How to Install Tor Browser on Kali Linux

Tor Browser is a web browser that helps you keep your online activities private and anonymous. It works by routing your internet traffic through a special network called Tor, which hides your identity and the websites you visit. This makes it much harder for others to track you. Many people use Tor Browser to protect their privacy or to access websites securely, without anyone watching what they do online.

This guide will show you how to install Tor Browser on Kali Linux, step by step. Whether you’re new to Linux or just looking for a simple way to protect your privacy, this guide will walk you through everything you need to know to get started.

Note: While Tor Browser greatly enhances privacy, it does not offer complete anonymity on its own. For example, internet service providers can still detect that you’re using Tor. Combining Tor with a VPN can add an extra layer of protection.

Step 1: Update and Upgrade Your System

1. Open a terminal on your Kali Linux system.
2. Run the following commands to update and upgrade your system packages:

sudo apt update && sudo apt upgrade -y

3. Wait for the update process to complete before proceeding.

Step 2: Download Tor Browser

To get Tor Browser on your Kali Linux system, you have two options:

1. Download from the Official Website:

Open any web browser you are using on Kali Linux.

Go to the official Tor Project website by searching for “Tor Browser” or directly visiting this link: https://www.torproject.org.

Once you’re on the site, look for the “Download for Linux” button, which will download the correct version of Tor Browser for your system.

2. Additional Option (torbrowser-launcher):

If you prefer an automatic installation process, you can use torbrowser-launcher, which will handle the download and installation for you. If you’d like to manually download and install, follow the steps below:

In Terminal window type the following command to install the torbrowser-launcher tool:

sudo apt install torbrowser-launcher

After installing, just run the following command to start the Tor Browser installation:

torbrowser-launcher

The launcher will automatically download and install the latest version of Tor Browser for you.

Step 3: Choose the Installation Version

On the download page, select Download for Linux to get the appropriate package for your system.

Step 4: Download the GPG Signature and Public Key

Verifying the downloaded file using the GPG signature is essential for security and integrity. This step ensures:

1. Authenticity: Confirms that the file originates from the Tor Project and hasn’t been altered by a third party.
2. Integrity: Verifies that the download hasn’t been corrupted during transfer.
3. Protection Against Malware: Prevents the installation of malicious software masquerading as Tor Browser.

Skipping this step leaves you vulnerable to potential threats, such as compromised software versions that could expose your privacy. Always verify signatures when downloading software from the internet, especially tools like Tor Browser that handle sensitive operations.

To download the GPG signature and public key required for verifying Under the “Download for Linux” option, click the Signature link to download the GPG signature file (.asc) associated with your Tor Browser package.

Step 5: Verify the Signature

1. In the terminal window navigate to your Downloads directory:

cd Downloads

After extracting the package, check to confirm that the files were extracted correctly by listing the directory contents:

ls

Crate a new Tor folder and navigate to the new crated folder :

mkdir Tor
ls
cd Tor

mv ~/Downloads/tor-browser-linux-x86_64-14.0.3.tar.xz ~/Downloads/tor-browser-linux-x86_64-14.0.3.tar.xz.asc ~/Downloads/Tor/

Check to confirm that the files were moved:

ls

2. Fetch the Tor Developers’ key from the key server: When successful, you should see output confirming the key import:

gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org

3. Export the key to a local keyring file:

By creating this keyring file, the verification process becomes isolated and focused solely on the specific key needed for the signature.

It avoids using keys from the system-wide keyring, which ensures a more secure and controlled verification process.

gpg  --output ./tor.keyring  --export 0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290

This command exports the Tor Project’s GPG public key (identified by its fingerprint: 0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290) into a local file called tor.keyring.

This keyring file will be used as a reference to verify the signature of the downloaded Tor Browser package.

Key Components: — output ./tor.keyring: Specifies that the exported key will be saved to a file named tor.keyring in the current directory.

— export <key>: Exports the public key corresponding to the specified key ID (or fingerprint).

