djedi/privacy-toolkit
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
privacy-toolkit/TOOLS-REFERENCE.md
rpriven 319efece5f
Initial commit
2025-12-31 19:44:07 -07:00

189 lines
6.2 KiB
Markdown
Raw Blame History

# Privacy Toolkit - Tool Candidates
## 🛡️ Document Sanitization
- **Dangerzone** - PDF/Office document sanitizer using container isolation
- Threat: Malicious documents with embedded exploits
- Status: Installation script ready (needs chmod fix for GPG key)
- Source: Freedom of the Press Foundation
- Platform: Linux (Debian/Ubuntu/Fedora)
- **ExifCleaner** - Metadata removal from images/PDFs/videos
- Threat: EXIF data leaking location, camera info, timestamps
- Source: https://github.com/szTheory/exifcleaner
- Platform: Cross-platform (AppImage for Linux)
- **mat2** (Metadata Anonymization Toolkit)
- Threat: Document metadata revealing identity/system info
- Source: apt package, part of Tails
- Platform: Linux
## 🔐 Encryption & Secure Storage
- **VeraCrypt** - Full disk encryption and encrypted containers
- Threat: Physical device seizure, data theft
- Status: Already in use
- Source: https://veracrypt.fr
- Platform: Cross-platform
- **age** - Modern file encryption (simpler than GPG)
- Threat: Sensitive files at rest
- Source: https://github.com/FiloSottile/age
- Platform: Cross-platform, Go binary
- **Cryptomator** - Client-side cloud storage encryption
- Threat: Cloud provider access to files
- Source: https://cryptomator.org
- Platform: Cross-platform
## 📡 Secure Communication
- **Signal Desktop** - E2E encrypted messaging
- Threat: Message interception, surveillance
- Source: https://signal.org
- Platform: Linux (official .deb)
- **SimpleX** - E2E encrypted messaging without identifiers
- Threat: Metadata correlation, phone number linking
- Status: Already documented in PAI
- Source: https://simplex.chat
- Platform: Cross-platform
- **Jami** - P2P encrypted video/audio calls
- Threat: Centralized communication surveillance
- Source: https://jami.net
- Platform: Cross-platform
## 🌐 Anonymity & Network Privacy
- **Tor Browser** - Anonymous web browsing
- Threat: IP tracking, browser fingerprinting
- Source: https://torproject.org
- Platform: Cross-platform
- **ProtonVPN** - Privacy-focused VPN
- Status: Already installed
- Source: https://protonvpn.com
- Platform: Cross-platform
- **OnionShare** - Anonymous file sharing over Tor
- Threat: File transfer metadata, IP exposure
- Source: https://onionshare.org
- Platform: Cross-platform
## 🔍 Metadata & Privacy Analysis
- **ExifTool** - View/edit metadata in files
- Threat: Understanding what metadata you're leaking
- Source: apt package
- Platform: Cross-platform
- **Sherlock** - Username enumeration across platforms
- Threat: Understanding your digital footprint
- Source: https://github.com/sherlock-project/sherlock
- Platform: Python tool
## 🗑️ Secure Deletion
- **BleachBit** - Secure file deletion and system cleaning
- Threat: Forensic recovery of deleted files
- Source: apt package
- Platform: Linux/Windows
- **shred** - Overwrite files securely
- Threat: File recovery after deletion
- Source: GNU coreutils (already installed)
- Platform: Linux
## 🔒 Password & Secret Management
- **KeePassXC** - Offline password manager
- Status: Already in use
- Source: https://keepassxc.org
- Platform: Cross-platform
- **Bitwarden** - Open source password manager (self-hostable)
- Threat: Password reuse, weak passwords
- Source: https://bitwarden.com
- Platform: Cross-platform + self-hosted
## 📧 Email Privacy
- **Thunderbird + Enigmail** - PGP email encryption
- Threat: Email content surveillance
- Source: apt package
- Platform: Cross-platform
- **ProtonMail Bridge** - Use ProtonMail with desktop clients
- Threat: Email metadata, provider access
- Source: https://proton.me
- Platform: Cross-platform
## 🛡️ System Hardening
- **firejail** - Application sandboxing
- Threat: Application exploits compromising system
- Source: apt package
- Platform: Linux
- **AppArmor** - Mandatory Access Control
- Threat: Privilege escalation
- Source: Built into Debian
- Platform: Linux
## 🌐 DNS Privacy
- **dnscrypt-proxy** - Encrypted DNS queries
- Threat: DNS surveillance, ISP tracking
- Source: https://github.com/DNSCrypt/dnscrypt-proxy
- Platform: Cross-platform
- **Unbound** - Validating DNS resolver
- Threat: DNS spoofing, MITM
- Source: apt package
- Platform: Linux
## 📱 Mobile Companion Tools
- **scrcpy** - Control Android via ADB (for testing privacy apps)
- Source: apt package
- Platform: Linux/Windows/macOS
## 🎯 Priority Tools (Install First)
1. Dangerzone - Document sanitization
2. mat2 - Metadata removal
3. Signal Desktop - Secure messaging
4. Tor Browser - Anonymous browsing
5. BleachBit - Secure deletion
6. firejail - App sandboxing
## 📁 Repository Structure Proposal
```
privacy-toolkit/
├── README.md # Overview, threat model intro
├── install.sh # Master handler script
├── tools/
│ ├── dangerzone/
│ │ ├── install.sh # Individual install script
│ │ ├── README.md # What it does, why you need it
│ │ └── verify.sh # Post-install verification
│ ├── mat2/
│ │ ├── install.sh
│ │ ├── README.md
│ │ └── examples/ # Usage examples
│ ├── signal-desktop/
│ └── tor-browser/
├── categories.md # Tools organized by threat model
├── threat-models.md # Common threat scenarios
└── docs/
├── installation-guide.md
├── verification-guide.md # How to verify tools work
└── threat-modeling.md # Help users choose tools
```
## 🔧 Installation Script Template
Each tool should have:
- Distro detection (Debian/Ubuntu/Fedora/Arch)
- GPG key verification (with chmod fix for keyrings!)
- Dependency checking
- Version verification
- Post-install testing
- Cleanup on failure
- Usage examples
## 📝 Notes
- Focus on FOSS tools (auditability)
- Prefer official repositories
- Include threat model for each tool
- Provide usage examples
- Link to official documentation
- Security-focused: verify signatures, check hashes
Reference in a new issue View git blame Copy permalink