Feel free to contact me on Twitter - David

Make sure the Applications, Services or Anything else listed below complies with your Local Laws before use. Thanks.

This’ll be a centralised place where I link to Privacy related Resources, I may provide a small description and Resources may range from VPN’s, to Password Managers to Bullet Proof Hosting.


  • Added, Malware and Website Related Section.
  • Updated information regarding Mailfence and added Disroot under Emails.
  • Added a Forums Section it can be found below Hardware Wallets or in the contents.
  • Updated the Encryption section with more stuff.
  • Added a Secure Deletion section under Encryption.
  • Added a Guide's section.
  • Added an Android section, plan on updating it in a few hours, aswell as creating and adding an iOS section right after that.
  • Added an OSINT section.
  • Updated Various sections with extra stuff.


Click to go-to section -

Secure Deletion (Locally)
Malware Related
Hardware Wallets
Email Forwarders
Email .onions
Email Spoofing
Throwaway Emails
Email Lookups
File Hosting
Pomf File Hosts


You should be running the Tor Browser really, use a bridge if needed, also you can run Tor outside the browser without much technical experience. Just to be clear, I am not stating Tor is a VPN it’s far from it, VPN’s are for Privacy and Tor more for anonymity. I won’t get in-to the technical details of Tor, but if you want simple privacy use a VPN, if you’re looking for anonymity, use Tor.

In this section I will be linking to VPN providers, who are seemingly interested and or good at protecting your anonymity or privacy, please note these are two different things, Privacy and Anonymity should never be considered the same as they both contain completely different objectives.

NordVPN  —

Payment: They accept PayPal, Bitcoin, Credit Cards and alot more currencies, visit https://nordvpn.com/pricing to see the rest. It uses OpenVPN technology and also supports other protocols. They offer DoubleVPN servers, which route your traffic through one server in the Netherlands for example and then through another in Russia, this is supposed to protect against servers which are compromised. They also offer Tor Over VPN, P2P Servers, Dedicated IP and DDOS servers. A kill switch is built into the app and can be set easily, they are also offering a new feature named CyberSec, which can be toggled on or off it supposedly, ‘Blocks ads, protects you from malware, DDOS and other threats’ their words not mine. People have however had problems with their lack of support and speed fluctuations. Their company is based in Panama. As far as I can tell they do NOT have a warrant canary.

iVPN   —

In their words ‘We accept all major credit cards, Paypal, Bitcoin and cash. However paying with cash is only available when purchasing an annual subscription.’ They also claim to not keep logs and claim they are not required to by law. They use a ‘VPN Firewall’, which prevents against IP Leaks or in their words ‘makes them impossible’.

They have a warrant canary located here that is updated monthly and signed with their PGP that can be found here. They’re located in Gibraltar.

PerfectPrivacy  —

They accept PayPal, Bitcoin, Cards and Cash. They have a No Logging policy and support OpenVPN, they have a ‘Multi VPN’ function, which “Cascades your VPN connection with up to four OpenVPN servers plus additional proxy and ssh tunnels.” They offer stealth VPN connections, which bypass VPN blocks, they also offer Tor on their servers. They’re based in Panama, they don’t have a warrant canary as far as I can tell.


They have a no-log policy, they accept Bitcoin and Cash, they don’t ask for an email, phone or any other identifying information to sign up they’re also pretty cheap. Based in Switzerland “Under current Swedish law there is no way for them to force us to secretly act against our users so a warrant canary would serve no purpose,” said Mullvad who are based in Sweden.”


Great VPN, their staff are knowledgeable and know their stuff, don’t be put off by the site (It’s not too nice looking in my opinion.), BTC is accepted, they have a no-logs policy and are based in Iceland.


CockLi — I am recommending this one based on Vincent’s {Owner} previous experience with dealing with Law Enforcement, I respect how he’s handled situations in the past. You can also expect this XMPP to not close down for a awhile.

XMPP.IS— Ran by a trusted user and has been running for several years, they offer different xmpp.* domains including .fi, you can also connect over their Tor Server.


