NightHawk 夜鹰

Anonymity Server


NightHawk (Anonymity Server) is built with Tor (The Onion Router) on Ubuntu Server. You can surf the internet anonymously or surf the Deep Web with it.


NightHawk is open source and it is released under GPL version 3. It is developed by Samiux.

A Quick Guide to GPLv3
GNU General Public License Version 3.0


If you like our project, please show your support by sending the donation to Paypal (infosecninjas AT gmail DOT com) in USD or HKD currency. You need a Paypal account for the donation.


The current version NightHawk should be installed on Ubuntu Server 18.04.2 LTS (other version will not be supported).


sha256sum c226db063935598d300b70a56944f017b9c1c6f6c672abb0edd7d4edb200f7d2 nighthawk-1804-1.6.tar.gz

Change Log

2012-10-15 - First released
2014-01-25 - Minor bugs fixed and Open Source, and is released under GPLv3
2014-01-26 - Minor bug fixed
2014-04-28 - Renew for Ubuntu 14.04 LTS, and some improvement. Debain Wheezy is supported.
2014-04-30 - Some improvement
2014-05-01 - Some improvement on speed
2014-05-02 - Major bug fixed
2014-05-15 - Modified for new network interface naming policy in Ubuntu 14.04
2015-01-05 - Minor bug fixed
2015-12-16 - Minor fix
2016-05-26 - Modified for Ubuntu 16.04 LTS
2017-07-20 - Version 1604-1.0 - Some improvement and code clean up
2018-05-03 - Version 1804-1.0 - Supports Ubuntu Server 18.04 LTS only
2018-10-21 - Version 1804-1.1 - Fixed for Ubuntu 18.04.1
2019-01-02 - Version 1804-1.2 - Fixed for Ubuntu 18.04.1 (netplan)
2019-01-15 - Version 1804-1.3 - Fixed for Ubuntu 18.04.1 (ping)
2019-05-26 - Version 1804-1.4 - Fixed for Ubuntu 18.04.2
2019-05-29 - Version 1804-1.5 - Fixed for Ubuntu 18.04.2 (DNS Leak)
2019-05-30 - Version 1804-1.6 - Use latest stable version of Tor


Pros :

(1) Easy to use and install
(2) Use your favourite Operating System
(3) Transparent to all applications and software
(4) Portable
(5) Anonymity
(6) Support wired and wireless network (including mobile network, 3G/4G)
(7) Flexible

Cons :

(1) Should use Firefox and some related Add-ons are required
(2) Your personal computer still have chance to be infected by malware
(3) Anti-virus/malware software is required on your personal computer
(4) Your Operating System should support PPTP VPN
(5) Speed is reduced
(6) Requires a dedicated computer when not using virtual machine
(7) 512MB extra RAM and 10GB extra space when using virtual machine
(8) Router (wired or wireless) or Mobile phone tethering is required
(9) Cloudflare protected websites (or similar) cannot be accessed directly
(10) Google Search Engine does not work properly for some websites
(11) Tor Exit Nodes may be monitoring/sniffing by criminals and/or law enforcement

Similar project :

Whonix - Anonymous Operating System
Tails - The Amnesic Incognito Live System
Creating Ultimate TOR Virtual Network

Worth to read :

How Can I Stay Anonymous with Tor? (dated Jan 10, 2014)

HOWTO : Use NightHawk More Safety



Make sure you have no DNS leakage vulnerability (you can search the internet for the online tools for checking), you should set the DNS at your router to one of the following :

IBM Public DNS


Cloudflare Public DNS


Comodo public DNS


Google public DNS


OpenDNS public DNS


DNSAdvantadge public DNS


Moreover, NightHawk is designed for internal network (LAN) only. Outside the LAN is NOT recommended. If you insisted to place the NightHawk outside the LAN, you will be hacked. Meanwhile, your PPTP VPN username and password should be strong enough; otherwise, you can be hacked. In addition, please update NightHawk often too.


When connecting via NightHawk, make sure your Firefox is installed add-ons namely uMatrix to disabled all the Flash and JavaScript plugins as those can reveal your identity (such as IP address) without warnings. Meanwhile, do not bittorrent and download file. Or, you can use QuickJS Firefox add-ons to replace uMatrix when necessary.

Do not connect back with reverse connection as it will reveal your IP address. When need to, please consider to use hidden service with torsocks or socat or alike.

You are also recommended to install the following Firefox Add-ons :

Cookies AutoDelete

DuckDuckGo Plus (Search Engine)


WebRTC Control

User Agent Switcher

uBlock Origin

You can consider to change the MAC address of the NightHawk with macchanger. If you do so, the IP address of the NightHawk may change for almost all of the router.


Method One :

sudo apt install git

git clone

cd dnsleaktest


Method Two :

AstrillVPN DNS Leak Test

*** If you see your ISP DNS or your DNS IP address(es), you are vulnerable to DNS Leakage.


The minimum hardware requirement is :

CPU - Intel Atom D510
RAM - 2 GB
HDD - 8 GB
NIC - one Gigabit LAN interface

The minimum hardware requirement for VirtualBox is :

CPU - one
RAM - 512 MB
HDD - 8 GB
NIC - one (Bridged)


First of all, you should behind a router. The NightHawk should be installed on Ubuntu Server (Long Term Support, LTS). Other versions and distributions will not be supported. It can be installed to VirtualBox or standalone computer.

