.
Pydio is open source software that turns instantly any server (on premise, NAS, cloud IaaS or PaaS) into a file sharing platform for your company. It is an alternative to SaaS Boxes and Drives, with more control, safety and privacy, and favorable TCOs.
Tahoe-LAFS is a Free and Open decentralized cloud storage system. It distributes your data across multiple servers. Even if some of the servers fail or are taken over by an attacker, the entire file store continues to function correctly, preserving your privacy and security.
Nextcloud – Free and open-source, allows anyone to install and operate it for free on a private server, with no limits on storage space or the number of connected clients.
Muonium – Free encrypted cloud storage for your files.
SECURE FILE SYNC SOFTWARE
SparkleShare – creates a special folder on your computer. You can add remotely hosted folders (or “projects”) to this folder. These projects will be automatically kept in sync with both the host and all of your peers when someone adds, removes or edits a file.
Syncany – allows users to backup and share certain folders of their workstations using any kind of storage. Syncany is open-source and provides data encryption and incredible flexibility in terms of storage type and provider. Files are encrypted before uploading.
Syncthing – replaces proprietary sync and cloud services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party and how it’s transmitted over the Internet.
git-annex – Allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with files larger than git can currently easily handle, whether due to limitations in memory, time, or disk space.
If you are currently using a Cloud Storage Services like Dropbox, Google Drive, Microsoft OneDrive or Apple iCloud you should think about hosting it on your own.
Seafile is a file hosting software system. Files are stored on a central server and can by synchronized with personal computers and mobile devices via the Seafile client. Files can also be accessed via the server’s web interface.
Pydio is open source software that turns instantly any server (on premise, NAS, cloud IaaS or PaaS) into a file sharing platform for your company. It is an alternative to SaaS Boxes and Drives, with more control, safety and privacy, and favorable TCOs.
Tahoe-LAFS is a Free and Open decentralized cloud storage system. It distributes your data across multiple servers. Even if some of the servers fail or are taken over by an attacker, the entire file store continues to function correctly, preserving your privacy and security.
Nextcloud – Free and open-source, allows anyone to install and operate it for free on a private server, with no limits on storage space or the number of connected clients.
Muonium – Free encrypted cloud storage for your files.
PASSWORD MANAGER SOFTWARE
If you are currently using a password manager software like 1Password, LastPass, Roboform or iCloud Keychain you should pick an alternative here.
Master Password is based on an ingenious password generation algorithm that guarantees your passwords can never be lost. Its passwords aren’t stored: they are generated on-demand from your name, the site and your master password. No syncing, backups or internet access needed.
KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. All passwords in one database, which is locked with one master key or a key file. The databases are encrypted using the best and most secure encryption algorithms currently known: AES and Twofish. See also: KeePassX (not regularly updated) and KeePassXCLessPass is a free and open source password manager that generates unique passwords for websites, email accounts, or anything else based on a master password and information you know. No sync needed. Uses PBKDF2 and SHA-256. It’s advised to use the browser addons for more security.
Secure Password Generator – generates a unique set of custom, high quality, cryptographic-strength password strings which are safe for you to use.
SuperGenPass – A master password and the domain name of the Web site you are visiting is used as the “seed” for a one-way hash algorithm (base-64 MD5). The output of this algorithm is your generated password. You remember one password (your “master password”), and SGP uses it to generate unique, complex passwords for the Web sites you visit. Your generated passwords are never stored or transmitted, so you can use SGP on as many computers as you like without having to “sync” anything.
Password Safe – Whether the answer is one or hundreds, Password Safe allows you to safely and easily create a secured and encrypted user name/password list. With Password Safe all you have to do is create and remember a single “Master Password” of your choice in order to unlock and access your entire user name/password list.
CALENDAR AND CONTACTS SYNC
If you are currently using a calendar and or contacts synchronization service like Google Sync or iCloud you should pick an alternative here.
NextCloud is a suite of client-server software for creating and using file hosting services. This includes calendar sync via CalDAV and contacts sync via CardDAV. Nextcloud is free and open-source, thereby allowing anyone to install and operate it without charge on a private server.
