Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

Overview

Take Note!

  • With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produced hosts files should be made with the appropriate data source that contributed the content in question. The contact information for all of the data sources can be found in the hosts/data/ directory.

Logo

latest release license repo size contributors Build Status Code style: black commits since last release last commit commit activity

Unified hosts file with base extensions

This repository consolidates several reputable hosts files, and merges them into a unified hosts file with duplicates removed. A variety of tailored hosts files are provided.

List of all hosts file variants

This repository offers 15 different host file variants, in addition to the base variant.

The Non GitHub mirror is the link to use for some hosts file managers like Hostsman for Windows that don't work with GitHub download links.

Host file recipe Readme Raw hosts Unique domains Non GitHub mirror
Unified hosts = (adware + malware) Readme link 67,781 link
Unified hosts + fakenews Readme link 69,976 link
Unified hosts + gambling Readme link 70,162 link
Unified hosts + porn Readme link 93,966 link
Unified hosts + social Readme link 70,586 link
Unified hosts + fakenews + gambling Readme link 72,357 link
Unified hosts + fakenews + porn Readme link 96,161 link
Unified hosts + fakenews + social Readme link 72,781 link
Unified hosts + gambling + porn Readme link 96,347 link
Unified hosts + gambling + social Readme link 72,967 link
Unified hosts + porn + social Readme link 96,770 link
Unified hosts + fakenews + gambling + porn Readme link 98,542 link
Unified hosts + fakenews + gambling + social Readme link 75,162 link
Unified hosts + fakenews + porn + social Readme link 98,965 link
Unified hosts + gambling + porn + social Readme link 99,151 link
Unified hosts + fakenews + gambling + porn + social Readme link 101,346 link

Expectation: These unified hosts files should serve all devices, regardless of OS.

Sources of hosts data unified in this variant

Updated hosts files from the following locations are always unified and included:

Host file source Description Home page Raw hosts Update frequency License Issues
Steven Black's ad-hoc list Additional sketch domains as I come across them. link raw occasionally MIT issues
AdAway AdAway is an open source ad blocker for Android using the hosts file. link raw frequently CC BY 3.0 issues
add.2o7Net 2o7Net tracking sites based on hostsfile.org content. link raw occasionally MIT issues
add.Dead Dead sites based on hostsfile.org content. link raw occasionally MIT issues
add.Risk Risk content sites based on hostsfile.org content. link raw occasionally MIT issues
add.Spam Spam sites based on hostsfile.org content. link raw occasionally MIT issues
Mitchell Krog's - Badd Boyz Hosts Sketchy domains and Bad Referrers from my Nginx and Apache Bad Bot and Spam Referrer Blockers link raw weekly MIT issues
hostsVN Hosts block ads of Vietnamese link raw occasionally MIT issues
KADhosts Fraud/adware/scam websites. link raw frequently CC BY-SA 4.0 issues
MetaMask eth-phishing-detect Phishing domains targeting Ethereum users. link raw frequent DON'T BE A DICK PUBLIC LICENSE issues
MVPS hosts file The purpose of this site is to provide the user with a high quality custom HOSTS file. link raw monthly CC BY-NC-SA 4.0 issues
orca.pet This is a domain list for blocking phishing and malware sites . link raw frequent ISC issues
osint.digitalside.it DigitalSide Threat-Intel malware domains list. link raw daily MIT issues
shady-hosts Analytics, ad, and activity monitoring hosts link raw occasionally CC0-1.0 issues
Dan Pollock – someonewhocares How to make the internet not suck (as much). link raw frequently non-commercial with attribution issues
Tiuxo hostlist - ads Categorized hosts files for DNS based content blocking link raw occasional CC BY 4.0 issues
UncheckyAds Windows installers ads sources sites based on https://unchecky.com/ content. link raw occasionally MIT issues
URLHaus A project from abuse.ch with the goal of sharing malicious URLs. link raw weekly CC0 issues
yoyo.org Blocking with ad server and tracking server hostnames. link raw frequently issues

Extensions

The unified hosts file is optionally extensible. Extensions are used to include domains by category. Currently, we offer the following categories: fakenews, social, gambling, and porn.

Extensions are optional, and can be combined in various ways with the base hosts file. The combined products are stored in the alternates folder.

Data for extensions are stored in the extensions folder. You manage extensions by curating this folder tree, where you will find the data for fakenews, social, gambling, and porn extension data that we maintain and provide for you.

Generate your own unified hosts file

You have two options to generate your own hosts file. You can do it in your own environment, or within a Docker container. We'll cover Docker first because it's a short section.

Option 1: Generate in a Docker container

We provide a Dockerfile that you can use to create a Docker container with everything you need. The container will contain Python 3 and all its dependency requirements, and a copy of the latest version of this repository.

Build the Docker container like this:

docker build ./

Access the terminal like this:

docker run -it (containerid) bash

Option 2: Generate it in your own environment.

To generate your own amalgamated hosts files you will need Python 3.5 or later.

First, install the dependencies with:

pip3 install --user -r requirements.txt

Note we recommend the --user flag which installs the required dependencies at the user level. More information about it can be found on pip documentation.

Common steps regardless of your development environment.

To run unit tests, in the top-level directory, run:

python3 testUpdateHostsFile.py

The updateHostsFile.py script will generate a unified hosts file based on the sources in the local data/ subfolder. The script will prompt you whether it should fetch updated versions (from locations defined by the update.json text file in each source's folder). Otherwise, it will use the hosts file that's already there.

python3 updateHostsFile.py [--auto] [--replace] [--ip nnn.nnn.nnn.nnn] [--extensions ext1 ext2 ext3]

Command line options:

--help, or -h: display help.

