TorServ is a zero-configuration static web server that instantly launches as a Tor hidden service, with no setup or dependencies. It’s built for anonymous, censorship-resistant hosting in privacy-critical or high-risk environments.

Unzip and run — TorServ includes hardened security defaults, built-in Tor integration, and a multilingual landing page to help visitors stay safe on the dark web.

📢 Follow development: @TorServ1

🔗 Main Website: https://torserv.org

🛠️ Website Source Code: https://github.com/torserv/torserv-web

TorServ automatically launching your Tor hidden service with no setup

TorServe.org is accessible via the Tor network:

torservqv27yflqzhe75mojvxp364rfhqjobkte4q5v2u2jjuokchoid.onion

Use the Tor Browser to visit.

Have ideas? Questions? Concerns? Whether you're a privacy expert or just Tor-curious, your input matters.

👉 Join the discussions and help steer TorServ in the right direction — no question is too small, all feedback is welcome and encouraged.

Unzip → Execute binary → Get instant .onion address

The Tor hidden service starts automatically. The .onion address is printed to the console.

• 🧳 Zero-config setup: unzip → run → receive .onion URL
• 🕳️ No clearnet exposure: listens only on 127.0.0.1
• 🕵️ Privacy-first: no logs, no outbound traffic, no analytics
• 🛡️ Safe defaults for hostile environments (assume compromise, not safety)
• 🌐 Multilingual landing page with built-in safety guide (no JS required)
• 💻 Prebuilt binaries for Linux (x64) and Raspberry Pi (ARMv7/ARM64)

• ✅ Hardened static file server written in Go (raw TCP, no framework)
• ✅ Automatic Tor hidden service, self-contained (bundled tor)
• ✅ Multilingual index.html with embedded safety instructions
• ✅ Image metadata scrubbing for JPEG, PNG, GIF, BMP
• ✅ Optional .onion key rotation via --new-key
• ✅ Encrypted file paths in HTML — no filenames or directories exposed
• ✅ Chunked transfer encoding + response padding to resist fingerprinting
• ✅ Timing jitter (50–200ms) masks request-response patterns
• ✅ No JS, no clearnet fetches, no cacheable responses

• 🔐 Header Sanitization – Strips Date, ETag, Last-Modified, User-Agent, etc.
• 🧱 Localhost Binding Only – Never exposed to public interfaces
• 🧼 Metadata Scrubbing – EXIF and other metadata removed from supported image types
• 🕒 Timing Obfuscation – Adds random response delay to reduce timing attacks
• 📦 Response Padding – Uniform response sizes to prevent content inference
• 🚫 No Caching – Disables all cache headers to avoid leak-through
• 🧳 Offline-Only Assets – Fully self-contained; no JS, fonts, or network calls
• 🌍 Static Safety Guide – Tabbed multilingual HTML, fully local
• 🧊 File/Path Obfuscation – Encrypted file references, not human-readable
• 🤖 Scanning Bot Trap – Bots scanning for non existent directories/files get a slow trickle of garbage instead of 404
• 🔒 Firejail Sandboxing – Automatically runs in a lightweight security sandbox if Firejail is installed

unzip torserv-linux-amd64.zip
cd TorServ
./torserv

unzip torserv-rpi-arm64.zip
cd TorServ
./torserv

The Tor hidden service will start and print a .onion address to the terminal. Use Tor Browser to access it.

⚠️ Note: Windows release dropped due to aggressive antivirus false positives. You may still build from source if desired.

TorServe now includes built-in Firejail sandboxing. If Firejail is installed, TorServe will automatically re-execute itself inside a secure container to reduce attack surface.

Just run TorServe as usual:

./torserv

If Firejail is available, you’ll see:

[*] Launching inside Firejail sandbox...

If Firejail is not installed, TorServe will still run normally and recommend installing it for improved security.

To skip sandboxing (e.g., for debugging):

./torserv --no-firejail

sudo apt update
sudo apt install firejail

torserv is written in Go and requires the Tor binary to be present in a tor/ directory inside the project.

• Go 1.20+
• Git
• tor binary (from torproject.org)
• Optional: cross-compilers for other platforms

git clone https://github.com/torserv/torserv.git
cd TorServ
mkdir tor/

sudo apt update
sudo apt install tor
which tor
cp $(which tor) tor/

Same applies on Raspberry Pi if using Raspbian/Debian.

Download the Tor Expert Bundle and place tor.exe into tor\.

go build -o release/linux/TorServ/torserv ./cmd/torserv

GOOS=windows GOARCH=amd64 CGO_ENABLED=0 \
go build -o release/windows/TorServ/torserv.exe ./cmd/torserv

GOOS=linux GOARCH=arm64 CGO_ENABLED=0 \
go build -o release/rpi/TorServ/torserv ./cmd/torserv

Your binary will be in: release/<platform>/TorServ/

Copy it to the project root to run:

./torserv

torserv will auto-launch the Tor hidden service if tor/ is present. If not, it will exit.

• English (default)
• 简体中文 (Simplified Chinese)
• Español (Spanish)
• Русский (Russian)
• فارسی (Farsi)
• Italiano (Italian)
• 한국어 (Korean)

This project is licensed under the MIT License (see LICENSE file)

You’ll need the Tor Browser to access .onion sites.

If you care about privacy, consider supporting the Tor Project.

Welcoming:

• 🔐 Security audits
• 🐞 Bug reports
• 🌟 Feature requests
• 🌍 Translations
• 💻 Code contributions
• 🧠 Thoughtful feedback
• 💸 Financial support - This project incurs monthly expenses to run

torserv bundles the unmodified official tor binary for convenience. Tor is licensed under the BSD 3-Clause License.

This project is not affiliated with or endorsed by the Tor Project. All credit for Tor belongs to The Tor Project.