OnionShare is an open-source application that enables secure, anonymous file transfers, temporary website hosting, and private chat by running services as Tor onion services. It provides both a desktop GUI and a command-line tool plus mobile clients developed with partner projects.

Key Features

• Share files via an ephemeral Tor onion service with one-time or time-limited access.
• Host a static website over an onion address for private, temporary publishing.
• Private chat mode that runs as an onion-hosted web chat session.
• Desktop GUI and CLI interfaces; platform packaging for Windows, macOS, and Linux (Flatpak/Snap).
• Mobile clients developed in collaboration with partner projects for Android and iOS.
• Integrates with the Tor control interface and uses Tor-related libraries and tooling for onion services.

Use Cases

• Send large files privately between two people without relying on third-party cloud storage.
• Publish an internal or temporary static website to a small, private audience via an onion address.
• Run an ephemeral, private chat session reachable only by users with the onion URL.

Limitations and Considerations

• Performance and responsiveness are constrained by the Tor network (latency and throughput) and are not comparable to clearnet transfers.
• Packaging and dependency constraints have affected some platforms (for example, ARM/armhf packaging challenges related to Qt/PySide availability).
• The project uses Python web components where upstream changes can require maintenance (e.g., noted framework deprecations/warnings).

OnionShare is a mature, actively maintained open-source project focused on privacy-preserving file sharing and short-lived hosting using Tor. It is well-suited for users who need ad-hoc private exchanges without using centralized services, while accepting Tor-related performance and packaging trade-offs.

MicroBin is a small, self-contained pastebin web application for sharing text snippets, files, and URL redirects. It focuses on simple deployment, strong security options, and flexible sharing controls.

Key Features

• Text pastes, file uploads, and URL shortening/redirection in one service
• Multiple encryption modes (including client-side and server-side options)
• Expiration controls (auto-expiring or never expiring) and visibility controls (public/private)
• Raw text/file serving for direct access to uploaded content
• QR code generation for easy cross-device sharing
• Single-binary deployment with low resource usage
• Storage backends including SQLite and JSON

Use Cases

• Sharing code snippets or logs between machines and teammates
• Securely sending files or sensitive notes via password-protected links
• Running a lightweight internal URL shortener and redirect service

Limitations and Considerations

• Designed for simple sharing workflows rather than full cloud-drive features like sync, versioning, or collaborative editing

MicroBin is a solid choice when you need a compact paste-and-share service that is easy to run and offers practical security and expiration features. It fits well for personal servers, teams, and lightweight internal tooling.

Password Pusher

Password Pusher is an open-source web application that securely shares sensitive information by generating self-deleting links. Secret links expire after a configurable number of views or a time window, and access is tracked with full audit logs.

Key Features

• Self-destructing links based on views or time, ensuring temporary access only
• Full audit logs showing who accessed what and when
• Encrypted storage with complete deletion after expiry
• Admin dashboard for managing self-hosted instances
• JSON API and command-line interface for automation and tooling
• Unbranded delivery pages and multilingual translations for global use
• Docker-based deployment and easy self-hosting with Docker Compose

Use Cases

• Securely share passwords or other secrets with teammates or customers using time/view-limited links
• Audit and compliance workflows by tracking who accessed shared data and when
• Temporary sharing of sensitive URLs or files with automatic destruction after expiry or views

Limitations and Considerations

• Pro features exist on the hosted pwpush.com service; the OSS self-hosted edition periodically receives Pro features, and some capabilities may require the hosted plan. This distinction is documented in the project notes.
• The OSS edition emphasizes self-hosting and open-source delivery, with the hosted service providing additional conveniences and updates.

Conclusion

Password Pusher offers a self-hosted, auditable, and secure way to share sensitive information via self-expiring links. It supports programmatic access through a JSON API and CLI, while also providing an admin dashboard for operators and multilingual end-user experiences.

Onetime Secret is an open-source service for sharing sensitive text as single-use links. Secrets are encrypted on the server and expire either after a single view or after a configured time-to-live.

