Aiming to promote security, safety, and sanity across the internet!
The whitelists are applied to all the blacklists!
| List Name | File Content | Unique Entries | File Size | Mirror 1 | Mirror 2 |
|---|---|---|---|---|---|
| BLOCK_DOMAIN | Domain entries | 8,651,248 | 188M | 🔗 | 🔗 |
| BLOCK_IPV4 | IPv4 addresses | 678,864 | 9.2M | 🔗 | 🔗 |
| BLOCK_IPV6 | IPv6 addresses | 4,102 | 108K | 🔗 | 🔗 |
| BLOCK_CIDR4 | IPv4 CIDR blocks | 254,062 | 4.2M | 🔗 | 🔗 |
| BLOCK_CIDR6 | IPv6 CIDR blocks | 146 | 2.4K | 🔗 | 🔗 |
| ALLOW_DOMAIN | Domain entries | 658,634 | 14M | 🔗 | 🔗 |
| ALLOW_IPV4 | IPv4 addresses | 74,784 | 1022K | 🔗 | 🔗 |
| ALLOW_IPV6 | IPv6 addresses | 2,820 | 107K | 🔗 | 🔗 |
| ALLOW_CIDR4 | IPv4 CIDR blocks | 12,994 | 199K | 🔗 | 🔗 |
| ALLOW_CIDR6 | IPv6 CIDR blocks | 144,982 | 2.3M | 🔗 | 🔗 |
sha256sum CHECKSUMS.txt --strictThe output will print OK if the check was successful. Be sure to run the command in the same directory as the lists!
Provided below are some examples to fetch release artifacts leveraging the GitHub API.
curl --proto '=https' --tlsv1.3 -H 'Accept: application/vnd.github.v3+json' -sSf https://api.github.com/repos/T145/black-mirror/releases/latest | jq -r '.assets[].browser_download_url'curl --proto '=https' --tlsv1.3 -H 'Accept: application/vnd.github.v3+json' -sSf https://api.github.com/repos/T145/black-mirror/releases/latest | jq -r '.assets[] | select(.name | startswith("BLOCK_DOMAIN")).browser_download_url'curl --proto '=https' --tlsv1.3 -H 'Accept: application/vnd.github.v3+json' -sSf https://api.github.com/repos/T145/black-mirror/releases/latest | jq -r '.assets[] | select(.name | startswith("BLOCK_DOMAIN")) | select(.name | endswith(".txt")).browser_download_url'🖋️ Manifesto
Please report any hosts that are wrongly blocked or sources that do not wholly align in an issue.
Defines the logic behind why a host is permitted or blocked. It has been written to reflect common ideologies across the blacklisting community and those specific to this project.
Complete author bias reflection is not intended, which is why it speaks from the Black Mirror person.
Free thought exchange is encouraged, so feel free to open discussions about any points!
- Produced in builds specific to each host's syntax.
- Updates at 1:27 AM UTC.
- No excess or trailing whitespace.
- No lingering webscraper garbage.
- Lines are terminated with
lf. - No blank lines.
- No comments.
mawk '{print "0.0.0.0 " $0}' BLOCK_DOMAIN.txt >>hosts
# mawk '{print ":: " $0}' BLOCK_DOMAIN.txt >>hosts
mawk '{print "0.0.0.0 " $0}' BLOCK_IPV4.txt >>hosts
mawk '{print ":: " $0}' BLOCK_IPV6.txt >>hostsMany popular platforms such as OpenWRT, DDWRT, and Pi-hole use Dnsmasq as their choice TCP powerhouse. After inspecting many domain blocklists you'll inevitably run across a list in the dnsmasq.conf format. This list doesn't support it because you can use the addn-hosts parameter to add hosts in the list.
Target a file that has the hosts in a format similar to the Hosts File format.
If you're using the RADVD daemon, prepend any listed hosts with ::. Otherwise, even if you have IPv6 support set up, prepend hosts with 0.0.0.0.
This has been tested across all the mentioned platforms using dig{6} on a small sample size and had each host null-routed successfully. DNSmasq's man page discusses configuration further, and DDWRT's ad blocking wiki page provides some examples.
Follow this guide to create a DNS server on an Amazon EC2 instance.
Domain list usage is recommended.
Similar to dnsmasq, but requires more manual configuration. Name any products as a *.conf file. Then follow Steffinstanly's instructions on how to apply blocklists.
Leverage the ADGUARD_SOURCES.txt list or the domain list.
To provide a temporary container to experiment with Black Mirror scripts and the CLI utilities it uses, run the following:
docker container run -it --rm -h black-mirror ghcr.io/t145/black-mirrorFor a persistant container, use something like what's given below:
docker container run -it --name black-mirror -h black-mirror ghcr.io/t145/black-mirrorThen to access the container at a later date, run:
docker start black-mirror
docker exec -it black-mirror /bin/bashTo use the root user just append -u 0.
NOTE: Before using rkhunter, be sure to run:
rkhunter --updateInstall Docker, PNPM, and NodeJS. These can usually be installed with a popular package manager.
The specific Node version used in this project is provided in .node-version, but any version over 16 should work.
With Docker running in the background, execute pnpm lint to debug any changes.
Good causes that help secure your digital life.
- Stop using Cloudflare!
- Keep up with Chinese activity!
- Use a pcWRT to easily secure your internet!
- Test your browser's tracking resilience with CoverYourTracks!
- Support LetsBlockIt to consolidate and simplify uBlock filters!
- Explore PrivacyGuides and Prism Break to discover services that respect your privacy!
- Use BypassPaywalls to access restricted and useful information, such as the WSJ's Facebook Files.
- Skip over URL shortener links by using FastForward, which is a better alternative to outright domain blocking.
- https://fossies.org/linux/parallel/src/parsort
- https://unix.stackexchange.com/questions/579251/how-to-use-parallel-to-speed-up-sort-for-big-files-fitting-in-ram#579252
- https://askubuntu.com/questions/1006377/check-the-max-allowed-threads-count-for-sure#1006384
- https://stackoverflow.com/questions/9066609/fastest-possible-grep
- https://www.covert.io/threat-intelligence/
- https://filterlists.com/
- https://firebog.net/
- https://grimore.org/assets/databases/blocklist-ipsets
Typically used by other blacklist projects as whitelists.
Simply provide IP blocks for entire geographic regions.