pcapfix is a repair tool for corrupted pcap and pcapng files. It checks for an intact pcap global header and packet block and repairs it if there are any corrupted bytes. If a header is not present, one is created and added to the beginning of the file. It then tries to find pcap packet headers or packet blocks, and checks and repairs them.
WhiteDB is a fast, lightweight graph/N-tuples shared memory database library with a focus on speed, portability, and ease of use. There is no server process. Data is read and written directly from/to shared memory. No sockets are used between WhiteDB and the application program. It supports indexes (T-tree), persistence through logging and memory dumps, concurrency through locking, limited queries (conjunctive only), JSON, CSV and RDF support, Python bindings, command line utility tools, and JSON REST tools.
SNeBU (Simple Network Backup Utility) is a backup system that supports incremental snapshot-style backups to disk-based storage. The project has been rewritten in C, and stores its backup catalog in an SQLite database. It features file level deduplication (including across multiple clients), compressed storage, incremental-forever snapshot style backups, simple setup, and utilizes standard TAR format. The client side consists of a simple shell script, which can be easily installed and adapted as needed. The server side is a single binary plus a config file, which can sit on a remote server and be accessed over SSH.
cola is a C implementation of the COLA structure described in the paper "Cache Oblivious Streaming B-Trees" by Bender, Farach-Colton, et al. This algorithm is a drop-in replacement for B-Tree databases/indexes which performs faster on spinning disks than B-Trees do on SSD. It's asymptotically optimal in terms of data transfers to and from disk. For example, random key inserts are turned into linear sequential writes while maintaining the property which queries always require, at most, precisely log N blocks read sequentially (but not contiguously) from disk (or half that, on average).
ashttpd was originally a testbed for a kernel async-sendfile patch. Today, it's just another Web server for serving static content rapidly. It differs from its competitors by storing its webroot in a database, which provides a 50% performance increase over using the operating system's VFS. It also allows precalculation of strong cache-validators (ETags).
Malheur is a tool for the automatic analysis of malware behavior (program behavior recorded from malicious software in a sandbox environment). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.
Archivist is a network device configuration archiving and versioning program. It uses Subversion as its revision control system. Its multithreaded design makes it quite fast and thus suitable for operation on large networks with thousands of network devices. It supports Cisco IOS, Cisco CatOS, Juniper JUNOS, and Brocade/Foundry MLX series, but it can be easily extended to support any SSH or telnet-based network device by creating your own config download and post-processing scripts.