:rocket: Stealth - Secure, Peer-to-Peer, Private and Automateable Web Browser/Scraper/Proxy
Tholian® Stealth is the automateable Web Browser for the Web of Truth and Knowledge.
Its design goals are increased Privacy, increased Automation, adaptive Semantic Understanding and efficient Bandwidth Usage, no matter the cost.
Stealth empowers its Users, not Website Developers that could (,will ,and did) abuse technologies to compromise the freedom and rights of Web Browser End-Users.
Stealth is both a Web Scraper, Web Service and Web Proxy that can serve its own User Interface ("Browser UI") that is implemented using Web Technologies.
It is secure by default, without compromise. It only supports DNS via HTTPS
,
and uses explicitly https://
first, and falls back to http://
only when
necessary and only when the website was not MITM-ed.
It is peer-to-peer and all its features can be reused by standardized network
protocols in order to share resources and reduce bandwidth everywhere. It can
be used as a SOCKS Proxy
, as an adblocking DNS Proxy
, and even as a peer-to-peer
DNS Resolver
or as a peer-to-peer HTTP/S Proxy
that acts as a transparent
reverse caching proxy for its networked external clients.
It always prioritizes efficient bandwidth use and optimizes for sharing local resources with Trusted Peers. Sites continue to be readable, even when being completely offline.
It is multicast DNS-based Service Discovery compatible, so it's able to discover other (local) Peers without any centralized network service which could be potentially blocked and/or compromised.
It uses Blockers
that is on feature-parity with AdBlock Plus, AdGuard, Pi-Hole,
uBlock Origin and uMatrix (in the sense of "all of the above").
It uses Optimizers
to render only the good parts of HTML and CSS. These ensure that
no Client or Peer ever receives any malicious or unwanted content. All Optimizers are
applied across all Site Modes
, and the Site Modes
decide what content or media is
included.
It uses Site Modes
that decide what to load, with incrementally allowed features
(or media types). By default, Stealth will load nothing. The Site Mode next to the
address bar decides what is being loaded.
It uses Site Beacons
that label data on a Site for automated extraction purposes
which help to train Stealth to understand similar Sites on the Web more easily.
This is similar to the "Reader Mode" in other Browsers, but allows integrations with
third-party databases and both exports/imports from/to third-party software in an
automated manner.
It never requests anything unnecessary. The cache is persistent and time sensitive
until the user tells it to refresh
the Site manually or the manually configured
Internet History lifetime has expired.
It uses trust-based Peers
to share the local cache. Peers can receive, interchange,
and synchronize their downloaded contents. This is especially helpful in rural areas,
where internet bandwidth is sparse; and redundant downloads can be saved.
It can act as a Content-Auditing and Content-Filtering Web Proxy for other Web Browsers,
which allows corporate-like setups with a shared peer-to-peer Cache and a local Archive
of the Web. Simply point your SOCKS4/5 or HTTP/S client to http://stealth-service:65432/proxy.pac
.
It offers intelligent solutions for Error scenarios. In case a Site is not available
anymore, the stealth:fix-request
Page allows to download the Site automagically from
trusted Peers or from the Web Archive.
This ain't your Mama's Web Browser. It completely disables ECMAScript in order to improve Privacy. Stealth also does not support any Web API that could potentially send data to malicious Sites.
Stealth can be scripted as a Web Scraper inside node.js
. The Browser
is completely headless, so every single interaction that the Browser UI
reflects can be implemented in a programmable manner, even remotely through trusted Peers
using Stealth's peer-to-peer network services.
Stealth will receive an easy-to-follow Wizard for synchronizing cached content with other Peers in a Wi-Fi / Meshnet setup, so that users can easily select which Sites to backup and synchronize to other Peers.
Stealth in combination with a connected Radar instance will allow to discover global Peers,
and will allow to share and reuse Beacons
and Echoes
that help to automate even more
tasks on the Web.
Stealth will allow peer-to-peer TLS encryption by using intermediary certificates which are shipped with each release and allow to download cached content in a trustless manner by implementing a TLS-based notary mechanism for signing and validating the correctness of content (additionally to the encrypted transport layer).
If you don't wanna deal with the native build toolchain, this is how to get started as quickly as possible:
12
).70
).Safari
latest (minimum version 12
).electron
latest (minimum version 8
).gjs
and WebKit2 GTK
latest (minimum version 4
).git clone https://github.com/tholian-network/stealth.git;
# Make everything
node ./make.mjs;
# Start Stealth Service (optional debug flag)
node ./stealth/stealth.mjs serve --debug=true;
# Open as Progressive Web App
node ./browser/browser.mjs;
# Alternatively open Stealth's Browser UI in a Web Browser
# gio open "http://localhost:65432"
IMPORTANT: On mobile phones, Stealth can be used as a Web App by visiting the URL and adding it to the Home Screen. It will behave like an offline-ready App, and allow to visit downloaded Sites from the Cache; given that the Stealth Service is reachable via Wi-Fi or LAN from your mobile phone.
At this point in Development, Stealth is implemented as a headless node.js Browser/Scraper/Proxy which serves its own HTML5-based User Interface.
At a later point in time, Stealth will be released as a bundle of a node.js fork and with a WebKit fork called RetroKit.
As Stealth is implemented in node.js, RetroKit only functions as a WebView for rendering, and its purpose is to be a WebView with a reduced attack surface, so it removes a lot of APIs that could otherwise be used for tracking and exploitation.
As of today, it is heavily recommended to use Ungoogled Chromium as a Webview if you want to run Stealth via browser/browser.mjs.
(Links will be inserted here once the Stealth releases are ready for the public)
The Guide is currently meant for Developers that are new to the Project. It explains all necessary topics to quickly get started to hack around with Stealth and modify it to fit your needs.
A User's Guide probably will arrive at a later point in time, as Stealth currently has no public release yet.
There's a Telegram Chat available where most technical discussions happen.
You can join it via t.me/tholian_beta or search for Tholian Beta
.
The current roadmap is reflected by unimplemented /issues in this GitHub repository.
A high-level overview is available at our Website's Roadmap, which also lists other projects that will be built in order to integrate Stealth with larger featuresets.
As this project in its current form is highly experimental software, those features can change very rapidly; and lead to at least partial refactors of the codebase as well.
If you have Problems, Suggestions or Ideas that would fit into Stealth, please open up an Issue and we'll be happy to talk about it :)
Private Usage of Stealth, including its Browser and the Covert Testsuite is licensed under GNU GPL 3.
Commercial Usage of Stealth, including its Browser and the Covert Testsuite is only allowed under under a custom available license.
If you want to commercially use the technology behind Stealth, please contact us on https://tholian.network for a license.
(c) 2019-2021 Tholian(r) Network