About APAF

APAF, aka Anonymous Python Application Framework, is a multi-platform build system framework and a library for developing Python/Twisted based server applications, exposed as Tor Hidden Service, easy to be installed and managed on multiple platforms (Windows, OSX, Debian) with a particular focus for desktop environments.


Author: Michele Orrù, aka maker

Project: Google Summer of code 2012

Further informations:


  1. Tor blog
  2. Any other site mentioning apaf


APAF is a python library based on twisted and txtorcon. It can be used for launching a standalone web application exposing itself via hidden service, or as server application.

Multiplatform. APAF is tested on Windows XP, Ubuntu 12.04 and Mac OSX.

Portable. Apart from the python package itself, APAF can be built as .app, using py2app, and .exe, using py2exe for windows.

Easy. exposing your application with APAF is as simple as writing a class and 3 clicks (ehi, I am still working on this). A good starting point may be the staticfileserver.py example.

Secure We make sure that all APAF’s outbounding connecction will pass through Tor, and that its fingerprint is reduced to a minimum.


we do not guarantee that the application built with APAF will not leak data outside tor, neither the same application will make APAF easily recognizable. The developer building applications with APAF should properly audit the applications they are packaging to check for possible leaks.

See also

See the threat model page for further informations.


APAF can be installed using either pip or easy_install. There should be somewhere also builds for debian.

$ pip install git+https://github.com/globaleaks/APAF.git


To try out apaf, just run:

$ python apaf/main.py

In case you are not interested in user-experience and similar bullshits, --debug option could be helpful.

Table Of Contents

Next topic

APAF package

This Page