assets/img | ||
hack-liberty-resources.md | ||
README.md |
Hack Liberty Resources
VERITAS - LIBERTAS - SCIENTIA
About Hack Liberty
We are a group of cypherpunks, privacy advocates, engineers, and philosophers dedicated to the pursuit of truth, liberty, and knowledge for all. We believe technology is a tool for liberation, not enslavement. We fight tyranny with encryption, decentralization, and anonymity. Join us in the fight for liberty.
Hack Liberty Services
All our services use open source software and are open to the public. We anonymize logs and use full disk encryption to preserve user privacy. Our hosting provider 1984 is located in Iceland and supports human rights and free speech. Our Matrix Server uses a hardened memory allocator and we use Alpine Linux whenever possible.
- Matrix [Tor] - an open protocol for real-time, distributed communications with strong end-to-end encryption, user verification, and other cryptographic protection mechanisms. Register Here
- Element - a glossy Matrix client for the web built on top of matrix-react-sdk with an emphasis on performance and usability
- SchildiChat - a Matrix client for the web based on Element with a more traditional instant messaging experience
- Lemmy - a link aggregator and forum for the fediverse
- Gitea [Tor]- a painless self-hosted Git service
- Bookstack - an opinionated wiki system that provides a pleasant and simple out-of-the-box experience
- PrivateBin [Tor]- a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted and decrypted in the browser using 256bit AES in Galois Counter mode
- OTS [Tor]- One-Time-Secret sharing platform with symmetric 256bit AES encryption in the browser
- Blog - a blog for long form content and guides
Donations and Transparency
Please consider donating to help us pay for servers and infrastructure. We operate 100% out of our own pocket and any donations will help pay for server costs!
Monero (XMR) |
881ayjjExYVhyqQBQFxdY6aQC5J5Ys3JNfvxC1r5WNwSVK3ysD4Sn6GfUbNf1JkhMEJWj11mNvzCW9XZLpyWkjHx6EftAXU |
Tor - click here to donate with cryptocurrencies other than Monero over Tor |
Clearnet - click here to donate with cryptocurrencies other than Monero over Clearnet |
Current number of donations received: 2
Operating Costs: $220 a month / $2640 a year
Hack Liberty Simplex Community
Anyone that agrees to our Code of Conduct is welcome to join our Simplex Chat community, a decentralized, metadata resistant alternative to Matrix! Incognito profiles welcome!
Hack Liberty Matrix Community
Anyone that agrees to our [Terms of Service + Code of Conduct + Privacy Policy] is welcome to create a Matrix account on our server and join the conversation!
- Hack Liberty Space -
#hackliberty.org:hackliberty.org
- Hack Liberty Community -
#community:hackliberty.org
- Anonymity Privacy and Security -
#anon:hackliberty.org
- Hidden Knowledge -
#hidden-knowledge:hackliberty.org
- Artifical Intelligence (AI) -
#ai:hackliberty.org
- Crypto Circular Economies -
#circular-economy:hackliberty.org
- Cypherpunk Cryptopia -
#cypherpunks:hackliberty.org
- Doomsday Bunker -
#bunker:hackliberty.org
- Wireless and RF Hacking -
wireless-hacking:hackliberty.org
- RSS - Cypherpunk News -
#cypherpunk-news:hackliberty.org
- RSS - Dark Web News -
#darkweb-news:hackliberty.org
- RSS - Hack Liberty Git -
#hackliberty-git:hackliberty.org
- RSS - Hack Liberty News -
#hackliberty-news:hackliberty.org
- RSS - Libertarian News -
#libertarian-news:hackliberty.org
- RSS - Matrix News -
#matrix-news:hackliberty.org
- RSS - Monero News -
#monero-news:hackliberty.org
- RSS - Security News -
#security-news:hackliberty.org
- Hack Liberty Community -
Hack Liberty Lemmy Community
Anyone that agrees to our [Terms of Service + Code of Conduct + Privacy Policy] is welcome to create a Lemmy account on our server to start sharing links!
- 9/11 Truth -
https://links.hackliberty.org/c/911_truth
- Agorism -
https://links.hackliberty.org/c/agorism
- Artifical Intelligence -
https://links.hackliberty.org/c/generative_ai
- Bitcoin -
https://links.hackliberty.org/c/bitcoin
- Conspiracy -
https://links.hackliberty.org/c/conspiracy
- Encryption -
https://links.hackliberty.org/c/encryption
- Flipper Zero -
https://links.hackliberty.org/c/flipper_zero
- Fringe -
https://links.hackliberty.org/c/fringe
- Guns -
https://links.hackliberty.org/c/guns
- Monero -
https://links.hackliberty.org/c/monero
- Netsec -
https://links.hackliberty.org/c/netsec
- Philosophy -
https://links.hackliberty.org/c/philosophy
- Privacy -
https://links.hackliberty.org/c/privacy
- Secret History -
https://links.hackliberty.org/c/secret_history
- Tyranny -
https://links.hackliberty.org/c/tyranny
- Warriorship -
https://links.hackliberty.org/c/warriorship
Cypherpunk Resources
Start Here
- Crypto Agorism: Free Markets for a Free World - how cryptocurrencies are a tool to achieve economic freedom by bypassing traditional financial and state controlled systems
- Mark Passio: Natural Law Seminar - the real law of attraction and how to apply it in your life
- The End of All Evil - Jeremy Locke - how to dismantle false beliefs in authority as a means to achieve true freedom and prosperity
- Statism: The Most Dangerous Religion - critically examines the belief in state authority as a form of religious faith and indoctrination
- Second Realm: Book on Strategy - a book on how to establish second realms or autonomous zones
Agorism
- Agorist Class Theory - a left libertarian approach to class conflict analysis
- Agorist Journal - axxi amplifies dissonance and brings voices together from across the political spectrum. it is also a call for unity. axxi resurrects the unifying vision of an agorist alliance beyond the surveillance state
- An Agorist Primer - a comprehensive guidebook that explores the principles and practical aspects of agorism, a strategy for achieving a stateless society through peaceful market activities
- An Argument Against KYC Bitcoin - presents a compelling case against the use of Know Your Customer (KYC) requirements in the Bitcoin ecosystem, discussing how it creates honeypots of user information and gives rise to a permissioned social system
- Building a circular economy with Monero - the future belongs to digital marketplaces that run on private digital cash. Anarkio explains why he built Bitejo and why he is into Monero
- How Monero Uniquely Enables Circular Economies - explores how Monero, a privacy-focused cryptocurrency, has distinct characteristics that make it particularly well-suited for enabling circular economies
- It’s Time To Join The Bitcoin Circular Economy - free men don’t ask permission to transact with each other and don’t rely on the legacy third-party financial institutions that operate in tandem with State authorities
- KYC-free Bitcoin Circular Economies - KYC-free bitcoin circular economies are perhaps the most pure free markets in the world, enabled by the first truly free sound money
- New Libertarian Manifesto - a concise and influential guide outlining the principles of agorism, a libertarian philosophy advocating for the practice of counter-economics
- The Last, Whole Introduction to Agorism - Agorism, unfortunately, needs an introduction...
Crypto Anarchy
- Fifty things to do NOW - the following is a highly valuable list of 50 things to do NOW, taken from the terrific crypto-agorist website, Anarplex. Find out what YOU can do RIGHT NOW to help build the Second Realm/counter-economy/vonu minicultures
- How to buy, earn and spend KYC-free Bitcoin and Monero (without ID or a bank account) - discover methods for purchasing, acquiring, and using Bitcoin and Monero without the need for KYC (Know Your Customer) verification
- How to survive outside of the state with Crypto Agorism - fair and free markets for food, jobs, housing, healthcare, mail, sim cards & more – no government ID or state permit required
- KYC Will Not Protect Us, Bitcoin And Encryption Will - as regulators attempt to institute KYC and AML rules at the peril of our personal data, Bitcoin and encryption offer salvation.
- Roadblocks to obtaining government-issued ID - state's ID monopoly and KYC regulations stop millions from accessing necessities like finances, jobs, healthcare, and more. No alternative methods or appeal processes exist if the state refuses to issue an ID. This exclusionary system prevents individuals, regardless of skills or efforts, from entering and regularizing their situation as adults
- Second Realm Ideas - a collection of Second Realm ideas (KYC-free agorist services)
- The Aristocracy of Action - what it will take to build a cypherpunk breakaway society
- The dangers of “decentralized” ID systems - many of these protocols rely on government ID as a base layer (as proof of name, age or address, referred to as “Verifiable credentials”). In this system, users are required to upload a video with their passport or national ID card. After this, their name, age or address is marked as verified. This reliance on government IDs means that DIDs cannot protect users against state surveillance
- The rarely discussed dangers of KYC and what you can do about it - many people don't talk about it but unfortunately it's everywhere. Without KYC documents, opportunities to freely participate in the economy and even survive are limited. KYC is required for jobs, housing, healthcare and more. In addition, many people can't complete KYC, as they don't have any government-issued IDs and therefore must rely on the gray market to have access to necessities such as finding work, apartments and medicine. This text clarifies the rarely discussed reasons why KYC is harmful and what can be done about it.
- The Vision of Cryptoanarchy - talk given at "the web of phronesis" in 2020, a conference by the institute of network society, china academy of art.
