Open Source Assembly Security Software

VeraCrypt is a free disk encryption software brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a. It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. It also solves many vulnerabilities and security issues found in TrueCrypt. This enhanced security adds some delay ONLY to the opening of encrypted partitions without any performance impact to the application use phase. This is acceptable to the legitimate owner but it makes it much harder for an attacker to gain access to the encrypted data. All released files are PGP signed with key ID=0x680D16DE, available on key servers and downloadable at https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc VeraCrypt can mount TrueCrypt volumes. It also can convert them to VeraCrypt format. Documentation: https://www.veracrypt.fr/en/Documentation.html FAQ : https://www.veracrypt.fr/en/FAQ.html

mcrypt, and the accompanying libmcrypt, are intended to be replacements for the old Unix crypt, except that they are under the GPL and support an ever-wider range of algorithms and modes.

Advanced Onion Router is a portable client for the OR network and is intended to be an improved alternative for Tor+Vidalia+Privoxy bundle for Windows users. Some of the improvements include UNICODE paths, support for HTTP and HTTPS proxy protocols on the same Socks4/Socks5 port with HTTP header filtering that generates fake identity-dependent headers every time the identity is changed (proxy chains are also supported), support for NTLM proxies, a User Interface that makes Tor's options and actions more accessible, local banlist for forbidden addresses, private identity isolation, a point-and-click process interceptor that can redirect connections from programs that don't support proxies, also giving them fake information about the local system and support for .onion addresses. Also, it can estimate AS paths for all circuits and prevent AS path intersections, it can restrict circuits to be built using only nodes from different countries, can change circuit lengths and more.

BeeCrypt is an ongoing project to provide a strong and fast cryptography toolkit. Includes entropy sources, random generators, block ciphers, hash functions, message authentication codes, multiprecision integer routines, and public key primitives.

BerserkArch is a security-focused, performance-tuned Linux operating system (OS) based on Arch Linux, designed for developers, hackers, and technical users. A bleeding-edge, security-centric Arch-based Linux distribution crafted for hackers, developers, and nerds alike. Following the Arch Linux philosophy, it is designed to be highly customizable, allowing users to build their environment with only the components they need, rather than having a lot of pre-installed software like some other security distributions (e.g., Kali Linux). As an Arch-based distribution, it benefits from the rolling release model, providing users with the latest software versions and kernel updates. BerserkArch is a dist "designed to make you powerful" for specific use cases like reverse-engineering binaries and automating exploits, rather than being an easy-to-use distribution for general beginners.

The most complete and Advanced Penetration Testing and Ethical Hacking Platform dedicated to Advanced Professionals. Developed to bring the power of Offensive Security in the anyone's pocket 100% OPEN SOURCE - ANDRAX is a independent solution for Security professionals who loves Linux

Pharos is a free open-source RTOS for secure, safe and real-time systems with the following characteristics: - Memory and enhanced time partitioning (TSP) - Native support for sporadic, periodic and aperiodic threads - Fixed-priority preemptive scheduler - Execution time protection (threads are prevented from executing for more time than they are configured to) - Small size (full image has ~100 to 300KiB text, ~30KiB data) - Hard real-time determinism - Fast critical sections - Prioritized nested interrupts - inter-partition communication with filters to protect unwanted access - Multicore support (RMP) - Supports ARM9, Cortex-A/R/M and Aarch64, RISC-V64 (64 bits) - The complete TestSuite (see below information) is run successfully for each platform in each release - Tested: more than 170 KLOC of requirement-based tests, executed for each board at each release - Up-to-date User Manual also available See our wiki page for more information.

BoringSSL is a Google-maintained fork of OpenSSL, designed specifically to meet the security, performance, and maintainability needs of Google’s infrastructure and products. While fully open source, BoringSSL is not intended for general public use — it serves as a streamlined, heavily modified SSL/TLS and cryptography library optimized for Google’s internal ecosystem, including Chrome/Chromium, Android, and other Google services. The project prioritizes security, simplicity, and maintainability over backward compatibility. Unlike OpenSSL, BoringSSL provides no guarantee of stable APIs or ABIs, meaning third-party projects depending on it may frequently break. Google products that use BoringSSL ship their own copies and update them as needed, enabling faster iteration without legacy constraints. BoringSSL includes comprehensive API documentation, build instructions, and guidance for porting code from OpenSSL.