Key Features

• Create single-use (self-destructing) secret links that delete after being viewed or after a TTL.
• Server-side encryption of stored secrets with an optional passphrase option; passphrases are bcrypt-hashed and used to protect decryption.
• REST API and web UI for creating and retrieving secrets; supports anonymous and authenticated workflows.
• Configurable TTL options and passphrase policy (minimum length, complexity, enforcement settings).
• Support for custom share domains and UI/auth configuration for self-host deployments.
• Docker images and a documented quick-start (Redis-backed storage, recommended Ruby runtime) for easy deployment.

Use Cases

• Safely send passwords or credentials over email/chat where persistent copies are undesirable.
• Issue ephemeral API tokens, one-time links for password resets, or short-lived provisioning secrets.
• Provide secure, single-view communication for support, onboarding, or sensitive troubleshooting details.

Limitations and Considerations

• Without a user-provided passphrase, secrets are encrypted on the server but decryptable by the service operator; use passphrases for stronger zero-knowledge guarantees.
• Secret size is limited (enforced per plan; documentation cites per-plan limits, e.g., ~1k–10k characters).
• Encrypted backups exist for disaster recovery and may retain encrypted secrets for a limited retention window (documented backup retention is not indefinite).
• Not a long-term secrets vault: designed for ephemeral, single-view sharing rather than secret rotation, audit history, or full enterprise secret-management features.

Onetime Secret provides a focused, auditable way to share ephemeral secrets via web or API. It is useful where short-lived, single-view confidentiality is required, and it offers configurable protections (TTL and passphrases) for stronger privacy guarantees.

Yopass is an open-source service for securely sharing sensitive information. It encrypts secrets client-side using OpenPGP, stores only ciphertext on the server, and returns a one-time expiring URL to the sender.

Key Features

• Client-side end-to-end encryption using OpenPGP; server never receives plaintext or the decryption key.
• One-time or time-limited access: secrets can be configured to self-destruct after first view or after a set expiry.
• Small web UI plus a command-line client for automation and scripting use cases.
• Configurable storage backends: supports Memcached or Redis for ephemeral secret storage.
• Optional limited file upload support (files are encrypted before upload and can be disabled).
• Deployment ready: includes Docker/Compose and Kubernetes examples, plus reverse-proxy guidance for TLS and proxy trust configuration.

Use Cases

• Sharing short-lived credentials or secrets (passwords, API keys) between teammates without exposing plaintext in chat or tickets.
• Exchanging program output or sensitive configuration from automation scripts via the CLI.
• Sending single-use tokens or files that must not persist on the server once consumed.

Limitations and Considerations

• File upload functionality is limited; large-file workflows are not the primary focus and may require external tools.
• Default deployments do not enforce rate limiting; administrators should add rate limiting or WAF rules if exposed publicly.
• URLs containing the decryption key can be stored in browser history or logs; post-access cleanup and secure channels for delivering the URL are recommended.
• Security depends on correct TLS/reverse-proxy configuration and on administrators keeping dependencies and the server up to date.

Yopass is designed to be small, transparent, and security-focused: it minimizes server-side knowledge of secrets while providing simple UX and automation interfaces. It is useful for teams and automation that need quick, ephemeral secret sharing without accounts or long-term storage.

Enclosed is a minimalistic web application for sending private notes and file attachments using end-to-end encryption. Notes are encrypted in the browser so the server stores only ciphertext and cannot read the content.

Key Features

• Client-side end-to-end encryption with AES-GCM and keys derived via PBKDF2
• Zero-knowledge storage: server only receives encrypted payloads plus limited metadata
• Optional password protection in addition to the secure link key
• Expiration (TTL) and delete-after-reading (self-destruct) options
• Secure file attachments alongside notes
• Optional email/password authentication for creating notes
• Responsive minimal UI with dark mode and internationalization
• CLI for creating and viewing notes from the terminal

Use Cases

• Securely share credentials, recovery codes, or sensitive snippets with expiring links
• Send confidential one-time notes to teammates or clients
• Share private files quickly without giving the server access to contents

Limitations and Considerations

• Losing the note link (and password, if set) makes the content unrecoverable by design
• The service stores metadata such as TTL and whether a note is password-protected

Enclosed is well-suited for teams or individuals who need quick, secure, ephemeral sharing with a simple interface. Its zero-knowledge design and optional self-destruct controls help reduce exposure when exchanging sensitive information.