It goes without saying that you should be using something like PGP, however just remember that PGP is unique, PGP directly ties you to that Email, that’s why it’s better to use alternative ways of communicating.

The people over at TheBestVPN reached out with a great resource they've put together regarding emailing privately and which services to use, you can find that here. I would like to make a note that, I personally believe that the word 'anonymously' is misued in this post and would better replace it with 'privately', this doesn't takeaway from the great list of resources provided in the article however.

Protonmail.com — Pretty obvious, anyone even slightly interested in InfoSec, OPSEC or Privacy knows about it now, it also has a Tor service, find it at protonmail.com/tor. Upside is it’s free.

TutaNota — Again free, pretty well known, offers different @Domains, downside is you can’t send emails from it without password protection, this could also be seen as an upside or a pain in the ass.

Mailfence — Mailfence reached out with more information regarding their site over Twitter and i've also decided to make an account. Singup is easy, however you'll need a pre-existing email for verification, they say "All encryption operations take place in the browser making it a “true” end-to-end encrypted email solution." Based in Belgium they offer 500mb of space on their free plan and accept Bitcoin to upgrade. More information here.

EasyCrypt — Again, I have barely used this service but i’ve heard good things, it’s also free.

Disroot - They offer a wide variety of services including mail, most their stuff is ran off opensource software and they're based in the Netherlands. Offering the most space out of all at 4GB.

Riseup — If you don’t know riseup then you’re living under a rock, free, but invite only at the moment.

NeoMailbox — Based in Switzerland and unlike the others is paid, it has built in encryption and accepts Bitcoin.


Signal — E2EE encrypted chats, they offer both Mobile and Desktop clients, personal information will be needed to signup.

Ricochet — Concept seems pretty nice, I am still yet to use it alot due to a small amount of people on it. Connects over Tor, decentralised.

Jitsi — Opensource, Multi Platform, Encrypted video messaging.

Xabber — OTR Chat for Android.

CryptoCat — Encrypted messaging, open source, free, Multi Platform.

ChatSecure — Mobile client for XMPP, uses OMEMO.

Pidgin — Mainly for known for windows, but can be used on other OS’s, an Instant Messaging Client.

Tor Messenger - Tor in BETA Messenger for XMPP, IRC and more. Comes pre-bundled with OTR and routes all traffic through Tor.

Encrypted Stuff:

SpiderOak — I personally don’t have any experience with spider oak, but from what i’ve read it seems to encrypt things on the client side and has a ‘Zero Knowledge’ type policy.

Veracrypt — It’s an upgraded version of TrueCrypt, you can create encrypted partitions, full disk encryption is also possible you can also just encrypt something like a flash drive.

GPG4WIN — File and Email encryption, this is for Windows only, it goes without saying that Windows isn’t generally good for Privacy anyway.

LUKS - Linux Unified Key System - Cryptsetup and LUKS - open-source disk encryption.

Cryptonite - Cryptonite brings EncFS and TrueCrypt to Android. You can browse, export and open EncFS-encrypted directories and files on your Dropbox and on your phone. On rooted phones that support FUSE (e.g. CyanogenMod) you can also mount EncFS and TrueCrypt volumes

Secure Deletion:

DBAN (Dariks Boot And Nuke) - DBAN is a well known and opensource secure disk eraser. It's designed to securely wipe hard disks until no data is left / recoverable.

Eraser - Erasers an opensource file deletion program for windows, it allows you to securely delete files, folders and partitions with several different algorithms to choose from.

ATA Secure Erase - Securely wipe most PATA/SATA hard drives manufactured this century.

LUKS Erase / Killswitch - More info here


Qubes— An Open Source OS heavily focused on compartmentalisation Tor — Click Me

Debian — Free and Open Source. They also have a Tor site here

Discreete-Linux — This is a bit different to the other OS’s above, I recommend visiting the site if you’re interested.

Whonix — Made for VM’s, Privacy and Anonymity focused.

Tails - Routes everything through Tor.