- True Names Not Required: On Identity and Pseudonymity in Cyberspace - the cypherpunks recognized that a free society can not function if identity is rigid and known to all. A free society requires the option to selectively reveal yourself to the world, or not reveal yourself at all
- Why cryptoanarchy is not a revolutionary movement - an interview describing how cryptoanarchy is about building parallel systems on top of existing power structures
- Why the state’s monopoly on identity is more dangerous than Google, Facebook and Microsoft - while the tracking by Google, Facebook and Microsoft is definitely disturbing and can even put people in danger, the state’s data economy is even worse. Many people don’t talk about this, even though it affects millions of people’s daily lives
Manifestos
- The GNU Manifesto (1985) - document written by Richard Stallman, outlining the goals and principles of the GNU Project, which aimed to develop a free and open-source operating system
- The Hacker's Manifesto (1986) - a declaration expressing the hacker culture's belief in the freedom of information and opposition to restrictions on computer use
- The Crypto Anarchist Manifesto (1988) - advocates for the widespread use of cryptography and anonymous digital currency to uphold privacy and undermine government control
- A Cypherpunks Manifesto (1993) - emphasizes the importance of cryptography as a tool for political and social change, promoting privacy, anonymity, and individual freedom
- Crypto Anarchy and Virtual Communities (1994) - explores the concept of crypto anarchy where technology facilitates individuals to operate beyond traditional societal boundaries using encryption and virtual communities
- The Cyphernomicon (1994) - a guidebook outlining the principles of cypherpunks, focusing on the role of cryptography in protecting privacy and empowering individuals against surveillance
- A Declaration of the Independence of Cyberspace (1996) - asserts the autonomy of the online world from governments and urges policymakers to stay out of cyberspace regulation
- A Cyberpunk Manifesto (1997) - articulates the ethos of the cyberpunk subculture, highlighting dystopian themes, the merging of humans with technology, and resistance against authority
- b-money (1998) - proposed a digital currency system that utilized cryptographic proofs instead of centralized authorities to achieve secure and decentralized transactions
- Bit-gold (2005) - describes a decentralized digital currency system, based on proof of work and cryptography, that influenced the development of Bitcoin
- State and Terrorist Conspiracies and Conspiracy as Governance (2006) - sheds light on the power dynamics between conspiratorial governance and the whistleblowers
- Guerilla Open Access Manifesto (2008) - advocates for open access to academic knowledge and criticizes the current publishing system, calling for civil disobedience to achieve a free and open flow of information
- The libbitcoin Manifesto (2013) - outlines the principles and goals behind the libbitcoin project, emphasizing a focus on privacy, security, decentralization, and empowering individuals in their control over digital assets
Podcasts
- Agora Podcast - your home for agorism, localism, radical decentralization, and anti-authoritarian concepts
- Bit Buy Bit - a podcast for ungovernable misfits who choose Bitcoin, opensource software, privacy and freedom
- Citadel Dispatch - an interactive live show about bitcoin and freedom tech. Dispatch is audience funded without ads or paywalls. Live unedited shows with direct audience participation via youtube, twitch, and our matrix chats.
- Cypherpunk Bitstream - A cypherpunk and cryptoanarchy focused podcast
- Monero Talk - weekly conversations with topical guests to understand what the Monero cryptocurrency is today and what it hopes to become
- Opt Out - a podcast that interviews individuals who are passionate about privacy, explores their reasons for valuing privacy, discusses the tools and techniques they use, and aims to inspire others to prioritize personal privacy and data control
- Truth for the Commoner - your gateway to a world of truth, knowledge, and empowerment in the digital age. We are dedicated to bringing you content that spans the realms of bitcoin, economics, privacy, freedom technology, and culture
- Vonu Podcast - the podcast making you invulnerable to the coercion of the State and the servile society
Projects & Organizations
- Annas Archive - the world’s largest open-source open-data library. mirrors sci-hub, library genesis, z-library, and more. 22,052,322 books, 97,847,390 papers, 2,451,032 comics, 673,013 magazines — preserved forever.
- AnarSec - tech guides for anarchists
- Anonymous Land - a community dedicated to providing anonymity enhancing guides and services
- Anonymous Planet - a community contributed online guide to anonymity written for activists, journalists, scientists, lawyers, whistle-blowers, and good people being oppressed, censored, harassed anywhere
- Electronic Frontier Foundation - the leading nonprofit organization defending civil liberties in the digital world. Founded in 1990, EFF champions user privacy, free expression, and innovation through impact litigation, policy analysis, grassroots activism, and technology development. EFF's mission is to ensure that technology supports freedom, justice, and innovation for all people of the world.
