ASN.1

DER ASCII

https://github.com/google/der-ascii

DER ASCII is a small human-editable language to emit DER (Distinguished Encoding Rules) or BER (Basic Encoding Rules) encodings of ASN.1 structures and malformed variants of them.

Backup

nFreezer

https://github.com/josephernest/nfreezer

nFreezer (for encrypted freezer) is an encrypted-at-rest backup tool, designed specifically for the case when the destination server is untrusted. With nFreezer, the data is safe on the destination server even if a malicious user gets root access to it.

Chat

Briar

https://briarproject.org/

Secure messaging, anywhere

  • Peer-to-peer encrypted messaging and forums
  • Messages are stored securely on your device, not in the cloud
  • Connect directly with nearby contacts - no Internet access required
  • Free and open source software

Session

https://getsession.org/

Session is an end-to-end encrypted messenger that minimises sensitive metadata, designed and built for people who want absolute privacy and freedom from any form of surveillance.

Signal

https://signal.org/

Using Signal, you can communicate instantly while avoiding SMS fees, create groups so that you can chat in real time with all your friends at once, and share media all with complete privacy. The server never has access to any of your communication and never stores any of your data.

Encryption

FinalCrypt

https://github.com/ron-from-nl/FinalCrypt
https://sites.google.com/site/ronuitholland/home/finalcrypt

FinalCrypt's large true random “One Time Pad” (FIPS140-2 & RFC4086 compliant) Keys are mathematically unbreakable. The Shor's algorithm has proven that all asymmetric encryption will instantly be broken by Quantum Computers (or simulators). Full Disk Encryption doesn't offer much security either, since a virus, spying or indexing software can read all your files in an unlocked drive. FinalCrypt is the only One Time Pad, Bulk File Encryption Software, that is freely available to the public.

Gasper

https://github.com/talhof8/gasper

Gasper is a CLI for safe, privacy-aware file storage based on Shamir's Secret Sharing

Fuzz

Cryptofuzz

https://github.com/guidovranken/cryptofuzz

Cryptofuzz - Differential cryptography fuzzing

Math

GAP

http://www.gap-system.org/
https://github.com/gap-system/gap

GAP is a system for computational discrete algebra, with particular emphasis on Computational Group Theory. GAP provides a programming language, a library of thousands of functions implementing algebraic algorithms written in the GAP language as well as large data libraries of algebraic objects. See also the overview and the description of the mathematical capabilities. GAP is used in research and teaching for studying groups and their representations, rings, vector spaces, algebras, combinatorial structures, and more. The system, including source, is distributed freely. You can study and easily modify or extend it for your special use.

Octave

https://www.gnu.org/software/octave/

The Octave syntax is largely compatible with Matlab. The Octave interpreter can be run in GUI mode, as a console, or invoked as part of a shell script. More Octave examples can be found in the wiki.

SageMath

http://www.sagemath.org/
https://github.com/sagemath/sage/

SageMath is a free open-source mathematics software system licensed under the GPL. It builds on top of many existing open-source packages: NumPy, SciPy, matplotlib, Sympy, Maxima, GAP, FLINT, R and many more. Access their combined power through a common, Python-based language or directly via interfaces or wrappers.

MFA

2fa

https://github.com/rsc/2fa

Two-factor authentication on the command line

Password

KeePassX

https://www.keepassx.org/

KeePassX is an application for people with extremly high demands on secure personal data management. It has a light interface, is cross platform and published under the terms of the GNU General Public License.

KeePassXC

https://keepassxc.org/
https://github.com/keepassxreboot/keepassxc

KeePass Cross-Platform Community Edition

The thing computers can do best is storing information.
You shouldn't waste your time trying to remember and type your passwords.
KeePassXC can store your passwords safely and auto-type them into your everyday websites and applications.

KeeWeb

https://keeweb.info
https://github.com/keeweb/keeweb

Free cross-platform password manager compatible with KeePass

OpenPGP

Delta Chat

https://delta.chat/
https://github.com/deltachat/deltachat-android

Delta Chat is a modern messenger. It is like email in a new dress. Just better, safer and user-optimised.

GnuPG

https://www.gnupg.org/

GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications.

Gpg4win

https://www.gpg4win.org/

Gpg4win enables users to securely transport emails and files with the help of encryption and digital signatures. Encryption protects the contents against an unwanted party reading it. Digital signatures make sure that it was not modified and comes from a specific sender.

GPGrelay

https://sourceforge.net/projects/gpgrelay/

GPGrelay is a small email-relaying server that uses GnuPG (the GNU Privacy Guard) to sign/encrypt (SMTP-Relay) or verify/decrypt (POP3-/IMAP-Relay) emails. This enables many email-clients to send and receive emails that are PGP-MIME conform.

