TCHunt-ng 1.0TCHunt-ng attempts to reveal encrypted files stored on a filesystem. The program is successful in finding TrueCrypt/VeraCrypt containers, EncFS encrypted files, PGP/GPG messages (and keys), and other files made up of random data. The code is based on ideas laid out in the project of Stephen Judge named TCHunt, hence the name.
VeraCrypt is a full-disk encryption software derived from TrueCrypt. It revises some of the algorithm usage against brute-force attacks. For example system partitions use use larger rounds of PBKDF2 key stretching. The partition and container format is different to that of TrueCrypt however.
minor feature: All OSs: Fix issues raised by Quarkslab audit. Remove GOST89 encryption algorithm. Make PBKDF2 and HMAC code clearer and easier to analyze. Add test vectors for Kuznyechik. Update documentation to warn about risks of using command line switch tokenpin . Use SSE2 optimized Serpent algorithm implementation from Botan project (2.5 times faster on 64-bit platforms). Windows: Fix keyboard issues in EFI Boot Loader. Fix crash on 32-bit machines when creating a volume that uses Streebog as PRF. Fix false positive detection of Evil-Maid attacks in some cases (e.g. hidden OS creation) Fix failure to access EFS data on VeraCrypt volumes under Windows 10. Fix wrong password error in the process of copying hidden OS. Fix issues raised by Quarkslab audit: Fix leak of password length in MBR bootloader inherited from TrueCrypt. EFI bootloader: Fix various leaks and erase keyboard buffer after password is typed. Use libzip library for handling zip Rescue Disk file instead of vulnerable XUnzip library. Support EFI system encryption for 32-bit Windows. Perform shutdown instead of reboot during Pre-Test of EFI system encryption to detect incompatible motherboards. Minor GUI and translations fixes. MacOSX: Remove dependency to MacFUSE compatibility layer in OSXFuse.