4. You should see the downloaded file by listing the directory contents:

ls

5. Verify the signature of the downloaded package:

gpgv --keyring ./tor.keyring ./tor-browser-linux-x86_64-<version>.tar.xz.asc ./tor-browser-linux-x86_64-<version>.tar.xz

Replace <version> with the version number of the downloaded file.

gpgv --keyring ./tor.keyring ./tor-browser-linux-x86_64-14.0.3.tar.xz.asc ./tor-browser-linux-x86_64-14.0.3.tar.xz

Step 6: Extract the Downloaded File

1. Extract the Tor Browser package:

tar -xf tor-browser-linux-x86_64-<version>.tar.xz

Replace <version> with the version number of the downloaded file.

tar -xf tor-browser-linux-x86_64-14.0.3.tar.xz

2. List the extracted contents to confirm:

ls

Step 7: Change Ownership and Permissions

1. Change the ownership of the extracted directory so it belongs to your user after verify the ownership:

sudo chown -R kali:kali ~/Downloads/Tor/tor-browser
ls -ld ~/Downloads/Tor/tor-browser

2. Make the folder and its contents executable and Verify Permissions:

chmod -R +x ~/Downloads/Tor/tor-browser
ls -l ~/Downloads/Tor/tor-browser

Step 8: Launch Tor Browser

1. Navigate to the extracted tor-browser directory and List the content:

cd tor-browser

Start Tor Browser:

./start-tor-browser.desktop

How to Update Tor Browser

Keeping Tor Browser updated ensures that you are protected from known vulnerabilities and benefit from the latest security features. Updates are essential to maintaining anonymity online.

To ensure you stay protected, always use the latest version of Tor Browser. Here’s a simple way to keep it updated:

1. Automatic Updates via Launcher:

torbrowser-launcher --update

This command will download and install the latest version of Tor Browser.

2. If You Installed Manually:
Download the latest version from Tor Project — https://www.torproject.org/, verify the GPG signature, extract the files, and replace the existing installation.

Extract the updated files and replace your existing Tor Browser folder with the new version.

3. Check for Updates Within the Browser:
If Tor Browser is already open, you can check for updates by:

Clicking the menu button (three horizontal lines in the top-right corner) >

Navigating to Help > About Tor Browser.

Tor Browser will automatically check for updates and prompt you to download if needed.

Using a VPN with Tor:

While Tor Browser enhances your privacy, pairing it with a VPN can significantly boost your anonymity. Here’s how they work together and why it’s beneficial:

1. What Does a VPN Do?
   A VPN encrypts your internet traffic and hides your IP address by routing your connection through its secure servers. This means your Internet Service Provider (ISP) cannot see that you’re using Tor or track your online activity.
2. How Tor and VPNs Work Together:

• VPN Before Tor (Recommended): Your internet traffic is encrypted by the VPN first and then sent to the Tor network. This ensures that your ISP cannot detect you’re using Tor.
• Tor Before VPN: Less common and more complex, this routes your Tor traffic through a VPN after leaving the Tor network. It may provide anonymity from the VPN itself but is harder to set up and less secure for most users.

1. Choosing a Reliable VPN:
   Select a VPN with the following features:

• No-Logs Policy: Ensure the VPN provider does not keep records of your activity.
• High-Speed Servers: Tor can slow your connection, so a fast VPN helps mitigate this.
• Strong Encryption: Look for AES-256 encryption and advanced security features.

2. Examples of Trusted VPNs for Privacy:

• ProtonVPN: Offers a free plan with high security and privacy standards.
• Mullvad VPN: Focused on privacy with anonymous signup options.
• NordVPN: A reliable choice with advanced features like Double VPN.

3. Quick Setup:

• Download and install the VPN software on your system.
• Connect to a secure VPN server.
• Once connected, open Tor Browser and browse safely.

Why Use Both?
Combining a VPN with Tor adds an extra layer of security, ensuring your ISP and other entities cannot detect Tor usage. It also protects against malicious exit nodes that could monitor unencrypted traffic.