--auto, or -a: run the script without prompting. When --auto is invoked,

  • Hosts data sources, including extensions, are updated.
  • No extensions are included by default. Use the --extensions or -e flag to include any you want.
  • Your active hosts file is not replaced unless you include the --replace flag.

--backup, or -b: Make a backup of existing hosts file(s) as you generate over them.

--extensions <ext1> <ext2> <ext3>, or -e <ext1> <ext2> <ext3>: the names of subfolders below the extensions folder containing additional category-specific hosts files to include in the amalgamation. Example: --extensions porn or -e social porn.

--flush-dns-cache, or -f: skip the prompt for flushing the DNS cache. Only active when --replace is also active.

--ip nnn.nnn.nnn.nnn, or -i nnn.nnn.nnn.nnn: the IP address to use as the target. Default is 0.0.0.0.

--keepdomaincomments, or -k: true (default) or false, keep the comments that appear on the same line as domains. The default is true.

--noupdate, or -n: skip fetching updates from hosts data sources.

--output <subfolder>, or -o <subfolder>: place the generated source file in a subfolder. If the subfolder does not exist, it will be created.

--replace, or -r: trigger replacing your active hosts

--skipstatichosts, or -s: false (default) or true, omit the standard section at the top, containing lines like 127.0.0.1 localhost. This is useful for configuring proximate DNS services on the local network.

--nogendata, or -g: false (default) or true, skip the generation of the readmeData.json file used for generating readme.md files. This is useful if you are generating host files with additional whitelists or blacklists and want to keep your local checkout of this repo unmodified.

--compress, or -c: false (default) or true, Compress the hosts file ignoring non-necessary lines (empty lines and comments) and putting multiple domains in each line. Reducing the number of lines of the hosts file improves the performances under Windows (with DNS Client service enabled).

--minimise, or -m: false (default) or true, like --compress, but puts each domain on a separate line. This is necessary because many implementations of URL blockers that rely on hosts files do not conform to the standard which allows multiple hosts on a single line.

--blacklist <blacklistfile>, or -x <blacklistfile>: Append the given blacklist file in hosts format to the generated hosts file.

--whitelist <whitelistfile>, or -w <whitelistfile>: Use the given whitelist file to remove hosts from the generated hosts file.

Using NixOS:

To install hosts file on your machine add the following into your configuration.nix:

{
  networking.extraHosts = let
    hostsPath = https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts;
    hostsFile = builtins.fetchurl hostsPath;
  in builtins.readFile "${hostsFile}";
}
  • NOTE: Change hostsPath if you need other versions of hosts file.
  • NOTE: The call to fetchurl is impure. Use fetchFromGitHub with the exact commit if you want to always get the same result.

How do I control which sources are unified?

Add one or more additional sources, each in a subfolder of the data/ folder, and specify the url key in its update.json file.

Add one or more optional extensions, which originate from subfolders of the extensions/ folder. Again the url in update.json controls where this extension finds its updates.

Create an optional blacklist file. The contents of this file (containing a listing of additional domains in hosts file format) are appended to the unified hosts file during the update process. A sample blacklist is included, and may be modified as you need.

  • NOTE: The blacklist is not tracked by git, so any changes you make won't be overridden when you git pull this repo from origin in the future.

How do I include my own custom domain mappings?

If you have custom hosts records, place them in file myhosts. The contents of this file are prepended to the unified hosts file during the update process.

The myhosts file is not tracked by git, so any changes you make won't be overridden when you git pull this repo from origin in the future.

How do I prevent domains from being included?

The domains you list in the whitelist file are excluded from the final hosts file.

The whitelist uses partial matching. Therefore if you whitelist google-analytics.com, that domain and all its subdomains won't be merged into the final hosts file.

The whitelist is not tracked by git, so any changes you make won't be overridden when you git pull this repo from origin in the future.

How can I contribute hosts records?

If you discover sketchy domains you feel should be included here, here are some ways to contribute them.

Option 1: contact one of our hosts sources

The best way to get new domains included is to submit an issue to any of the data providers whose home pages are listed here. This is best because once you submit new domains, they will be curated and updated by the dedicated folks who maintain these sources.

Option 2: Fork this repository, add your domains to Steven Black's personal data file, and submit a pull request

Fork this hosts this repo and add your links to https://github.com/StevenBlack/hosts/blob/master/data/StevenBlack/hosts.

Then, submit a pull request.

WARNING: this is less desirable than Option 1 because the ongoing curation falls on us. So this creates more work for us.

Option 3: create your own hosts list as a repo on GitHub

If you're able to curate your own collection of sketchy domains, then curate your own hosts list. Then signal the existence of your repo as a new issue and we may include your new repo into the collection of sources we pull whenever we create new versions.

What is a hosts file?

A hosts file, named hosts (with no file extension), is a plain-text file used by all operating systems to map hostnames to IP addresses.

In most operating systems, the hosts file is preferential to DNS. Therefore if a domain name is resolved by the hosts file, the request never leaves your computer.

Having a smart hosts file goes a long way towards blocking malware, adware, and other irritants.

For example, to nullify requests to some doubleclick.net servers, adding these lines to your hosts file will do it:

# block doubleClick's servers
0.0.0.0 ad.ae.doubleclick.net
0.0.0.0 ad.ar.doubleclick.net
0.0.0.0 ad.at.doubleclick.net
0.0.0.0 ad.au.doubleclick.net
0.0.0.0 ad.be.doubleclick.net
# etc...

