[karthikv2k]

https://www.secureshareme.com/

Pros: 1. Open source tool, you can run internally in your company. https://github.com/saravanacp/secureshareme 2. Very secure: it encrypts the data in the browser and the key is stored in the URL anchortag which is not sent to server at any point of time. Only the sender and the receiver has access to the keys. 3. You can also opt to send a secondary verification code to receiver's mobile for two layers of security. 4. Option to self distruct message based on time or if an attack is detected.

[icebraining]

They should point out that it's vulnerable to JavaScript injection, particularly if you use their servers. One simple change and suddenly they can get your key on your next access.

[karthikv2k]

Yes, you are right we can modify our JS and get your keys. This vulnerability is in most of the commercial tools out there too. Thats why it is open sourced so you can run it in your own servers. Running it on your own heroku account is close to zero dollars.

[icebraining]

Not sure if giving Heroku that access is any better :)