Protected open-source text sharing system for your corporate or private needs.

How it works

Threats & protection

Zebra Sharing System provides adjustable level of security. You can find your balance between usability and data protection.


Configuration of key length is flexible and smart


HTTPS is strongly recommended in any case


Encrypt data on client, so server will not have original data at all


Run Zebra in private network and it will be protected on network level


You can easily run HTML client from your own device


If you have limited number of users, give them keys to use Zebra


Protect you shared data via password on server side

Insecure network. Man-in-the-middle attack or network sniffer is a problem, so you need to be sure that if somebody collects your traffic, he will not be able to read it.

Unsafe channel for key delivery. You send link with key via SMS, Slack, Telegram, etc. Does it look absolutely safe for you?

Compromised server. Somebody hacked your infrastructure and has access to Zebra code or Redis storage. Not good, but not a tragedy.

Compromised client. Somebody hacked your infrastructure and modified Zebra client not to use encryption or send data somewhere else.

Key brute force. Zebra has rate-limiting logic, but there are some more ways to protect shared data from key brute force.

Fork me on Github

Run your own

There are some ways to run your Zebra instance. Detailed documentation may be found in the git repositories in readme files.

Way 1. As separate docker containers

  1. Clone
  2. Customize if needed
  3. Run docker-compose up

You can run it in cloud container service like AWS ECS, but you may need to read some about Docker and AWS ECS.

Way 2. Run components manually

  1. Run Redis server instance
  2. Install Go language and required components. Look at the dockerfile for details
  3. Clone API
  4. Customize config if needed
  5. Run Go application go run *.go
  6. Clone client
  7. Install and configure nginx (or another web server). Config example.