Skip to content

syskey-shell/Scaramouche

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
LICENSE
LICENSE
 
 
OnionLinks.txt
OnionLinks.txt
 
 
README.md
README.md
 
 
makefile
makefile
 
 
onion.c
onion.c
 
 
onion.h
onion.h
 
 
scaramouche.c
scaramouche.c
 
 
tor.c
tor.c
 
 
tor.h
tor.h
 
 

Repository files navigation

Scaramouche

A tool that checks if Tor onion sites are up or down.

image

About Scaramouche

  • It's a command line tool that checks if .onion addresses are reachable through your local Tor proxy.
  • Flexible HTTP/HTTPS, custom ports, timeouts.
  • Can Read from a file and check them all.
  • Multi-threaded batch checking for faster results.
  • TLS/SSL verification for HTTPS onion sites.
  • DNS leak detection to ensure traffic goes through Tor.
  • Retry logic for unreliable connections.
  • JSON output for scripting and automation.
  • Configurable Tor proxy - use any SOCKS5 proxy.
  • Graceful interruption - Ctrl+C shows partial results.
  • Statistics - avg/median/min/max response times.

Requirements

  • Platform: •Linux •macOS
  • Tor Running locally with SOCKS5 proxy on 127.0.0.1:9050(default)
  • OpenSSL development libraries (for TLS verification)

why it doesn't support windows?

  • well because i built this with posix sockets (socket(), connect()),unix specific timing (clock_gettime()), and standard C libraries that either don't exist on Windows or behave completely differently.
  • Windows uses Winsock with different initialization, has its own timing apis.

Setting Up Tor

# Check if Tor is running
sudo systemctl status tor

# If not, start it
sudo systemctl start tor

# Enable auto start on boot
sudo systemctl enable tor

Installation

build the binary

git clone https://github.com/syskey-shell/Scaramouche.git
cd Scaramouche

# Install OpenSSL if needed (Ubuntu/Debian)
sudo apt install libssl-dev

# Install OpenSSL if needed (macOS)
brew install openssl

make

Usage

# Check single onion
./scaramouche https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion

# Check with custom timeout
./scaramouche -t 5 https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion

# Batch check from file (uses 4 threads by default)
./scaramouche OnionLinks.txt

# Batch check with 8 threads for faster results
./scaramouche -n 8 OnionLinks.txt

# Check HTTPS with TLS verification
./scaramouche -s -p 443 https://site.onion

# Run DNS leak check before scanning
./scaramouche -d OnionLinks.txt

# Use custom Tor proxy (e.g., Tor Browser)
./scaramouche -x 127.0.0.1:9150 site.onion

# Retry failed connections up to 3 times
./scaramouche -r 3 OnionLinks.txt

# Output as JSON
./scaramouche -j site.onion

# Save results to JSON file
./scaramouche -j -o results.json OnionLinks.txt

# Verbose mode for debugging
./scaramouche -v site.onion

# No colors (for piping/scripting)
./scaramouche -c OnionLinks.txt

Flags

Flag Description Default
-t Connection timeout in seconds 10
-p Port to check 80
-o Output results to file none
-n Number of threads for batch 4
-r Retry failed connections 0 (max 10)
-x Tor SOCKS5 proxy (host:port) 127.0.0.1:9050
-s Verify TLS/SSL certificates false
-d Run DNS leak check before scan false
-j Output in JSON format false
-c No colors (plain output) false
-v Verbose mode (debug output) false
-q Quiet mode (no terminal output) false
-h Show help message ---

Timeout Behavior

Timeout Value Behavior
-t 1 Very aggressivec, may miss slow onions
-t 5 Balanced
-t 10 Default, patient
-t 30 Very patient, good for slow onions

Example

image

Limitations

  • No proxy auth Tor must run without socks5 authentication
  • POSIX-only (Linux/macOS) - no Windows support yet

Security Features

TLS Verification (-s)

When using -s with port 443, Scaramouche performs actual TLS handshake and certificate validation:

  • Verifies the server presents a valid certificate
  • Shows certificate CN (Common Name) on success
  • Reports TLS failures with error details

DNS Leak Check (-d)

Before scanning, verifies your setup doesn't leak DNS:

  • Tests that .onion addresses fail to resolve via system DNS (expected behavior)
  • Confirms Tor SOCKS5 proxy is working
  • Checks connection to Tor Project to verify exit node

Output Formats

CSV (default with -o)

address,status,code,time_ms,tls_status,tls_info,error
site.onion,1,200,1234,2,"TLS not verified",""

JSON (-j flag)

{
  "address": "site.onion",
  "alive": true,
  "code": 200,
  "time_ms": 1234,
  "tls_status": 2,
  "tls_info": "TLS not verified",
  "error": ""
}

some notes

  • Inside your file # are treated as comments.
  • Use -x to connect via Tor Browser (typically on port 9150).
  • Combine -j -q for machine-readable output without extra noise.
  • wanna ask something? hit me up on discord sysbackdoor

About

onion service checker.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages