Secure file transfer with AES-256 encryption. Password protection, flexible expiry (1h-30d), burn after reading. Zero-knowledge, no accounts, hosted in Australia.
Replies
Best
Maker
📌
Hey everyone,
I built Burnbox because I got tired of watching sensitive files sit on servers indefinitely. Legal docs, incident reports, credentials, they get shared once and forgotten, but the copies never disappear.
The problem: Every major file transfer service keeps your files on their servers, often unencrypted or with keys they control.
Even "secure" options require accounts, collect metadata, or retain files for days.
The approach: Zero-knowledge, zero-accounts, zero-retention. Your files are encrypted client-side with AES-256-GCM before they ever leave your browser. I never see the content, never see the password, never see who downloads it. Once downloaded, the file is permanently deleted.
Send. Burn. Forget.
The entire codebase is open source on GitLab, I wanted the security community to verify the claims, not just trust them.
Built this from hobart, Australia.
Happy to answer any questions about the architecture, threat model, or why I deliberately kept features minimal.
Replies