GPG Suite

https://gpgtools.org/

GPGMail, GPG Keychain, GPG Services, MacGPG

Hagrid

https://gitlab.com/hagrid-keyserver/hagrid

🔑 Hagrid as in, “keeper of keys”. Verifying OpenPGP keyserver, written in Rust, running on https://keys.openpgp.org

OpenKeychain

https://www.openkeychain.org/
https://github.com/open-keychain/open-keychain

OpenKeychain for Android helps you communicate more privately and securely, compatible with the OpenPGP standard.

pgpdump

https://www.mew.org/~kazu/proj/pgpdump/en/
https://github.com/kazu-yamamoto/pgpdump

pgpdump is a PGP packet visualizer which displays the packet format of OpenPGP (RFC 4880) and PGP version 2 (RFC 1991).

Secure Shell

JCTerm

http://www.jcraft.com/jcterm/
https://github.com/jcraft/jcterm

JCTerm(JCraft's Term) is a pure Java VT100 terminal emulator for SSH2. This terminal emulator also allows you to enjoy port forwarding, X11 forwarding, etc.

OpenSSH

https://www.openssh.com/

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large suite of secure tunneling capabilities, several authentication methods, and sophisticated configuration options.

PuTTY

https://www.putty.org/

PuTTY is an SSH and telnet client, developed originally by Simon Tatham for the Windows platform. PuTTY is open source software that is available with source code and is developed and supported by a group of volunteers.

Secretive

https://github.com/maxgoedjen/secretive

Secretive is an app for storing and managing SSH keys in the Secure Enclave. It is inspired by the sekey project, but rewritten in Swift with no external dependencies and with a handy native management app.

SSL/TLS

BoringSSL

https://boringssl.googlesource.com/boringssl
https://github.com/google/boringssl

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Certigo

https://github.com/square/certigo - Certigo is a utility to examine and validate certificates to help with debugging SSL/TLS issues.

Install
$ go get -u github.com/square/certigo

-OR-

$ brew install certigo

CFSSL

https://cfssl.org/
https://github.com/cloudflare/cfssl

CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates. It requires Go 1.6+ to build.

GnuTLS

https://www.gnutls.org/

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, and other required structures.

LibreSSL

https://www.libressl.org/

LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes.

OpenSSL

https://www.openssl.org/

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.

Rustls

https://github.com/ctz/rustls

Rustls is a modern TLS library written in Rust. It's pronounced 'rustles'. It uses ring for cryptography and libwebpki for certificate verification.

ssllabs-scan

https://github.com/ssllabs/ssllabs-scan
https://www.ssllabs.com/projects/ssllabs-apis/

A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.

Transparent Data Encryption

CryFS

https://www.cryfs.org/ [github]

CryFS encrypts your files, so you can safely store them anywhere. It works well together with cloud services like Dropbox, iCloud, OneDrive and others.

Cryptomator

https://github.com/cryptomator/cryptomator

Multi-platform transparent client-side encryption of your files in the cloud

eCryptfs

http://ecryptfs.org/

eCryptfs is a POSIX-compliant enterprise cryptographic stacked filesystem for Linux. eCryptfs stores cryptographic metadata in the header of each file, so that encrypted files can be copied between hosts; the file will be decrypted with the proper key in the Linux kernel keyring. There is no need to keep track of any additional information aside from what is already in the encrypted file itself. You may think of eCryptfs as a sort of “gnupg as a filesystem”.

EncFS

https://vgough.github.io/encfs/ [github]

EncFS provides an encrypted filesystem in user-space. It runs in userspace, using the FUSE library for the filesystem interface.

gocryptfs

https://nuetzlich.net/gocryptfs/ [github]

gocryptfs uses file-based encryption that is implemented as a mountable FUSE filesystem.

LUKS

https://guardianproject.info/code/luks/

LUKS is the standard for Linux hard disk encryption. By providing a standard on-disk-format, it does not only facilitate compatibility among distributions, but also provides secure management of multiple user passwords. In contrast to existing solution, LUKS stores all setup necessary setup information in the partition header, enabling the user to transport or migrate his data seamlessly.

TrueCrypt

https://truecrypt.ch/

TrueCrypt is a discontinued source-available freeware utility used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file, or encrypt a partition or the whole storage device (pre-boot authentication).

VeraCrypt

https://veracrypt.codeplex.com/

VeraCrypt is a free disk encryption software brought to you by IDRIX (https://www.idrix.fr) and that is based on TrueCrypt 7.1a.

VPN

Algo VPN

https://github.com/trailofbits/algo

1-click IPSEC VPN in the Cloud

Outline

https://getoutline.org/
https://github.com/Jigsaw-Code/outline-client

5had0ws0cks

Anti-Known Attack Tools

Reference

  1. https://objective-see.com/ - Objective-See
  2. https://www.cryptoparty.in/learn/tools - Tools
  3. https://en.wikipedia.org/wiki/List_of_password_managers