Cryptgeon is a secure note and file sharing service inspired by PrivNote. Notes are encrypted in the browser before upload, so the server stores only ciphertext and cannot decrypt the content.

Key Features

• Client-side encryption using AES-GCM; encryption keys are not sent to the server
• Share both text notes and files
• Expiration controls via maximum views and time-based expiry
• In-memory storage with Redis, designed to avoid disk persistence
• Web UI plus a CLI client for creating and sharing secrets
• Health endpoint for basic service monitoring

Use Cases

• Share one-time secrets (passwords, tokens) with a view limit
• Send sensitive notes with an expiration time for temporary access
• Share files securely without the server being able to read them

Limitations and Considerations

• View-count enforcement can be imperfect in multi-instance deployments due to race conditions
• HTTPS is required for browser cryptography features
• In-memory storage means data can be evicted depending on Redis memory policies

Cryptgeon is a practical option for teams and individuals who need simple, temporary secret sharing with strong privacy properties. Its minimal server trust model and expiring links make it well-suited for operational workflows and ad-hoc secure exchanges.

Hemmelig is an encrypted secret-sharing service designed to keep sensitive information out of chat logs and email threads. It uses a zero-knowledge approach where encryption happens in the browser, and the server only stores encrypted data.

Key Features

• Client-side AES-256-GCM encryption (zero-knowledge storage)
• Self-destructing secrets with configurable expiration and view limits
• Optional password protection for an additional security layer
• IP restrictions to limit access to specific IP ranges
• Encrypted file uploads for authenticated users
• Rich text editor for formatting secrets
• QR codes for easier sharing on mobile devices
• Webhook notifications for secret viewed/burned events
• REST API with OpenAPI specification, plus CLI for automation

Use Cases

• Securely sharing one-time credentials, API keys, and recovery codes
• Exchanging sensitive notes or documents with expiring access
• Automating secret creation and sharing in CI/CD pipelines via CLI/API

Limitations and Considerations

• The license is a modified MIT-style license that restricts offering the software as a competing hosted SaaS

Hemmelig is a practical alternative to sending secrets through persistent channels, combining strong client-side cryptography with expiration controls. It fits well for teams and individuals who need simple, auditable secret handoff workflows with optional automation.

FileSync is a self-hosted file sharing web application for sending files from one device to many recipients in real time. It uses peer-to-peer WebRTC transfers with end-to-end encryption so file contents are not relayed through an intermediate server.

Key Features

• Real-time file transfer from a single sender to multiple receiving devices
• Peer-to-peer transfers via WebRTC (data does not pass through the server)
• End-to-end encryption with optional room password protection
• Lightweight coordination server to help establish connections between peers
• Simple web UI for sharing, monitoring progress, and downloading received files

Use Cases

• Sharing large files across devices on the same network without uploading to a cloud drive
• Securely distributing files to a group during meetings, classes, or workshops
• Temporary, privacy-focused file transfer for teams and homelabs

Limitations and Considerations

• WebRTC peer-to-peer connectivity can be impacted by restrictive NAT/firewalls, potentially requiring additional networking infrastructure for reliable connectivity

FileSync is a practical option when you want quick, browser-based file sharing with strong privacy properties. It’s especially useful for one-to-many distribution where you want transfers to remain directly between participants.

OTS is a one-time secret sharing platform designed to keep the server from learning the plaintext. Secrets are encrypted client-side using symmetric AES-256, then stored server-side only in encrypted form and deleted after the first successful read.

