# Privacy, Security and Anonymity Apps ## Security Training * [Open Security Training](https://opensecuritytraining.info/Welcome.html) ## Book * [Hitchhiker Guide's to Anonymity](https://anonymousplanet.github.io/thgtoa/guide.html) : License: CC-BY ## Web Apps * [Cloudflare Connection Information](https://1.1.1.1/help) : check DoH, DoT, WARP * [Cloudflare Encrypted](https://www.cloudflare.com/ssl/encrypted-sni/) : check DoH, DNSSEC, TLS, Encrypted SNI * [Cover Your Tracks by EFF](https://coveryourtracks.eff.org/) : Test your browser to see how well you are protected from tracking and fingerprinting. * [Blacklight](https://themarkup.org/blacklight) : Real-Time Website Privacy Inspector * [Privacy Analyzer](https://privacy.net/analyzer/) : Check what data is exposed from browser * [Am I Unique](https://amiunique.org/) : Learn how identifiable we are on the Internet * [Browser Fingerprint](https://hidester.com/browser-fingerprint/) : Browser fingerprint test * [Unique Machine](https://uniquemachine.org/) : Browser fingerprint test * [Browserleaks](https://browserleaks.com/) : Web security testing tools to show what kind of personal identity data leaked * [IPInfo](https://ipinfo.info/html/privacy-check.php) : Checks what security related information is exposed by browser to any website ## Site Information * [Site Information Tools](https://www.wmtips.com/tools/info/) : useful information of site (rankings, SEO and linking information, whois data, IP address details, analyse page data, server response headers) * [Google Safe Browsing](https://transparencyreport.google.com/safe-browsing/search) : examines billions of URLs per day looking for unsafe websites * [URL Void](https://www.urlvoid.com/) : URL reputation and trustworthiness * [DNSStuff Tools](https://tools.dnsstuff.com/) ## Window Apps * Malwarebytes : anti malware * ShutUP10 (OOSU10): Windows permission editor * [TemporalAgent7/awesome-windows-privacy: A list of awesome tools, documentation and scripts for better privacy on Microsoft Windows](https://github.com/TemporalAgent7/awesome-windows-privacy) ### Browser Apps * Javascript Switcher : Add a button in the url bar to block or enable javascript per-site. * ClearURLs : Remove tracking elements from URLs. * HTTPS Everywhere : Encrypt the Web! Automatically use HTTPS security on many sites. * uBlock Origin : Finally, an efficient blocker. Easy on CPU and memory. * Google Direct : Remove tracking links from Google Search results ## Anonimity Security * [Redact - Delete Your Social Media Posts](https://redact.dev/) * [The Hitchhiker’s Guide to Online Anonymity - The Hitchhiker’s Guide to Online Anonymity](https://anonymousplanet.org/) * [Kash](https://kg.dev/thoughts/be-anonymous) ## Privacy * [degoogle - A huge list of alternatives to Google products. Privacy tips, tricks, and links.](https://degoogle.jmoore.dev/) * [Just Delete Me | A directory of direct links to delete your account from web services.](https://backgroundchecks.org/justdeleteme/) ## Windows Privacy * [Privacy is sexy 🍑🍆 - Enforce privacy & security on Windows and macOS](https://privacy.sexy/) * [TemporalAgent7/awesome-windows-privacy: A list of awesome tools, documentation and scripts for better privacy on Microsoft Windows](https://github.com/TemporalAgent7/awesome-windows-privacy) ## Privacy * [GitHub - pluja/awesome-privacy: Awesome Privacy - A curated list of services and alternatives that respect your privacy because PRIVACY MATTERS.](https://github.com/pluja/awesome-privacy) * [ThinkPrivacy](https://thinkprivacy.ch/) * [Opt out of global data surveillance programs like PRISM, XKeyscore, and Tempora - PRISM Break - PRISM Break](https://prism-break.org/en/) ## Privacy * [Opinion - They Stormed the Capitol. Their Apps Tracked Them. - The New York Times](https://www.nytimes.com/2021/02/05/opinion/capitol-attack-cellphone-data.html) * [Your Fingerprint Can Be Hacked For $5. Here’s How. - Kraken Blog](https://blog.kraken.com/post/11905/your-fingerprint-can-be-hacked-for-5-heres-how/) ## Browser Privacy * [BrowserAudit](https://browseraudit.com/) * [Browser Privacy Test :: WebBrowserTools](https://webbrowsertools.com/privacy-test/) * [BrowserLeaks - Web Browser Fingerprinting - Browsing Privacy](https://browserleaks.com/) * [Cover Your Tracks](https://coveryourtracks.eff.org/) ## Password * [NIST Password Guidelines and Best Practices for 2020](https://auth0.com/blog/dont-pass-on-the-new-nist-password-guidelines/) * [Choosing Secure Passwords - Schneier on Security](https://www.schneier.com/blog/archives/2014/03/choosing_secure_1.html) * [Password policy: updating your approach - NCSC.GOV.UK](https://www.ncsc.gov.uk/collection/passwords/updating-your-approach) * [Have I Been Pwned: Pwned Passwords](https://haveibeenpwned.com/Passwords) * [duffn/dumb-password-rules: Shaming sites with dumb password rules.](https://github.com/duffn/dumb-password-rules) * [xkcd: Password Strength](https://xkcd.com/936/) ## Security * [Phish.Report - Easily report phishing sites](https://phish.report/) ## Security * [SadeghHayeri/GreenTunnel: GreenTunnel is an anti-censorship utility designed to bypass the DPI system that is put in place by various ISPs to block access to certain websites.](https://github.com/SadeghHayeri/GreenTunnel) ## Security * [Share a secret - 🤫 scrt.link](https://scrt.link/) ## Security * [Dark Patterns in UI and UX](https://www.darkpatterns.org/) ## Security * [permission.site](https://permission.site/) check permission allowed in your browser ## Security * [Machine Identification Code - Wikipedia](https://en.m.wikipedia.org/wiki/Machine_Identification_Code) ## Security * [CRXcavator](https://crxcavator.io/) : Inspect Chrome Extension content for malicious code ## Security [Umbrella Security Tips](https://github.com/securityfirst/Umbrella_content/blob/master/md/en/communications_email_advanced.md) License: CC BY ## Security * [Known DNS Providers - AdGuard Knowledgebase](https://kb.adguard.com/en/general/dns-providers#adguard-dns) * [DNSCrypt Public Server](https://dnscrypt.info/public-servers/) * [DNSCrypt Client](https://dnscrypt.info/implementations) * [Creating your own VPN with PiHole & UnBound on AWS](https://skerritt.blog/pihole-vpn/) * [UltimatePiHoleVPN](https://gist.github.com/HarvsG/51edbaf2421da9d768098242005d4e82) * [Set up a Pi-hole VPN on an AWS Lightsail instance](https://victoria.dev/blog/set-up-a-pi-hole-vpn-on-an-aws-lightsail-instance/) * [Pi-Hole-PiVPN-on-Google-Compute-Engine-Free-Tier-with-Full-Tunnel-and-Split-Tunnel-OpenVPN-Configs](https://github.com/rajannpatel/Pi-Hole-PiVPN-on-Google-Compute-Engine-Free-Tier-with-Full-Tunnel-and-Split-Tunnel-OpenVPN-Configs/blob/master/README.md) * [OpenVPN+PiHole ad-blocking on AWS Lightsail for 3.50$/mo](https://medium.com/fillory/openvpn-pihole-ad-blocking-on-aws-lightsail-for-3-50-mo-7e814eafff84) ## Security * [Warp Plus](https://github.com/ALIILAPRO/warp-plus-cloudflare) * [Warp Plus](https://github.com/TheCaduceus/WARP-UNLIMITED-ADVANCED) * [Goodbye DPI](https://github.com/ValdikSS/GoodbyeDPI) * [hectorm/demergi: A proxy server that helps to bypass the DPI systems implemented by various ISPs.](https://github.com/hectorm/demergi) * [SadeghHayeri/GreenTunnel: GreenTunnel is an anti-censorship utility designed to bypass the DPI system that is put in place by various ISPs to block access to certain websites.](https://github.com/SadeghHayeri/GreenTunnel) * [ValdikSS/GoodbyeDPI: GoodbyeDPI—Deep Packet Inspection circumvention utility (for Windows)](https://github.com/ValdikSS/GoodbyeDPI) * [Jigsaw-Code/Intra: An experimental tool that allows you to test new DNS-over-HTTPS services on Android](https://github.com/jigsaw-code/intra) * [celzero/rethink-app: DNS over HTTPS / DNS over Tor / DNSCrypt client, firewall, and connection tracker for Android.](https://github.com/celzero/rethink-app) solution : VPN, power tunnel (android), power tunnel pc, green tunnel, wireguard, webproxy, etc\ advantage of power tunnel and green tunnel : you will connect through local proxy which mean your quota internet usage would not