docker-multitor
May 23, 2026 ยท View on GitHub
Dockerized multitor. Runs multiple Tor circuits behind HAProxy for load-balanced anonymous proxying.
Alpine 3.21 / Tor / Privoxy / HAProxy
usage
docker build -t multitor .
docker run --rm -p 16379:16379 multitor
curl --proxy http://localhost:16379 https://httpbin.org/ip
More Tor instances:
docker run --rm -p 16379:16379 -e TOR_INSTANCES=10 multitor
Or pull from registry:
docker run --rm -p 16379:16379 evait/multitor
env
| var | default | what it does |
|---|---|---|
TOR_INSTANCES | 5 | number of Tor circuits to spawn |
mirror
Robust parallel Tor mirror tool for downloading directory-listed URLs from .onion sites. Built for bulk-downloading leaked datasets for DSGVO analysis (informing affected users about stolen data).
Architecture: Python + SQLite job queue + parallel wget workers. Spider crawls directory listings, workers download files concurrently through multiple Tor circuits.
- SQLite database tracks all files - crash-safe, resumable
- Parallel download workers (one per Tor circuit)
- Real-time terminal UI showing progress, speed, and worker status
- Automatic infinite retry on network failure
- Resume support - re-run the same command to pick up where you left off
install
Requires uv and wget.
# Install as global tool
uv tool install ./mirror
# Or run directly from repo
uv run --directory mirror mirror --help
# or install it from the online repo
uv tool install git+https://github.com/evait-security/docker-multitor/tree/master/mirror
usage
# Start multitor proxy
docker run --rm -d -p 16379:16379 -e TOR_INSTANCES=5 evait/multitor
# Mirror a .onion directory listing
mirror http://exampleonion.onion/files/
# Mirror to a specific destination with 10 workers
mirror --parallel 10 http://exampleonion.onion/dump/ /data/leak-mirror
# Custom proxy address
mirror --proxy http://10.0.0.5:16379 http://exampleonion.onion/files/
# Resume an interrupted download (just re-run the same command)
mirror http://exampleonion.onion/dump/ /data/leak-mirror
# Start fresh, ignoring previous state
mirror --fresh http://exampleonion.onion/dump/ /data/leak-mirror
options
| flag | default | description |
|---|---|---|
url | - | URL to mirror (directory listing with links) |
destination | . | Local directory to save files |
-p, --parallel | 5 | Number of parallel download workers |
--proxy | http://127.0.0.1:16379 | Multitor proxy address |
--timeout | 120 | Download timeout per file (seconds) |
--fresh | - | Delete existing database, start over |
-v, --verbose | - | Write detailed logs to mirror.log |
how it works
- Spider crawls directory listings recursively via the Tor proxy, discovers all file URLs, stores them in a SQLite queue (
.mirror.dbin the destination) - Workers (N parallel threads) pull jobs from the queue and download files using
wgetthrough the HAProxy round-robin - each request exits through a different Tor circuit - Retry loop - failed downloads are requeued and retried indefinitely until all files are saved
- Resume - the database persists in the destination dir; re-running detects it and picks up where it left off
test
./test.sh
Builds the image, spins up a container, waits for Tor bootstrap, runs HTTP/HTTPS requests through the proxy, verifies Tor exit and round-robin. Cleans up after itself.
publish
./publish.sh 1.0.0
Tags and pushes to Docker Hub as evait/multitor:1.0.0 and evait/multitor:latest.
how it works
multitor spawns N Tor processes with separate SOCKS ports, puts a Privoxy HTTP proxy in front of each, then HAProxy round-robins across all Privoxy backends on port 16379. Each request potentially exits through a different Tor circuit.
credits
- multitor by trimstray
- evait-security for the Docker packaging