Take potentially dangerous PDFs, Office documents, or images and convert them into a secure PDF.
 |
 |
|---|
DangerZone works like this: You give it a document that you don’t know if you can trust (for example, an email attachment). Inside the sandbox, DangerZone converts the document to a PDF (if it isn’t already one), and then converts the PDF to raw pixel data: a huge list of RGB color values for each page. Then, outside the sandbox, DangerZone takes this pixel data and converts it back to PDF.
Read more about DangerZone on the official site.
Comment
🎅 Check out our Christmas security challenge, in which we ask security researchers to prepare a Naughty Letter that can pw the dangerzone into Santa’s laptop, and earn a reward of up to $3,000. Promise it makes sense. 🎄
Follow the instructions for each platform:
You can read more about our operating system support here.
- The sandbox doesn’t have network access, so if a malicious document compromises someone, they can’t phone home.
- Sandboxes use GVisor, an application kernel written in Go, which implements a large portion of the Linux system call interface.
- DangerZone can optionally OCR the secure PDF it creates, so it will again have a text layer
- DangerZone Compresses Secure PDF to reduce file size
- After converting, DangerZone lets you open the secured PDF in the PDF viewer of your choice, which allows you to open PDFs and Office documents in DangerZone by default so you never open a dangerous document by mistake.
DangerZone can convert these types of documents to secure PDF:
- PDF (
.pdf) - Microsoft Word (
.docx,.doc) - Microsoft Excel (
.xlsx,.xls) - Microsoft Powerpoint (
.pptx,.ppt) - ODF text (
.odt) - ODF Spreadsheet (
.ods) - ODF presentation (
.odp) - ODF graphics (
.odg) - Hancom HWP (Hangul Word Processor) (
.hwp,.hwpx) - epub(
.epub) - jpeg (
.jpg,.jpeg) - GIF (
.gif) - PNG (
.png) - SVG (
.svg) - Other image formats (
.bmp,.pnm,.pbm,.ppm)
DangerZone was inspired by Qube’s Trusted PDF, but it works in non-Qubes operating systems. It uses containers as sandboxes instead of virtual machines (using Docker for macOS and Windows, and Podman on Linux).
Set up a development environment by following these instructions.
Licensed under AGPLv3: https://opensource.org/ licenses/agpl-3.0
Copyright (c) 2022-2024 Freedom of the Press Foundation and Dangerzone contributors
Copyright (c) 2020-2021 First Look Media
Also see THIRD_PARTY_NOTICE.md for more information regarding third-party software that DangerZone relies on.
Has DangerZone received a security audit?
Yes, DangerZone received its first security audit by Incorporated Security in December 2023. The audit was generally favorable, as it did not identify any high-risk findings, except for 3 low-risk and 7 informative findings.
“I am experiencing a problem while using DangerZone.”
DangerZone continues to receive updates to improve its features And To fix problems. Therefore, updating may be the easiest way to resolve the issue that brought you here. Here’s how to update:
- Check which version of DangerZone you’re currently using: Run DangerZone, then look for a series of numbers to the right of the logo within the app. The numbers will have the same format
0.4.1 - Now find the latest available version of DangerZone: Go to the download page. See the version number displayed. The number will use the same format as in Step 1.
- Is the version of the DangerZone download page higher than the version of your installed app? Go ahead and update.
Can I run DangerZone in an airgapped environment?
Yes, DangerZone is designed to run in an airgapped environment without any configuration. If you want to update its container image, follow our instructions.
Can I use a custom runtime like Podman Desktop?
On Windows and macOS, DangerZone embeds Podman, so there’s no need for it.
To use a different Podman version, such as Podman Desktop, follow our documentation.
<a href