- Privacy Guides - a non-profit, socially motivated website that provides information for protecting your data security and privacy
- Tor Project - fights every day for everyone to have private access to an uncensored internet, and Tor has become the world's strongest tool for privacy and freedom online
- Veilid - framework that allows anyone to build a distributed, private app. Veilid gives users the privacy to opt out of data collection and online tracking. Veilid is being built with user experience, privacy, and safety as our top priorities. It is open source and available to everyone to use and build upon
Cryptocurrency Resources
NoKYC Guides
- How to buy non KYC Bitcoin - how to buy non-KYC bitcoin from a Bitcoin ATM
- How to buy non KYC Monero - how to buy non-KYC bitcoin at a Bitcoin ATM and convert to Monero using Bisq
- How to buy your first non KYC bitcoin and monero - a presentation by Heady Wook
- How to buy non KYC bitcoin with a US Postal Money Order on Bisq - how to buy non-KYC bitcoin using a US Postal Money Order on Bisq
- How to use a certified mail receipt to buy non KYC Bitcoin - using a Certified Mailing Receipt when sending a money order for buying non-KYC Bitcoin on Bisq
- How to accept non-KYC bitcoin with BTCPay Jungle and Electrum - how to start receiving non-KYC bitcoin payments in exchange for online goods and services
Crypto Services Directories
- KYCNOT.ME [Tor] - directory for No-KYC exchanges and services
- Monerica- exhaustive list of Monero and related resources
- AcceptedHere- directory for online and offline businesses accepting cryptocurrency
- CryptWerk - directory with companies, websites, shops, services that accept crypto
- Bitcoin Bookmarks-directory for premium crypto websites sorted by quality
- Lightning Network Stores - directory for stores that accept bitcoin through the lightning network
Automated Exchanges
- Trocador.app [Tor] - a privacy-focused exchange aggregator
Peer to Peer Exchanges
- Bisq - buy and sell bitcoin or monero for fiat using the Bisq peer-to-peer network
- LocalMonero [Tor] - a marketplace where users can buy and sell Monero to and from each other
- AgoraDesk [Tor]- P2P site for buying and selling cryptocurrencies
- Robosats [Tor]- a peer to peer exchange for converting bitcoin to national currencies via lightning hold invoices
- HodlHodl - global peer to peer bitcoin trading platform
Peer to Peer Crypto Marketplaces and Freelancing
- TukanMarket - a bitcoin marketplace for advertising goods and services
- Bitcoin P2P Marketplace - a bitcoin P2P marketplace telegram channel
- Monero Market - a reddit marketplace for buying and selling items with Monero
- Microlancer - a freelancing platform designed for quick milestones and secure escrowed payments using the lightning network
Crypto VPS & Domain Services
- 1984 - high quality web hosting and VPS service provider that respects and protects the civil and political rights of customers
- Incognet [Tor] - privacy respecting web host and VPS provider
- Njalla [Tor] - anonymous domain name registrar and VPS provider
Crypto VPN Services
- Mullvad [Tor] - a Sweden-based VPN provider with a long-standing reputation for privacy and efficiency
- IVPN - a Gibraltar-registered service that has been preserving customers privacy since 2009
Crypto Credit Cards
- FCF Pay - Swap cryptocurrencies for virtual prepaid crypto debit gift cards
- Ezzocard - purchase virutal prepaid cards that work anywhere in the world
- Pay with Moon - bitcoin/lighting backed virtual credit cards
- The Bitcoin Company - buy Visa cards, gift cards, phone top-ups, and more
Crypto Gift Cards
- CardCoins - convert prepaid gift cards into digital currency at over 80,000 locations nationwide
- Cake Pay - buy gift cards and related products with virtual assets for use at millions of merchants worldwide
Crypto eSim Providers
- SilentLink [Tor] - a global mobile and phone number provider for eSIM-compatible smartphones
Crypto SMS Providers
- JMP - allows you to send and receive text messages, pictures, phone calls, and voicemails using a Jabber (XMPP) client
- TextVerified- SMS verficiation service that accepts Crypto
- SMSPVA - offers a large list of SMS verification numbers you can rent with BTC
- JuicySMS - verify online accounts with temporary real phone numbers
- SMS4Sats [Tor] - offers SMS verification numbers online
Privacy and Security Articles
Guides
- Anonymous Planet - a community contributed online guide to anonymity written for activists, journalists, scientists, lawyers, whistle-blowers, and good people being oppressed, censored, harassed anywhere
- Privacy Guides - a non-profit, socially motivated website that provides information for protecting your data security and privacy
- Extreme Privacy 4th Edition - Michael Bazzell has helped hundreds of celebrities, billionaires, and everyday citizens disappear completely from public view.
- Anonymous Land - a community dedicated to providing anonymity enhancing guides and services
- Prism Break - opt out of global data surveillance programs like prism, xkeyscore and tempora.
