Zorp is a proxy firewall suite with its core architecture is built around today's security demands: it uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.
GnuTLS is a secure communications library implementing the SSL, TLS, and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
The CyaSSL embedded SSL library is a lightweight SSL library written in ANSI C and targeted for embedded and RTOS environments, primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments and cloud services as well because of its royalty-free pricing and excellent cross platform support. CyaSSL supports industry standards up to the current TLS 1.2 and DTLS 1.2 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as HC-128, RABBIT, and NTRU.
yaSSL is a C++ based SSL library for embedded and RTOS environments, designed for individuals who prefer to use the C++ language. For a C-based solution, please see CyaSSL. yaSSL supports the industry standards up to TLS 1.2, and also includes an OpenSSL compatibility interface.
php_mt_seed finds possible seeds given the very first PHP mt_rand() output after possible seeding with mt_srand(). With advanced invocation modes, php_mt_seed is also able to match multiple, non-first, and/or inexact mt_rand() outputs to possible seed values. php_mt_seed is written in C with optional SIMD intrinsics (SSE4.1/AVX, XOP, AVX2, MIC) and OpenMP. On a modern quad-core CPU, it is able to search the full 32-bit seed space in one minute (or in just seven seconds on Xeon Phi).
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for creating and validating credentials. It is designed to be highly scalable for use in an HPC cluster environment. It allows a process to authenticate the UID and GID of another local or remote process within a group of hosts having common users and groups. These hosts form a security realm that is defined by a shared cryptographic key. Clients within this security realm can create and validate credentials without the use of root privileges, reserved ports, or platform-specific methods.