SubgraphOS - Free, open-source, and verifiably trustworthy.


F-Droid - F-Droid is an Android Google Play alternative, it contains a catalogue of FOSS (Free and Open Source Software) apps.

Copperhead - CopperheadOS is a security and privacy focused mobile operating system compatible with Android apps.

Orbot - Orbot is a Free Proxy app that uses Tor to encrypt your Internet Traffic. It's available on the Google Play store aswell as F-Droid and also as a direct download from their site.


ChatSecure - Free and Open Source, iOS XMPP App, uses OMEMO and OTR.

OpenVPN Connect - OpenVPN for iOS.

DuckDuckGo Browser App - The Official DuckDuckGo Browser for iOS, block trackers, ads and more.

Hardware BTC Wallet:

Trezor — Worlds first Secure Hardware Wallet, supports multiple currencies, made by SatoshiLabs.

Ledger Nano S — Cheapest out of most Wallets, Secure Multi Currencies, 2016.

KeepKey — Multi-Currencies, Secure, 2015.


Greysec — A privacy related forum, with other sections, generally skid free.

0x00sec - Unused by me, however seems to contain alot of good content.

Website Related:

Njalla — Njalla is a privacy focused Domain Registration, you can signup with your XMPP / Jabber address and buy domains with BTC and other Crypto Currencies, they essentially act as a Proxy by purchasing the domain for you. Their Tor Site: Here

DNSTrails - View previous DNS information aswell as old and current WHOIS data.


OSINT Framework - A great list of OSINT aswell as Privacy resources. Great design and layout.

Awesome OSINT - A self proclaimed "curated list of amazingly awesome OSINT".

Tweep - Twitter tool to efficiently search, download and analyse Tweets. Doesn't require an API key and bypasses alot of limitations.

XDD2, XDD3 and XDDUK all offer Fake Identities, they're made from real data, which is then mixed up. The first two offer US identities and XDDUK offers UK ones.

Malware Related:

VirusTotal - Antivirus scanner / Malware search engine. Search by hash, domain and more.

NoDistribute - Malware / Antivirus scanner, which claims to never Distribute the files you upload.

VirusBay Beta - An in Beta, collaborative platform for Malware Researchers.

Search Engines:

Searx — Searx, is open-source, it displays the best results from Google and Bing, aswell as this it respects your Privacy.

Startpage — Startpage also known as IXQuick, proxy the best search results for you.

DuckDuckGo — Well-known Privacy Respecting Search Engine.

Qwant — Privacy respecting search engine, which displays Web & Social Media Results.


I won’t be providing a caption with these as the name generally explains it.


uBlock — Here
NoScript — Here
Self-Destructing Cookies — Here
Privacy Badger — Here
Disconnect — Here
Privacy Settings — Here


Official WebRTC limiter - Here
Privacy Badger - Here
HTTPSEverywhere - Here
Decentraleyes - Here
ScriptSafe - Here


Firefox — Here
Tor Browser — Here 
Opera — Here
Brave — Here
Epic Privacy Browser — Here

Email Forwarders:

Email Forwarders give you a different email, which then forwards everything it gets to your personal one.

NotSharingMyInfo — Here
MailNull — Here
Volto — Here

Email Onions:

This is purely to help people find the Onions, Linking here doesn’t mean the mails are good or not.


Email Anonymously:

Emkei — Here
Anonymousemail — Here
Guerrillamail — Here

Throwaway Mails:

DiscardEmail — Here
MailGutter — Here
Mailinator — Here
10MinuteMail - Here


Lookup Email: [The Legality of some if not all of these services is a grey area. Make sure they comply with your local laws.]


File Hosting:

Firefox Send - Send files through a safe, private, and encrypted link that automatically expires to ensure your stuff does not remain online forever.

Reep - Reep uses modern WebRTC technology to enable peer-to-peer file transfers between two browsers.

Pomf File Hosting -



I'm Dave the co-owner of TheManyHatsClub, you'll find that most of my posts will focus around online privacy and security.

Read More
Centralised Place For Privacy Resources