For the past three years, the Tor Project has been working to improve the tools, resources, and protocols used to monitor the health of the Tor network. This work aims to strengthen the Tor network’s resilience and resist relay attacks.
As part of this effort, in October 2025, 7aSecurity conducted a code audit of those tools.
The code audit focused on the following projects:
- TagTor is a Flask web app to display metrics about the Tor network and its nodes.
- DescriptorParser is a small, standalone Java app to import Tor network descriptors into a PostgreSQL DB and a VictoriaMetrics time series.
- Margot is a Rust command-line application using Arti that provides a series of commands for the network health team.
- Exitmap is a fast and modular Python-based scanner for Tor exit relays.
- Tor_fusion parses Tor network documents in the Rust programming language.
- Simple Bandwidth Scanner is a Tor bandwidth scanner that generates bandwidth files to be used by directory authorities.
- C Tor protects your privacy on the internet by hiding the connection between your Internet address and the services you use. This software is the one that runs on each relay of the Tor network.
- Arti is the implementation of Tor in Rust. The code to be audited is the one that changed during this project.
The audit found six vulnerabilities and highlighted eleven hardening recommendations. All findings have been reviewed by the Tor Project, and remediation work is being tracked as part of our ongoing security and maintenance processes.
Read the full audit report
For detailed findings and recommendations, please see the complete audit report here