- The New Oil [Tor] - the beginner’s guide to data privacy & cybersecurity
- Techlore - a small team educating people about digital rights, privacy, security, digital control, and other important topics to push the world towards a safer internet
- Qubes OS for Anarchists [Tor] - Qubes OS is a security-oriented operating system (OS), which means it is an operating system designed from the ground up to be more difficult to hack. Given that anarchists are regularly targeted for hacking in repressive investigations, Qubes OS is an excellent choice
- GrapheneOS for Anarchists - [Tor] - anarchists should not have phones. if you must use a phone, make it as difficult as possible for an adversary to geotrack it, intercept its messages, or hack it. this means using grapheneos
- Tails for Anarchists [Tor] - tails is an operating system that makes anonymous computer use accessible to everyone. tails is designed to leave no trace of your activity on your computer unless you explicitly configure it to save specific data
- Tails Opsec for Anarchists [Tor] - additional precautions you can take that are relevant to an anarchist threat model - operational security for tails
- Make Your Electronics Tamper-Evident [Tor] - if the police ever have physical access to an electronic device like a laptop, even for five minutes, they can install hardware keyloggers, create images of the storage media, or otherwise trivially compromise it at the hardware, firmware, or software level. one way to minimize this risk is to make it tamper-evident
- Encrypted Messaging for Anarchists [Tor] - This article provides an overview and installation instructions for Tails, Qubes OS, and GrapheneOS encrypted messengers
- Kill the Cop in Your Pocket [Tor] - your phone's location is tracked at all times, and this data is harvested by private companies, allowing police to bypass laws requiring them to obtain a warrant
- Remove Identifying Metadata From Files [Tor] - metadata is 'data about data' or 'information about information'. in the context of files, this can mean information that is automatically embedded in the file, and this information can be used to deanonymize you
- Defending against Stylometric attacks [Tor] - stylometric fingerprinting analyzes unique writing style (i.e., it uses stylometry) to identify the author of a work. it’s one of the most common techniques for de-anonymization, used by adversaries ranging from trolls to law enforcement
- EFF Surveillance Self-Defense: The Basics - surveillance self-defense is a digital security guide that teaches you how to assess your personal risk from online spying. it can help protect you from surveillance by those who might want to find out your secrets, from petty criminals to nation states
- EFF Surveillance Self-Defense: Tool Guides - step-by-step tutorials to help you install and use handy privacy and security tools
- Into the Crypt - the art of anti-forensics
- Advanced Privacy and Anonymity Using VMs, VPN’s, Tor - a series of guides that explains how to obtain vastly greater freedom, privacy and anonymity through compartmentalization and isolation through nested chains of VPNs and Tor
- How to create anonymous Telegram and Signal accounts without a phone - a guide for using Whonix & Anbox to create anonymous mobile accounts without a phone
- Security Tips & Devices for Digital Nomads - various tools and gadgets for OpSec, written with a preference for practical usability
- Telegram Security Best Practices - quick tips that will help you sleep better at night when using Telegram
Android
- A brief and informal analysis of F-Droid security - a write-up emphasizing major security issues with F-Droid
- Android Tips - list of tips for buying and using Android phones
- Android - common ways in which people worsen the security model of android
Secure Messengers
- Secure Communications Comparison - communicating securely over the internet is a must. this article compares available and actively-developed projects that are used for secure communications
- Signal Privacy Concerns (2019) - arguments against the popular secure messenger signal
- A security analysis comparison between Signal, WhatsApp and Telegram [PDF] - a security analysis comparison between the three popular instant messaging apps. The analysis will focus on the encryption protocols used by each app and the security features they offer
- Wire (and Signal) use privacy-hostile Amazon AWS - wire (and signal) are centralized on amazon's aws... there are substantial privacy and ethical issues with this
- XMPP: An Under-appreciated Attack Surface - a demonstration for why XMPP is of interest to penetration testers, security researchers, and defenders
- Wiretapping the largest Russian XMPP server - xmpp (jabber) instant messaging protocol encrypted tls connection wiretapping (man-in-the-middle attack) of jabber[.]ru (aka xmpp[.]ru) service’s servers on hetzner and linode hosting providers in germany
- XMPP: Admin-in-the-middle - in our opinion, you can’t refer to xmpp-based messaging as “privacy-friendly” as long as you don’t control all xmpp servers. an xmpp administrator (or any other server-side party) can inject arbitrary messages, modify address books, and log passwords in cleartext
- What a malicious Matrix homeserver admin can do - potential passive and active attacks from malicious homeserver admins
- Matrix? No, thanks. - matrix keeps growing. even the french government decided to use it. however, many free software activists refuse to use it
- Session's Lack of Perfect Forward Security - "we don't have any current plans to reintroduce pfs"
- Matrix Metadata Leakage - exactly what metadata Matrix leaks and why
- Matrix linked Amdocs found tapping South African cell phones - south african agents wrote in a 2009 document that they suspected that israel’s secret service, mossad, was using israeli software giant amdocs to eavesdrop on mobile phone conversations and gather data
- Why Not Matrix? - 22 reasons why not to use matrix
Desktop
- Desktop Linux Hardening - a guide that intermediate to advanced Linux users can reasonably follow to set up and maintain hardened security configurations
- Linux - an article debunking common misunderstandings on desktop Linux's security model.
