Here’s our list of recommended encryption tools, updated for 2020. Increasingly more tech is shipped with built-in encryption but how secure is it?
Posted by Henry Dalziel | December 17, 2019 | Questions / Comments 3
- C|EH, Security+, MSc Marketing Management;
- Based in Hong Kong for the last five years;
- Cybersecurity Pro & Growth Hacker
Once upon a time there was the Caesar Cipher. And, even before then, there were encryption v.0.0.0.1 which was to shave the hair off a slave, write the ‘encrypted’ message, let the hair grow back and then the slave (messenger) would physically go and report to the recipient of the message.
Before the Diffie-Helman key exchange security agencies (GCHQ, NSA and 5 Eyes) were able, for the most part, to read secret messages. Codes could be broken prior to Diffie-Hellman and later RSA (Rivest, Adelman and Shamir) pioneering work.
Before we go on any further, with respect to the history of encryption we should offer a brief mention to the genius that was James Ellis who is credited for being the real first person to create the two-key encryption method but who has largely been forgotten about.
Without digressing further, what we’ve done on this resource is to list a bunch of encryption tools and links to encryption software that we hope you will find useful.
Join Our Mailing List & Get Tool Updates / Tutorial Info
Please Share This Resource! [HINT: We'll LOVE YOU for it!]
This is one of the most popular and best-known encryption services you can get online. Notorious for also being able to access the "Dark Web" Widely accepted as a service that is both used by the ‘good’ and the ‘bad’ of the Internet, the truth is that Tor is a great service and if you are even remotely interested in the cybersecurity space then this is a tool that you must become very familiar with. Tor is essentially a network of virtual tunnels that allows users to communicate privately online.
Remember when using Tor that the exit nodes of Tor are sometimes run by malicious parties that can sniff your traffic so evade authenticating using an insecure network protocol.
Is Tor Free?
Yes, Tor is free.
How does Tor Work?
Tor makes the user anonymous because it relays data from one node to another. "Tor" is an abbreviation for "The Onion Router" (hence the logo) so imagine that multiple nodes are like the layers of an onion that are bounced around the world.
Does Tor Work on all Operating Systems?
Tor natively works on Linux, MAC OS X, and Microsoft Windows.
What are the Typical Uses for Tor?
End-users use Tor to keep websites (and in most uses, the authorities) from tracking their search queries, browsing history and messaging. One of Tor’s most popular uses is to hide the real IP address (location) of the user. Here are two excellent uses of Tor: firstly, rape and abuse victims can use private and secure chat rooms and web forums, and secondly, journalists can communicate more safely with one another.
This tool is designed to work as an SSL encryption wrapper between remote servers and remote clients. Stunnel can benefit from FIPS 140-2 validation of OpenSSL FIPS Object Modules. A scanned FIPS 140-2 Validation Certificate document is available for download on the NIST web page. The Windows binary installer is compiled with FIPS 140-2 support. The FIPS mode of operation is no longer enabled by default since stunnel 5.00.
Is Stunnel Free?
All official versions are free of charge.
Does Stunnel Work on all Operating Systems?
It works on Linux, Windows and MAC OS X.
What are the Typical Uses for Stunnel?
Stunnel can be used to add SSL functionality to commonly used functions such as POP2, POP3, and IMAP servers. The bonus is that if you use stunnel with one of the last-mentioned protocols, you will not have to make any changes in tools code. Stunnel uses the OpenSSL library for cryptography.
OpenSSH is a very popular SSH cybersecurity tool that is used by millions of web users. As any n00b can tell you, protocols like telnet, rlogin, and ftp are unsafe. OpenSSH gained immediate popularity by being able to transmit encrypted communication and connectivity. The main benefit that OpenSSH brings is that it encrypts all traffic (including passwords) to effectively prevent eavesdropping, connection hijacking, and other attacks such as Man In The Middle cyberattacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods and supports all SSH protocol versions.
Is OpenSSH Free?
Yes, OpenSSH is free!
Does OpenSSH Work on all Operating Systems?
OpenSSH works on Linux, Mac OS X and Microsoft Windows.
What are the Typical Uses for OpenSSH?
The OpenSSH IT security tool and program help by replacing insecure clients and protocols with the SSH Program, for example, rcp with scp, and FTP with sftp. OpenSSH also ships with SSHD which is the server side version of this popular security tool. There are a bunch of other uses with OpenSSH including ssh-add, ssh-agent, ssh-keysign, ssh-keyscan, ssh-keygen and sftp-server.
