ASN.1
DER ASCII
https://github.com/google/der-ascii
DER ASCII is a small human-editable language to emit DER (Distinguished Encoding Rules) or BER (Basic Encoding Rules) encodings of ASN.1 structures and malformed variants of them.
Backup
nFreezer
h
nFreezer (for encrypted freezer) is an encrypted-at-rest backup tool, designed specifically for the case when the destination server is untrusted. With nFreezer, the data is safe on the destination server even if a malicious user gets root access to it.
Chat
Briar
Secure messaging, anywhere
- Peer-to-peer encrypted messaging and forums
- Messages are stored securely on your device, not in the cloud
- Connect directly with nearby contacts - no Internet access required
- Free and open source software
Session
- https://github.com/oxen-io/session-ios
- https://github.com/oxen-io/session-android
- https://github.com/oxen-io/session-desktop
Session is an end-to-end encrypted messenger that minimises sensitive metadata, designed and built for people who want absolute privacy and freedom from any form of surveillance.
Signal
- https://github.com/signalapp/Signal-iOS
- https://github.com/signalapp/Signal-Android
- https://github.com/signalapp/Signal-Desktop
- https://github.com/signalapp/Signal-Server
Using Signal, you can communicate instantly while avoiding SMS fees, create groups so that you can chat in real time with all your friends at once, and share media all with complete privacy. The server never has access to any of your communication and never stores any of your data.
Encryption
FinalCrypt
https://github.com/ron-from-nl/FinalCrypt
https://sites.google.com/site/ronuitholland/home/finalcrypt
FinalCrypt's large true random “One Time Pad” (FIPS140-2 & RFC4086 compliant) Keys are mathematically unbreakable. The Shor's algorithm has proven that all asymmetric encryption will instantly be broken by Quantum Computers (or simulators). Full Disk Encryption doesn't offer much security either, since a virus, spying or indexing software can read all your files in an unlocked drive. FinalCrypt is the only One Time Pad, Bulk File Encryption Software, that is freely available to the public.
Gasper
https://github.com/talhof8/gasper
Gasper is a CLI for safe, privacy-aware file storage based on Shamir's Secret Sharing
Fuzz
Cryptofuzz
https://github.com/guidovranken/cryptofuzz
Cryptofuzz - Differential cryptography fuzzing
Math
GAP
http://www.gap-system.org/
https://github.com/gap-system/gap
GAP is a system for computational discrete algebra, with particular emphasis on Computational Group Theory. GAP provides a programming language, a library of thousands of functions implementing algebraic algorithms written in the GAP language as well as large data libraries of algebraic objects. See also the overview and the description of the mathematical capabilities. GAP is used in research and teaching for studying groups and their representations, rings, vector spaces, algebras, combinatorial structures, and more. The system, including source, is distributed freely. You can study and easily modify or extend it for your special use.
Octave
https://www.gnu.org/software/octave/
The Octave syntax is largely compatible with Matlab. The Octave interpreter can be run in GUI mode, as a console, or invoked as part of a shell script. More Octave examples can be found in the wiki.
SageMath
http://www.sagemath.org/
https://github.com/sagemath/sage/
SageMath is a free open-source mathematics software system licensed under the GPL. It builds on top of many existing open-source packages: NumPy, SciPy, matplotlib, Sympy, Maxima, GAP, FLINT, R and many more. Access their combined power through a common, Python-based language or directly via interfaces or wrappers.
Password
KeePassX
KeePassX is an application for people with extremly high demands on secure personal data management. It has a light interface, is cross platform and published under the terms of the GNU General Public License.
KeePassXC
https://keepassxc.org/
https://github.com/keepassxreboot/keepassxc
KeePass Cross-Platform Community Edition
The thing computers can do best is storing information.
You shouldn't waste your time trying to remember and type your passwords.
KeePassXC can store your passwords safely and auto-type them into your everyday websites and applications.
KeeWeb
https://keeweb.info
https://github.com/keeweb/keeweb
Free cross-platform password manager compatible with KeePass
OpenPGP
Delta Chat
https://delta.chat/
https://github.com/deltachat/deltachat-android
Delta Chat is a modern messenger. It is like email in a new dress. Just better, safer and user-optimised.
GnuPG
https://www.gnupg.org/
https://github.com/gpg/gnupg
GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications.
Gpg4win
Gpg4win enables users to securely transport emails and files with the help of encryption and digital signatures. Encryption protects the contents against an unwanted party reading it. Digital signatures make sure that it was not modified and comes from a specific sender.
GPGrelay
https://sourceforge.net/projects/gpgrelay/
GPGrelay is a small email-relaying server that uses GnuPG (the GNU Privacy Guard) to sign/encrypt (SMTP-Relay) or verify/decrypt (POP3-/IMAP-Relay) emails. This enables many email-clients to send and receive emails that are PGP-MIME conform.
