Updated April 2026

How to install and use Tor Browser

A complete walkthrough: download, install, configure security settings, and access .onion addresses. Written for people who have never used Tor.

Tor Browser installation and configuration guide illustration showing browser interface with onion routing diagram

What Tor Browser actually does

Tor Browser routes your internet traffic through three encrypted relays before it reaches the destination. Each relay only knows the address of the previous and next hop, so no single point in the chain can see both who you are and what you're accessing. This is how .onion addresses work — they exist only inside the Tor network and cannot be reached through Chrome, Firefox, or any regular browser.

The browser itself is a modified version of Firefox ESR. It comes preconfigured with privacy settings that would take hours to set up manually: anti-fingerprinting protections, cookie isolation, disabled WebRTC, and a stripped user agent. You don't need to tweak these. The Tor Project maintains them.

One thing Tor Browser is not: a VPN. VPNs hide your IP from the destination server but the VPN provider sees everything. Tor splits that knowledge across three independent relays. No single entity sees the full picture.

Where to download Tor Browser

The only safe source is torproject.org. Go directly to that address in your current browser — do not search for "tor browser download" on Google or Bing. The first page of search results for that query typically contains at least two or three sponsored links to repackaged installers that bundle tracking software or worse.

On the Tor Project website, you'll see download options for Windows, macOS, Linux, and Android. Pick your operating system, download the installer, and save it somewhere you can find it.

The file sizes as of April 2026:

Platform	File	Size
Windows	.exe installer	~105 MB
macOS	.dmg disk image	~170 MB
Linux	.tar.xz archive	~105 MB
Android	Google Play / .apk	~95 MB

Verify the download before installing

This step is optional but worth doing if you're on a network you don't fully trust (hotel WiFi, workplace, shared connection). The Tor Project publishes GPG signatures alongside every download. If someone tampered with the installer between the server and your computer, the signature will not match.

To verify on Windows or macOS, you'll need Gpg4win (Windows) or GPG Suite (macOS). Import the Tor Browser Developers signing key, then run the verification against the downloaded file and its .asc signature. The Tor Project has a detailed walkthrough on their site — search for "How to verify Tor Browser" on torproject.org.

On Linux, most distributions include gpg by default. Download both the .tar.xz and the .tar.xz.asc, then run gpg --verify on the signature file. If it says "Good signature from Tor Browser Developers," the file is clean.

Installation — step by step

Windows: Run the .exe installer. It will ask where to install — the default location works fine. Tor Browser does not modify your system registry or install background services. It is entirely self-contained in its folder.

macOS: Open the .dmg file and drag Tor Browser to your Applications folder. If macOS blocks the launch because the app is "from an unidentified developer," go to System Preferences > Privacy & Security and click "Open Anyway."

Linux: Extract the .tar.xz archive to your home directory. Navigate into the extracted folder and run ./start-tor-browser.desktop. No root access needed.

First launch: On the initial startup, Tor Browser shows a connection screen. In most countries, click "Connect" and wait 10-30 seconds. The browser will establish a Tor circuit through three relays.

Censored networks: If you're in a country that blocks Tor (China, Iran, Russia, Turkmenistan), click "Configure" instead. Enable the built-in bridge transport — snowflake or obfs4 — which disguises Tor traffic as regular HTTPS connections.

Security settings you need to change

Tor Browser ships with the security level set to "Standard." For regular browsing, that's fine. For accessing darknet markets, it is not. Change it before you visit any .onion address.

Click the shield icon in the toolbar (top right, next to the URL bar). Select "Settings" and set the Security Level to Safest.

Here is what each level disables:

Level	JavaScript	Media	Fonts	When to use
Standard	Enabled	Enabled	All loaded	Regular browsing only
Safer	Partially disabled	Click-to-play	Most loaded	Clearnet sites on Tor
Safest	Fully disabled	Disabled	Limited	Darknet markets

The "Safest" setting disables JavaScript entirely. This matters because JavaScript is the primary attack vector for browser exploits targeting Tor users. In 2013, the FBI used a JavaScript exploit in Firefox to unmask users of a Tor hidden service. The Tor Browser has been hardened significantly since then, but the principle holds: less active content means less attack surface.

Most darknet markets are designed to work without JavaScript. If a site requires you to enable JavaScript to log in or browse listings, that is a red flag.