GnuPG is the well-known encryption system that’s originally written by Phil Zimmerman. It helps users secure their data from risks. This tool is regarded as being a leading open source solution to the implementation of the PGP standard.
Is GnuPG Free? GnuPG is always free of charge.
Does GnuPG Work on all Operating Systems? This tool works on Linux, Microsoft Windows and Mac OS X.
What are the Typical Uses for GnuPG? GnuPG is a free version of the OpenPGP (also known as RFC4880 or PGP). This tool (used by thousands of security professionals) allows the user to encrypt and sign data and communication. GnuPG also ships with a useful key management system that can be used for all types of public key directories. This tool, which is also referred to as ‘GPG’ can only be used from the command line. GNuPG can be used with many applications including S/MIME and Secure Shell (ssh).
Keepass is a popular password manager available on the internet. It can store a lot of passwords that can be unlocked by one master password. It's not a cracking tool, however. The benefit of this tool is that you just need to remember one high-quality password and will still be able to use unique passwords for different accounts. It also includes a feature that automatically fills passwords in web forms.
Is Keepass Free? Yes, official versions of this tool are free of charge.
Does Keepass Work on all Operating Systems? Keepass works on Mac OS X, Windows, and Linux.
What are the Typical Uses for Keepass? Keepass has strong security and supports Advanced Encryption Standard and Twofish algorithm to encrypt its database of passwords. This portable hacking tool doesn't require installation so you can carry it on a USB stick and runs on different operating systems. You can also use this tool to transfer databases from one computer to another. If you can’t think of a good master password, don’t worry because this tool can generate a strong password for you.
The complete database is designed to work by always being encrypted either with AES or a Twofish encryption algorithm using a 256 bit key. KeepassX is a tool for users with very high demands when it regards to secure personal data management. KeePassX offers a utility for secure password creation and the password generator is highly customizable, fast and it’s very simple to use.
Is Keepassx Free? Yes, KeepassX is free.
Does Keepassx Work on all Operating Systems? Keepass works on Linux and Windows operating systems.
What are the Typical Uses for Keepassx? KeepassX saves various data like usernames, passwords, attachments, URLs, and comments into one database. Users can also put user-defined icons and titles for each entry. These entries can be sorted into groups that are also customizable.
This is not strictly speaking a ‘hacking tool’ rather it is a project (called the ‘OpenSSL Project’) which aims to combine a fully commercial solution This tool provides cybersecurity professionals with a way to install a Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols. This project has a huge and very loyal following – so if you are looking for an SSL Solution then look no further.
Is OpenSSL Free? Yes. OpenSSL is free.
Does OpenSSL Work on all Operating Systems? OpenSSL works on Most Unix-like operating systems including Solaris, MAC OS X and the 4 open source BSD operating systems. It also works for OpenVMS and Microsft Windows.
What are the Typical Uses for OpenSSL? OpenSSL is primarily used to create your own Certification Authority (CA) with which you can generate a certificate to be used in other programs. This tool also lets users connect to an https service, generate random strings or numbers, online verification of certificates using the command line, extract information from a certificate, benchmark with OpenSSL, generate an MD5 hash and benchmark remote connections.
OpenVPN is a popular and widely used hacker tool developed by OpenVPN Technologies. The purpose of this tool is to allow encrypted communication. This cybersecurity organization has a focus on creating virtual network software that allows users to communicate securely in a reliable and scalable fashion. OpenVPN is by definition secure and follows the principles of traditional virtual private networks (VPN) and is extremely popular having been downloaded more than 3 million times!
Is OpenVPN Free? Yes, it's free for use.
Does OpenVPN Work on all Operating Systems? Linux, Windows and MAC OS X. This tool is also available for your mobile phones.
What are the Typical Uses for OpenVPN? OpenVPN allows peers to validate each other using a shared secret key, username, password or certificates. If you used it in a multiclient server configuration, it will allow the server to release an authentication certificate for every client. This tool also gives users an extensible framework that is designed to ease site-specific customization.
Password Safe is an open-source password database utility. Users can keep their passwords encrypted and unlock it by using or entering a single “Master Key”. Is Password Safe Free?
Yes! This tool is free and you can also donate to keep this project going.
Does Password Safe Work on all Operating Systems? This tool works on Microsoft Windows and has a beta, command-line version for Ubuntu and Debian operating systems.
What are the Typical Uses for Password Safe? Password Safe enables users to create a secrured and encrypted username and password safely and easily. Users only have to create a single master key/password in order to unlock and access the list of your usernames and passwords.
You may also like...
