encryption
SeaweedFS is a fast distributed storage system for blobs, objects, files, and data lake, for billions of files! Blob store has O(1) disk seek, cloud tiering. Filer supports Cloud Drive, cross-DC active-active replication, Kubernetes, POSIX FUSE mount, S3 API, S3 Gateway, Hadoop, WebDAV, encryption, Erasure Coding.
Botan (Japanese for peony flower) is a C++ cryptography library released under the permissive Simplified BSD license.
Botan’s goal is to be the best option for cryptography in C++ by offering the tools necessary to implement a range of practical systems, such as TLS protocol, X.509 certificates, modern AEAD ciphers, PKCS#11 and TPM hardware support, password hashing, and post quantum crypto schemes. A Python binding is included, and several other language bindings are available. The library is accompanied by a featureful command line interface.
Open source & zero knowledge private note taking app. Open source. End-to-end encrypted.Private. Write notes with freedom, no spying, no tracking.
A fully open source & end-to-end encrypted note taking alternative to Evernote.
Notesnook is a free (as in speech) & open-source note-taking app focused on user privacy & ease of use. To ensure zero knowledge principles, Notesnook encrypts everything on your device using XChaCha20-Poly1305 & Argon2.
Sha256 algorithm explained online step by step visually.
Sha256 algorithm explained online step by step visually sha256algorithm.com This website will help you understand how a sha256 hash is calculated from start to finish.
Onion addresses for anything.
onionpipe forwards ports on the local host to remote Onion addresses as Tor hidden services and vice-versa. onionpipe is a decentralized way to create virtually unstoppable global network tunnels.
Share, freely and privately.
Jami is a free/libre, end-to-end encrypted, and private communication software.
Related contents:
OpenPubkey is an open source project that binds public keys and workload identities using standard SSO and OpenID Connect.
Use OpenPubkey today to SSH to machines on your network without SSH keys.
get things from one computer to another, safely.
This package provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. The two endpoints are identified by using identical "wormhole codes": in general, the sending machine generates and displays the code, which must then be typed into the receiving machine.
Sources:
Sealed Secrets provides declarative Kubernetes Secret Management in a secure way. Since the Sealed Secrets are encrypted, they can be safely stored in a code repository. This enables an easy to implement GitOps flow that is very popular among the OSS community.
Simple and flexible tool for managing secrets.
SOPS is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP.
Reference implementation of OpenPubkey.
OpenPubkey adds user generated cryptographic signatures to OpenID Connect (OIDC) to enable users to sign messages or artifacts under their OpenID identity. Verifiers can check that these signatures are valid and associated with the signing OpenID identity. OpenPubkey does not add any new trusted parties beyond what is required for OpenID Connect and is fully compatible with existing OpenID Providers (Google, Azure/Microsoft, Okta, OneLogin, Keycloak) without any changes to the OpenID Provider.
Related contents:
onak is an OpenPGP compatible keyserver. It was originally written concentrating on providing real time path finding between 2 keys, but over time has moved to concentrating on providing standard keyserver storage and retrieval functionality.
Easily and securely send things from one computer to another :package:. croc is a tool that allows any two computers to simply and securely transfer files and folders.
A very small, very simple, yet very secure encryption tool.
Picocrypt is a very small (hence Pico), very simple, yet very secure encryption tool that you can use to protect your files. It's designed to be the go-to tool for encryption, with a focus on security, simplicity, and reliability. Picocrypt uses the secure XChaCha20 cipher and the Argon2id key derivation function to provide a high level of security, even from three-letter agencies like the NSA. Your privacy and security is under attack. Take it back with confidence by protecting your files with Picocrypt.
Minisign is a dead simple tool to sign files and verify signatures.
The Dogtag Certificate System is an enterprise-class open source Certificate Authority (CA). It is a full-featured system, and has been hardened by real-world deployments. It supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management, and much more. The Dogtag Certificate System can be downloaded for free and set up in less than an hour.
Free Cloud Encryption for Dropbox & Co.