You should know how to install and setup Ubuntu Server.

You also should know how to setup a PPTP VPN connection at client side.

Make sure port 1723 is opened for internal network and you are not advised to open this port for public network unless you need to do so. If you open this port to public, make sure your VPN client passwords are very strong.


Before going to install NightHawk, you need to update the Ubuntu server.

sudo apt update
sudo apt dist-upgrade
sudo apt --purge autoremove
sudo apt autoclean

Then, you need to reboot.

sudo reboot

tar -xvzf nighthawk-1804-1.6.tar.gz
cd nighthawk

chmod +x *-nighthawk

Edit the name of the network interface in "nighthawk.conf", e.g. eth0, p2p1 and edit your subnet, such as "" :

nano nighthawk.conf

sudo ./install-nighthawk

SETUP (You need to run it once after the installation. Optional - do it when necessary)

sudo setup-nighthawk

To check the IP address of the NightHawk, you should do the following. The script only works on eth0.

ifconfig eth0

There would be something like or similar. If there is no eth0, it should be a problem. Please check the router and your connections.

After that, you may need to reboot the server if you cannot ping your gateway.

For example :


However, you cannot ping or outside world.


After the NightHawk is setting up, you have to update the box.

sudo update-nighthawk

You are advised to update your server every one week in order to keep the server up to date.


To add a new user, you can do the following.

sudo adduser-nighthawk


If you want to delete any username in the box, you should do the following :

sudo deluser-nighthawk


Server side :
To test the server if it works or not. You type the following command under the server.

For example, ping your gateway :


If you have the ping result. That means the server is working. Press Ctrl+C to quit the ping process.

If there is no ping result, you are required to reboot your server to test again.

To test the Tor is working or not. You type the following command under the server.


If elinks is not installed, just install it :
sudo apt install elinks

If you see the IP address is different from your real IP (the external IP), that means the server is working fine.

Client side :
To test the server if it works or not. You can connect the server via VPN (PPTP) from your host. To set the PPTP VPN Client, you should set the "Gateway" or "Server address" to be the IP address of your NightHawk or the hostname. For Windows and Mac OSX systems, the hostname method may not work properly. Once it is connected, you can go to the following site with your browser.

If you see that you are using Tor, it is working.


The hostname of the NightHawk is the IP address of the NightHawk.

You are required to use "sudo" on each command; otherwises, the command will not work.

To power off the server, you need to enter "sudo poweroff". When you want to reboot the server, you need to enter "sudo reboot".

Since PPTP VPN is not very secure, you need to set a very strong password when it is allowed for connecting outside your internal network.

You can use NightHawk without logging in to the PPTP VPN. If your applications are support SOCKS4 or SOCKS5, you can set the application to SOCKS5, port 9050, IP address of NightHawk to use NightHawk without login the the PPTP VPN.

Linux Client

What is a strong password?

A strong password should be combined with numeric, character (upper and lower cases) and speical characters as well as more than 16 characters length. In addition, the word inside the password should not be a common word or it can be find in the dictionaries or internet. It is better that the password should be nonsense.


The network interface should be in "Bridge mode" on the VirtualBox. It can be bind to ethernet or wireless network interface.

Furthermore, make sure there is no USB device (such as USB DVD ROM and USB stick) is inserted to the computer. Otherwise, this application will malfunction. In addition, some services (such as Google Search and irc) may ban the Tor network. However, we can refer to this link to run freenode for NightHawk.

If you run NightHawk on different routers, I suggest you to have different virtual machines of NightHawk for each router. Or, if you insist to use one virtual machine, you can make a snapshot after the installed a working NightHawk. When switching router, you should revert the virtual machine to the previous status when you cannot make the virtual machine function again after running "sudo setup-nighthawk" and reboot. If you can ping your gateway, the new setting is working.

For Windows systems, you may encounter DNS problem on PPTP VPN, this link may help. However, you should consider if there is any DNS leaking or not.

For the usage, such as IRC, FTP and web browsing, you can refer to the above video. Make sure you forward the ports for FTP usage.


Surfing DarkNet with NightHawk and Firefox

Once the NightHawk is setting up, it is ready for surfing with Tor. However, it cannot surf DarkNet (or Deep Web) without further configuration.

Step 1 :

At URL address field of Firefox, enter "about:config" and search for "network.proxy.socks_remote_dns" and "network.dns.blockDotOnion". Toggle to "true" and "false" respectively.

Step 2 :

Install "Foxy Proxy Standard" Firefox Add-on. Then add the following and enable it before going to DarkNet.

Proxy Type : SOCKS5
Title or Description (optional) : Tor Proxy
IP address, DNS name, server name : (NightHawk IP address)
Port : 9050

Step 3 :

Disable the "Foxy Proxy Standard" - "Tor Proxy" after surfing the DarkNet.

.onion sites

DuckDuckGo Tor Hidden Service

The Hidden Wiki 2018