.svg){kind=icon}
Secure your digital life.
Open Source IT-Security Hardware.
Simple and flexible tool for managing secrets.
SOPS is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP.
Reference implementation of OpenPubkey.
OpenPubkey adds user generated cryptographic signatures to OpenID Connect (OIDC) to enable users to sign messages or artifacts under their OpenID identity. Verifiers can check that these signatures are valid and associated with the signing OpenID identity. OpenPubkey does not add any new trusted parties beyond what is required for OpenID Connect and is fully compatible with existing OpenID Providers (Google, Azure/Microsoft, Okta, OneLogin, Keycloak) without any changes to the OpenID Provider.
onak is an OpenPGP compatible keyserver. It was originally written concentrating on providing real time path finding between 2 keys, but over time has moved to concentrating on providing standard keyserver storage and retrieval functionality.
Easily and securely send things from one computer to another :package:.
croc is a tool that allows any two computers to simply and securely transfer files and folders.
A very small, very simple, yet very secure encryption tool.
Picocrypt is a very small (hence Pico), very simple, yet very secure encryption tool that you can use to protect your files. It's designed to be the go-to tool for encryption, with a focus on security, simplicity, and reliability. Picocrypt uses the secure XChaCha20 cipher and the Argon2id key derivation function to provide a high level of security, even from three-letter agencies like the NSA. Your privacy and security is under attack. Take it back with confidence by protecting your files with Picocrypt.
Minisign is a dead simple tool to sign files and verify signatures.
The Dogtag Certificate System is an enterprise-class open source Certificate Authority (CA). It is a full-featured system, and has been hardened by real-world deployments. It supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management, and much more. The Dogtag Certificate System can be downloaded for free and set up in less than an hour.
Free Cloud Encryption for Dropbox & Co.
Cryptomator offers multi-platform transparent client-side encryption of your files in the cloud.
Hockeypuck is an OpenPGP public keyserver.
Password protect a static HTML page.
StatiCrypt uses AES-256 to encrypt your HTML file with your passphrase and return a static page including a password prompt and the javascript decryption logic that you can safely upload anywhere (see what the page looks like).
This means you can password protect the content of your public static HTML file, without any back-end - serving it over Netlify, GitHub pages, etc. (see the detail of how it works).
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
age is a simple, modern and secure file encryption tool, format, and Go library. It features small explicit keys, no config options, and UNIX-style composability.
OpenZiti is a free and open source project focused on bringing zero trust networking principles directly into any application. The project provides all the pieces required to implement a zero trust overlay network and provides all the tools necessary to integrate zero trust into your existing solutions. The OpenZiti project believes the principles of zero trust shouldn't stop at your network, those ideas belong in your application.
An open source sharing solution built on OpenZiti, the zero trust networking platform. Available as SaaS or self-hosted.
zrok is a next-generation sharing platform built on top of OpenZiti, a programmable zero-trust network overlay. zrok is a Ziti Native Application. zrok facilitates sharing resources both publicly and privately, exposing them to an audience you can easily control.
A complete guide to Nostr.
The simplest open protocol that is able to create a censorship-resistant global "social" network once and for all. A social network for the decentralized era. A simple, open protocol that enables a truly censorship-resistant & global social network.
Web clipboard and simple messanger with end-to-end RSA+AES encryption.
Cryptboard.io allows to send text messages and files between multiple devices.
CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates. It requires Go 1.16+ to build.
EJBCA covers all your needs – from certificate management, registration and enrollment to certificate validation.
Welcome to EJBCA – the Open Source Certificate Authority. EJBCA is one of the longest running CA software projects, providing time-proven robustness and reliability. EJBCA is platform independent, and can easily be scaled out to match the needs of your PKI requirements, whether you’re setting up a national eID, securing your industrial IoT platform or managing your own internal PKI.
Deduplicating archiver with compression and authenticated encryption.
BorgBackup (short: Borg) is a deduplicating backup program. Optionally, it supports compression and authenticated encryption.
The main goal of Borg is to provide an efficient and secure way to back up data. The data deduplication technique used makes Borg suitable for daily backups since only changes are stored. The authenticated encryption technique makes it suitable for backups to targets not fully trusted.
Free Open source disk encryption with strong security for the Paranoid.
VeraCrypt is a free open source disk encryption software for Windows, Mac OSX and Linux.