EteSync is a secure, end-to-end encrypted and journaled personal information (e.g. contacts and calendar) cloud synchronization and backup for Android and any OS that supports CalDAV/CardDAV. It costs $14 per year to use, or you can host the server yourself for free.
fruux – a unified contacts/calendaring system that works across platforms and devices.
Flock – a discontinued calendar and contacts sync service by Open Whisper Systems. Despite being shut down the source code is still available on GitHub.
cloud backups – consider regularly exporting your calendar and or contacts and backing them up on a separate storage drive or uploading them to cloud storage (ideally after encrypting them).
FILE ENCRYPTION SOFTWARE
If you are currently not using encryption software for your hard disk, emails or file archives you should pick an encryption software here.
VeraCrypt is a source-available freeware utility used for on-the-fly encryption. It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device with pre-boot authentication. VeraCrypt is a fork of the discontinued TrueCrypt project. It was initially released on June 22, 2013. According to its developers, security improvements have been implemented and issues raised by the initial TrueCrypt code audit have been addressed.
GnuPG is a GPL Licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP. Current versions of PGP (and Veridis’ Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems. GnuPG is a part of the Free Software Foundation’s GNU software project, and has received major funding from the German government. GPGTools for Mac OS X.
PeaZip is a free and open-source file manager and file archiver made by Giorgio Tani. It supports its native PEA archive format (featuring compression, multi volume split and flexible authenticated encryption and integrity check schemes) and other mainstream formats, with special focus on handling open formats. It supports 181 file extensions (as of version 5.5.1).
Mac alternative: Keka is a free file archiver.
Cryptomator – Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration.
miniLock – Browser plugin for Google Chrome / Chromium to encrypt files using a secret passphrase. Easy to use. From the developer of Cryptocat.
AES Crypt – Using a powerful 256-bit encryption algorithm, AES Crypt can safely secure your most sensitive files. For Windows, Mac, Linux and Android.
DiskCryptor – A full disk and partition encryption system for Windows including the ability to encrypt the partition and disk on which the OS is installed.
Linux Unified Key Setup (LUKS) – A full disk encryption system for Linux using dm-crypt as the disk encryption backend. Included by default in Ubuntu. Available for Windows and Linux.
SELF-CONTAINED NETWORKS
If you are currently browsing the Clearnet and you want to access the Dark web this section is for you.
The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor’s users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Tor is an effective censorship circumvention tool.
The Invisible Internet Project (I2P) is a computer network layer that allows applications to send messages to each other pseudonymously and securely. Uses include anonymous Web surfing, chatting, blogging and file transfers. The software that implements this layer is called an I2P router and a computer running I2P is called an I2P node. The software is free and open source and is published under multiple licenses.
Freenet is a peer-to-peer platform for censorship-resistant communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web without fear of censorship. Both Freenet and some of its associated tools were originally designed by Ian Clarke, who defined Freenet’s goal as providing freedom of speech on the Internet with strong anonymity protection.
ZeroNet – Open, free and uncensorable websites, using Bitcoin cryptography and BitTorrent network.
RetroShare – Open Source cross-platform, Friend-2-Friend and secure decentralised communication platform.
GNUnet – GNUnet provides a strong foundation of free software for a global, distributed network that provides security and privacy.
IPFS – A peer-to-peer hypermedia protocol to make the web faster, safer, and more open. (important privacy warning)
DOMAIN NAME SYSTEM (DNS)
Njalla only needs your email or an jabber address in order to register a domain name for you. Created by people from The Pirate Bay and IPredator VPN. Accepted Payments: Bitcoin, Litecoin, Monero, DASH, Bitcoin Cash and PayPal. A privacy-aware domain registration service.
DNSCrypt A protocol for securing communications between a client and a DNS resolver. The DNSCrypt protocol uses high-speed high-security elliptic-curve cryptography and is very similar to DNSCurve, but focuses on securing communications between a client and its first-level resolver.