- Linux Hardening Guide - how to harden Linux as much as possible for security and privacy
- Choosing Your Desktop Linux Distribution - privacy and security considerations when choosing a Linux distribution
- security-misc - configurations to enhance Linux security
- The Linux Security Circus: On GUI isolation - article detailing the lack of GUI-level isolation in Linux, and how it nullifies all Linux desktop security
- Re: X11 -> Root? (Qubes square rooted) - criticisms of the Qubes security model
Tor and VPNs
- VPN - a Very Precarious Narrative - criticisms for VPN use
- Commercial VPN Use Cases - realistics use cases for VPNs
- Don’t use VPN services - a case for ditching VPN use
- You want Tor Browser … not a VPN - use case comparisons betwen Tor and VPN use
- IPVanish “No-Logging” VPN Led Homeland Security to Comcast User - an article detailing the time IPVanish doxed a customer to Homeland Security
- Is Tor Trustworthy and Safe? - an article detailing considerations and cons when using Tor
General
- Security and Privacy Advice - security and privacy advice for desktop, mobile, browser, messengers, email, passwords, 2FA, and social media.
- Despite DoH and ESNI, with OCSP, web activity is insecure and not private - how OCSP responses are a privacy nightmare
- Badness Enumeration - why badness enumeration as a concept is flawed and some examples of its failings in practice
- The Six Dumbest Ideas in Computer Security - default permit, badness enumeration, penetrate and patch, hacking is cool, educating users, action is better than inaction
- Threat Modeling - the first task a person should do when taking steps to protect their privacy and security
- The right thing for the wrong reasons: FLOSS doesn’t imply security - source unavailability doesn’t imply insecurity, and source availability doesn’t imply security
- FLOSS Security - while source code is critical for user autonomy, it isn’t required to evaluate software security or understand run-time behavior
- Two types of privacy - two main approaches to privacy: “tracking reduction” and “tracking evasion”
- Recovering redacted information from pixelated videos - image/video blurring methods and their weaknesses
- Let’s Enhance! How we found @rogerkver’s $1,000 wallet obfuscated private key - by overcoming blurring techniques
- Email (In)security - email is an inherently insecure protocol, conceived at a time when security was an afterthought
Fingerprinting Articles
- NetworkManager Minor Hardening - MAC address randomization, removing static hostname to prevent hostname broadcast, and disabling sending hostname to DHCP server
- How CSS Alone Can Help Track You - how CSS can fingerprint with javascript disabled
- Browser Tracking - misguided ways in which people attempt to improve their privacy when browsing the web
- Don’t update NTP – stop using it - arguements for why NTP has to die
Fingerprinting Tests
- TorZillaPrint - comprehensive, all-in-one, fingerprinting test suite
- No-JS fingerprinting - demonstration of how fingerprinting can occur even in the absence of JavaScript
- CSS Fingerprint - exploiting CSS to collect various characteristics about the visitor
- CreepJS - creepy device and browser fingerprinting
- Kloak - Kloak is a Keystroke Anonymization Tool
- AudioContext Fingerprint - tests browser-fingerprinting using the AudioContext and Canvas API
- Available Fonts - gets available fonts on browser without flash
- Browser Fingerprinting - analysis of Bot Protection systems with available countermeasures
- BrowserLeaks - a gallery of web technologies security testing tools
- Canvas Test - checks if the addon CanvasBlocker can be detected by websites
- CSS Exfil Vulnerability Tester - test to see if your browser is vulnerable to Cascading Style Sheets (CSS) data leakage
- Device Info - a web browser security testing, privacy testing, and troubleshooting tool
- DNS Cookie Demonstration - uses DNS caches as a side-channel to identify related network flows
- EFF: Cover Your Tracks - understand how easy it is to identify and track your browser based on how it appears to websites
- Epic Tracker - fingerprinting demo with some automated lookups using modern Javascript APIs
- Extension Fingerprints - detecting Chrome extensions by fetching web accessible resources
- Firefox Addon Detector - tracking 400+ firefox addons through chrome:// URI trickery!
