StevenBlack

StevenBlack/hosts

Python MIT Security

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

30.7k stars
2.4k forks
active
GitHub +39 / week

30.7k

Stars

2.4k

Forks

151

Open issues

30

Contributors

3.16.97 09 Jul 2026

AI Analysis

A curated hosts file aggregator that consolidates reputable security and filtering sources (adware, malware, fakenews, adult content, gambling, social media) into unified, customizable hosts files for network-level blocking. Primarily serves system administrators, privacy-conscious users, and network operators who want to deploy DNS-level protections across devices; not a general-purpose tool for casual users unfamiliar with hosts file configuration.

Security Security Tool Discovery value: 3/10
Documentation 8/10
Activity 9/10
Community 9/10
Code quality 7/10

Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.

Overall score 8/10

AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.

hosts-file-aggregator dns-blocking security-filtering privacy-tool ad-malware-filter
Actively maintained Well documented MIT licensed Popular Niche/specialized use case Production ready
Deep Analysis · Based on README and public signals
2w ago

30K-star hosts file aggregator blocks ads and malware at the OS level, updated daily since 2012

StevenBlack/hosts consolidates multiple curated blocklists into a single, deduplicated system hosts file that redirects known adware, malware, and optionally social media or porn domains to 0.0.0.0. It targets privacy-conscious individuals, parents, sysadmins managing small fleets, and developers who want network-level blocking without installing dedicated software. With 82,621+ entries across 31 variants, it requires no additional runtime — just a hosts file drop. Longevity (since 2012) and consistent daily updates make it a reference point in the hosts-based blocking ecosystem.

Origin

Started April 2012 as a personal aggregation project. Grew organically as hosts-file blocking gained traction before DNS-based solutions like Pi-hole became mainstream. Repository history is large enough that the README explicitly warns users to clone with --depth 1.

Growth

Growth appears driven by word-of-mouth in privacy and security communities, Reddit posts, and inclusion in curated 'awesome' lists. Stars accumulated steadily over 14 years rather than via a viral spike. Recent 7-day gain of 49 stars suggests slow but persistent organic discovery rather than a growth phase — consistent with a mature utility project.

In production

Direct download links (raw.githubusercontent.com and sbc.io mirror) suggest meaningful fetch volume, though exact download statistics are not publicly disclosed. The project is referenced by hosts file managers like Hostsman for Windows and is widely cited in privacy forums and guides. 2,418 forks indicate active derivative use and integration. Adoption appears real and broad among individual users; enterprise-scale deployment is not documented.

Code analysis
Architecture

Appears to be a Python-based build system that fetches data from multiple upstream sources in the hosts/data/ directory, deduplicates entries, and generates 31+ output variants. Likely uses a pipeline pattern: fetch → normalize → merge → deduplicate → write. The aggregator diagram referenced in the README confirms a multi-source fan-in design. Output artifacts are static text files committed to the repo and mirrored at sbc.io.

Tests

CI is present via GitHub Actions (ci.yml on master branch with passing status badge), suggesting automated validation exists. Specific test coverage metrics are not documented in README.

Maintenance

Last push was June 21 2026 — three days before analysis date. Commit activity badge and 'commits since last release' badge are present. Active CI pipeline is confirmed. This project shows strong maintenance signals: frequent updates, recent activity, and infrastructure investment. Not stagnant by any measure.

Honest verdict

ADOPT IF: you want zero-dependency, OS-level ad and malware blocking on a single machine or small fleet, have no Pi-hole or DNS resolver infrastructure, and are comfortable manually updating or scripting periodic hosts file refreshes. AVOID IF: you need network-wide protection for multiple devices, want automatic real-time updates without scripting, or require fine-grained per-domain control and logging — DNS resolvers like AdGuard Home are better fits. MONITOR IF: you currently use it and care about upstream source quality, as accuracy depends on the health of multiple third-party data sources that the project does not fully control.

Independent dimensions

Mainstream potential

3/10

Technical importance

5/10

Adoption evidence

7/10

Risks
  • Hosts-file blocking is bypassed by applications that use hardcoded DNS-over-HTTPS or bypass the system resolver entirely, reducing its effectiveness against modern adtech.
  • Accuracy depends on third-party upstream sources; false positives or missed domains in those sources propagate directly into all variants without fine-grained correction by this project.
  • On mobile operating systems (Android, iOS), system hosts file modification typically requires root or a VPN-based workaround, limiting the audience to desktop and rooted users.
  • Large hosts files (158K+ entries for porn variant) can introduce measurable DNS lookup latency on older or low-memory systems, particularly Windows.
  • The project explicitly redirects content issues to upstream data sources, meaning users may face friction when reporting false positives if the responsible upstream is unresponsive.
Prediction

Likely to remain a stable, well-maintained reference resource for hosts-file blocking for the foreseeable future. Mainstream growth is unlikely as DNS-based solutions capture new users, but its zero-dependency simplicity ensures a durable niche audience.

0 found this helpful

Newsletter

Get analyses like this every Monday

Free weekly digest of the most interesting open-source discoveries.

Languages

Python
87%
PowerShell
6.7%
Shell
2.4%
Nix
1.9%
Batchfile
1.8%
Dockerfile
0.1%

Information

Language
Python
License
MIT
Last updated
1d ago
Created
173mo ago
Analyzed with
anthropic/claude-haiku-4-5

Stars over time

Loading…

Contributors over time

Top 100 contributors only — repos with more will plateau at 100.

Loading…

Similar repos

Ultimate-Hosts-Blacklist

Ultimate-Hosts-Blacklist/Ultimate.Hosts.Blacklist

Ultimate Hosts Blacklist is a curated, unified hosts file containing over...

1.6k Shell Security
badmojr

badmojr/1Hosts

1Hosts is a DNS blocklist collection designed to filter ads, trackers, malware,...

2.1k HTML Security
hectorm

hectorm/hblock

hBlock is a POSIX shell script that aggregates blocklists from multiple sources...

2k Shell Security
hagezi

hagezi/dns-blocklists

A specialized DNS blocklist collection designed for DNS-based content...

24.3k Text Security
bindhosts

bindhosts/bindhosts

Bindhosts provides systemless hosts file management for Android root managers...

1.3k JavaScript Mobile
vs. alternatives
hagezi/dns-blocklists

Newer project (23K stars) offering DNS-format blocklists compatible with Pi-hole, AdGuard, and similar resolvers. Targets DNS-level blocking rather than hosts-file blocking, making it more suitable for network-wide deployments. Competes for the same privacy use case but at a different layer of the stack.

AdguardTeam/AdGuardHome

Full DNS server application (35K stars) that actively resolves queries and applies filtering rules. Requires dedicated hardware or a process to run continuously. More capable for household or small-network use but substantially higher setup complexity than dropping a hosts file.

oldj/SwitchHosts

A GUI application (26K stars) for managing hosts file switching on macOS/Windows/Linux. Complements rather than competes with StevenBlack/hosts — SwitchHosts is a hosts manager that users may load StevenBlack content into.

217heidai/adblockfilters

Focuses on filter list aggregation in Adblock Plus format for browser extensions. Operates at the browser level rather than OS level, providing finer-grained control but no protection for non-browser traffic.

ineo6/hosts

A different hosts project (5K stars) primarily used in China to improve access to GitHub and other services, addressing a distinct use case (connectivity) rather than security or privacy blocking.