Cryptomator offers multi-platform transparent client-side encryption of your files in the cloud.
Related contents:
Password protect a static HTML page.
StatiCrypt uses AES-256 to encrypt your HTML file with your passphrase and return a static page including a password prompt and the javascript decryption logic that you can safely upload anywhere (see what the page looks like).
This means you can password protect the content of your public static HTML file, without any back-end - serving it over Netlify, GitHub pages, etc. (see the detail of how it works).
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
age is a simple, modern and secure file encryption tool, format, and Go library. It features small explicit keys, no config options, and UNIX-style composability.
OpenZiti is a free and open source project focused on bringing zero trust networking principles directly into any application. The project provides all the pieces required to implement a zero trust overlay network and provides all the tools necessary to integrate zero trust into your existing solutions. The OpenZiti project believes the principles of zero trust shouldn't stop at your network, those ideas belong in your application.
An open source sharing solution built on OpenZiti, the zero trust networking platform. Available as SaaS or self-hosted.
zrok is a next-generation sharing platform built on top of OpenZiti, a programmable zero-trust network overlay. zrok is a Ziti Native Application. zrok facilitates sharing resources both publicly and privately, exposing them to an audience you can easily control.
A complete guide to Nostr.
The simplest open protocol that is able to create a censorship-resistant global "social" network once and for all. A social network for the decentralized era. A simple, open protocol that enables a truly censorship-resistant & global social network.
Web clipboard and simple messanger with end-to-end RSA+AES encryption. Cryptboard.io allows to send text messages and files between multiple devices.
CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates. It requires Go 1.16+ to build.
EJBCA covers all your needs – from certificate management, registration and enrollment to certificate validation.
Welcome to EJBCA – the Open Source Certificate Authority. EJBCA is one of the longest running CA software projects, providing time-proven robustness and reliability. EJBCA is platform independent, and can easily be scaled out to match the needs of your PKI requirements, whether you’re setting up a national eID, securing your industrial IoT platform or managing your own internal PKI.
Deduplicating archiver with compression and authenticated encryption. BorgBackup (short: Borg) is a deduplicating backup program. Optionally, it supports compression and authenticated encryption. The main goal of Borg is to provide an efficient and secure way to back up data. The data deduplication technique used makes Borg suitable for daily backups since only changes are stored. The authenticated encryption technique makes it suitable for backups to targets not fully trusted.
Free Open source disk encryption with strong security for the Paranoid. VeraCrypt is a free open source disk encryption software for Windows, Mac OSX and Linux.
Infisical is an open-source, end-to-end encrypted tool to sync environment variables across your team and infrastructure. Open-source, E2EE, simple tool to manage and sync environment variables across your team and infrastructure.
Open source Dropbox-like file sharing with full client encryption ! Parsec allows you to easily share your work and data in the cloud in total privacy thanks to end-to-end cryptographic security.
End-to-end encrypted IPv6 networking to connect worlds. Yggdrasil is an overlay network implementation of a new routing scheme for mesh networks. It is designed to be a future-proof decentralised alternative to the structured routing protocols commonly used today on the Internet and other networks.
Cloud native certificate management. X.509 certificate management for Kubernetes and OpenShift.
cert-manager creates TLS certificates for workloads in your Kubernetes or OpenShift cluster and renews the certificates before they expire.
Related contents:
A better alternative for securing our sensitive information online.
The Web Authentication API (also known as WebAuthn) is a specification written by the W3C and FIDO, with the participation of Google, Mozilla, Microsoft, Yubico, and others. The API allows servers to register and authenticate users using public key cryptography instead of a password.
PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data.
Keybase maps your identity to your public keys, and vice versa. Keybase is secure messaging and file-sharing.
I2P is an anonymous network, exposing a simple layer that applications can use to anonymously and securely send messages to each other. The network itself is strictly message based (a la IP), but there is a library available to allow reliable streaming communication on top of it (a la TCP). All communication is end to end encrypted (in total there are four layers of encryption used when sending a message), and even the end points ("destinations") are cryptographic identifiers (essentially a pair of public keys).