- Iphey - Browser Fingerprinter
- Mouse Wheel Tracking Test - fingerprint based on tracking your mouse's wheel
- Nothing Private - proof of concept to show any website can identify and track you
- PicassAuth - canvas fingerprinting
- Pixelscan - basically a bot check
- Privacy Check - this website aims to focus on each fingerprinting technique in detail
- scheme flooding - this vulnerability uses information about installed apps on your computer to assign you a permanent unique identifier even if you switch browsers, use incognito mode, or use a VPN.
- SuperCookie - uses favicons to assign a unique identifier to website visitors. this ID can be stored almost persistently and cannot be easily cleared by the user
- Webgl Fingerprinting - uses different techniques to recognize whether a browser extension is spoofing the webgl fingerprint
- Zardaxt.py - TCP/IP fingerprinting for VPN and Proxy Detection
Awesome Git Resource Mirrors and Projects
Artifical Intelligence
- ai-collection - a collection of awesome generative AI applications
- awesome-bots - the most awesome list about bots
- awesome-chatgpt - a curated list of ChatGPT related resource, tools, prompts, apps
- awesome-chatgpt-prompts - ChatGPT prompt curation
- awesome-deep-text-detection-recognition - a curated list of resources for optical character recognition with deep learning methods
- awesome-sentiment-analysis - a curated list of Sentiment Analysis methods, implementations and misc.
- awesome-stable-diffusion - curated list of awesome resources for the Stable Diffusion AI Model
- ChatGPT-prompt-generator - an app that generates ChatGPT prompts
- lencx/ChatGPT - powerful unofficial ChatGPT client
- jailbreakchat.com - a repository of ChatGPT jailbreaks
- matrix-chatgpt-bot - a ChatGPT bot for Matrix
Computer Science
- awesome-cli-apps - a curated list of command line apps
- awesome-courses - list of awesome university courses for learning Computer Science
- awesome-linux-software - a list of awesome Linux softwares
- awesome-math - a curated list of awesome mathematics resources
- awesome-podcasts - awesome list of Important Podcasts for software engineers
- awesome-quantum-computing - a curated list of awesome quantum computing learning and developing resources
- awesome-youtubers - an awesome list of YouTubers that teach about technology
- OSSU-computer-science - path to a free self-taught education in Computer Science
Crypto
- awesome-blockchain - curated list of resources for the development and applications of blockchain
- awesome-cryptography - a curated list of cryptography resources and links
- awesome-crypto-papers - a curated list of cryptography papers, articles, tutorials and how-tos
- awesome-decentralized-finance - a curated list of awesome decentralized finance projects
- Crypto-OpSec-SelfGuard-RoadMap - defi, blockchain and crypto-related opsec research
- kycnot.me - don't get KYC'ed
- tornado-cash-docs - tornado cash is a fully decentralized non-custodial protocol allowing private crypto transactions
- tornado-core - tornado cash. non-custodial private transactions on Ethereum
- tornado-cli - command line interface to make transactions in Tornado Cash protocol
- tornado-relayer - relayer for Tornado cash
- xmr-btc-swap - bitcoin to monero cross-chain atomic swap
Data Hoarding
- awesome-data-labeling - a curated list of awesome data labeling tools
- awesome-ipfs - useful resources for using IPFS and building things on top of it
- awesome-piracy - a curated list of awesome warez and piracy links
- awesome-web-archiving - an awesome list for getting started with web archiving
Hardware
- awesome-flipperzero - a collection of awesome resources for the Flipper Zero device
- portapack-mayhem - custom firmware for the HackRF+PortaPack H1/H2
- tillitis-key - board designs, FPGA verilog, firmware for TKey, the flexible and open USB security key
Misc
- awesome-lockpicking - a curated list of resources related to the compromise of locks, safes, and keys
- awesome-readme - a curated list of awesome READMEs
- search-engine-optimization - a helpful checklist/collection of Search Engine Optimization (SEO) tips and techniques
Mobile
- GrapheneOS - security and privacy focused mobile OS with Android app compatibility
- DivestOS - a more private and more secure aftermarket mobile operating system
- blue-merle - enhance anonymity and reduces forensic traceability of the GL-E750 Mudi 4G mobile wi-fi router
Open Source Intelligence
- awesome-geospatial - long list of geospatial tools and resources
- awesome-hacker-search-engines - a curated list of awesome hacker search engines
- awesome-osint - a curated list of amazingly awesome open source intelligence tools and resources
- awesome-shodan-queries - a collection of interesting, funny, and depressing search queries to plug into shodan
- awesome-telegram-osint - a curated list of awesome telegram OSINT tools, sites & resources
Privacy
- alternative-front-ends - alternative open source front-ends for popular internet platforms
- awesome-decentralized - awesome list of distributed, decentralized, p2p apps and tools
- awesome-decentralized-web - an awesome list of decentralized services and technologies
- awesome-privacy - a curated list of services and alternatives that respect your privacy because PRIVACY MATTERS
- awesome-qubes-os - a curated list of awesome qubes os links