We recommend using 0.0.0.0 instead of 127.0.0.1

Traditionally most host files use 127.0.0.1, the loopback address, to establish an IP connection to the local machine.

We prefer to use 0.0.0.0, which is defined as a non-routable meta-address used to designate an invalid, unknown, or non-applicable target.

Using 0.0.0.0 is empirically faster, possibly because there's no wait for a timeout resolution. It also does not interfere with a web server that may be running on the local PC.

Why not use 0 instead of 0.0.0.0?

We tried that. Using 0 doesn't work universally.

Location of your hosts file

To modify your current hosts file, look for it in the following places and modify it with a text editor.

macOS (until 10.14.x macOS Mojave), iOS, Android, Linux: /etc/hosts file.

macOS Catalina: /private/etc/hosts file.

Windows: %SystemRoot%\system32\drivers\etc\hosts file.

Gentoo

Gentoo users may find sb-hosts in ::pf4public Gentoo overlay

Updating hosts file on Windows

(NOTE: See also some third-party Hosts managers, listed below.)

On Linux and macOS, run the Python script. On Windows more work is required due to compatibility issues so it's preferable to run the batch file as follows:

updateHostsWindows.bat

This file MUST be run in command prompt with administrator privileges in the repository directory. In addition to updating the hosts file, it can also replace the existing hosts file, and reload the DNS cache. It goes without saying that for this to work, you must be connected to the internet.

To open a command prompt as administrator in the repository's directory, do the following:

Windows XP: Start → Run → cmd

Windows Vista, 7: Start Button → type cmd → right-click Command Prompt → "Run as Administrator"

Windows 8: Start → Swipe Up → All Apps → Windows System → right-click Command Prompt → "Run as Administrator"

Windows 10: Start Button → type cmd → right-click Command Prompt → "Run as Administrator"

You can also refer to the "Third-Party Hosts Managers" section for further recommended solutions from third parties.

Reloading hosts file

Your operating system will cache DNS lookups. You can either reboot or run the following commands to manually flush your DNS cache once the new hosts file is in place.

The Google Chrome browser may require manually cleaning up its DNS Cache on chrome://net-internals/#dns page to thereafter see the changes in your hosts file. See: https://superuser.com/questions/723703

Windows

Open a command prompt with administrator privileges and run this command:

ipconfig /flushdns

Linux

Open a Terminal and run with root privileges:

Debian/Ubuntu sudo service network-manager restart

Linux Mint sudo /etc/init.d/dns-clean start

Linux with systemd: sudo systemctl restart network.service

Fedora Linux: sudo systemctl restart NetworkManager.service

Arch Linux/Manjaro with Network Manager: sudo systemctl restart NetworkManager.service

Arch Linux/Manjaro with Wicd: sudo systemctl restart wicd.service

RHEL/Centos: sudo /etc/init.d/network restart

FreeBSD: sudo service nscd restart

To enable the nscd daemon initially, it is recommended that you run the following commands:

sudo sysrc nscd_enable="YES"
sudo service nscd start

Then modify the hosts line in your /etc/nsswitch.conf file to the following:

hosts: cache files dns

Others: Consult this Wikipedia article.

macOS

Open a Terminal and run:

sudo dscacheutil -flushcache;sudo killall -HUP mDNSResponder

Release management

This repository uses release-it, an excellent CLI release tool for GitHub repos and npm packages, to automate creating releases. This is why the package.json and .release-it.json files are bundled.

Goals of this unified hosts file

The goals of this repo are to:

  1. automatically combine high-quality lists of hosts,

  2. provide situation-appropriate extensions,

  3. de-dupe the resultant combined list,

  4. and keep the resultant file reasonably sized.

A high-quality source is defined here as one that is actively curated. A hosts source should be frequently updated by its maintainers with both additions and removals. The larger the hosts file, the higher the level of curation is expected.

It is expected that this unified hosts file will serve both desktop and mobile devices under a variety of operating systems.

Third-Party Hosts Managers

  • Unified Hosts AutoUpdate (for Windows): The Unified Hosts AutoUpdate package is purpose-built for this unified hosts project as well as in active development by community members. You can install and uninstall any blacklist and keep it automatically up to date, and can be placed in a shared network location and deployed across an organization via group policies. And since it is in active development by community members, your bug reports, feature requests, and other feedback are most welcome.

  • ViHoMa is a Visual Hosts file Manager, written in Java, by Christian Martínez. Check it out!

Interesting Applications

  • Maza ad blocking is a bash script that automatically updates host file. You can also update a fresh copy. And each time it generates a dnsmasq-compatible configuration file. Fast installation, compatible with MacOS, Linux and BSD.

  • Hostile is a nifty command line utility to easily add or remove domains from your hosts file. If our hosts files are too aggressive for you, you can use hostile to remove domains, or you can use hostile in a bash script to automate a post process each time you download fresh versions of hosts.

  • macOS Scripting for Configuration, Backup and Restore helps customizing, re-installing and using macOS. It also provides a script to install and update the hosts file using this project on macOS. In combination with a launchd it updates the hosts file every x days (default is 4). To install both download the GitHub repo and run the install script from the directory one level up.

  • Pi-hole is a network-wide DHCP server and ad blocker that runs on Raspberry Pi. Pi-hole uses this repository as one of its sources. This is a very interesting project to set up yourself, or you can buy one pre-loaded.

  • Block ads and malware via local BIND9 DNS server (for Debian, Raspbian & Ubuntu): Set up a local DNS server with a /etc/bind/named.conf.blocked file, sourced from here.