Key Features

• Client-side AES-256 encryption; the decryption password is never sent to the server
• Secrets are deleted immediately after the first read
• Optional secret expiry (TTL) configuration
• Multiple storage backends, including in-memory and Redis
• Simple HTTP API for creating secrets and retrieving them
• Optional CLI tool for creating and fetching secrets (useful for scripts)

Use Cases

• Sharing passwords, tokens, or recovery codes securely with a single recipient
• Sending sensitive information via chat/email without long-lived exposure
• Automation and scripting workflows to distribute short-lived secrets

Limitations and Considerations

• In-memory storage backend loses secrets on service restart
• Security relies on clients handling the generated URL (containing secret ID and password in the fragment) safely

OTS provides a minimal, practical workflow for one-time sharing while reducing trust in the server by keeping encryption and decryption on the client. It is well-suited for teams and homelabs that need a lightweight, self-hosted alternative for sharing sensitive strings and small payloads.

sup3rS3cretMes5age is a small web service for sharing secrets via single-use, self-destructing messages. It uses HashiCorp Vault as the storage backend so messages are handled as secrets rather than being persisted in an app database.

Key Features

• One-time secret messages that self-destruct after being read
• HashiCorp Vault backend for storing and managing secrets
• Lightweight web UI built with vanilla JavaScript and self-hosted assets (no external CDNs)
• Supports HTTPS operation, including optional automatic certificate provisioning
• Container-friendly deployment with Docker and docker-compose
• CLI-oriented usage patterns for easy scripting and automation

Use Cases

• Sharing passwords, tokens, or recovery codes securely with teammates
• Sending short-lived secrets during incident response or support workflows
• Providing single-use credentials or links in automated scripts

Limitations and Considerations

• Requires operating and securing a HashiCorp Vault instance and providing appropriate tokens/policies
• If deployed without TLS end-to-end, secrets can be exposed in transit

sup3rS3cretMes5age is a practical tool for teams that need a simple, auditable way to share secrets once and avoid leaving sensitive data sitting in chat logs or email threads. It fits well in environments that already use Vault for secrets management.

FlashPaper is a lightweight PHP web application for sharing one-time secrets (passwords, tokens, notes). It encrypts submitted text, stores only ciphertext and metadata, and returns a single-use retrieval URL. Secrets are deleted after retrieval or pruned after a configurable retention window.

Key Features

• One-time secret retrieval: secrets are removed from storage after they are retrieved
• Layered encryption: AES-256-CBC encryption with a per-secret key wrapped by a static server AES key, and bcrypt used to protect the retrieval token
• Minimal storage: uses a local SQLite database so no external database is required
• API and web UI: supports browser usage and simple API submission that returns a retrieval URL in JSON
• Docker-friendly: official container image and docker-compose support for easy deployment
• Configurable pruning and base URL: automatic pruning window and manual base URL override for accurate retrieval links
• Small attack surface and simple configuration: designed to be easy to self-host with a reverse proxy terminating TLS

Use Cases

• Securely share a password or API key with a colleague in a way that cannot be retrieved repeatedly
• Transmit one-off tokens or credentials during onboarding or support interactions
• Automate ephemeral secret delivery in CI/CD or scripting workflows via the provided API

Limitations and Considerations

• Server compromise can expose the static AES key and database; protect the server and key material with proper filesystem permissions and backups
• Not intended as long-term secret storage or a full-featured vault; designed for ephemeral, single-use secrets
• SQLite back end and single-file storage are simple but may not scale for very high throughput or multi-node deployments
• Requires proper TLS termination (reverse proxy) and recommends disabling upstream access logging to avoid leaking metadata

FlashPaper is suitable when you need a simple, self-hosted way to exchange ephemeral secrets without a heavy infrastructure footprint. It emphasizes minimal setup, predictable behavior, and single-use secrecy for temporary secrets.

Local Content Share is a lightweight self-hosted web application written in Go that provides a browser frontend and PWA for sharing and storing text snippets, files, and links on a local network. It uses a simple filesystem-backed data store and Server-Sent Events to keep clients synchronized in real time.

