Secure File Transfer to and from Network and Remote File Systems

  • Supported Platforms

  • .NET.NET

    Pure managed and integrated components, carefully optimized to achieve maximum performance comparable to native processor code. The .NET edition can be used on .NET and Mono Server and Desktop platforms, in ASP.NET applications, and on Mobile Devices.

  • .NETJava

    Highly integrated Java security library including numerous classes to enable support for a wide range of application-level protocols, security algorithms, and standards. You can use Java security libraries to develop software for desktop and server platforms, mobile devices, and Web applications.

  • .NETC++

    A shared library (.dll on Windows and .so on Linux / macOS) and set of C++ classes. Used in C++ applications for Windows, Linux, macOS, and iOS platforms. Supported compilers include Visual C++, MinGW, gcc, and Xcode.


    Highly integrated and blazingly fast native Delphi (Pascal) components for building native Windows, Linux, and macOS applications. All components are native Delphi, have no third-party binaries or references, and no reliance on Windows CryptoAPI. Also includes Delphi components for building Android and iOS apps.


    Integrated components for PHP scripts running on Linux and Windows servers.


Use FTPSBlackbox to create FTP and FTPS servers to securely access file systems located across the network and to transfer files to and from remote servers.


Create your own server to handle incoming FTP or FTP-over-SSL (FTPS) connections.


Create your own client to handle outgoing FTP or FTP-over-SSL (FTPS) connections.

Generic SSL/TLS Transport Classes

The FTP protocol is built on top of SSL/TLS, so all generic classes are included.

SSL/TLS and PKI Provides Strong Security

Unlike symmetric encryption, securing communications with SSL/TLS doesn't require that the sides know the shared secret (password/encryption key). Also, Public Key Security (PKI) lets each side examine authenticity of the other side and prevent man-in-the-middle attacks.

Easy-to-implement Security

The PKI infrastructure is a widely-used technology, so implementation and maintenance of SSL/TLS-based solutions with FTPSBlackbox are quite simple tasks.

No External Dependencies

FTPSBlackbox includes its own implementation of SSL/TLS/DTLS protocol family and doesn't include external code such as OpenSSL, OpenSSH, etc.

Full Feature List

Client and Server-side FTP/FTPS

  • Support for files over 4GB allows you to easily transfer large files
  • Virtual file system support allows you to create and provide access to your virtual file hierarchy in addition to existing file systems
  • Support for explicit and implicit TLS for increased connectivity and compatibility with various clients and servers
  • Compression (MODE Z) support saves bandwidth and speed-up transfer
  • MLSD command support for easy parsing of directory listings
  • Support for Unicode file names via UTF8
  • Built-in compression increases transfer speed and reduces network load

Client-side FTP/FTPS

  • Support for files over 4GB allows you to easily transfer large files
  • Custom commands can be sent for better control of server behavior
  • Full scope of file and directory commands defined by the protocol specification (create and delete directories, rename files, etc.)
  • Batch operations for uploading, downloading, and deleting one or several files and directories with one call
  • Upload and download any information represented as streams - disk files, in-memory streams, database records, or any other custom streams
  • Overwrite, resume, append, and skip modes of file upload and download
  • Transfer resumption and partial transfers
  • Keep-alive during data transfer enables you to prevent the command channel from being closed by NATs and firewalls during transfer of large files
  • Support for FTP proxies and SOCKS and HTTP CONNECT (Web tunneling) proxies with various authentication mechanisms
  • Active and passive mode with optional adjustment of the server address in passive mode provide maximum connectivity when the client or server are located behind a firewall
  • Bandwidth control to avoid overloading of slow networks
  • IPv6 and International Domain Names (IDN) support for maximum network connectivity
  • Support for custom DNS servers and DNSSEC for even more security and network stability
  • Port knocking support for advanced security

Server-side FTP/FTPS

  • Active and passive mode
  • Custom commands to extend scope of services offered by the server
  • Transfer resumption and partial transfers helps you save network traffic and reduce transfer time
  • All standard file and directory commands are supported (create and delete directories, rename files, etc.)

SSL/TLS Protocol Implementation

  • Widest possible compatibility via support for modern TLS 1.2, TLS 1.1, TLS 1.0, SSL 3, and SSL 2
  • DTLS (Datagram TLS) protocol support secures your UDP-based communications
  • Flexible support for client and server-side SSL/TLS authentication during data exchange allows you to deploy the classes to a custom PKI infrastructure
  • User-controlled validation of certificates allows you to build a custom PKI infrastructure or better control authentication in SSL/TLS
  • Optional resuming of TLS sessions in both client and server components. Both SSL sessions and TLS stateless resumption are supported
  • Cryptocards and USB Crypto Tokens are supported for further protection of secret information (private and secret keys)
  • Authentication using OpenPGP keys and pre-shared keys (PSK) provides an alternative to PKI for in-house solutions
  • SRP (Secure Remote Password) cipher suites is another alternative to PKI for authentication
  • Standard and custom TLS extensions let you harness the power of the TLS specification and include additional information to the handshake, if necessary
  • With raw asymmetric keys for authentication (instead of X.509 certificates), you can avoid the necessity to deploy PKI infrastructure where it is not needed (in closed environments) and decrease handshake time
  • Ability to secure any data channel (not just TCP or UDP sockets) helps you secure any communication channel with TLS or DTLS
  • OCSP stapling support helps you reduce load on certificate authorities' OCSP servers during certificate validation
  • Certificates with key length from 512 to 16384 bits give you adequate security solutions for today and the future
  • Support for RSA, DSA, and DH public key algorithms and optional ECC-based cipher suites
  • Data encryption with Camellia, AES (128 to 256 bit), Triple DES (3DES), DES, ARCFOUR, and RC2 algorithms
  • Asynchronous operation mode helps you easily build synchronous and asynchronous applications