  • Block ads, malware, and deploy parental controls via local DualServer DNS/DHCP server (for BSD, Windows & Linux): Set up a blacklist for everyone on your network using the power of the unified hosts reformatted for DualServer. And if you're on Windows, this project also maintains an update script to make updating DualServer's blacklist even easier.

  • Blocking ads and malwares with unboundUnbound is a validating, recursive, and caching DNS resolver.

  • dnsmasq conversion script This GitHub gist has a short shell script (bash, will work on any 'nix) and uses wget & awk present in most distros, to fetch a specified hosts file and convert it the format required by dnsmasq. Supports IPv4 and IPv6. Designed to be used as either a shell script, or can be dropped into /etc/cron.weekly (or wherever suits). The script is short and easily edited, also has a short document attached with notes on dnsmasq setup.

  • BlackHosts - Command Line Installer/Updater This is a cross-platform command line utility to help install/update hosts files found at this repository.

Contribute!

Please read our Contributing Guide. Among other things, this explains how we organize files and folders in this repository.

We are always interested in discovering well-curated sources of hosts. If you find one, please open an issue to draw our attention.

Before you create or respond to any issue, please read our code of conduct.

Comments
  • What to do about Plausible and Fathom

    What to do about Plausible and Fathom

    This arises from Migrating away from Google Analytics that's rising on Hacker News, right now.

    The article recommends Plausible and Fathom as alternatives to Google Analytics.

    This raises a number of questions, and I welcome input on this.

    • Plausible serves its tracking JavaScript from the root domain. So if we block Plausible, we block all of Plausible including its website. Blocking plausible.io blocks it all.

    • I'm interested in hearing opinions on the following: Does ethical tracking exist and, if so, how do we treat that?

    My gut feeling: block because this isn't ethical tracking since user consent never enters.

    What do you think?

    question wontfix need broader input 
    opened by StevenBlack 71
  • i'd like to publish this data in RPZ format

    i'd like to publish this data in RPZ format

    hello. i am paul vixie, and along with vernon schryver i co-created the DNS firewall system known as RPZ. see https://dnsrpz.info/ for more information about that, but briefly, it's a way to publish DNS policy information in a way that many different RDNS servers can subscribe in real time. the original implementation was in BIND9 but it is now supported in PowerDNS as well.

    i realize that the "hosts" corpus doesn't change all that often, and that the real time update capability of DNS RPZ will probably not come into play very often here. however, there is a dearth of freely available DNS RPZ content -- most publishers are commercial. with this community's permission, i would set up a cron job to "git pull" from this repo, convert the results into DNS RPZ format, and if there's any change from the prior content, run an "rndc reload" to cause the new content to be absorbed and pushed out.

    i'm doing this now with the suspect-networks.io feed, which it now occurs to me, you may want to incorporate into your corpus here. in any case i won't take this action without consensus, and steven black told me by e-mail that opening an issue here is the way to measure such consensus.

    one final detail -- RPZ is free, unencumbered by patent, and i am not proposing to charge money for the DNS RPZ subscription version of this corpus. i will also give full source-credit whenever i discuss it. i don't ask for money or glory, only the opportunity to extend the reach of your work and the utility of DNS RPZ.

    other information can be found here: https://en.wikipedia.org/wiki/Paul_Vixie

    opened by vixie 51
  • List of Windows 10 tracking / telemetry / ads hosts?

    List of Windows 10 tracking / telemetry / ads hosts?

    I want to do some research into this whole Windows 10 tracking / telemetry / ads fiasco.

    To give me a head start, is there a list of known hosts used for those purposes?

    IOW, not a list of hosts for used by every advertising / tracking provider in the world: just a specific list for hosts used by Windows 10 for tracking / telemetry / ads.

    discussion Windows 
    opened by Gitoffthelawn 44
  • hoping you could add these...

    hoping you could add these...

    0.0.0.0 xvtelink.com # ads with redirects 0.0.0.0 invol.co # tracking 0.0.0.0 36c4.net # redirect to go.trafficrouter.io 0.0.0.0 go.trafficrouter.io 0.0.0.0 track.venatusmedia.com # tracking 0.0.0.0 amptrack.dailymail.co.uk # tracking 0.0.0.0 mailmetromedia.amp.permutive.com #ad 0.0.0.0 videos-cloudflare.jwpsrv.com # video ads 0.0.0.0 videos-fms.jwpsrv.com # video ads

    opened by piengeng 42
  • Some websites load slowly

    Some websites load slowly

    Thanks for this repo.

    I have one problem and I don't know if you guys have the same and if there's a solution.

    Sometimes when I go to some website (e.g. leboncoin.fr), it loads very slowly. I believe that in the background it's trying to access some resources that are hosted on blocked domain names and it waits for a while before giving up loading them. Eventually, the websites will always load (so far) but it's a bit annoying because it takes seconds before the page actually shows up.

    Is there anything I can do to improve this? Like some parameter tuning in my web browser (I use qutebrowser).

    discussion cool 
    opened by tgy 42
  • Possible fix of the encoding and/or downlaod issue(s)

    Possible fix of the encoding and/or downlaod issue(s)

    Hello, to all member of this community!

    After a long time of commenting, watching, reading and learning from issues posted here it's time for me to propose the following patches/commits.

    It's been a long time since I wanted to search a possible solution to this recurrent issue and here's my proposition.

