Shhh alternatives and similar software solutions
Based on the "Custom communication systems" category.
Alternatively, view Shhh alternatives based on common mentions on social networks and blogs.
Chatwoot9.4 9.7 Shhh VS ChatwootOpen-source customer engagement suite, an alternative to Intercom, Zendesk, Salesforce Service Cloud etc. 🔥💬
Tinode9.1 9.4 Shhh VS TinodeInstant messaging platform. Backend in Go. Clients: Swift iOS, Java Android, JS webapp, scriptable command line; chatbots
Gotify8.7 3.9 Shhh VS GotifyA simple server for sending and receiving messages in real-time per WebSocket. (Includes a sleek web-ui)
Papercups8.1 1.0 Shhh VS PapercupsOpen-source live customer chat
WBO6.5 6.8 Shhh VS WBOOnline collaborative Whiteboard that is simple, free, easy to use and to deploy
Darkwire.io5.0 0.0 Shhh VS Darkwire.ioEnd-to-end encrypted instant web chat
OTS3.4 4.2 Shhh VS OTSOne-Time-Secret sharing platform with a symmetric 256bit AES encryption in the browser
LeapChat2.9 1.0 Shhh VS LeapChatEphemeral, encrypted, in-browser chat rooms
PushBits2.9 5.7 Shhh VS PushBitsA simple server for push notifications via Matrix (and a minimalistic alternative to Pushover and Gotify with a strong focus on security) 🚀📯
LibreNews2.2 0.0 Shhh VS LibreNewsA free and open breaking news notification platform
BluetoothCommunicatorExampleExample bluetooth chat app using Bluetooth LE library to communicate between android devices
Riot.imFully-featured Matrix client for Web, iOS & Android.
JamiFree and universal communication platform which preserves the user's privacy and freedoms
ConduitA simple, fast, and reliable chat server powered by Matrix.
Access the most powerful time series database as a service
Do you think we are missing an alternative of Shhh or a related project?
Keep secrets out of emails and chat logs.
What is it?
Shhh is a tiny Flask app to create encrypted secrets and share them securely with people. The goal of this application is to get rid of plain text sensitive information into emails or chat logs.
Shhh is deployed here, but it's better for organisations and people to deploy it on their own personal / private server for even better security. You can find in this repo everything you need to host the app yourself.
Or you can one-click deploy to Heroku using the below button. It will generate a fully configured private instance of Shhh immediately (using your own server running Flask behind Gunicorn and Nginx, and your own Postgres database, for free).
Also, checkout shhh-cli, a Go client to interact with the Shhh API from the command line.
How does it work?
The sender has to set an expiration date along with a passphrase to protect the information he wants to share.
A unique link is generated by Shhh that the sender can share with the receiver in an email, alongside the temporary passphrase he created in order to reveal the secret.
The secret will be permanently removed from the database as soon as one of these events happens:
- the expiration date has passed.
- the receiver has decrypted the message.
- the amount of tries to open the secret has exceeded.
The secrets are encrypted in order to make the data anonymous, especially in the database, and the passphrases are not stored anywhere.
Encryption method used: Fernet with password, random salt value and strong iteration count (100 000).
Tip: for better security, avoid writing any info on how/where to use the secret you're sharing (like urls, websites or emails). Instead, explain this in your email or chat, with the link and passphrase generated from Shhh. So even if someone got access to your secret, there is no way for the attacker to know how and where to use it.
Is there an API?
Yes, you can find some doc here.
How to launch Shhh locally?
These instructions are for development purpose only. For production use you might want to use a more secure configuration.
Launch it natively
Make sure you have
yarn, and obviously
installed on your machine.
You will need a Postgres server running locally in the background.
Create a database named
CREATE DATABASE shhh;
You will need to set up a few environment variables. We use them to configure Flask, as well as the application connection to the database.
Rename the file
/environments/local.dev and fill in the missing variables
(these are the variables needed to connect to your local Postgres database).
Once done, from the root of the repository, run:
This command will make sure a virtual environment is created and that all the needed dependencies are installed, and finally launch a flask local server.
You can now access the app at http://localhost:5000
Launch it with docker-compose
Make sure you have
docker-compose installed on
The application will use the development env variables from /environments/docker.dev.
From the root of the repository, run
make dc-start # to start the app (or dc-start-adminer to use adminer) make dc-stop # to stop the app
Once the container image has finished building and has started, you can access:
- Shhh at http://localhost:5000
- (and access the database records using Adminer on port
8080if you launched Shhh with adminer)
Note: When started with the docker-compose set-up, the application is running with Gunicorn.
Run development checks
You can run tests and linting / security reports using the Makefile:
make checks # run all checks make tests # run tests make pylint # run Pylint report make bandit # run Bandit report make mypy # run Mypy report
Bellow is the list of environment variables used by Shhh.
FLASK_ENV: the environment config to load (
POSTGRES_HOST: Postgresql hostname
POSTGRES_USER: Postgresql username
POSTGRES_PASSWORD: Postgresql password
POSTGRES_DB: Database name
SHHH_HOST: This variable can be used to specify a custom hostname to use as the domain URL when Shhh creates a secret (ex:
https://<domain-name.com>). If not set, the hostname defaults to request.url_root, which should be fine in most cases.
SHHH_SECRET_MAX_LENGTH: This variable manages how long the secrets your share with Shhh can be. It defaults to 250 characters.
SHHH_DB_LIVENESS_RETRY_COUNT: This variable manages the number of tries to reach the database before performing a read or write operation. It could happens that the database is not reachable or is asleep (for instance this happens often on Heroku free plans). The default retry number is 5.
SHHH_DB_LIVENESS_SLEEP_INTERVAL: This variable manages the interval in seconds between the database liveness retries. The default value is 1 second.
Special thanks: @AustinTSchaffer, @kleinfelter
See LICENSE file.
Please report issues or questions here.
*Note that all licence references and agreements mentioned in the Shhh README section above are relevant to that project's source code only.