LSE top 100LSE top 100Acra (59)Acra (59)

Tool and Usage

Project details

Year of inception
Apache License 2.0
Programming languages
Golang, Node.js, Objective-C, PHP, Python, Ruby
Latest release
Latest release date

Project health

This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Acra is a database encryption proxy that provides encryption and data leakage prevention to applications. It provides selective encryption, access control, database and data leak prevention, and even intrusion detection capabilities. It is focused on developers and supports most popular programming languages such as Go, PHP, Python, Ruby.

How it works

Acra provides the tools to encrypt data by using cryptographic containers and decrypt in a compartmented area such as a virtual machine or container. Even if a secret key or password leaks, it won't be enough to decrypt the protected data chunks.

Acra uses a client and server component. AcraWriter is the client and uses the AcraStruct format to store encrypted data chunks.

Background information

During the review, PostgreSQL and MySQL were the supported database engines.

Usage and audience

Acra is commonly used for data encryption, data leak prevention, data security, or vulnerability mitigation. Target users for this tool are security professionals and system administrators.


  • Has bindings for multiple programming languages

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + Commercial support available
  • + The source code of this software is available


Supported operating systems

Acra is known to work on Linux.

Acra alternatives

Similar tools to Acra:



NoSQLMap is a security tool to perform database enumeration and determine available exploits. It can audit or attack a given database instance.


jSQL Injection

jSQL Injection is a security tool to test web applications. It can be used to discover if an application is vulnerable to SQL injection attacks.


GRR Rapid Response

GRR is a security tool for live forensics on remote systems. It uses a client-server model to obtain information from the systems and store them centrally.

All Acra alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information


Data Leakage
Data leakage is unauthorized exposure of information like data files. Typically it is caused by the failure of protecting sensitive and confidential data. This owner of this data could be the company itself, its customer, or even the public. Data leakage can end in data loss or data theft.