    Basically, since I consider that many encoding issues are because upstream maintainer does not convert/encode the domains which rely on IDN homograph attack, I decided to read all line and convert/encode all domain using str.encode('IDNA') (I do not change original structure).

    Because my main objective was to fix @notDavid's protocol which is the only one I was able to reproduce, I introduced BeautifulSoup() to do the decoding of the downloaded data before we read each line and encode/decode.

    About the tests

    Before anything, sorry for adding the fix tests issues commits but I wanted to fix those before submitting my PR. You can find the tests I used as the reference to committing those change at https://travis-ci.org/funilrys/hosts.

    Please note that I have to submit an issue to upstream but if you see the following or related when runing the tests under Python >= 3 it's not a local issue.

    /home/travis/miniconda3/envs/hosts/lib/python3.5/site-packages/bs4/builder/_lxml.py:250: DeprecationWarning: inspect.getargspec() is deprecated, use inspect.signature() instead
    

    About requirements*.txt

    This submission also introduces requirements.txt files which I generally use to install dependencies with pip install -r requirements.txt (I'm almost everytime under virtualenv).

    As I did not get an answer (cf) I took the initiative to includes them anyway.

    Please note that the requirements*.txt files were generated by pipreqs.

    So to quote my commit message

    Please note that this patch also introduces domain_to_idna() which is in charge of converting a domain in a line into IDNA and/or UTF-8 format.

    Also, note the introduction of BeautifulSoup() which helps us to decode data from the downloaded URL.

    Fixes (issue(s)/protocol(s) I was able to reproduce):

    • https://github.com/StevenBlack/hosts/issues/514#issuecomment-368932152

    Possible fix of (issue(s)/protocol(s) I wasn't able to reproduce):

    • https://github.com/StevenBlack/hosts/issues/514#issue-300048106
    • https://github.com/StevenBlack/hosts/issues/494#issue-296166492
    • https://github.com/StevenBlack/hosts/issues/420#issue-267453114
    • https://github.com/StevenBlack/hosts/issues/372#issue-246927047
    • https://github.com/StevenBlack/hosts/issues/382#issuecomment-322010562

    Footnote(s)

    Sorry for the typo or bad English structure in my commits, code or this description but English is still a language I learn.

    So I'm open to any pieces of advice and others around my English, coding style or other :smile_cat:

    Cheers, Nissar.

    opened by funilrys 37
  • Using hostfile made logins impossible on Windows 10

    Using hostfile made logins impossible on Windows 10

    I attempted to use the Unified hosts + fakenews + gambling + porn variant on a corporate Windows 10 machine, but the end result was me being stuck on the Welcome screen. Every 10 minutes, I attempted to reboot the computer to see if it would fix it, until I finally logged into Safe Mode, and restored my original - much smaller - hostfile, which fixed the issue, allowing me to finally log in normally.

    It seems to me, that something about the big hosts file was causing some major issues, preventing Windows 10 from logging me in. Yes, I use an account that belongs to a corporate domain, but it wasn't on the blocked list. Without network access - that is, in Safe Mode - I could log in without any issues.

    I'm not entirely sure about the connection between the hosts file and the login system, and would rather not spend more time or risk investigating this issue on a corporate laptop that officially isn't even my property, but figured I'd leave this issue here as a warning to other people with a Windows device, or people trying to use this on a corporate computer.

    Otherwise, the hosts file works perfectly on my personal Linux desktop computer, and my Android phone.

    need broader input 
    opened by Metalhead33 36
  • Icon-Logo design proposal

    Icon-Logo design proposal

    Hi Sir @StevenBlack good day! I am a graphic designer and i want to contribute to your good project by designing an icon-logo for it to be able to be more visible and gather interests from users. If you like and want to use the design I will be gladly sending you all the needed files as my gift for free to the project.

    Thanks a lot and best regards! -Tobaloidee :)

    *removed my initial image proposal because of similar design with others.

    discussion 
    opened by Tobaloidee 36
  • Encrypted subdomains for routing ads

    Encrypted subdomains for routing ads

    Some sites have started to use encrypted subdomain names to route ads.

    E.g. https://www.boston.com/culture/travel/2018/10/09/you-wont-need-an-airport-to-board-this-plane-which-will-get-you-from-boston-to-new-york-city-in-36-minutes routes ads through https://c-6rtwjumjzx7877x24yuhx2elttlqjx78dsinhfyntsx2ehtr.g00.boston.com/...

    Here's another: https://c-6rtwjumjzx7877x24bbbx2esfstanx78twx2ent.g00.newsweek.com/... from https://www.newsweek.com/kavanaugh-described-himself-and-friends-loud-obnoxious-drunks-1983-letter-1150388 may have to go through reddit link to get this version.

    Found something related that sheds more light on this g00 crap: https://github.com/uBlockOrigin/uAssets/issues/227

    I wonder if there's a way to capture these domains and add them to the list?

    wontfix 
    opened by mrchief 33
  • `./updateHostsFile.py --auto` crashes when run under path contains CJK characters using Python 2.7.12

    `./updateHostsFile.py --auto` crashes when run under path contains CJK characters using Python 2.7.12

    Console Output

    > python updateHostsFile.py --auto
    Traceback (most recent call last):                                                        
      File "updateHostsFile.py", line 790, in <module>                                        
        main()                                                                                
      File "updateHostsFile.py", line 147, in main                                            
        options["outputsubfolder"])                                                           
      File "updateHostsFile.py", line 765, in path_join_robust                                
        "likely a LOCALE issue:\n\n" + str(e))                                                
    locale.Error: Unable to construct path. This is likely a LOCALE issue:                    
    
    'ascii' codec can't decode byte 0xe5 in position 18: ordinal not in range(128)
    

    Reporter's Environment

    Working Directory

    /home/<username>/工作空間/第三方專案/Unified hosts file with base extensions - Extending and consolidating hosts files from several well-curated sources like adaway.org, mvps.org, malwaredomainlist.com, someonewhocares.org, and potentially others.
    