GPG Suite
GPGMail, GPG Keychain, GPG Services, MacGPG
Hagrid
https://gitlab.com/hagrid-keyserver/hagrid
🔑 Hagrid as in, “keeper of keys”. Verifying OpenPGP keyserver, written in Rust, running on https://keys.openpgp.org
OpenKeychain
https://www.openkeychain.org/
https://github.com/open-keychain/open-keychain
OpenKeychain for Android helps you communicate more privately and securely, compatible with the OpenPGP standard.
pgpdump
https://www.mew.org/~kazu/proj/pgpdump/en/
https://github.com/kazu-yamamoto/pgpdump
pgpdump is a PGP packet visualizer which displays the packet format of OpenPGP (RFC 4880) and PGP version 2 (RFC 1991).
Secure Shell
JCTerm
http://www.jcraft.com/jcterm/
https://github.com/jcraft/jcterm
JCTerm(JCraft's Term) is a pure Java VT100 terminal emulator for SSH2. This terminal emulator also allows you to enjoy port forwarding, X11 forwarding, etc.
OpenSSH
https://www.openssh.com/
https://github.com/openssh/openssh-portable
OpenSSH is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large suite of secure tunneling capabilities, several authentication methods, and sophisticated configuration options.
PuTTY
PuTTY is an SSH and telnet client, developed originally by Simon Tatham for the Windows platform. PuTTY is open source software that is available with source code and is developed and supported by a group of volunteers.
Secretive
https://github.com/maxgoedjen/secretive
Secretive is an app for storing and managing SSH keys in the Secure Enclave. It is inspired by the sekey project, but rewritten in Swift with no external dependencies and with a handy native management app.
SSL/TLS
BoringSSL
https://boringssl.googlesource.com/boringssl
https://github.com/google/boringssl
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Certigo
https://github.com/square/certigo - Certigo is a utility to examine and validate certificates to help with debugging SSL/TLS issues.
Install
$ go get -u github.com/square/certigo
-OR-
$ brew install certigo
CFSSL
https://cfssl.org/
https://github.com/cloudflare/cfssl
CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates. It requires Go 1.6+ to build.
GnuTLS
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, and other required structures.
LibreSSL
https://www.libressl.org/
https://github.com/libressl/portable
LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes.
OpenSSL
https://www.openssl.org/
https://github.com/openssl/openssl
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.
Rustls
Rustls is a modern TLS library written in Rust. It's pronounced 'rustles'. It uses ring for cryptography and libwebpki for certificate verification.
ssllabs-scan
https://www.ssllabs.com/projects/ssllabs-apis/
https://github.com/ssllabs/ssllabs-scan
A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.
Transparent Data Encryption
CryFS
https://www.cryfs.org/ [github]
CryFS encrypts your files, so you can safely store them anywhere. It works well together with cloud services like Dropbox, iCloud, OneDrive and others.
Cryptomator
https://github.com/cryptomator/cryptomator
Multi-platform transparent client-side encryption of your files in the cloud
eCryptfs
eCryptfs is a POSIX-compliant enterprise cryptographic stacked filesystem for Linux. eCryptfs stores cryptographic metadata in the header of each file, so that encrypted files can be copied between hosts; the file will be decrypted with the proper key in the Linux kernel keyring. There is no need to keep track of any additional information aside from what is already in the encrypted file itself. You may think of eCryptfs as a sort of “gnupg as a filesystem”.
EncFS
https://vgough.github.io/encfs/ [github]
EncFS provides an encrypted filesystem in user-space. It runs in userspace, using the FUSE library for the filesystem interface.
gocryptfs
https://nuetzlich.net/gocryptfs/ [github]
gocryptfs uses file-based encryption that is implemented as a mountable FUSE filesystem.
LUKS
https://guardianproject.info/code/luks/
LUKS is the standard for Linux hard disk encryption. By providing a standard on-disk-format, it does not only facilitate compatibility among distributions, but also provides secure management of multiple user passwords. In contrast to existing solution, LUKS stores all setup necessary setup information in the partition header, enabling the user to transport or migrate his data seamlessly.
TrueCrypt
TrueCrypt is a discontinued source-available freeware utility used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file, or encrypt a partition or the whole storage device (pre-boot authentication).
VeraCrypt
https://veracrypt.codeplex.com/
VeraCrypt is a free disk encryption software brought to you by IDRIX (https://www.idrix.fr) and that is based on TrueCrypt 7.1a.
VPN
Algo VPN
https://github.com/trailofbits/algo
1-click IPSEC VPN in the Cloud
Outline
https://getoutline.org/
https://github.com/Jigsaw-Code/outline-client
5had0ws0cks
Anti-Known Attack Tools
- https://badkeys.info/ - Tool and library to check cryptographic public keys for known vulnerabilities
- https://github.com/google/wycheproof - Project Wycheproof tests crypto libraries against known attacks