MCPcopy Index your code
hub / github.com/s-rah/onionscan

github.com/s-rah/onionscan @OnionScan-0.2 sqlite

repository ↗ · DeepWiki ↗ · release OnionScan-0.2 ↗
783 symbols 1,773 edges 59 files 112 documented · 14%
README

What is OnionScan?

Build Status Go Report Card

OnionScan is a free and open source tool for investigating the Dark Web. For all the amazing technological innovations in the anonymity and privacy space, there is always a constant threat that has no effective technological patch - human error.

Whether it is operational security leaks or software misconfiguration - most often times the attacks on anonymity don't come from breaking the underlying systems, but from ourselves.

OnionScan has two primary goals:

  • We want to help operators of hidden services find and fix operational security issues with their services. We want to help them detect misconfigurations and we want to inspire a new generation of anonymity engineering projects to help make the world a more private place.

  • Secondly we want to help researchers and investigators monitor and track Dark Web sites. In fact we want to make this as easy as possible. Not because we agree with the goals and motives of every investigation force out there - most often we don't. But by making these kinds of investigations easy, we hope to create a powerful incentive for new anonymity technology (see goal #1)

Installing

A Note on Dependencies

In order to install OnionScan you will need the following dependencies not provided by the core go standard library:

  • golang.org/x/net/proxy - For the Tor SOCKS Proxy connection.
  • golang.org/x/net/crypto - For PGP parsing
  • golang.org/x/net/html - For HTML parsing
  • github.com/rwcarlsen/goexif - For EXIF data extraction.
  • github.com/HouzuoGuo/tiedot/db - For crawl database.

Grab with go get

go get github.com/s-rah/onionscan

Compile/Run from git cloned source

Once you have cloned the repository into somewhere that go can find it you can run go install github.com/s-rah/onionscan and then run the binary in $GOPATH/bin/onionscan.

Alternatively, you can just do go run github.com/s-rah/onionscan.go to run without compiling.

Quick Start

For a simple report detailing the high, medium and low risk areas found with a hidden service:

onionscan notarealhiddenservice.onion

The most interesting output comes from the verbose option:

onionscan --verbose notarealhiddenservice.onion

There is also a JSON output, if you want to integrate with another program or application:

onionscan --jsonReport notarealhiddenservice.onion

If you would like to use a proxy server listening on something other that 127.0.0.1:9050, then you can use the --torProxyAddress flag:

onionscan --torProxyAddress=127.0.0.1:9150 notarealhiddenservice.onion

More detailed documentation on usage can be found in doc.

What is scanned for?

A list of privacy and security problems which are detected by OnionScan can be found here.

You can also directly configure the types of scanning that onionscan does using the scans parameter.

./bin/onionscan --scans web notarealhiddenservice.onion

Running the OnionScan Correlation Lab

If you are a researcher monitoring multiple sites you will definitely want to use the OnionScan Correlation Lab - a web interface hosted by OnionScan that allows you to discover, search and tag different identity correlations.

You can find a full guide on the OnionScan correlation lab here.

Extension points exported contracts — how you extend this code

SimpleReportCheck (Interface)
Interface for SimpleReport checks [10 implementers]
report/simple_report.go
PipelineStep (Interface)
PipelineStep is an interface that functions can use to declare themselves as a pipeline step [4 implementers]
onionscan/pipeline.go
Scanner (Interface)
(no doc) [11 implementers]
protocol/protocol_scanner.go

Core symbols most depended-on inside this repo

LogInfo
called by 74
config/onionscan_config.go
addRegexToken
called by 55
templates/scripts/chart.bundle.js
addFormatToken
called by 46
templates/scripts/chart.bundle.js
getParsingFlags
called by 35
templates/scripts/chart.bundle.js
toInt
called by 35
templates/scripts/chart.bundle.js
InsertRelationship
called by 28
crawldb/crawldb.go
cubicBezier
called by 26
templates/scripts/cytoscape.js
addParseToken
called by 24
templates/scripts/chart.bundle.js

Shape

Function 629
Method 89
Struct 60
Interface 3
TypeAlias 2

Languages

TypeScript72%
Go28%

Modules by API surface

templates/scripts/chart.bundle.js318 symbols
templates/scripts/cytoscape.js249 symbols
report/simple_report.go30 symbols
protocol/bitcoin_scanner.go18 symbols
crawldb/crawldb.go16 symbols
webui/webui.go14 symbols
report/anonymity_report.go9 symbols
protocol/bitcoin_scanner_test.go9 symbols
report/onionscanreport.go8 symbols
deanonymization/check_bitcoin_addresses.go8 symbols
onionscan/pipeline.go6 symbols
deanonymization/env_test.go5 symbols

For agents

$ claude mcp add onionscan \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact