13 repositorios
Technologies for encrypting entire storage volumes to prevent unauthorized access without authentication.
Distinguishing note: Candidates focus on installation or internals; this is specifically about the encryption of disk data for security
Explore 13 awesome GitHub repositories matching security & cryptography · Full Disk Encryption. Refine with filters or upvote what's useful.
This project is a security hardening guide and privacy configuration manual for macOS. It provides a comprehensive set of instructions for configuring system settings to improve privacy, reduce the attack surface, and implement a malware defense framework. The guide covers technical methods for validating software notarization, verifying application sandboxing, and auditing system activity. It distinguishes itself by providing detailed workflows for restricting high-risk features and applying advanced security configurations to protect the operating system. The documentation covers several k
Configures disk encryption to require passwords for drive access and prevent unauthorized booting.
greenDAO is an object-relational mapping library for Android that maps Java objects to SQLite databases. It provides infrastructure for high-performance data persistence by translating data objects into database records and vice versa. The library implements a type-safe query builder for retrieving records across multiple entities using joins and relationship chaining. It also includes a security layer that provides full-disk encryption for the SQLite database to prevent unauthorized access to stored information. The system utilizes compile-time code generation to create mapping classes, avo
Provides full-disk encryption for the SQLite database by encrypting all pages before writing to disk.
Realm Java is a NoSQL mobile object database and reactive database engine. It provides a persistent local data store that saves native objects directly to disk, replacing traditional SQL storage and object-relational mapping layers. The system functions as a real-time data synchronizer, coordinating local database changes with a cloud backend across multiple devices. It integrates a reactive engine that uses change listeners and asynchronous event streams to automatically update user interfaces when underlying data changes. The project covers object-oriented data modeling, CRUD operations, a
Secures stored data at rest by encrypting individual database file pages using hardware-optimized encryption.
This project is a curated directory and catalog of privacy-respecting software and security-focused services. It serves as a structured resource for finding alternatives to corporate services, focusing on tools that prioritize data sovereignty, end-to-end encryption, and user anonymity. The directory is maintained as a markdown-based resource list and rendered via a static site generator. It further extends its utility through a CORS-enabled public API and a JSON-based data schema, allowing the curated catalog of tools and providers to be retrieved programmatically. The collection covers a w
Catalogs technologies for encrypting entire storage volumes or individual files to prevent unauthorized access.
VeraCrypt is a cross-platform disk encryption utility used to create encrypted file containers and secure entire disk partitions. It functions as a tool for full disk encryption and a manager for encrypted volumes, providing a means to protect sensitive data on local disks and removable media across multiple operating systems. The software is distinguished by its support for plausible deniability, allowing the creation of hidden volumes nested within other encrypted volumes to conceal the existence of data. It also implements hardware-based access control, requiring physical security tokens,
Provides full disk encryption for entire operating system partitions to prevent unauthorized access during boot.
This is an open-source educational website that translates and localizes MIT's Missing Semester course, teaching practical computing skills for computer science students. The curriculum covers developer tooling, shell scripting, version control, security fundamentals, and open-source collaboration, with a focus on core computing skills including data processing pipelines, workflow automation, secure remote access, shell productivity, Vim editing, and Git version control. The project distinguishes itself by teaching command-line mastery, shell scripting, and automation to boost daily developer
Teaches full disk encryption to protect data on lost devices.
SQLCipher is an encrypted SQLite database engine and secure relational database that provides transparent AES-256 encryption for database files and stored data. It functions as a cryptographic storage engine that requires a passphrase or binary key to unlock and access content. The engine ensures data confidentiality through page-level encryption and protects data integrity using cryptographic hashes to detect unauthorized modifications. It includes capabilities for encryption key rotation to update passphrases and secure memory locking to prevent sensitive keys from being swapped from RAM to
Provides transparent AES-256 encryption of individual database pages to ensure data is unreadable without the key.
node-sqlite3 is a relational database client and a set of native bindings that allow Node.js applications to interact with SQLite databases. It functions as a C++ native addon, linking JavaScript to the SQLite C library to manage data stored in local files or in-memory stores. The project includes optional support for SQLCipher, enabling page-level encryption to secure local database files. The driver covers a wide range of database management capabilities, including executing SQL queries with parameter binding, managing connections to database files, and preparing statements for repeated ex
Provides transparent page-level encryption for database files through optional SQLCipher linking.
Trail of Bits exploits vulnerabilities in confidential computing systems using LUKS2 disk encryption to extract data and modify disk contents.
Fleet is an open-source device management platform that provides centralized control over computing devices running macOS, Linux, Windows, Chromebooks, iOS, and Android. It enables organizations to enroll devices, collect real-time telemetry, enforce security compliance policies, and manage software remotely from a single system. The platform can be deployed as a single binary, run locally for testing, or scaled horizontally across cloud infrastructure on AWS, Kubernetes, GCP, or Render, with support for high availability through database replication and load balancing. The platform distingui
Enforces disk encryption on managed devices and reports compliance status.
itpol es un framework para la gestión de claves criptográficas, políticas de firma digital y endurecimiento de seguridad (hardening). Proporciona una librería de plantillas de políticas de TI y frameworks de acceso a infraestructura para establecer directrices de seguridad organizacionales y gobernanza. El proyecto se centra en la gestión de identidades criptográficas mediante el uso de claves PGP y SSH, junto con una guía de endurecimiento de seguridad para estaciones de trabajo. Define estándares para la seguridad de la cadena de suministro de software, específicamente con respecto a la firma de commits de código y lanzamientos de software para garantizar la procedencia. El sistema cubre una amplia gama de capacidades de seguridad, incluyendo la implementación de autenticación multifactor, cifrado de disco y seguridad del gestor de arranque (bootloader). También aborda flujos de trabajo de comunicación segura para mensajería cifrada y correo electrónico, así como la gestión de módulos de seguridad de hardware (HSM) y estrategias de respaldo de conocimiento cero.
Specifies requirements for encrypting full disks and swap partitions to protect data at rest.
H2 es un sistema de gestión de bases de datos relacionales compatible con JDBC, escrito en Java. Funciona como una base de datos SQL embebible que puede ejecutarse directamente dentro de un proceso de aplicación para eliminar la latencia de red, o como una base de datos en memoria para almacenamiento volátil de alto rendimiento. También incluye una consola basada en web para ejecutar comandos SQL y administrar esquemas. El sistema se caracteriza por sus modos de despliegue flexibles, incluyendo un modo servidor independiente para acceso remoto TCP/IP y un modo mixto para conectividad local y remota simultánea. Cuenta con una capa de emulación de dialectos y modos de compatibilidad que permiten imitar el comportamiento y la sintaxis de otros sistemas de bases de datos. El motor proporciona un amplio conjunto de capacidades que cubren transacciones ACID con control de concurrencia multiversión, soporte para datos geoespaciales y JSON, y funciones avanzadas de ventana analítica. Incluye herramientas para la preservación de datos mediante copias de seguridad comprimidas, restauración de scripts SQL y gestión de memoria fuera del heap (off-heap) para manejar grandes datasets. La base de datos se integra con aplicaciones utilizando controladores estándar de Java Database Connectivity y URLs de conexión.
Protects data at rest by encrypting database pages using AES-128 and SHA-256.
Disko is a declarative configuration system for managing Linux disk partitioning, filesystem formatting, and LUKS encryption setup. It functions as a disk provisioner that allows users to define disk layouts and mount points through configuration files rather than manual commands. The project focuses on providing reproducible system installations by defining storage provisioning as code. It specifically automates the creation of partition tables, the setup of encrypted storage containers, and the configuration of filesystem layouts for NixOS systems. The toolset includes a command-line inter
Automates the setup of encrypted storage containers and LUKS volumes during initial system deployment.