    Operating System

    KDE Neon(based on Ubuntu 16.04 AMD64)

    Python

    Python 2.7.12

    Unified hosts file with base extensions

    commit 231dc436

    Locale

    LANG=zh_TW.UTF-8
    LANGUAGE=zh_TW:zh_CN
    LC_CTYPE="zh_TW.UTF-8"
    LC_NUMERIC="zh_TW.UTF-8"
    LC_TIME="zh_TW.UTF-8"
    LC_COLLATE="zh_TW.UTF-8"
    LC_MONETARY="zh_TW.UTF-8"
    LC_MESSAGES="zh_TW.UTF-8"
    LC_PAPER="zh_TW.UTF-8"
    LC_NAME="zh_TW.UTF-8"
    LC_ADDRESS="zh_TW.UTF-8"
    LC_TELEPHONE="zh_TW.UTF-8"
    LC_MEASUREMENT="zh_TW.UTF-8"
    LC_IDENTIFICATION="zh_TW.UTF-8"
    LC_ALL=
    
    opened by Vdragon 32
  • Incompatible with HostsMan

    Incompatible with HostsMan

    The lists seem to be incompatible with Hostsman. I always get:

    "This source is not compatible. Server does not return all the necessary information."

    1

    wontfix 
    opened by hl2guide 31
  • Soundcloud not playing on iOS

    Soundcloud not playing on iOS

    With pi-hole enabled I cannot get to SoundCloud songs on my iOS device; if I go off my network and onto cell service it works. It looks like SoundCloud is trying to load something in the background that if blocked prevents it from playing?

    Example link that I've tested: SoundCloud

    It works on desktop (Firefox) though - so I'm not sure what's going on. Why would it work one way and not the other - iOS / Safari must be trying to do something different (or soundcloud is changing behavior based on browser)?

    As best I can tell from looking at the query page it's something to do with "geolocation.onetrust.com"? (not sure but it's my best guess).

    upstream 
    opened by firstdivision 3
  • Add these porn site to the porn host file

    Add these porn site to the porn host file

    There are the list of some porn sites that are on first or second page of simple google search https://www.xvideos51.com/ https://www.pussyboy.net/ https://www.pornbfvideo.com/ https://www.sexvid.pro/

    upstream inclusion request 
    opened by z2typ 2
  • Add these porn sites

    Add these porn sites

    africanporn.mobi aifode.com amadorxvideos.com analtube.com.br asianbeautytube.com asianfreesex.net asiannporn.com asianpornu.com asianpornvideos.pro asianporn.me asianporn.rip asianxporno.com asianxxx.asia badblacksex.com bigtitmilfs.com bigtitmilf.net bigtitshq.com bigtitsnow.com bigtitsporn.pics bigtitsporn.tv bigtitstubemovies.com bigtits.pics blackporn24.com blackporn.co blackporn.tube blackporn.ws blacktube.tv boaporno.com bustymomsvideo.com chinaporn.asia chocolatemodels.com cuckoldplacetube.com cuckoldsporn.com cumingtube.com daft.sex drillxxx.com ebonyfantasies.com fapholic.com fatalmodel.com fatgrannytube.com favelaporno.com femdom-pov.me freeblackpornmovs.com goodpornvids.com grandexxx.com granny-hd.com granporns.com gransexy.com hayjav.net her.porn hugetits.tv javroi.com javsex.vip jetboobs.com jizzbunker2.com jizzbunker.net koreanxvideo.com largehole.com maturebigtits.com maturesex.xxx mature-porn.irish ma-ture.com milfsporns.com milfxporn.net mothersleep.com movstube.com mundodoscasaisliberais.blogspot.com novinhagostosa.blog oksex.tv oldgrannyporn.net patrolxxx.com porngur.com pornmegaload.com pornosexoamador.com pornur.com porn-hit.com privateblack.com proasianporn.com sexasia.net sexkomix2.com sexmilf.me spclip.com teenxxxanal.com tubesasian.com vamadoras.com videosexoamador.net videosporno.com.br vkclip.com vuxm.com worldporns.com xbrasilporno.com xhamster3.com xhihi.me xh-porn.com xkinny.com xnjav.com xnxx-mom.com xsafadas.net xvideos300.com xxxalo.com xxxdan3.com xxxx-movies.com

    upstream inclusion request 
    opened by abbbw 1
  • More Porn Sites to Add

    More Porn Sites to Add

    Hello @StevenBlack and @Sinfonietta,

    I've compiled more porn sites to add to the filter:

    wetqueen.com dankwank.net pornito.xxx pornfaze.com danielleftv.com leaked.fans thothub.org faponic.com fapachi.com deepertv.com nhentai.website hentaiera.com hentairox.com xlecx.one nana.my.id koushoku.org porn-video-clips.net escortsgreeneyes.com tbassflick.com modelsfreecams.com fuckmeblack.com galacticgirls.com glamourfilms.com babecenterfolds.com xxxlipsblog.com bbwstar.com incestflix.xxx pornglob.com fatsexstar.com adultworldmedia.com fetish666.com xxxvampiresex.com pornbts.com resortgirls.escortbook.com pornobrazzers.com porn-brazzers.com joiparadise.com