OpenNIC is an alternate network information center/alternative DNS root which lists itself as an alternative to ICANN and its registries. Like all alternative root DNS systems, OpenNIC-hosted domains are unreachable to the vast majority of the Internet. Only specific configuration in one’s DNS resolver makes these reachable, and very few Internet service providers have this configuration.
NoTrack – A network-wide DNS server which blocks Tracking sites. Currently works in Debian and Ubuntu.
Namecoin – A decentralized DNS open source information registration and transfer system based on the Bitcoin cryptocurrency.
DIGITAL NOTEBOOK
If you are currently using an application like Evernote, Google Keep or Microsoft OneNote you should pick an alternative here.
Laverna is a JavaScript note-taking web application with a Markdown editor and encryption support. The application stores all your notes in your browser databases, which is good for security and privacy reasons, because only you have access.
Turtl lets you take notes, bookmark websites, and store documents for sensitive projects. From sharing passwords with your coworkers to tracking research on an article you’re writing, Turtl keeps it all safe from everyone but you and those you share with.
Standard Notes is a simple and private notes app that makes your notes easy and available everywhere you are. Features end-to-end encryption on every platform, and a powerful desktop experience with themes and custom editors.
Paperwork – Open source and self-hosted solution. For PHP / MySQL servers.
Org-mode – A major mode for GNU Emacs. Org-mode is for keeping notes, maintaining TODO lists, planning projects, and authoring documents with a fast and effective plain-text system.
PASTE SERVICES
Ghostbin supports encryption, expiration, sessions, grant users to edit your notes and pastes up to one megabyte. You can also create your own account to keep track of your pastes.
PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256bit AES.
0bin is a client side encrypted pastebin that can run without a database. 0bin allows anybody to host a pastebin while welcoming any type of content to be pasted in it.
disroot.org – Free privacy friendly service that offers PrivateBin and other applications.
hastebin.com – Haste is an open-source pastebin software written in node.js, which is easily installable in any network.
PRODUCTIVITY TOOLS
Etherpad is a highly customizable Open Source online editor providing collaborative editing in really real-time. Etherpad allows you to edit documents collaboratively in real-time, much like a live multi-player editor that runs in your browser. Write articles, press releases, to-do lists, etc.
Write.as is a cross-platform, privacy-oriented blogging platform. It’s anonymous by default, letting you publish without signing up. If you create an account, it doesn’t require any personal information. No ads, distraction-free, and built on a sustainable business model.
ProtectedText is an open source web application. It encrypts and decrypts text in the browser, and password (or its hash) is never sent to the server – so that text can’t be decrypted even if requested by authorities. No cookies, no sessions, no registration, no users tracking.
EtherCalc – EtherCalc is a web spreadsheet. Data is saved on the web, and people can edit the same document at the same time. Changes are instantly reflected on all screens. Work together on inventories, survey forms, list management, brainstorming sessions.
disroot.org – Free privacy friendly service that offers Etherpad, EtherCalc and PrivateBin.
dudle – An online scheduling application, which is free and OpenSource. Schedule meetings or make small online polls. No email collection or the need of registration.
PC OPERATING SYSTEMS
If you are currently using a operating system like Microsoft Windows or Apple Mac OS X you should pick an alternative here.
Qubes is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.
Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.
Trisquel is a Linux-based operating system derived from Ubuntu. The project aims for a fully free software system without proprietary software or firmware and uses Linux-libre, a version of the Linux kernel with the non-free code (binary blobs) removed.
OpenBSD – A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
Arch Linux – A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement.
Parabola is a completely open source version of Arch Linux.
Whonix – A Debian GNU/Linux based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a “Workstation” and a Tor “Gateway”. All communication are forced through the Tor network to accomplish this.
Subgraph OS – Another Debian based Linux distribution, it features security hardening which makes it more resistant to security vulnerabilities. Subgraph runs many desktop applications in a security sandbox to limit their risk in case of compromise. By default, it anonymizes Internet traffic by sending it through the Tor network. Note: It is still in alpha, and much testing and bug fixing still has to be done.
