Skip to content
/ EncryptStudio Public

v1.0.3

Latest
Latest

Choose a tag to compare

View all tags
@bylickilabs bylickilabs released this 17 Dec 17:46
v1.0.3
1f2a7a1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Encrypt Studio v1.0.3 is a modern, AI-assisted desktop application for:

  • Secure file encryption using a custom ESX container format
  • Text encryption with Base64 output
  • AI-driven risk analysis and automatic algorithm selection (Smart Encrypt)
  • Hashing and integrity checks for files and text
  • Secure deletion of files via Secure File Shredder
  • Automatic report generation (JSON & TXT) for audits, forensics, and internal documentation
  • Full German / English language support in a single GUI

The tool is designed for power users, security engineers, IT admins and forensic analysts, runs entirely locally and does not send any data to external servers or clouds.

Key Features

🔐 1. File Encryption (ESX Container)

  • Encrypt individual files into a proprietary ESX container
  • Supported algorithms:
    • AES-256-GCM (default, authenticated encryption)
    • XChaCha20-Poly1305 (modern, secure, libsodium-based)
    • AES-256-CBC (legacy compatibility)
    • Hybrid RSA+AES (AI-recommended high-security mode)
  • Stores:
    • KDF parameters (PBKDF2: iterations, salt, hash algorithm)
    • Integrity hash (SHA-256)
    • Optional user notes
    • RSA components in hybrid mode
  • Output files: *.esx

📝 2. Text Encryption

  • Encrypt arbitrary UTF‑8 text using the same cryptographic primitives
  • Container is Base64-encoded and shown directly in the GUI
  • Useful for:
    • Configuration snippets
    • API keys / tokens
    • Short confidential notes

🧠 3. AI Risk Analysis & Smart Encrypt

  • Analyses:
    • File extension / type (e.g. *.db, *.zip, *.pem, *.json)
    • Entropy / randomness of content
    • Keywords in the file name (password, wallet, secret, config, …)
  • Determines:
    • Risk level: low, medium, high
    • Recommended algorithm: AES-GCM, XChaCha20, or Hybrid RSA+AES
  • Displayed in the UI:
    • Detected file type
    • Risk level (incl. score)
    • Recommended algorithm
  • Optional toggle “Enable AI Risk Mode”

#️⃣ 4. Hash & Integrity Toolkit

  • Hash files and arbitrary text
  • Supported algorithms:
    • SHA-256
    • SHA-512
    • SHA3-256
    • SHA3-512
    • BLAKE2b
  • Displays hashes as hex strings
  • Typical use cases:
    • Integrity checks
    • Post-transfer verification
    • Evidence capturing / forensics

🗑 5. Secure File Shredder

  • Securely delete files with 3–7 overwrite passes
  • Overwrite strategy per pass:
    • Random data
    • 0x00 pattern
    • 0xFF pattern
  • Finally removes the file from the filesystem
  • Usage scenarios:
    • Compliance (e.g. GDPR)
    • Destruction of sensitive work files
    • Protection against recovery tools

📊 6. Reports & Export (JSON / TXT)

  • The last operation is stored as an internal report
  • Export options:
    • report.json – structured, machine-readable
    • report.txt – human-readable, audit-friendly
  • Contains, among others:
    • Operation type (e.g. file_encrypt, hash_file, shredder)
    • Paths (input / output)
    • Algorithm
    • KDF parameters
    • AI analysis (score, level, type)
    • Hash information (if applicable)

🌐 7. Multilingual GUI (DE / EN)

  • All strings managed via a central TRANSLATIONS mapping
  • Switchable via “Deutsch / English” dropdown
  • Buttons, labels, groups and dialogs fully translated
  • Info dialog with short description, version, and company

Technical Architecture

  • Language: Python 3.12+
  • GUI framework: PySide6 (Qt)
  • Cryptography: cryptography library + NaCl/libsodium bindings
  • Layout:
    • QScrollArea for compact, scrollable main layout
    • QGroupBox sections for clear functional segmentation
    • Dark mode with visually separated input fields
  • Logging:
    • Custom EasySQL class (SQLite)
    • Table operations with timestamp, action, status, message

ESX Container Format

The proprietary ESX format includes:

  • Magic header + version
  • Algorithm ID & flags (e.g. restricted mode)
  • KDF parameters:
    • Iterations (PBKDF2)
    • Salt length
    • Hash algorithm (SHA-256 / SHA-512)
  • Nonce / IV
  • Integrity hash (SHA-256 over the plaintext)
  • Optional: RSA-encrypted key material in hybrid mode
  • User note (UTF‑8)
  • Ciphertext payload

The format is built to be:

  • Backwards-compatible across future versions
  • Debuggable and extensible
  • Structurally parseable for tools and scripts

AI Risk Analysis & Smart Encrypt

The AI engine (heuristic, ML-inspired) uses:

  • File type (heuristic via extension)
  • Entropy (Shannon entropy, normalized)
  • Keyword scoring in the filename
  • Optional weighting for types like key and database

Result:

  • score: 0.0–1.0
  • level: low / medium / high
  • algo_id: recommended algorithm

Examples:

  • Wallet / key files → Hybrid RSA+AES
  • Databases / archives → often AES-GCM
  • Images / binary files → XChaCha20-Poly1305

Hash & Integrity Toolkit

  • Choose a file → compute hash → show as hex
  • Enter text → compute hash → show as hex
  • Last hash is part of the report (hash_info)

Typical use:

  • Checksum verification
  • Integrity checks when exchanging files
  • Security & compliance documentation

Secure File Shredder

  • Select file → choose number of passes (3–7)
  • Multiple overwrites with changing patterns
  • Final deletion from the filesystem
  • Logging via SQLite including the number of passes

Note: Physical storage characteristics (e.g. SSD wear leveling, caching) can theoretically still affect recoverability, but the approach is significantly more secure than normal deletion.

Reports & Logging (EasySQL)

  • Every security-relevant operation:
    • Encryption / decryption
    • Hashing
    • Shredder
  • Is logged to SQLite (encrypt_studio.db):
    • action, target, status, message, created_at
  • Additionally: exportable reports (JSON / TXT)

Installation

Requirements

  • Windows 10/11 (64-bit)
  • Python 3.12.x (or newer)
  • Virtual environment recommended

Dependencies (example)

pip install PySide6 cryptography pynacl

The exact dependency set can be managed in a requirements.txt file.

Usage – Quick Start

  1. Start application: 
    python v1.0.3.py
  2. Select language (German / English)
  3. Set a master password
  4. Choose a file → select algorithm or enable AI mode
  5. Encrypt / decrypt as needed
  6. Optionally:
    • Compute hashes
    • Securely shred files
    • Export report as JSON/TXT

Security & Privacy

  • No data is sent to third parties, no cloud connectivity
  • No telemetry, no tracking
  • All cryptographic operations run locally
  • Passwords are not persisted
  • ESX containers only store what is technically required
Assets 3
Loading