The Tor ProjectMar 19, 2025
ICYMI: We just released Onionprobe 1.3.0, a tool for testing and
monitoring the status of Onion Services.
This release fixes a security issue. 🔁 Please upgrade as soon as possible!
https://forum.torproject.org/t/onionprobe-security-release-1-3-0/17864
Onionprobe security release 1.3.0

We just released Onionprobe 1.3.0, a tool for testing and monitoring the status of Onion Services. This release fixes a security issue. Please upgrade as soon as possible! ChangeLog Fixes Standalone monitoring node: SECURITY: use an internal network by default: By default, Prometheus, Alertmanager, Grafana and the Onionprobe exporter are accessible only from localhost or through Onion Services. This prevents exposing these services to the internet in systems that aren’t firewalled. This...

Tor Project Forum
Show threadThe Tor Project
👉 Onionprobe is a tool for testing & monitoring the status of Tor Onion Services sites.
It can run a single time or continuously to probe a set of onion services endpoints and paths, optionally exporting to Prometheus, with Grafana & Alertmanager support.
https://onionservices.torproject.org/apps/web/onionprobe/
Intro - The Onion Services Ecosystem

Mar 19, 2025 at 2:28pmWeb
Show threadKevin Karhan May 4, 2025

@torproject Q: I wish there was a similar tool test #Bridges, as https://bridges.torproject.org/scan/ is not that good and I don't want to hammer it with dozens of addresses, cuz at best that's quite antisocial if not possibly trigger responses assuming this is an intelligence gathering operation.

  • Ideally sone standalone binary that one can just give a list of #TorBridge|s in a text file (similar to the way one can just past them in at #TorBrowser) would help.

I.e.

bridgetest -v4 obfs4 203.0.113.0:80 …

bridgetest -v6 webtunnel [2001:DB8::1]:443 …

bridgetest -list ./tor.bridges.list.private.tsv
  • But maybe #onionprobe already does that. In that case please tell me to "#RTFM!"

Similarly there needs to be a more granular way to request #TorBridges from #BridgeDB (as it's basically impossible to get #IPv4 #Webtunnel addresses nor is there an option to filter for #ports like :80 & :443 to deal with restrictive #firewalls (i.e. on public #WiFi)…

  • there are flags like ipv6=yes but neither ipv4=yes nor ipv6=no yielded me other resultd than #IPv6 webtunnel bridges…

And before anyone asks: Yes, I do have a "legitimate purpose" as some of my contacts do need Bridges to get beyond a mandatory firewall and/or do use #TorBrowser (through an #SSH tunnel) to circumvent Tor & #VPN blocks and maintain privacy (as many companies do block sometimes entire #Hosters' ASNs due to rampant #scrapers

The Tor Project | Privacy & Freedom Online

Defend yourself against tracking and surveillance. Circumvent censorship.

Show threadKevin Karhan May 4, 2025
@torproject and yes those IPs are as per #RFC5737 & #RFC3849 so no bridges were d0xed by this post!
Kevin Karhan :verified: (@[email protected])

@[email protected] Q: I wish there was a similar tool test #Bridges, as https://bridges.torproject.org/scan/ is not that good and I don't want to hammer it with dozens of addresses, cuz at best that's quite antisocial if not possibly trigger responses assuming this is an intelligence gathering operation. - Ideally sone standalone binary that one can just give a list of #TorBridge in a text file (similar to the way one can just past them in at #TorBrowser) would help. I.e. ``` bridgetest -v4 obfs4 203.0.113.0:80 … bridgetest -v6 webtunnel [2001:DB8::1]:443 … bridgetest -list tor.bridges.list.private.tsv ``` Similarly there needs to be a mire granular way to request #TorBridges from #BridgeDB (as it's basically impossible to get #IPv4 #Webtunnel addresses nor is there an option to filter for #ports like ```:80``` & ```:443``` to deal with restrictive #firewalls (i.e. on public #WiFi)… - But maybe #onionprobe already does that. In that case please tell me to *"#RTFM!"*…

Infosec.Space