Main Pages
Markets
Security
Crypto
Reference
Tor Browser Guide
Tor Browser is the most widely used tool for accessing the darknet. It is a modified version of Mozilla Firefox that routes all web traffic through the Tor network, encrypting it multiple times and bouncing it through a series of volunteer-operated relays before reaching its destination. This guide covers everything from downloading the browser to advanced operational security practices.
What is Tor Browser?
Tor Browser is a privacy-focused web browser developed by The Tor Project. It is built on Mozilla Firefox's Extended Support Release (ESR) and comes pre-configured with numerous privacy enhancements. Every time you open Tor Browser, your traffic is routed through three randomly selected relays — the entry guard, the middle relay, and the exit relay — before reaching the open web. This layered encryption is where Tor ("The Onion Router") gets its name.
Unlike standard browsers, Tor Browser isolates each website you visit so that third-party trackers and ads cannot follow you across sites. It also blocks browser fingerprinting techniques that advertisers and malicious actors use to identify you based on your screen resolution, installed fonts, and other device characteristics. For a deeper discussion of how these technologies protect your identity, see our article on Privacy & Anonymity.
Downloading and Installing
The only safe source for Tor Browser is the official Tor Project website. Never download Tor Browser from third-party mirrors, app stores (with the exception of Google Play for the Android version), or file-sharing sites. Third-party copies may be bundled with malware or modified to de-anonymize you.
Always download Tor Browser from https://www.torproject.org. Verify the integrity of your download by checking the PGP signature before running the installer for the first time.
Installation is straightforward. On Windows, run the downloaded .exe installer and choose your language. On macOS, open the .dmg file and drag Tor Browser into your Applications folder. On Linux, extract the .tar.xz archive and run the start-tor-browser.desktop script from the extracted directory.
Verifying Signatures
Before running the installer, you should verify the cryptographic signature of the downloaded file. This ensures the file was actually signed by The Tor Project and has not been tampered with. The Tor Project publishes both the installer and a corresponding .asc signature file on its website. You will need GnuPG (GPG) installed on your system to perform the verification.
The Tor Project's signing key fingerprint is:
EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 7C01
To verify on Windows or Linux, import the key and run gpg --verify tor-browser-*.tar.xz.asc tor-browser-*.tar.xz. A good signature confirming the correct key ID means the file is authentic.
First Run
Connecting to the Tor Network
The first time you launch Tor Browser, you will see a dialog asking whether you want to connect directly to the Tor network or configure bridge settings. For most users, clicking "Connect" is sufficient. Tor Browser will establish a connection to the network, which may take 30 to 60 seconds.
If Tor is blocked in your country or by your ISP, click "Configure" and select the option to request a bridge from torproject.org. Bridges are unlisted Tor relays that help circumvent censorship. You can also manually enter a bridge address if you have obtained one from a trusted source.
The Welcome Page
Once connected, Tor Browser opens a welcome page confirming that you are now using Tor. This page displays your current IP address as seen from the Tor exit node — which will be different from your real IP address. You can test your configuration by visiting check.torproject.org, which will tell you whether Tor Browser is working correctly.
Basic Usage
Browsing .onion Sites
Onion sites are websites that are only accessible through the Tor network. Their URLs end in .onion rather than .com or .org. Tor Browser handles these links automatically — simply paste or type a .onion address into the address bar and press Enter. The connection stays entirely within the Tor network and never exits to the clearnet, providing end-to-end encryption between your browser and the hidden service.
The Security Slider
Tor Browser includes a Security Slider that lets you adjust the level of browser security. You can access it by clicking the shield icon to the left of the address bar. The slider has three levels:
- Standard — All browser features are enabled. Suitable for everyday browsing of clearnet and most onion sites.
- Safer — Disables JavaScript on non-HTTPS sites. Disables WebGL and some fonts and math symbols. Recommended for general darknet browsing.
- Safest — Disables JavaScript on all sites. Disables WebGL, WebAudio, SVG, and several other potentially dangerous features. This is the most secure option but may break some modern websites.
Disabling Scripts
JavaScript is one of the largest attack surfaces in any browser. Malicious scripts can be used to de-anonymize Tor users through browser exploits. At the Safest security level, JavaScript is disabled entirely. Even at the Safer level, many JavaScript features are restricted. For especially sensitive activities, consider installing Tor Browser with NoScript (included by default) and customizing your per-site script permissions.
Do's and Don'ts
No Torrenting
BitTorrent traffic should never be sent over the Tor network. Torrent clients bypass Tor's proxy settings and may leak your real IP address. Furthermore, torrenting consumes significant bandwidth on the Tor network, slowing it down for everyone. If you need to download files anonymously, use the built-in download manager in Tor Browser or consider alternative methods described in our OPSEC Guide.
No Browser Extensions
Installing additional browser extensions in Tor Browser is strongly discouraged. Extensions can access your browsing data, modify network requests, and introduce unique fingerprints that identify you. Tor Browser is already configured for privacy; adding extensions like ad-blockers, password managers, or cryptocurrency wallets undermines that configuration. The only exception is if you are an advanced user who understands the specific privacy implications of each extension.
No Maximizing Windows
Tor Browser starts in a window of a specific size by default. This is intentional. Your screen resolution is a powerful browser fingerprinting vector. If you maximize the browser window, your screen resolution becomes visible to websites, potentially making you stand out. Keep the Tor Browser window at its default size, or at a common resolution that many other Tor users share.
Use HTTPS-Only Mode
Tor Browser includes an HTTPS-Only mode that forces all connections to use HTTPS whenever possible. Ensure this is enabled by going to the browser settings (about:preferences) under "Privacy & Security" and scrolling to the HTTPS-Only Mode section. This prevents downgrade attacks and keeps your traffic encrypted between the exit relay and the destination website. Note that onion sites are inherently end-to-end encrypted, so HTTPS-Only mode is most relevant when browsing clearnet sites.
Beyond the Browser
While Tor Browser is an excellent starting point, it has limitations. Your operating system and other applications may leak identifying information. The following tools provide a more comprehensive anonymity setup.
Tails OS
Tails (The Amnesic Incognito Live System) is a complete operating system designed to be booted from a USB stick or DVD. It forces all traffic through Tor and leaves no trace on the host computer after shutdown. Tails includes Tor Browser, a secure messaging client (Pidgin with OTR), and an encrypted email client. It is the recommended OS for anyone conducting highly sensitive activities on the darknet.
Whonix
Whonix is a desktop operating system focused on anonymity that runs inside a virtual machine. It consists of two virtual machines: a "Gateway" that routes all traffic through Tor, and a "Workstation" where you do your work. Even if an attacker compromises the Workstation with malware, they cannot obtain your real IP address because the Workstation has no knowledge of it. Whonix is more flexible than Tails for long-term use but requires more technical expertise to set up.
Tor on Mobile (Orbot)
For Android users, The Tor Project provides Orbot, a proxy app that routes traffic from other apps through the Tor network. You can use Orbot in conjunction with Tor Browser for Android to access onion sites on your phone. iOS users can use the Onion Browser, though Apple's restrictions mean it provides somewhat weaker anonymity guarantees than the desktop version. Mobile Tor is convenient for quick lookups but should not be relied upon for high-stakes anonymity.