Key Features

• Store and share plain text snippets with view, edit, rename, and delete operations
• Upload and download files with multi-file drag-and-drop and clipboard paste support
• Built-in Notepad with Markdown edit and preview, auto-save, and cross-device persistence
• Link section for storing and sharing URLs in most-recent-first order
• Configurable per-item expiration (Never, 1 hour, 4 hours, 1 day, or custom TTL)
• Real-time client updates via Server-Sent Events (SSE)
• PWA support and fully local assets so the app works without external dependencies
• Files and metadata persisted to a local data directory (files/, text/, links.file, expiration.json)
• Distributed as multi-arch Docker images and standalone Go binaries for easy homelab deployment

Use Cases

• Quickly transfer screenshots, documents, or small files between devices on the same network
• Temporary pastebin for sharing code snippets, notes, or short text with configurable expiry
• Cross-device Markdown scratchpad for writing notes or drafts accessible from phone and desktop

Limitations and Considerations

• No built-in authentication or access controls; intended for trusted local networks or behind an auth-enabled reverse proxy
• Reverse proxies may interfere with upload progress visibility and can impose file size limits unless adjusted
• Data is stored on the filesystem in plain form; no built-in encryption, multi-user separation, or audit logs
• Not designed for public exposure or multi-tenant usage without added access control layers

Local Content Share is a pragmatic tool for easy, ephemeral content exchange within private networks and homelabs. It prioritizes simplicity, local-first operation, and minimal dependencies for quick deployment and use.

Shhh is a lightweight web application that creates encrypted secrets and shares them via unique links protected by a temporary passphrase. Secrets are encrypted before storage and removed after expiration, successful decryption, or exceeding allowed attempts.

Key Features

• Create encrypted text secrets protected by a user-provided passphrase
• Secrets expire automatically based on a configured expiration date
• One-time or limited-attempt opening: secret is purged after viewing or when max attempts are exceeded
• Encryption uses Fernet with a password-derived key (random salt and high iteration count)
• Does not store passphrases; only ciphertext and metadata are stored
• Provides a REST API and can be integrated via a companion CLI client
• Supports PostgreSQL or MySQL backends and can be deployed with Docker/Docker Compose
• Typical deployment stack includes Flask with Gunicorn behind a web server

Use Cases

• Share temporary credentials, tokens, or one-time instructions without leaving plain text in email or chat
• Send expiring links for password resets or sensitive file access instructions
• Integrate secret sharing into workflows or automation via the provided REST API

Limitations and Considerations

• The project has been marked for sunsetting in favor of a successor; active maintenance and hosted deployments may be discontinued
• Not a full-featured secrets management or vault solution: lacks advanced access controls, enterprise audit logging, and RBAC
• Security depends on strong passphrases and secure hosting; operational security (TLS, server hardening, database protection) is required for production use

Shhh is a simple, focused tool for short-lived secret sharing and integration into workflows. It is suitable for teams or individuals who need ephemeral, passphrase-protected messages but is not a replacement for dedicated vault systems for long-term secret management.

Pastefy is an open-source, self-hostable Pastebin-style application for sharing and storing code snippets, text files, and lightweight media previews. It provides a web UI and a RESTful API for creating, forking, organizing and retrieving pastes.

Key Features

• Web UI built with Vue and a Java-based backend for creating, forking and managing pastes
• REST API for programmatic paste creation, retrieval and client integrations
• OAuth2 login providers support (multiple providers and custom OIDC configuration)
• Folder and user paste management with admin panel for site administration
• Raw preview, copy button, syntax-aware previews for Markdown, Mermaid, SVG, CSV, GeoJSON, diffs and asciinema recordings
• File upload support and curl-compatible upload endpoint
• Extensions and client libraries (Java, Go, JavaScript/TypeScript) and editor integrations

Use Cases

• Quickly share code snippets, config files or logs with teammates or public audiences
• Store and replay terminal recordings or structured data (asciinema, GeoJSON, CSV) for troubleshooting and demos
• Integrate paste creation into developer tools, CI scripts or editor extensions via the REST API

Limitations and Considerations

• Backend is JVM-based and typically deployed with Maven/Java; requires a Java runtime and a relational database (MySQL commonly used)
• Admin role assignment may require direct database changes for initial setup as noted in administration instructions
• Authentication is primarily OAuth/OIDC based; enterprise directory integrations beyond OAuth may require custom configuration

Pastefy is suitable for teams and individuals who need a lightweight, extensible paste service with API access and rich previews. It balances a modern web frontend with a Java backend and supports common deployment patterns including Docker and Docker Compose.