LIVE CD OPERATING SYSTEMS
Tails is a live operating system, that starts on almost any computer from a DVD, USB stick, or SD card. It aims at preserving privacy and anonymity, and helps to: Use the Internet anonymously and circumvent censorship; Internet connections go through the Tor network; leave no trace on the computer; use state-of-the-art cryptographic tools to encrypt files, emails and instant messaging.
Knoppix is an operating system based on Debian designed to be run directly from a CD / DVD (Live CD) or a USB flash drive (Live USB), one of the first of its kind for any operating system. When starting a program, it is loaded from the removable medium and decompressed into a RAM drive. The decompression is transparent and on-the-fly.
Puppy Linux operating system is a lightweight Linux distribution that focuses on ease of use and minimal memory footprint. The entire system can be run from RAM with current versions generally taking up about 210 MB, allowing the boot medium to be removed after the operating system has started.
Tiny Core Linux – A minimal Linux operating system focusing on providing a base system using BusyBox and FLTK. The distribution is notable for its size (15 MB) and minimalism, with additional functionality provided by extensions.
MOBILE OPERATING SYSTEMS
Even though the source code of the following OS is provided, installing Google Apps may compromise your setup. The MicroG project can serve as a FLOSS replacement, depending on your threat model.
LineageOS is a free and open-source operating system for smartphones and tablets, based on the official releases of Android by Google. It is the continuation of the CyanogenMod project.
CopperheadOS is a hardened mobile open-source operating system by Copperhead Security and based on Android. It aims to provide stronger security and privacy. It also contains a hardened kernel and sandbox features for app isolation. Available for select Pixel and Nexus devices.
Sailfish OS is a mobile operating system combining the Linux kernel for a particular hardware platform use, the open-source Mer core middleware, a proprietary UI contributed by Jolla, and other third-party components.
Replicant – An open-source operating system based on Android, aiming to replace all proprietary components with free software.
OmniROM – A free software operating system for smartphones and tablet computers, based on the Android mobile platform.
MicroG – A project that aims to reimplement the proprietary Google Play Services in the Android operating sytem with a FLOSS replacement.
OPEN SOURCE ROUTER FIRMWARE
OpenWrt is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers.
pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint.
LibreWRT is a GNU/Linux-libre distribution for computers with minimal resources, such as the Ben Nanonote, ath9k based wifi routers, and other hardware that respects your freedom with emphasis on free software. It is used by the Free Software Foundation on their access point and router which provides network connectivity to portable computers in their office.
OpenBSD – A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
DD-WRT – A is Linux-based firmware for wireless routers and wireless access points. It is compatible with several models of routers and access points.
RECOMMENDED PRIVACY RESOURCES
Surveillance Self-Defense by EFF – Guide to defending yourself from surveillance by using secure technology and developing careful practices.
The Crypto Paper – Privacy, Security and Anonymity for Every Internet User.
Email Self-Defense by FSF – A guide to fighting surveillance with GnuPG encryption.
The Ultimate Privacy Guide – Excellent privacy guide written by the creators of the bestVPN.com website.
IVPN Privacy Guides – These privacy guides explain how to obtain vastly greater freedom, privacy and anonymity through compartmentalization and isolation.
The Ultimate Guide to Online Privacy – Comprehensive “Ninja Privacy Tips” and 150+ tools.
ipleak.net – IP/DNS Detect – What is your IP, what is your DNS, what informations you send to websites.
The ultimate Online Privacy Test Resource List – A collection of Internet sites that check whether your web browser leaks information.
PRISM Break – We all have a right to privacy, which you can exercise today by encrypting your communications and ending your reliance on proprietary services.
Security in-a-Box – A guide to digital security for activists and human rights defenders throughout the world.
AlternativeTo.net – Great collection of open source online and self-hosted software sorted by likes.
SecureDrop – An open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. It was originally created by the late Aaron Swartz and is currently managed by Freedom of the Press Foundation.
Reset The Net – Privacy Pack – Help fight to end mass surveillance. Get these tools to protect yourself and your friends.
Security First – Umbrella is an Android app that provides all the advice needed to operate safely in a hostile environment.
Block Cloudflare MiTM Attack – Firefox add-on to detect and block corporate MITM attack.