djedi/privacy-toolkit
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
privacy-toolkit/install-apt-tools.sh

257 lines
6 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
set -euo pipefail
# ==============================================================================
# Privacy Toolkit - APT-based Tools Installation
# ==============================================================================
# Installs all privacy tools available via apt repositories
# ==============================================================================
# Colors
readonly GREEN='\033[0;32m'
readonly YELLOW='\033[1;33m'
readonly BLUE='\033[0;34m'
readonly NC='\033[0m'
log() { echo -e "${GREEN}[INFO]${NC} $*"; }
warn() { echo -e "${YELLOW}[WARN]${NC} $*"; }
section() { echo -e "${BLUE}=== $* ===${NC}"; }
# APT-based privacy tools organized by category
declare -A TOOLS=(
# Encryption & Password Management
["keepassxc"]="Offline password manager"
["age"]="Modern file encryption"
# Metadata & Privacy
["mat2"]="Metadata Anonymization Toolkit"
["exiftool"]="EXIF metadata editor"
# Secure Deletion
["shred"]="Secure file overwriting (from coreutils)"
["bleachbit"]="System cleaning and secure deletion"
# Network Privacy & Anonymity
["tor"]="Tor anonymity network daemon"
["torsocks"]="Torify applications"
["onionshare"]="Anonymous file sharing over Tor (GUI)"
["onionshare-cli"]="Anonymous file sharing over Tor (CLI)"
# System Hardening
["firejail"]="Application sandboxing"
# OSINT & Privacy Analysis
["sherlock"]="Username enumeration tool"
# YubiKey & Hardware Security Keys
["yubikey-manager"]="YubiKey configuration tool (ykman)"
["pcscd"]="PC/SC Smart Card Daemon"
["scdaemon"]="GPG smart card daemon"
["libpam-u2f"]="PAM module for U2F/FIDO2 auth"
# GPG Utilities
["paperkey"]="Extract GPG secret key for paper backup"
# Monitoring & Detection
["inotify-tools"]="Filesystem event monitoring (for honeyfiles)"
# Privacy Analysis & Recon
["nmap"]="Network scanner"
["whois"]="Domain/IP lookup"
)
section "Privacy Toolkit - APT Tools Installation"
echo ""
log "Updating package lists..."
sudo apt update
echo ""
section "Available Privacy Tools"
echo ""
# Show tools
for tool in "${!TOOLS[@]}"; do
echo "$tool - ${TOOLS[$tool]}"
done
echo ""
read -p "Install all tools? [Y/n] " -n 1 -r
echo
if [[ ! $REPLY =~ ^[Yy]$ ]] && [[ -n $REPLY ]]; then
log "Installation cancelled"
exit 0
fi
echo ""
section "Installing Tools"
echo ""
# Track installation results
installed=()
already_installed=()
failed=()
for tool in "${!TOOLS[@]}"; do
if dpkg -l | grep -q "^ii $tool "; then
log "$tool already installed"
already_installed+=("$tool")
else
log "Installing $tool..."
if sudo apt install -y "$tool" 2>&1 | grep -q "Unable to locate package"; then
warn "$tool not available in repositories"
failed+=("$tool")
else
log "$tool installed"
installed+=("$tool")
fi
fi
done
echo ""
section "Installation Summary"
echo ""
if [ ${#installed[@]} -gt 0 ]; then
echo "✅ Newly installed (${#installed[@]}):"
for tool in "${installed[@]}"; do
echo "$tool"
done
echo ""
fi
if [ ${#already_installed[@]} -gt 0 ]; then
echo "✓ Already installed (${#already_installed[@]}):"
for tool in "${already_installed[@]}"; do
echo "$tool"
done
echo ""
fi
if [ ${#failed[@]} -gt 0 ]; then
echo "⚠ Failed/Not available (${#failed[@]}):"
for tool in "${failed[@]}"; do
echo "$tool"
done
echo ""
fi
section "Versions"
echo ""
# Show versions for key tools
echo "OnionShare: $(apt-cache policy onionshare | grep Candidate | awk '{print $2}')"
echo "Tor: $(apt-cache policy tor | grep Candidate | awk '{print $2}')"
echo "mat2: $(dpkg -l | grep "^ii mat2 " | awk '{print $3}' || echo 'not installed')"
echo "KeePassXC: $(dpkg -l | grep "^ii keepassxc " | awk '{print $3}' || echo 'not installed')"
echo ""
section "Quick Usage Examples"
echo ""
cat << 'USAGE'
OnionShare:
# Share a file anonymously
onionshare-cli /path/to/file
# Receive files anonymously
onionshare-cli --receive
mat2:
# Remove metadata from file
mat2 document.pdf
# Clean entire directory
mat2 --inplace *.jpg
Tor + torsocks:
# Run command through Tor
torsocks curl https://check.torproject.org/
# Torify an application
torsocks firefox
firejail:
# Sandbox an application
firejail firefox
# Sandbox with no network
firejail --net=none risky-app
ExifTool:
# View metadata
exiftool image.jpg
# Strip all metadata
exiftool -all= image.jpg
KeePassXC:
# Launch GUI
keepassxc
# CLI (if available)
keepassxc-cli
age:
# Generate key
age-keygen -o key.txt
# Encrypt file
age -e -r <public-key> file.txt > file.txt.age
# Decrypt file
age -d -i key.txt file.txt.age > file.txt
YubiKey (ykman):
# List connected YubiKeys
ykman list
# Show detailed info
ykman info
# Check OTP slot status
ykman otp info
# Check OpenPGP status
ykman openpgp info
# GPG smart card status (requires pcscd running)
gpg --card-status
paperkey (GPG backup):
# Extract secret key to paper-friendly format
gpg --export-secret-key KEY_ID | paperkey --output secret.txt
# Restore from paper backup (needs public key)
paperkey --pubring pubkey.gpg --secrets secret.txt | gpg --import
inotify-tools (file monitoring):
# Watch directory for any changes
inotifywait -m -r /path/to/watch
# Trigger on specific events (access, modify, create)
inotifywait -m -e access,modify ~/.honeypot/
nmap (network scanning):
# Quick scan of local network
nmap -sn 192.168.1.0/24
# Service/version detection
nmap -sV target.com
# OS detection (requires root)
sudo nmap -O target.com
USAGE
echo ""
section "Installation Complete!"
echo ""
log "📚 For detailed usage, see:"
log " - OnionShare: https://docs.onionshare.org/"
log " - Tor: https://tb-manual.torproject.org/"
log " - mat2: https://0xacab.org/jvoisin/mat2"
log " - KeePassXC: https://keepassxc.org/docs/"
echo ""
Reference in a new issue View git blame Copy permalink