QuickDrop is a self-hosted file sharing application that enables anonymous uploads with chunked transfers, configurable lifetimes, and per-file access controls. It provides an admin dashboard for managing storage, cleanup schedules, notifications, and privacy settings.

Key Features

• Anonymous uploads with chunked transfer support for reliable large-file uploads
• Folder uploads with preserved structure and manifest handling
• Per-file controls: passwords, hidden (link-only) files, keep indefinitely, and visibility toggles
• Token-based share links with expiration dates and download limits; QR code generation for links
• Optional encryption at rest for stored files and server-side session tokens for access control
• Built-in previews for images and text, plus extended previews for PDF/CSV/JSON with syntax highlighting
• Admin single-page UI for file list/history, search, pagination, extend/delete actions, and runtime settings
• Notifications via SMTP and Discord webhooks with batching and test actions
• Scheduled cleanup tasks for expired files, tokens, and DB maintenance

Use Cases

• Share large files temporarily without requiring user accounts for ad-hoc transfers
• Host a private file-drop service for teams to collect uploads with optional password protection and expiries
• Maintain a small-scale public file sharing endpoint with admin-managed retention and audit logging

Limitations and Considerations

• Default deployment uses SQLite which is convenient for small or single-node setups but can limit concurrency and horizontal scaling
• Designed primarily as a single-instance service; no built-in clustering or object-storage integration by default

QuickDrop is focused on simple, privacy-minded file sharing with granular per-file controls and an easy admin experience. It is well suited for small teams, labs, or personal self-hosted environments that need temporary file exchange and retention policies.

FerriShare is an open-source, self-hostable filesharing application that encrypts files and filenames in the user's browser before they are uploaded. The decryption key is embedded in the download-link fragment so the server never receives it, and the project provides a minimal, accessible frontend plus a Rust backend for metadata and administration.

Key Features

• Client-side encryption (AES-GCM) performed in the browser using the WebCrypto API; filenames and file contents are encrypted before upload.
• Decryption key stored in the download-link fragment so the server cannot decrypt stored files.
• Expiring uploads with configurable durations (examples: 1 hour, 1 day, 1 week).
• Two links returned to uploaders: a public download link and a private administration link with download statistics and early-delete capability.
• Built-in IP-based rate limiting with dual-stack handling (full IPv4 or /64 IPv6 subnet) and configurable request/upload limits.
• Configurable maximum filesize and storage quota controls.
• Password-protected site-wide administration panel for usage stats and manual deletion.
• Lightweight, memory-safe backend written in Rust with server-side templating; frontend uses minimal JavaScript only where required (encryption/upload pages).
• SQLite used for metadata so the application can run in a single container; prebuilt multi-architecture Docker images are provided for common platforms.
• Accessible frontend optimized for performance and best practices; Tailwind-based styling and server-rendered templates reduce client JS needs.

Use Cases

• Securely send files to external recipients without exposing plaintext to the server or storage host.
• Provide a temporary, privacy-preserving file drop for teams or communities with automatic expiry and admin controls.
• Host a small public or internal file-sharing endpoint that enforces quotas and rate limits to reduce abuse.

Limitations and Considerations

• The project author notes the cryptographic implementation has not been independently audited; users should review the code and exercise caution before storing highly sensitive data.
• The WebCrypto API imposes practical limits (e.g., browser-imposed maximum single-message size) that restrict maximum upload sizes; FerriShare enforces a configurable max filesize accordingly.
• FerriShare must be served via HTTPS (or run on localhost) and is intended to run behind a reverse proxy for TLS termination; proper TLS/reverse-proxy configuration is required for secure deployment.

FerriShare is suitable for users who need a simple, privacy-oriented file sharing service they can run themselves. It emphasizes browser-side encryption, straightforward deployment (Docker + single SQLite DB), and configurable limits to balance usability with operational safety.

015 is a self-hosted temporary file and text sharing platform designed for one-time and short-lived uploads. It combines a modern Vue/Nuxt frontend with a Go backend and supports chunked uploads, frontend file-hash detection for instant transfer, and background processing for file tasks.

