SecureDrop is an open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. It was originally created by the late Aaron Swartz and is currently managed by Freedom of the Press Foundation.
SecureDrop's documentation is now built and hosted by Read the Docs: https://docs.securedrop.org. If you are still trying to use links to Markdown files on our Github to read documentation, please update your bookmarks.
Found an issue?
If you're here because you want to report an issue in SecureDrop, please observe the following protocol to report an issue responsibly:
- If you want to report a security issue, please use our bug bounty hosted by Bugcrowd.
- If the issue does not have a security impact, just create a Github Issue.
How to Install SecureDrop
See the Installation Guide.
How to Use SecureDrop
How to Contribute to SecureDrop
See the Development Guide.
License
SecureDrop is open source and released under the GNU Affero General Public License v3.
The wordlist we use to generate source passphrases is based off a new Diceware wordlist from the EFF.