🔐 React Native secure storage, rebuilt with Nitro Modules ⚡️ Biometric-ready, StrongBox-aware, and metadata-rich for modern mobile apps

Strongbox is an artifact repository manager.

Hardware-based attestation and intrusion detection app for Android. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.

a World of Warcraft Addon Manager aimed at Linux players

attestation.app remote attestation server. Server code for use with the Auditor app: https://github.com/GrapheneOS/Auditor. It provides two services: submission of attestation data samples and a remote attestation implementation with email alerts to go along with the local implementation based on QR code scanning in the app.

Official Android client for keyspace.cloud. A beautiful and secure password manager.

A small subset of the submitted sample data from https://github.com/GrapheneOS/Auditor. It has a sample attestation certificate chain per device model (ro.product.model) along with a subset of the system properties from the sample as supplementary information.

Hardware-backed biometric authentication for Flutter. Create cryptographic signatures using device biometrics with keys stored in Secure Enclave/StrongBox/Windows Hello.

Auditor app prebuilt using the latest official release of the Auditor app.

Android Remote Key Attestation (RKA) / Remote Key Provisioning (RKP) notes & demo for Play Integrity

This is the UI module for the Strongbox artifact repository manager. Please report issues at https://github.com/strongbox/strongbox

Experiments on device bound credential. Protect credentials and tokens from thefting with HSM (Hardware Security Module, e.g. SecurityEnclave, TEE, TPM).

🔐 End-to-end encrypted chat for Android. PQXDH (X25519 + ML-KEM-1024) + AES-256-GCM, full Double Ratchet (PFS + healing), P2P, Zero metadata, zero tracking.

Strongbox is a software that protects websites from stolen passwords, password sharing, brute force attacks.

Experiments to demonstrate AES-XTS's exploitable flaws and why StrongBox and SwitchCrypt do not suffer from them @ UChicago

Ruby gem strongbox Go implement

(Moved to Fialka) 🔐 End-to-end encrypted chat for Android. PQXDH (X25519 + ML-KEM-1024) + AES-256-GCM, full Double Ratchet (PFS + healing), Firebase relay. Zero metadata, zero tracking.

Open-source Android device-intelligence telemetry SDK. Hardware-backed key attestation, bootloader integrity, root indicators, in-process tampering, emulator probe, app-cloner signals — emitted as a single deterministic JSON report. Telemetry, not RASP.