OPEN SOURCE
AVGVSTO fuses your password with the physical fingerprint of any USB drive. Without the exact hardware, decryption is impossible — even with the correct password. Anti‑bruteforce. Duress mode. Cascade ciphers. Zero telemetry. Zero cloud.
Every cryptographic decision is visible, auditable, and reproducible. No black boxes.
serial + volumeID merged into key via PBKDF2. Any USB works, cloning fails.
Authenticated encryption, indistinguishable from random. Choose your cipher or cascade both.
Exponential backoff up to 1 month. Hardware‑bound lockout, no reset bypass.
Duress password reveals a decoy. Real data is mathematically hidden in the same container.
AES‑256 → ChaCha20 with independent keys. Future-proof double-layer defense.
Immutable signed logs of every access event. HMAC-SHA256 per entry. No deletion possible.
No paywalls. No feature gates. No artificial tiers. Full cryptographic power in your hands.
Unlimited files, unlimited batches, unlimited users. The full suite is yours.
Full command-line automation for power users; polished GUI for everyone else.
Run directly from any USB stick. Zero installation, ideal for air-gapped systems.
Every primitive visible. Build deterministically. Verify with confidence. Fork freely.
3-pass DoD-compliant shredding of temp files and original plaintext after encryption.
No cloud, no telemetry, no activation servers. Your data never leaves your hardware.
Click any screenshot to inspect the interface in full detail.












Transform any text, link, or data into a scannable QR code. Choose permanent or temporary codes with custom lifespan. Download as high-res PNG.
Launch QR Generator →Ephemeral, self-destructing messages. No logs, no tracking. Create a room, share the link, and chat privately. Messages disappear after being read.
Launch Temp Chat →SHA-3 & HMAC checksums for any file. Verify file integrity with cryptographic hashing.
Encrypt, decrypt, and manage USB keys remotely via REST API.
Endpoint: https://api.avgvstousb.com/api/v1
Pre-compiled · GPLv3 · No registration · No telemetry
Native executable. No installation required — run directly or deploy as portable from USB. Includes GUI + CLI.
Universal binary — runs on both Apple Silicon and Intel Macs. Full feature parity. Native dark mode.
AppImage — runs on any modern distro without installation. Full CLI available for headless deployments.
Trademarks belong to their respective owners. Used to showcase the open‑source ecosystem.
No commercial affiliation — AVGVSTO is independent and community‑driven.
Web interface for AVGVSTO APIs. Encrypt, decrypt, and manage USB keys directly from your browser.
Enter text to encrypt with AES-256-GCM or ChaCha20-Poly1305.
Paste the encrypted data (base64) and passphrase to decrypt.
Check if data is in valid AVGVSTO format.
Upload a file to encrypt. You will receive the .avgvsto file in base64.
Upload an encrypted .avgvsto file.
Enter your USB key path to bind it to your account.
No keys bound.
Create an account to use the encryption APIs.
OpenAPI spec available at https://api.avgvstousb.com/api/v1/openapi.json
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/v1/register | Create account |
| POST | /api/v1/login | Get JWT token |
| POST | /api/v1/refresh | Refresh token |
| POST | /api/v1/encrypt | Encrypt text |
| POST | /api/v1/decrypt | Decrypt |
| POST | /api/v1/verify | Verify format |
| POST | /api/v1/encrypt-file | Encrypt file |
| POST | /api/v1/decrypt-file | Decrypt file |
| POST | /api/v1/keys/bind-usb | Bind USB key |
| GET | /api/v1/keys | List bound keys |
| GET | /api/v1/audit-log | Audit log (admin) |
| GET | /api/v1/health | Server status |
| GET | /api/v1/openapi.json | OpenAPI spec |