Alan Framework is a post-exploitation framework useful during red-team activities. You can run your preferred tool directly in-memory. JavaScript script execution (in-memory without third party dependency) Fully compliant SOCKS5 proxy. Supported agent types: Powershell (x86/x64), DLL (x86/x64), Executable (x86/x64), Shellcode (x86/x64). Server.exe can be executed in Linux (via dotnet core) The network communication is fully encrypted with a session key not recoverable from the agent binary or from a traffic dump. Communication performed via HTTP/HTTPS. No external dependencies or libraries need to be installed. A powerful command shell. The agent configuration can be updated on the fly (you can change port and protocol too).

Swift Crypto is a cross-platform, open-source implementation that mirrors a substantial portion of CryptoKit so server and Linux/Windows ARM64 apps can share one modern crypto API. It exposes high-level, misuse-resistant primitives with Swift ergonomics while delegating to well-vetted backends under the hood. The repository maintains active releases and issue tracking for enhancements like PEM handling and ecosystem compatibility. High-level, misuse-resistant primitives and key handling. SwiftPM distribution for easy inclusion in builds. By matching CryptoKit’s surface, it reduces portability friction between Apple platforms and server environments. The package slots cleanly into SwiftPM builds and is widely adopted across the Swift server ecosystem. Its goal is practical cryptography: safe defaults, clear APIs, and predictable performance.

This is an implementation of elliptic curve cryptography using the Montgomery and Edwards curves Curve25519, Ed25519, Ed448-Goldilocks and Curve448, using the Decaf / Ristretto encoding.

Libecc is an Elliptic Curve Cryptography C++ library for fixed size keys in order to achieve a maximum speed. The goal of this project is to become the first free Open Source library providing the means to generate safe elliptic curves.

See http://silcnet.org/ for detailed information. SILC provides common chat and conferencing services like private messages, instant messages, channels and groups, and video and audio conferencing. The main difference to other protocols is that SILC has been designed with security as its main feature. All packets and messages sent in SILC network are always encrypted. Private messages are encrypted end-to-end, channel message are encrypted with channel-wide secret key and secure file transfer is protected peer-to-peer.

BitVisor is a tiny hypervisor initially designed for mediating I/O access from a single guest OS. Its implementation is mature enough to run Windows and Linux, and can be used as a generic platform for various research and development projects.

DiskCryptor - fully open solution to encrypt all partitions, including system. The program is a replacement for proprietary DriveCrypt Plus pack and PGP WDE.

RemCom is RAT [Remote Administration Tool] that lets you execute processes on remote windows systems, copy files, process there output and stream it back. It allows execution of remote shell commands directly with full interactive console.

File Crypter is a Simple program, that is able to encrypt your files and decrypt them. A version of File Crypter is included as an example in the xCrypter Library and is called "ncrypter" which is short for "new crypter".

Immune Security Architecture For your Enterprise -- Host-Based Intrusion detection for UNIX based systems, at the process level. Detect changes in the normal behavior of processes, advanced features to detect Buffer Overflows.

Yoda's Protector is a free, open source, Windows 32-bit software protector.

Based on MATE environment HackShark Linux is a lightweight distribution for penetration testing, cyber forensic investigation and vulnerability assessment purpose.

An original bruteforce-based encryption/decryption system. BBE was originally conceived to chat with encrypted text on IRC. mIRC and X-Chat support BBE via script addon. BBE can also encrypt MIME encoded files. Blowfish encryption is currently supported.

Cryptography Tools is a project to develop demonstration tools on classic (currently Caesar and Playfair) & modern crypto-systems, including private & public key encryptions, digital signatures, cryptographic hashes and authenticated encryption.

Software for a van eck phreaking device. Please use to test security only. <a href="http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci550525,00.html">Here</a>'s an explanation if you don't know what van eck phreaking is.

AVR128DA /Atmega128 microcontroller based open source EID smartcard with RSA (512-2048) and ECC (prime192v1, prime256v1, secp384r1, secp521r1 and secp256k1) support. Compatible with MyEID card from Aventra. Supported in windows and linux by opensc package. Allow about 64KiB space for keys/certificates. PKCS#15 structure supported. USB token with CCID interface based on xmega128a4u with same features as card. High speed AVR multiple precision arithmetic: squaring, multiplication, exponentiation.

Unicornscan is an asynchronous TCP and UDP port scanner developed by the late Jack C. Louis.