- decentralized-id - self sovereign identity
- firefox-user.js - a comprehensive user.js template for configuration and hardening
- into-the-crypt - the art of anti-forensics
- privacyguides.org - protect your data against global mass surveillance programs
- qubes-community-content - community documentation, code, links to third-party resources
- qubes-doc - qubes os project documentation
- thunderbird-user.js - comprehensive user.js template for configuration and hardening
- thgtoa - the comprehensive guide to online anonymity
Security
- awesome-api-security - a collection of awesome API Security tools and resources
- awesome-aws-security - a curated list of links, references, books, videos, tutorials, exploits, and CTF related to AWS security
- awesome-bugbounty-tools - a curated list of various bug bounty tools
- awesome-captcha - curated list of awesome captcha libraries and crack tools
- awesome-cybersecurity-blueteam - a curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams
- awesome-cyber-skills - a curated list of hacking environments where you can train your cyber skills legally and safely
- awesome-embedded-and-iot-security - a curated list of awesome embedded and IoT security resources
- awesome-fuzzing - a curated list of fuzzing resources
- awesome-honeypots - an awesome list of honeypot resources
- awesome-incident-response - a curated list of tools for incident response
- awesome-kubernetes-security - a curated list of awesome Kubernetes security resources
- awesome-linux-rootkits - a curated list of awesome linux rootkits
- awesome-malware-analysis - a curated list of awesome malware analysis tools and resources
- awesome-mobile-security - an effort to build a single place for all useful android and iOS security related stuff
- awesome-network-analysis - a curated list of awesome network analysis resources
- awesome-nginx-security - a curated list of awesome links related to NGINX appsec
- awesome-oscp - a curated list of awesome OSCP resources
- awesome-pentest - a collection of awesome penetration testing resources, tools and other shiny things
- awesome-privilege-escalation - A curated list of awesome privilege escalation
- awesome-security - a collection of awesome software, libraries, documents, books, resources and cool stuff about security
- awesome-security-hardening - a collection of awesome security hardening guides, tools and other resources
- awesome-social-engineering - a curated list of awesome social engineering resources
- awesome-threat-detection - a curated list of awesome threat detection and hunting resources
- awesome-threat-modelling - a curated list of threat modeling resources
- awesome-vulnerable - a curated list of vulnerable apps and systems
- awesome-WAF - everything about web application firewalls (WAFs)
- awesome-web-security - a curated list of web security materials and resources
- constellation - constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing
- cyber-security-resources - thousands of cyber security resources
- EndGame - onion service DDOS prevention front system
- ForensicsTools - a list of free and open forensics analysis tools and other resources
- hardened_malloc - hardened memory allocator designed for modern systems
- my-infosec-awesome - curated list of awesome links, resources and tools on infosec related topics
- plague-kernel - minimal linux kernel for a reduced attack surface
- personal-security-checklist - a compiled checklist of 300+ tips for protecting digital security and privacy
- security-apis - a collective list of public APIs for use in security
- WebHackersWeapons - a collection of cool tools used by web hackers
System Administration
- awesome-ansible - collaborative curated list of awesome Ansible resources, tools, roles, tutorials and other related stuff
- awesome-bash - a curated list of delightful Bash scripts and resources
- awesome-devops - a curated list of awesome DevOps platforms, tools, practices and resources
- awesome-docker - a curated list of Docker resources and projects
- awesome-git - a curated list of amazingly awesome Git tools, resources and shiny things
- awesome-gitea - a curated list of awesome projects related to Gitea
- awesome-hugo - a curated list of awesome things related to Hugo, the world's fastest framework for building websites
- awesome-k8s-resources - a curated list of awesome Kubernetes tools and resources
- awesome-linux-containers - a curated list of awesome Linux Containers frameworks, libraries and software
- awesome-network-automation - a curated list about Network Automation
- awesome-powershell - a curated list of delightful PowerShell modules and resources
- awesome-scalability - the patterns of scalable, reliable, and performant large-scale systems
- awesome-selfhosted - a list of Free Software network services and web applications which can be hosted on your own servers
- awesome-shell - a curated list of awesome command-line frameworks, toolkits, guides and gizmos
- awesome-sysadmin - a curated list of amazingly awesome open source sysadmin resources
- awesome-tmux - a list of awesome resources for tmux
- awesome-vscode - a curated list of delightful VS Code packages and resources
- Linux-Bash-Commands - ultimate list of Linux bash commands, cheatsheet and resources
- the-book-of-secret-knowledge - a collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools, and more