exceed\ the disadvantage : sometimes it not work against DPI filter from ISP\ advantage of vpn, wireguard, webproxy : work smoothly against DPI filter or other gov censor\ the disadvantage : your internet quota will be exceed, since you connect through remote proxy. There will be extra data need to be carried\ openvpn personal recomendation is [this](https://www.vpnjantit.com/free-openvpn), or [this](https://www.tcpvpn.com/) ## Privacy * [Oil and Fish List of Privacy Tips](https://www.oilandfish.com/) * VPN on VPS (Oracle) * Proxy * Create a container in Goorm, set it to always on, run the terminal first to setup your password (passwd) or deploy your SSH keys, connect to it with your SSH client (port and IP info in Configuration-Port forwarding), enable SOCKS proxy and bam, your own proxy. * Adguard * , extract. Klik File, Open Windows PowerShell, Open Windows Powershell as Administrator * Type `.AdGuardHome.exe -s install`, enter. * Open browser, `localhost:3000`, next, username and password. Note the address. * Login to dashboard, Setup Guide/Panduan Penyiapan, pilih 1 alamat setelah `127.0.0.1` * Change [setting DNS](https://petunjuk.id/ganti-dns-windows/) ke `127.0.0.1` dan 1 alamat yang dari langkah sebelumnya. * Type `ipconfig /flushdns`, enter. * Done. Setting default pakai upstream Quad9, kalau Quad9 diblokir, buka dashboard, masuk ke Settings-DNS Settings (atau Pengaturan-Pengaturan DNS), tambah kebawah baris yang ada `https://dns10.quad9.net/dns-query` dengan ``` https://dns.adguard-dns.com/dns-query https://security.cloudflare-dns.com/dns-query https://blitz.ahadns.com/1:1 https://basic.rethinkdns.com/ https://adblock.doh.mullvad.net/dns-query https://freedns.controld.com/p2 https://doh.tiarap.org/dns-query https://puredns.org/dns-query ``` lalu scroll sampai ketemu button Test Upstreams/Uji Hulu, klik, kalau semua lancar, klik Apply/Terapkan, kalau ada pesan error server nggak bisa dibuka, buang linenya lalu test lagi. * [Use Simple DNSCrypt, follow the tutorial](https://libredd.it/r/indonesia/comments/wbm202/fxxx_kominfo_how_to_access_all_sites_blocked_by/). [Use this to check if it works or not](https://www.top10vpn.com/tools/what-is-my-dns-server/). Nek dapetnya Cloudflare, berarti sudah bisa (harusnya) * dpi bypasser (powertunnel, green tunel, dpitunnel). Pake powertunnel -> kedut-kedut hit/miss * tunneling (vpn, tor) * any encrypted dns * Phone using [Intra](https://play.google.com/store/apps/details?id=app.intra\&hl=en\&gl=US) dan pake DNSnya AdGuard [`https://dns.adguard-dns.com/dns-query`](https://dns.adguard-dns.com/dns-query) Kalo di PC [YogaDNS](http://yogadns.com/) dan pake DNS AdGuard juga. * Ini karena Windows 10 Non-Insider g ada native support wat encrypted DNS. Windows 10 [Insider dan Windows 11 ada](https://4sysops.com/archives/secure-dns-requests-over-https-doh-in-windows-1011/#doh-support-in-the-operating-system). Kalo butuh OS-wide [pasang aja AGH](https://libredd.it/r/indonesia/comments/tzj5h4/help_i_cant_access_reddit_now_megathread/iigqk2x/). * Intra pake DoH, port 443 (literally HTTPS) g bisa asal blokir (misal yang popular diblokir pun bisa [bikin sendiri](https://github.com/tina-hello/doh-cf-workers) dengan gratis) * simple dnscrypt * Kalo bikin VPN di DO pake [Outline](https://getoutline.org/) g usah nyentuh terminal samsek, tapi ya gitu, buat yang traffic diatas 500 GB sebulan jatuhnya lebih mahal dari VPN komersil. Oracle jatah gratisnya 10 TB sebulan tapi dapet servernya gacha, dan g bisa buat torrent. * SSH Tunneling ## Privacy Security * [Best Privacy Tools in 2022: Encryption Against Surveillance](https://www.privacytools.io/) ## Privacy Tools * [CKs Technology News / Privacy Tools List by CKTN · GitLab](https://gitlab.com/ck-s-technology-news/privacy-tools-list-by-cktn#url-shorteners) * [Farside](https://farside.link/) * [Lingva Translate](https://lingva.ml/) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://irosyadi.gitbook.io/irosyadi/hacking/privacy-security-anonymity.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.