GlobaLeaks is the first open-source secure submission framework. GlobaLeaks is free, open source software enabling anyone to easily set up and maintain a secure whistleblowing platform.
Radically Open Security (ROS) conducted a penetration test for GlobaLeaks between October 28 and November 28, 2019. The scope of the penetration test was limited to the source code audit and pentest of GlobaLeaks,, its encryption system, and multi-tenancy feature. This test was intended to gain insight into the security of the GlobaLeaks Whistleblower web application.
The full penetration test and a summary of findings can be viewed below.
Subgraph conducted a security assessment of GlobaLeaks in 2018. The full assessment and summary of findings can be found below.