    Thank you for your awesome work!

    upstream inclusion request 
    opened by g1t3m 1
Releases(3.11.48)
  • 3.11.48(Jan 1, 2023)

  • 3.11.47(Dec 29, 2022)

  • 3.11.46(Dec 29, 2022)

  • 3.11.45(Dec 26, 2022)

  • 3.11.44(Dec 20, 2022)

  • 3.11.43(Dec 18, 2022)

  • 3.11.42(Dec 16, 2022)

    • Updates from BigDargon, URLHaus, someonewhocares.org, KADHosts, and hostsVN. (5161c2c3)
    • Issue #2168: remove domain r.mradx.net. (39238e04)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.41(Dec 13, 2022)

    • Update stats. (49025538)
    • updates from BigDargon, URLHaus, KADhosts, and hostsVN. (b083f181)
    • Issue #2172: fix — remove getfirefox.com domains. (d4c69898)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.40(Dec 12, 2022)

    • Update graphs. (fda58ddd)
    • updates from BigDargon, URLHaus, someonewhocares.org, and KAFhosts. (5e2d7fc3)
    • issue #2167 – add analytics.shein.com. (64ba96ee)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.39(Dec 7, 2022)

  • 3.11.38(Dec 6, 2022)

  • 3.11.37(Dec 4, 2022)

    • Updates from URLHaus, and KADhosts. (ccb00842)
    • Issue #2162: add several hotstar.com domains. (5ca0d2e2)
    • Merge pull request #2163 from Bertware/patch-1 (8587c5a5)
    • Add malware domains (8ace3a1c)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.36(Dec 4, 2022)

    • Updates from BigDargon, URLHaus, KADhosts, and hostsVN. (0428bc7e)
    • Issue #2161: fix — removing production-cmp.isgprivacy.cbsi.com. (96f7d0e3)
    • Merge pull request #2160 from StevenBlack/dependabot/github_actions/actions/dependency-review-action-3 (346b0b4b)
    • Bump actions/dependency-review-action from 2 to 3 (a8d0b8cd)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.35(Nov 30, 2022)

  • 3.11.34(Nov 28, 2022)

    • Update graph. (0014dfaa)
    • Updates from BigDargon, URLHaus, KADhosts, and hostsVN. (b1296f19)
    • Issue #2159: fix — removing s.w.org. (560d3394)
    • Add crmt.livejasmin.com. (0c0e2691)
    • issue #2158: add danbo.org. (147b6d4e)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.33(Nov 26, 2022)

    • Updates from BigDargon, URLHaus, someonewhocares.org, KADhosts, and hostsVN. (74bc8a7d)
    • Still more popup and redirect domains. (3bcbc1c4)
    • More popup and redirect sites and targets. (8d6c4792)
    • Add popup and redirect sites. (83183eca)
    • Add a ling to today's article on OSX-Daily titled How to Clear DNS Cache in MacOS Ventura & MacOS Monterey. (eccb2df3)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.32(Nov 21, 2022)

  • 3.11.31(Nov 20, 2022)

    • Updates fron BigDargon, URLHaus, someonewhocares.org, KADhosts, and hostsVN. (db1541fc)
    • Issue #2143: add reporting-api.gannettinnovation.com. (8e901789)
    • Issue #2148: remove ravm.tv. (d188f2c7)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.30(Nov 14, 2022)

    • Updates from URLHaus, KADhosts, and hostsVN. (fcfe4bb5)
    • Merge pull request #2139 from XhmikosR/patch-1 (3709b007)
    • Merge pull request #2140 from XhmikosR/patch-2 (f4cd1779)
    • Merge pull request #2141 from FadeMind/patch-3 (20a95174)
    • Issue #2142: fix — remove two coveo.com domains. (62f5fe59)
    • info-eastflirts.com (c270c20b)
    • Compress aggregator.png (d0f02ba2)
    • CI: add Python 3.11 (f9a8908b)
    • CI: remove git credentials after checkout (5b8e0707)
    • Update CodeQL workflow (56e34ab5)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.29(Nov 13, 2022)

    • Updates from BigDargon, URLHaus, KADhosts, and hostsVN. (7d2f7367)
    • Issue #2137: removing sdk.split.io from the paused Adaway list. (0ddc2096)
    • Issue #2137: pausing refreshes from the Adaway list, which is no longer maintained. (10bcb945)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.28(Nov 9, 2022)

    • Update file size data and graph. (9b6e8564)
    • Updates from BigDargon, URLHaus, someonewhocares.org, KADhosts, and hostsVN. (78790dfa)
    • Merge pull request #2129 from bigdargon/master (7552198b)
    • Split the extension include only Vietnamese (e4a13465)
    • Update the base hosts size history (data and graph). (e1bb5f08)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.27(Nov 2, 2022)

    • Updates from Bigdargon (porn), URLHaus, shady-hosts, KADhosts, and hostsVN. (b77b66bb)
    • Declining 16,400 new gambling domains from BigDargon. (b6040746)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.26(Oct 27, 2022)

    • Updates from BigDargon, URLHaus, KADhosts, and hostsVN. (d19ec68c)
    • Merge pull request #2116 from chyla/fake_investing (bd77c396)
    • Merge branch 'master' into fake_investing (ff99602e)
    • Issue #2115: add flashrewards.co. (98be2dea)
    • add fake investing site (341b621c)
    • add fake investing site (83d734fd)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.25(Oct 20, 2022)

  • 3.11.24(Oct 18, 2022)