Accessing .onion addresses

A .onion address looks like a long string of random characters followed by .onion. Example format: http://a1b2c3d4e5f6g7h8i9j0.onion. These addresses only resolve inside the Tor network — pasting one into Chrome produces an error.

To visit a darknet market, copy a verified .onion link from a trusted source (like our market directory), paste it into the Tor Browser address bar, and press Enter. The connection typically takes 5-15 seconds, which is normal — each request travels through multiple relays.

Never search for market links using DuckDuckGo, Google, or any search engine inside Tor. The results are dominated by phishing sites that serve fake .onion addresses. If you type a password into one of these clones, the attacker has your credentials immediately. Get your links from a source you've already verified, and confirm them with PGP.

Common mistakes

Running Tor over a VPN. This is usually unnecessary and can actually reduce your anonymity. If the VPN provider logs connections (and you have no way to verify they don't), you've added a single point of surveillance. Tor already handles IP concealment through three relay hops.

Maximizing the browser window. When you maximize Tor Browser, your screen resolution becomes visible to sites you visit. Tor Browser opens in a specific window size (1000x1000 or similar) to make all users look the same. Resist the urge to resize it.

Installing extensions. Any browser extension you add changes your fingerprint and may leak data outside the Tor circuit. Tor Browser ships with uBlock Origin and NoScript already configured. Don't add anything else.

Using Tor for regular browsing and darknet access simultaneously. Tor Browser isolates circuits per domain, but using the same browser session for Gmail and a darknet market creates correlation risks. If you need clearnet access, use a separate browser entirely.

Downloading files through Tor. Opening a downloaded PDF, DOCX, or other document outside of Tor Browser can leak your real IP address to a remote server. If you must download files, do it inside a virtual machine with no direct internet access.

Connection problems and troubleshooting

If Tor Browser fails to connect, the issue is usually one of three things: your network blocks Tor traffic, the Tor network itself is experiencing congestion, or your clock is wrong.

Start with the clock. Tor's circuit-building protocol requires your system time to be accurate within a few minutes. If your computer clock is significantly off, Tor cannot establish a valid circuit. On Windows, right-click the clock in the taskbar and select "Adjust date/time," then enable "Set time automatically."

If the clock is correct and Tor still won't connect, try switching to a bridge. Open the connection settings and select obfs4 or snowflake as the transport. These bridges disguise Tor traffic as normal web traffic and can bypass most network-level blocks.

Persistent slowness (pages taking 30+ seconds to load) is normal during peak hours. Tor's speed depends on the relays in your circuit, and some relays are overloaded. You can request a new circuit by clicking the lock icon next to the URL bar and selecting "New Circuit for this Site."

What to do after setup

Once Tor Browser is installed and configured to the Safest security level, you have a working setup for accessing darknet markets. The next step is learning how to verify that the links you use are authentic, not phishing clones. Our PGP verification guide covers exactly that — how to cryptographically confirm that a .onion address was published by the real market operators.

For verified links to all active markets, check the market directory on our homepage.

Tor Browser questions

Tor Browser is legal in most countries. It is developed by the Tor Project, a US-based nonprofit. Some countries restrict or monitor Tor usage (China, Russia, Iran), but using the browser itself is not a criminal act in the US, EU, or most of the world.

Generally no. Tor already routes your traffic through three encrypted relays, hiding your IP from both the destination and any single relay. Adding a VPN introduces a provider who can see that you connected to Tor, which may be worse than your ISP seeing the same thing — at least your ISP can't see what you do inside Tor.

Every request travels through three relays across different countries before reaching the destination, and the same happens in reverse for the response. This adds latency. The speed also depends on how busy the relays in your current circuit are. You can request a new circuit from the lock icon in the URL bar if a page loads particularly slowly.

Yes, your ISP can see that you connected to the Tor network, but not what you're doing inside it. They see encrypted traffic going to a known Tor relay IP. If this is a concern, use a bridge (obfs4 or snowflake) to disguise the connection as regular HTTPS traffic.

Private browsing modes in Brave or Firefox only prevent your browsing history from being saved locally. Your IP address, browser fingerprint, and activity remain visible to websites and your ISP. Tor Browser routes all traffic through encrypted relays and actively resists fingerprinting. They are not comparable.