13 Repos
Technologies for encrypting entire storage volumes to prevent unauthorized access without authentication.
Distinguishing note: Candidates focus on installation or internals; this is specifically about the encryption of disk data for security
Explore 13 awesome GitHub repositories matching security & cryptography · Full Disk Encryption. Refine with filters or upvote what's useful.
This project is a security hardening guide and privacy configuration manual for macOS. It provides a comprehensive set of instructions for configuring system settings to improve privacy, reduce the attack surface, and implement a malware defense framework. The guide covers technical methods for validating software notarization, verifying application sandboxing, and auditing system activity. It distinguishes itself by providing detailed workflows for restricting high-risk features and applying advanced security configurations to protect the operating system. The documentation covers several k
Configures disk encryption to require passwords for drive access and prevent unauthorized booting.
greenDAO is an object-relational mapping library for Android that maps Java objects to SQLite databases. It provides infrastructure for high-performance data persistence by translating data objects into database records and vice versa. The library implements a type-safe query builder for retrieving records across multiple entities using joins and relationship chaining. It also includes a security layer that provides full-disk encryption for the SQLite database to prevent unauthorized access to stored information. The system utilizes compile-time code generation to create mapping classes, avo
Provides full-disk encryption for the SQLite database by encrypting all pages before writing to disk.
Realm Java is a NoSQL mobile object database and reactive database engine. It provides a persistent local data store that saves native objects directly to disk, replacing traditional SQL storage and object-relational mapping layers. The system functions as a real-time data synchronizer, coordinating local database changes with a cloud backend across multiple devices. It integrates a reactive engine that uses change listeners and asynchronous event streams to automatically update user interfaces when underlying data changes. The project covers object-oriented data modeling, CRUD operations, a
Secures stored data at rest by encrypting individual database file pages using hardware-optimized encryption.
This project is a curated directory and catalog of privacy-respecting software and security-focused services. It serves as a structured resource for finding alternatives to corporate services, focusing on tools that prioritize data sovereignty, end-to-end encryption, and user anonymity. The directory is maintained as a markdown-based resource list and rendered via a static site generator. It further extends its utility through a CORS-enabled public API and a JSON-based data schema, allowing the curated catalog of tools and providers to be retrieved programmatically. The collection covers a w
Catalogs technologies for encrypting entire storage volumes or individual files to prevent unauthorized access.
VeraCrypt is a cross-platform disk encryption utility used to create encrypted file containers and secure entire disk partitions. It functions as a tool for full disk encryption and a manager for encrypted volumes, providing a means to protect sensitive data on local disks and removable media across multiple operating systems. The software is distinguished by its support for plausible deniability, allowing the creation of hidden volumes nested within other encrypted volumes to conceal the existence of data. It also implements hardware-based access control, requiring physical security tokens,
Provides full disk encryption for entire operating system partitions to prevent unauthorized access during boot.
This is an open-source educational website that translates and localizes MIT's Missing Semester course, teaching practical computing skills for computer science students. The curriculum covers developer tooling, shell scripting, version control, security fundamentals, and open-source collaboration, with a focus on core computing skills including data processing pipelines, workflow automation, secure remote access, shell productivity, Vim editing, and Git version control. The project distinguishes itself by teaching command-line mastery, shell scripting, and automation to boost daily developer
Teaches full disk encryption to protect data on lost devices.
SQLCipher is an encrypted SQLite database engine and secure relational database that provides transparent AES-256 encryption for database files and stored data. It functions as a cryptographic storage engine that requires a passphrase or binary key to unlock and access content. The engine ensures data confidentiality through page-level encryption and protects data integrity using cryptographic hashes to detect unauthorized modifications. It includes capabilities for encryption key rotation to update passphrases and secure memory locking to prevent sensitive keys from being swapped from RAM to
Provides transparent AES-256 encryption of individual database pages to ensure data is unreadable without the key.
node-sqlite3 is a relational database client and a set of native bindings that allow Node.js applications to interact with SQLite databases. It functions as a C++ native addon, linking JavaScript to the SQLite C library to manage data stored in local files or in-memory stores. The project includes optional support for SQLCipher, enabling page-level encryption to secure local database files. The driver covers a wide range of database management capabilities, including executing SQL queries with parameter binding, managing connections to database files, and preparing statements for repeated ex
Provides transparent page-level encryption for database files through optional SQLCipher linking.