(Optional) Create a Shortcut:

If you’d like to create a shortcut for easy access:

1. Open a terminal and create a new file for the shortcut:

nano ~/Desktop/Tor-Browser.desktop

2. Add the following content to the file:

[Desktop Entry]
Version=1.0
Name=Tor Browser
Comment=Browse Anonymously
Exec=/home/kali/Downloads/Tor/tor-browser/start-tor-browser.desktop
Icon=/home/kali/Downloads/Tor/tor-browser/browser/chrome/icons/default/default128.png
Terminal=false
Type=Application
Categories=Network;WebBrowser;

3. Save the file by pressing Ctrl+O, then Enter, and exit with Ctrl+X.

4. Make the Shortcut Executable:

chmod +x ~/Desktop/Tor-Browser.desktop

5. Create a new symbolic link to the start-tor-browser.desktop file:

ln -s ~/Downloads/Tor/tor-browser/start-tor-browser.desktop tor-browser.desktop

6. Allow Launching: If the shortcut appears on your desktop but doesn’t work, right-click it and select Allow Launching.

Click the shortcut Mark Executable, this will launch Tor Browser.

Conclusion

You have successfully installed Tor Browser on Kali Linux, verified its integrity, and optionally created a desktop shortcut for convenient access. This setup ensures a secure and private browsing experience.

By using Tor Browser, you take a crucial step towards protecting your privacy and maintaining your anonymity online, ensuring that your activities remain secure and private from unwanted surveillance.

Stay Safe While Using Tor Browser:

While Tor Browser provides excellent privacy and anonymity, it is important to remember that improper usage can still expose your identity.

Follow these best practices to ensure a secure experience:

1. Always Use HTTPS:
   Ensure the websites you visit are secured with HTTPS. Sites using HTTP can expose your activity to attackers, even when using Tor. Install a browser extension like HTTPS Everywhere to enforce secure connections.
2. Avoid Downloading Files or Plugins:
   Do not download files, plugins, or additional software while using Tor. Downloaded content may bypass Tor’s protection and leak your IP address or personal information.
3. Do Not Use Personal Accounts:
   Refrain from logging into personal accounts like email or social media. Doing so could reveal your identity, as these services often track user activity.
4. Disable JavaScript (if necessary):
   Some malicious websites exploit JavaScript vulnerabilities. While Tor tries to mitigate this, you can manually disable JavaScript from Tor Browser’s settings for enhanced security (but note that it may break website functionality).
5. Be Cautious of Exit Nodes:
   Traffic exiting the Tor network can still be monitored. Avoid entering sensitive information on unencrypted websites.

6. Avoid clicking on unverified .onion links or interacting with sites you don’t trust, as they could host malicious content or compromise your privacy.

Additional Resources

Tor Browser User Manual — Tor Project: https://tb-manual.torproject.org/

torproject/manual: Tor Browser User Manual: https://github.com/torproject/manual

Useful Resources for Tor Users

Directories and Search Engines:

When using the Tor Browser, it’s recommended to utilize search engines designed for anonymous and private environments. Below are some popular search engines available on the Tor network:

1. DuckDuckGo (.onion): A privacy-focused search engine that avoids tracking and offers .onion access.
   Link: https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion

2. Torch: One of the oldest Tor search engines, providing a vast index of .onion sites.
Link: http://xmh57jrknzkhv6y3ls3ubitzfqnkrwxhopf5aygthi7d6rplyvk3noyd.onion/

3. Ahmia: Filters out harmful or illegal content while offering a clean interface for .onion searches.
Link: http://juhanurmihxlp77nkq76byazcldy2hlmovfu2epvl5ankdibsot4csyd.onion/

4. Hidden Wiki: A directory of .onion sites with categorized links to various resources and services.
Link: http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page

5. Reddit Communities: Deep Web Subreddit: A community discussing various deep web topics.
Link: https://www.reddit.com/r/deepweb/

• Onions Subreddit: Focused on sharing and discussing .onion links.
  Link: https://www.reddit.com/r/onions/
• Privacy Subreddit: A general forum for discussing privacy-related topics.
  Link: https://www.reddit.com/r/privacy/

Enjoy safe and anonymous browsing with Tor Browser.