We've interviewed over 25 Cybersecurity Professionals to ask them that exact question...
Encryption is the backbone of Cybersecurity, indeed, everything within Cyberspace is to some capacity entirely dedicated to the protection of information, i.e. our data. Being able to ensure that our data is protected from hackers is really the essence of what it is that we do. The tools that we’ve listed here are just a snippet of all the different encryption tools available to us and we’ve just listed a few.
We get a ton of questions relating to hacking tools and software. The ones that are most commonly asked we place in the sticky resource below.
Legal? Basically yes (in the United States) but a good idea? Definitely not.
Your ISP will be able to read all your exit traffic and my gosh, there will likely be a lot of nefarious and sinister stuff that you will be (could be) liable for.
The answer is, basically, yes – it is safe.
The most notable episode in which Cybersecurity Professionals considered Tor “might” be unsafe is when Gizmodo reported in December 2014 that a group of hackers had been able to get acquire enough Tor Relays to decloak the actual users within the Tor network (through the relays they “controlled”). Whilst that might have been the case the hackers did not have control of enough relays which were subsequently scrambled to have caused any real damage.
An example of someone being caught using Tor is Eldo Kim.
Yes, you will need to open your device and install the Secret Message app. You then need to enter a secret key into the “Secret Key Box” at the top of the android app’s screen. To use you then simply type the message you want to encrypt into the Message box, hit “Encrypt” and tap “Send via SMS” to send the encrypted message to the receiver.
Right-click anywhere in the email body and select the “Encrypt Communication” option. Enter the desired password with which to encrypt your Gmail and click “OK.” Open the message in the recipient’s inbox. Right-click anywhere in the email body and select “Decrypt Communication.”
The Google Drive that works on the Google Cloud and as such it can loosely be considered as being secure. However, Google Drive’s server-side encryption is not as tough as other platforms out there so if you feel that you have highly sensitive data then we’d perhaps suggest another solution.
It depends. Almost impossible to answer just like that!
Data encryption converts data into another form, or code, so that only users with access to a secret key (formally called a decryption key) or password can read it. There are 2 types of data. First is Encrypted data which is commonly referred to as ciphertext. Second, the unencrypted data which is known as plaintext.
There are a lot ways to do that. The easiest way is to use an operating system called Linux. There are plenty of Distro’s that ship with the ability to secure and encrypt the hardrive when the system is first initialized and installed. My favorite for this is POP_OS.
I can be very secure. If the processes have been configured accurately then encrypted email is protected. Authentication is also included in Email Encryption. Most emails from the sender are sent using plaintext and are transmitted in the clear (i.e. not encrypted) form. Emails that are sent using a Gmail or Outlook are encrypted by default.
Typically the answer is said to be “no”. It varies on the email client and your setup. Often times forwarding a ciphertext email will mean that the recipient will not be able to read the email unless they have their own key.
Yes probably. Simply open the encrypted Gmail email, get the body of the email and copy it to your clipboard, use the secret key that the sender shared with you and past the string. Tap the “Decrypt” button and you’ll be able to read the contents.
Yes you can encrypt your emails using Gmail but it does come with certain limits. To make your emails more secure you would need to add an additional layer of client-side encryption, via third-party chrome extensions and add-ons. The default Gmail encryption client does protect your emails as much as it can, and indeed Google’s severs encrypt emails both when they’re stored (data at rest) and when they’re being sent (data in motion). If you are seeking an even more secure email encryption solution we’d recommend Protonmail.
All Gmail communication is end-to-end encrypted and zero-access encrypted. “Zero Access” means that not even the admin can read the emails. Gmail have a bunch of addons and extra features like for example the ability to set expiring dates on emails, which are destroyed after a period of time chosen by the sender. The decision of course is yours as to whether you 100% trust and believe Google’s Privacy Policies.
Previously, Gmail begun as optional. Now, it is always on. Not only are Gmail messages encrypted between recipients they are also encrypted as they travel around Google’s global data centers.
The answer is that it depends. We actually have a resource on that here.
“Onion Routing” made most famous by Tor, is a process best described as being opposite to “peer-to-peer”. If you jump on PirateBay, BitTorrent or any of those other old-school peer-to-peer (bit-torrent) sites then you’re IP is exposed to everyone within the share. “Onion Routing” technology uses a series of intermediary nodes that in transit encrypt the data as it travels through the network.
The exit node also decrypts your traffic and the route that it took.
Die to this anonymizing process you, as a user, are “anonymous” owing to the fact that your data has been transmitted through “onion layers” that hide your true and real IP address.