Tor Browser hardening configuration:
(Note that these will make you more identifiable, but a tad more secure due to the browser's attack surface being a little smaller, it's up to you to decide what is best for your OpSec)
about:config
javascript.enabled - false.
browser.urlbar.filter.javascript - false
geo.enabled - false.
media.getusermedia.screensharing.enabled - false
media.getusermedia.audiocapture.enabled - false
media.peerconnection.enabled - false
network.http.sendSecureXSiteReferrer - false
webgl.disabled - true
webgl.enable-webgl2 - false
browser.send_pings - false
toolkit.telemetry.enabled - false
network.captive-portal-service.enabled - false
browser.aboutConfig.showWarning - false
webgl.min_capability_mode - true
webgl.disable-extensionsUS - true
media.video_stats.enabled - false
dom.telephony.enabled - false
dom.battery.enabled - false
canvas.path.enabled - false
canvas.capturestream.enabled - false
privacy.resistFingerprinting - true.
privacy.donottrackheader.enabled - true
privacy.firstparty.isolate - true
privacy.trackingprotection.enabled - true
privacy.resistFingerprinting.autoDeclineNoUserInputCanvasPrompts - true
privacy.resistFingerprinting.randomDataOnCanvasExtract - true
privacy.trackingprotection.cryptomining.enabled - true
privacy.trackingprotection.enabled - true
privacy.donottrackheader.enabled - true
gfx.downloadable_fonts.enabled - false
privacy.socialtracking.block_cookies.enabled - true
media.peerconnection.ice.default_address_only - true
privacy.firstparty.isolate = true
privacy.resistFingerprinting = true
privacy.trackingprotection.enabled = true
browser.cache.offline.enable = false