ββββ ββββ ββββββ βββββββ βββββββββββ βββ ββββββ βββ βββ
βββββ ββββββββββββββββββββββββββββββββ ββββββββββββββ βββ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββ βββ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββ βββ
βββ βββ ββββββ ββββββ ββββββββββββββ ββββββ βββββββββββββββββββ
βββ ββββββ ββββββ ββββββββββββββ ββββββ βββββββββββββββββββ
Secure. Private. Untraceable.
A hardened privacy-focused web browser built for security researchers, penetration testers, and privacy-conscious users.
Features β’ Installation β’ Extensions β’ Usage β’ Configuration β’ Architecture β’ Contributing
Marshall was built from the ground up with privacy by default. Unlike mainstream browsers that bolt on privacy features as an afterthought, Marshall is designed to:
- π« Block tracking at every level β ads, fingerprinting, cookies, WebRTC leaks
- π Secure by default β No telemetry, no data collection, hardened WebKit
- π§ͺ OSINT-ready β Built for security researchers with integrated recon tools
- 𧩠Extensible β Sandboxed extensions with honeypot detection
| Feature | Description |
|---|---|
| π« Ad Blocking | Built-in blocker with EasyList + EasyPrivacy |
| π Tracker Blocking | Blocks known tracking domains and scripts |
| π Fingerprint Protection | Prevents canvas, WebGL, and audio fingerprinting |
| πͺ Cookie Control | Third-party cookies blocked by default |
| π€ User Agent Spoofing | Blend in with common browser signatures |
| π Referrer Control | Strict referrer policy prevents leakage |
| π WebRTC Protection | Prevents real IP disclosure |
| π Timezone Spoofing | Hide your real timezone |
| Feature | Description |
|---|---|
| π HTTPS-First | Automatic HTTPS upgrades |
| π‘οΈ WebGL Disabled | Prevents GPU fingerprinting by default |
| π§ Tor Integration | Optional onion routing |
| π DNS over HTTPS | Encrypted DNS queries via Cloudflare/Quad9 |
| πΎ No Persistence | Clear all data on exit (configurable) |
| π Certificate Pinning | HPKP support for critical sites |
- π Tabbed Browsing β Full tab management with session restore
- π Bookmarks β Organize and sync your favorite sites
- π Privacy Search β DuckDuckGo, Startpage, Searx by default
- β¨οΈ Keyboard Shortcuts β Vim-style navigation available
- π¨ Dark Theme β NullSec-styled interface, easy on the eyes
- π§ Developer Tools β Full WebKit inspector
Marshall supports a growing ecosystem of sandboxed security extensions that run in an isolated container with honeypot detection for malicious behavior.
| Extension | Description | Language |
|---|---|---|
| π Shodan Lookup | Query Shodan.io for IP/domain intelligence | JavaScript |
| π WHOIS Inspector | Detailed domain registration info | JavaScript |
| β‘ XSS Scanner | Detect Cross-Site Scripting vulnerabilities | JavaScript |
| π Header Analyzer | HTTP security header analysis | JavaScript |
| π Cert Inspector | SSL/TLS certificate grading | Ruby |
| π‘ Traffic Analyzer | Network monitoring & anomaly detection | TypeScript |
| π§ Request Tamper | HTTP interception and modification | Lua |
| π§ Memory Forensics | Memory artifact and shellcode detection | C |
All extensions execute in a multi-layered sandbox:
Extension β Secure Channel (AES-256-GCM) β Rust Sandbox (seccomp) β Honeypot (Go)
- π¦ Rust Core β Process isolation with seccomp-bpf and namespace separation
- π Encrypted IPC β All communication encrypted with session keys
- π― Honeypot System β Fake services detect malicious extensions
- π Threat Scoring β Behavioral analysis triggers containment
π Browse & Install Extensions
curl -sSL https://raw.githubusercontent.com/bad-antics/marshall/main/install.sh | bashDebian / Ubuntu
sudo apt install -y \
libgtk-4-dev \
libwebkitgtk-6.0-dev \
pkg-config \
libssl-dev \
libsoup-3.0-devArch Linux
sudo pacman -S gtk4 webkitgtk-6.0 pkg-config openssl libsoup3Fedora
