almet/dangerzone
1
0
Fork 0
mirror of https://github.com/freedomofpress/dangerzone.git synced 2025-04-28 18:02:38 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 11
Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs
344 commits 51 branches 42 tags 53 MiB
Python 95.3%
Dockerfile 2.2%
Shell 1.2%
Makefile 0.7%
CSS 0.3%
Other 0.3%
Find a file
Micah Lee 8e660f3080
Add hyperkit and vpnkit as git submodules
2021-11-17 11:24:14 -08:00
.circleci Version bump to 0.2.1 and update changelog and circleci config 2021-06-22 11:23:29 -07:00
assets Add dangerzone document icon 2020-01-13 14:10:02 -08:00
dangerzone Start making Windows VM work with virtualbox 2021-08-09 14:05:07 -07:00
dangerzone-converter Refactor container to output JSON status updates, and make CLI work with it 2021-08-05 15:00:18 -07:00
dev_scripts Start porting VM to Windows 2021-08-09 12:04:17 -07:00
install Change how the VM initializes, to work in virtualbox 2021-08-17 13:44:52 -07:00
share Fix error message user interface 2021-08-06 12:58:02 -07:00
test_docs Allow opening docm files 2020-03-03 19:23:46 +05:30
vendor Add hyperkit and vpnkit as git submodules 2021-11-17 11:24:14 -08:00
.gitignore Start implementing built-in container in Linux, without a VM 2021-08-04 14:42:46 -07:00
.gitmodules Add hyperkit and vpnkit as git submodules 2021-11-17 11:24:14 -08:00
BUILD.md Start making Windows VM work with virtualbox 2021-08-09 14:05:07 -07:00
CHANGELOG.md Version bump to 0.2.1 and update changelog and circleci config 2021-06-22 11:23:29 -07:00
LICENSE Initial commit 2020-01-06 12:42:38 -08:00
poetry.lock Successfully set up reverse ssh forward system, allowing the host to run commands on the guest over ssh 2021-07-01 15:32:07 -07:00
pyproject.toml Successfully set up reverse ssh forward system, allowing the host to run commands on the guest over ssh 2021-07-01 15:32:07 -07:00
README.md Version bump to 0.2.1 and update changelog and circleci config 2021-06-22 11:23:29 -07:00
RELEASE.md Update docs 2021-06-17 10:31:14 -07:00
setup.py Remove separate dangerzone-container entry point, make CLI work with it, and refactor container code to be more DRY 2021-08-04 16:21:00 -07:00
stdeb.cfg Remove docker dependency in Linux and replace with podman 2021-06-17 14:12:44 -07:00

README.md

Dangerzone

Take potentially dangerous PDFs, office documents, or images and convert them to a safe PDF.

Screenshot

Dangerzone works like this: You give it a document that you don't know if you can trust (for example, an email attachment). Inside of a sandbox, Dangerzone converts the document to a PDF (if it isn't already one), and then converts the PDF into raw pixel data: a huge list of of RGB color values for each page. Then, in a separate sandbox, Dangerzone takes this pixel data and converts it back into a PDF.

Read more about Dangerzone in the blog post Dangerzone: Working With Suspicious Documents Without Getting Hacked.

Getting started

You can also install Dangerzone for Mac using Homebrew: brew install --cask dangerzone

Some features

  • Sandboxes don't have network access, so if a malicious document can compromise one, it can't phone home
  • Dangerzone can optionally OCR the safe PDFs it creates, so it will have a text layer again
  • Dangerzone compresses the safe PDF to reduce file size
  • After converting, Dangerzone lets you open the safe PDF in the PDF viewer of your choice, which allows you to open PDFs and office docs in Dangerzone by default so you never accidentally open a dangerous document

Dangerzone can convert these types of document into safe PDFs:

  • PDF (.pdf)
  • Microsoft Word (.docx, .doc)
  • Microsoft Excel (.xlsx, .xls)
  • Microsoft PowerPoint (.pptx, .ppt)
  • ODF Text (.odt)
  • ODF Spreadsheet (.ods)
  • ODF Presentation (.odp)
  • ODF Graphics (.odg)
  • Jpeg (.jpg, .jpeg)
  • GIF (.gif)
  • PNG (.png)
  • TIFF (.tif, .tiff)

Dangerzone was inspired by Qubes trusted PDF, but it works in non-Qubes operating systems. It uses containers as sandboxes instead of virtual machines (using Docker for macOS, Windows, and Debian/Ubuntu, and podman for Fedora).

Set up a development environment by following these instructions.

The git repository for the container is called dangerzone-converter.