    • Updates from URLHaus and KADhosts. (7c558a99)
    • Issue #2112: fix — removing nexusrules.officeapps.live.com. (6c9377b4)
    • Issue #1978: fix — add filmsexeporno.com to the main list b/c it's scam site. (5d33b0a9)
    Source code(tar.gz)
    Source code(zip)
  • 3.11.23(Oct 15, 2022)

  • 3.11.22(Oct 14, 2022)

  • 3.11.21(Oct 9, 2022)

  • 3.11.20(Oct 6, 2022)

  • 3.11.19(Oct 2, 2022)

    • Updates from sinfonietta, BigDargon, URLHaus, KADhosts, hostsVN, and Adaway. (e3a8909c)
    • Merge pull request #2103 from FadeMind/patch-2 (76453b4c)
    • gratlfyingdates.net (e120e0a8)
    • Merge pull request #2102 from StevenBlack/dependabot/npm_and_yarn/vm2-3.9.11 (c8c1cea8)
    • Bump vm2 from 3.9.9 to 3.9.11 (2dd03c63)
    Source code(tar.gz)
    Source code(zip)
Owner
Steven Black
I'm StevenBlack on Gitlab and Keybase too.
Steven Black
Auerswald COMpact 8.0B Backdoors exploit

CVE-2021-40859 Auerswald COMpact 8.0B Backdoors exploit About Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow a

6 Sep 22, 2022
A compact version of EDI-Vetter, which uses the TLS output to quickly vet transit signals.

A compact version of EDI-Vetter, which uses the TLS output to quickly vet transit signals. All your favorite hits in a simplified format.

Jon Zink 2 Aug 03, 2022
Log4j2 CVE-2021-44228 revshell

Log4j2-CVE-2021-44228-revshell Usage For reverse shell: $~ python3 Log4j2-revshell.py -M rev -u http://www.victimLog4j.xyz:8080 -l [AttackerIP] -p [At

FaisalFs 16 Mar 24, 2022
an impacket-dependent script exploiting CVE-2019-1040

dcpwn an impacket-dependent script exploiting CVE-2019-1040, with code partly borrowed from those security researchers that I'd like to say thanks to.

QAX A-Team 71 Nov 30, 2022
A simple Burp Suite extension to extract datas from source code

DataExtractor A simple Burp Suite extension to extract datas from source code. Features in scope parsing file extensions to ignore files exclusion bas

Gwendal Le Coguic 86 Dec 31, 2022
An auxiliary tool for iot vulnerability hunter

firmeye - IoT固件漏洞挖掘工具 firmeye 是一个 IDA 插件,基于敏感函数参数回溯来辅助漏洞挖掘。我们知道,在固件漏洞挖掘中,从敏感/危险函数出发,寻找其参数来源,是一种很有效的漏洞挖掘方法,但程序中调用敏感函数的地方非常多,人工分析耗时费力,通过该插件,可以帮助排除大部分的安全

Firmy Yang 171 Nov 28, 2022
Python implementation of the diceware password generating algorithm.

Diceware Password Generator - Generate High Entropy Passwords Please Note - This Program Do Not Store Passwords In Any Form And All The Passwords Are

Sameera Madushan 35 Dec 25, 2022
Industry ready custom API payload with an easy format for building Python APIs (Django/Django Rest Framework)

Industry ready custom API payload with an easy format for building Python APIs (Django/Django Rest Framework) Yosh! If you are a django backend develo

Abram (^o^) 7 Sep 30, 2022
NS-Defacer: a auto html injecter, In other words It's a auto defacer to deface a lot of websites in less time

Overview NS-Defacer is a auto html injecter, In other words It's a auto defacer

NightSec 10 Nov 19, 2022
open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability

CVE-2021-44228-log4jVulnScanner-metasploit open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability pre

Taroballz 7 Nov 09, 2022
Workshop Material on VM-based Deobfuscation

Analysis of Virtualization-based Obfuscation This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We

Tim Blazytko 133 Dec 18, 2022
Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.

Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.

Md. Nur habib 31 Oct 21, 2022
An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several useful utilites to change the configuration of the device.

TMOHS1 Root Utility Description An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several

40 Dec 29, 2022
Uma ferramenta de segurança da informação escrita em python3,capaz de dar acesso total ao computador de alguém!

shell-reverse Uma ferramenta de segurança da informação escrita em python3, capaz de dar acesso total ao computador de alguém! A cybersecurity tool wr

Marcus Vinícius Ribeiro Andrade 1 Nov 03, 2021
Just another script for automatize boolean-based blind SQL injections.

SQL Blind Injection Tool A script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwi

RIM 51 Dec 15, 2022
Mert Güvençli 142 Jan 05, 2023
🍯 16 honeypots in a single pypi package (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres & MySQL)

Easy to setup customizable honeypots for monitoring network traffic, bots activities and username\password credentials. The current available honeypot

QeeqBox 259 Dec 31, 2022
Scout Suite - an open source multi-cloud security-auditing tool,

Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t

NCC Group Plc 5k Jan 05, 2023
CVE-2022-22965 - CVE-2010-1622 redux

CVE-2022-22965 - vulnerable app and PoC Trial & error $ docker rm -f rce; docker build -t rce:latest . && docker run -d -p 8080:8080 --name rce rce:la

Duarte Duarte 20 Aug 25, 2022
This repo created for bypassing Widevine L3 DRM and obtaining keys.

First run: Copy headers (with cookies) of POST license request from browser to headers.py like dictionary. pip install -r requirements.txt # if doesn'

Mikhail 263 Jan 07, 2023