Key Features

• Chunked, high-performance uploads with frontend hashing and instant-transfer detection to avoid duplicate uploads
• Concurrent processing using frontend web workers and a backend worker queue for asynchronous tasks
• Image processing including automatic compression and preview support for images, video, audio, and documents
• Share management with configurable password protection, download count limits, expiration times, and pickup codes
• Download access control using JWT-based tokens and Redis for caching share metadata
• Responsive UI built with Vue 3, Nuxt 3, TypeScript and Tailwind CSS; backend written in Go with an Asynq-based worker system

Use Cases

• Quickly share large files or snippets as one-time or temporary links with expiration and access limits
• Public or private file drops with password or pickup-code protection for ad-hoc collaboration
• Automatic image compression and preview for sending media without manual processing

Limitations and Considerations

• Default storage uses the local filesystem; cloud object storage adapters are not provided out of the box
• Resume-upload behavior has partial support; backend-side resumed-part enumeration is listed as a planned improvement

015 is suitable for teams and individuals needing ephemeral, controlled file sharing without a third‑party service. It emphasizes fast uploads, access controls, and simple lifecycle management for temporary content.

YeetFile is a privacy-focused file sending service and personal vault that encrypts content client-side so the server cannot decrypt stored or transferred data. It provides both a web UI and a CLI client, and is designed for easy self-hosting with Docker and standard infrastructure components.

Key Features

• Client-side end-to-end encryption for files and text so servers cannot decrypt content
• "Send" mode: create shareable links with configurable expiration and limited download counts
• "Vault" mode: file and password storage, folder organization, and per-user read/write sharing
• Optional password protection on shared links and text transfers (text up to 2000 characters)
• Multiple storage backends supported: local filesystem, S3-compatible object stores, and Backblaze B2
• Official CLI with parity to web client and a browser-based web UI
• Deployable via docker-compose or systemd; requires PostgreSQL for metadata
• Admin features for instance management, user administration, and logging suggestions

Use Cases

• Securely send sensitive files or one-off secrets with expiring, limited-download links
• Host a personal/team vault for encrypted file and password storage with folder-level sharing
• Run a privacy-preserving file transfer service for an organization that must retain control of storage

Limitations and Considerations

• Send transfers have configurable limits: maximum expiration is 30 days and maximum downloads per link is 10
• Server-side metadata (file size, owner ID, timestamps) is visible even though file contents and filenames are encrypted
• Some features (paid upgrades, payment recycling) rely on external payment providers and require additional configuration

YeetFile is well suited for users and teams that need a self-hosted, privacy-first file transfer and vault solution. It emphasizes strong client-side encryption and flexible deployment, while requiring a PostgreSQL database and standard container tooling for production deployments.

goploader is a lightweight project providing a Go-based server and command-line client to share files from the terminal or via curl-compatible tools. Files are streamed and encrypted server-side so the server never retains the decryption key.

Key Features

• Server and CLI client implemented in Go with a minimal footprint
• Server-side AES encryption performed while streaming uploads to disk
• Encryption key generated per upload and never persisted on the server
• Curl/httpie/wget compatible multipart upload API and stdin support for piping
• Simple metadata stored in an embedded key/value datastore (BoltDB)
• Designed for HTTPS deployments; commonly run behind Caddy with automatic certificates
• Small, scriptable client binary (gpldr) for terminal workflows
• Files are streamed to avoid buffering entire uploads in RAM

Use Cases

• Securely share files from the terminal or within shell scripts and CI pipelines
• Provide short-lived encrypted file links to collaborators without storing keys on server
• Build lightweight, privacy-oriented file drop services for teams or personal use

Limitations and Considerations

• Project is maintained as-is and some dependencies and approaches are dated; review before production use
• Uses an embedded BoltDB datastore which may require migration for heavy workloads or long-term maintenance
• No built-in user accounts, ACLs, or advanced access controls; link-based access only
• The default deployment relies on external HTTPS configuration (e.g., Caddy); secure deployment requires proper TLS setup
• The server may log uploader IPs depending on configuration; encryption keys are not retained

goploader is a pragmatic tool for terminal-first, privacy-focused file sharing, prioritizing streamed encryption and simplicity. It is suitable for personal or small-team use where short-lived encrypted links and scriptability are more important than advanced access control or enterprise features.