Trail of Bits exploits vulnerabilities in confidential computing systems using LUKS2 disk encryption to extract data and modify disk contents.
Fleet is an open-source device management platform that provides centralized control over computing devices running macOS, Linux, Windows, Chromebooks, iOS, and Android. It enables organizations to enroll devices, collect real-time telemetry, enforce security compliance policies, and manage software remotely from a single system. The platform can be deployed as a single binary, run locally for testing, or scaled horizontally across cloud infrastructure on AWS, Kubernetes, GCP, or Render, with support for high availability through database replication and load balancing. The platform distingui
Enforces disk encryption on managed devices and reports compliance status.
itpol ist ein Framework für kryptografisches Key-Management, digitale Signaturrichtlinien und Security-Hardening. Es bietet eine IT-Richtlinien-Vorlagenbibliothek und Infrastruktur-Zugriffs-Frameworks, um organisatorische Sicherheitsrichtlinien und Governance zu etablieren. Das Projekt konzentriert sich auf kryptografisches Identitätsmanagement durch die Verwendung von PGP- und SSH-Schlüsseln, neben einem Security-Hardening-Leitfaden für Workstations. Es definiert Standards für die Sicherheit der Software-Lieferkette, insbesondere bezüglich der Signierung von Code-Commits und Software-Releases zur Sicherstellung der Provenienz. Das System deckt ein breites Spektrum an Sicherheitsfunktionen ab, einschließlich der Implementierung von Multi-Faktor-Authentifizierung, Festplattenverschlüsselung und Bootloader-Sicherheit. Es adressiert zudem sichere Kommunikations-Workflows für verschlüsseltes Messaging und E-Mail sowie die Verwaltung von Hardware-Sicherheitsmodulen und Zero-Knowledge-Backup-Strategien.
Specifies requirements for encrypting full disks and swap partitions to protect data at rest.
H2 ist ein JDBC-konformes relationales Datenbankmanagementsystem, das in Java geschrieben ist. Es fungiert als einbettbare SQL-Datenbank, die direkt innerhalb eines Anwendungsprozesses ausgeführt werden kann, um Netzwerklatenz zu eliminieren, oder als In-Memory-Datenbank für performante, flüchtige Speicherung. Es enthält zudem eine webbasierte Konsole zur Ausführung von SQL-Befehlen und zur Verwaltung von Schemata. Das System zeichnet sich durch flexible Bereitstellungsmodi aus, einschließlich eines Standalone-Server-Modus für Remote-TCP/IP-Zugriffe und eines gemischten Modus für gleichzeitige lokale und Remote-Konnektivität. Es verfügt über eine Dialekt-Emulationsschicht und Kompatibilitätsmodi, die es ermöglichen, das Verhalten und die Syntax anderer Datenbanksysteme nachzuahmen. Die Engine bietet ein breites Spektrum an Funktionen, darunter ACID-Transaktionen mit Multi-Version Concurrency Control (MVCC), Unterstützung für Geodaten und JSON sowie fortgeschrittene analytische Fensterfunktionen. Es enthält Tools zur Datensicherung durch komprimierte Backups, SQL-Skript-Wiederherstellung und Off-Heap-Speicherverwaltung für große Datensätze. Die Datenbank lässt sich über Standard-JDBC-Treiber und Verbindungs-URLs in Anwendungen integrieren.
Protects data at rest by encrypting database pages using AES-128 and SHA-256.
Disko is a declarative configuration system for managing Linux disk partitioning, filesystem formatting, and LUKS encryption setup. It functions as a disk provisioner that allows users to define disk layouts and mount points through configuration files rather than manual commands. The project focuses on providing reproducible system installations by defining storage provisioning as code. It specifically automates the creation of partition tables, the setup of encrypted storage containers, and the configuration of filesystem layouts for NixOS systems. The toolset includes a command-line inter
Automates the setup of encrypted storage containers and LUKS volumes during initial system deployment.