sudo dnf install gtk4-devel webkitgtk6.0-devel pkg-config openssl-devel libsoup3-develgit clone https://github.com/bad-antics/marshall.git
cd marshall
cargo build --release
sudo install -Dm755 target/release/marshall /usr/local/bin/marshallDownload from Releases:
marshall-linux-x86_64.tar.gzmarshall-linux-arm64.tar.gz.deband.rpmpackages available
# Launch Marshall
marshall
# Open a specific URL
marshall https://example.com
# Private browsing mode
marshall --private
# Enable Tor routing
marshall --tor
# Maximum privacy mode
marshall --paranoid| Shortcut | Action |
|---|---|
Ctrl+T |
New tab |
Ctrl+W |
Close tab |
Ctrl+L |
Focus URL bar |
Ctrl+R |
Reload |
Ctrl+Shift+P |
Private window |
Ctrl+Shift+N |
New window |
Alt+β/β |
Back / Forward |
Ctrl++/-/0 |
Zoom in/out/reset |
F12 |
Developer tools |
Ctrl+F |
Find on page |
Ctrl+H |
History |
Ctrl+B |
Bookmarks |
Config file: ~/.config/marshall/config.toml
[general]
homepage = "about:blank"
search_engine = "https://duckduckgo.com/?q="
restore_session = false
enable_javascript = true
enable_webgl = false
[privacy]
strict_mode = true
block_trackers = true
block_fingerprinting = true
block_third_party_cookies = true
clear_on_exit = true
do_not_track = true
spoof_timezone = true
spoof_user_agent = true
[adblock]
enabled = true
filter_lists = [
"https://easylist.to/easylist/easylist.txt",
"https://easylist.to/easylist/easyprivacy.txt",
"https://malware-filter.gitlab.io/malware-filter/urlhaus-filter.txt"
]
[network]
tor_enabled = false
dns_over_https = true
doh_server = "https://cloudflare-dns.com/dns-query"
# Alternatives: "https://dns.quad9.net/dns-query"
[appearance]
theme = "nullsec-dark"
font_family = "JetBrains Mono"
font_size = 14
[extensions]
sandbox_level = "strict" # minimal, standard, strict, paranoid
auto_update = truemarshall/
βββ src/
β βββ main.rs # Entry point
β βββ app.rs # Application state
β βββ ui/ # GTK4 components
β β βββ window.rs # Main window
β β βββ toolbar.rs # Navigation bar
β β βββ urlbar.rs # URL entry
β β βββ tabbar.rs # Tab management
β β βββ theme.rs # CSS theming
β βββ engine/ # WebKit integration
β β βββ webview.rs # WebKit wrapper
β β βββ settings.rs # Engine config
β βββ privacy/ # Privacy features
β β βββ tracker_blocker.rs
β β βββ fingerprint.rs
β β βββ cookie_manager.rs
β β βββ referrer.rs
β βββ adblock/ # Ad blocking
β β βββ engine.rs
β β βββ lists.rs
β βββ network/ # Network layer
β β βββ dns.rs # DoH resolver
β β βββ tor.rs # Tor integration
β βββ extensions/ # Extension loader
β β βββ manager.rs
β β βββ sandbox.rs
β βββ config/ # Configuration
βββ Cargo.toml
βββ LICENSE
βββ README.md
# Standard build
cargo build --release
# With all features
cargo build --release --all-features
# Feature selection
cargo build --release --features "tor,extensions,developer"| Feature | Description | Default |
|---|---|---|
adblock |
Ad blocking engine | β |
extensions |
Extension support | β |
tor |
Tor network routing | β |
developer |
DevTools support | β |
- Zero Telemetry β No data ever leaves your machine
- Secure Defaults β Privacy features enabled out of the box
- Transparency β 100% open source, auditable code
- User Control β You decide what data to keep or clear
- Defense in Depth β Multiple layers of protection
We welcome contributions! See CONTRIBUTING.md for guidelines.
# Clone and setup
git clone https://github.com/bad-antics/marshall.git
cd marshall
# Run tests
cargo test
# Check formatting
cargo fmt --check
# Run clippy
cargo clippy -- -D warnings
# Debug mode
RUST_LOG=debug cargo runMIT License β see LICENSE
| Project | Description |
|---|---|
| Marshall Extensions | Security extensions with sandboxed execution |
| NullSec Tools | Comprehensive security toolkit |
| NullSec Linux | Security-focused Linux distribution |
