Figaro's Password Manager (FPM) is a GNOME application that allows you to securely store your passwords, which are encrypted with the blowfish algorithm. It allows you to copy passwords or usernames to the clipboard or primary selection. If a password is for a Web site, FPM can keep track of the URLs of your login screens and can automatically launch your browser. You can also teach FPM to launch other applications. FPM can sort your passwords into categories. Finally, it has a password generator that can help you choose good passwords.
rrs is a reverse (connecting) remote shell. Instead of listening, it will connect out to rrs in listen mode. The listener will accept the connection and receive a shell from the remote host. rrs features full pseudo-TTY support, full OpenSSL support (client/server authentication and choice of cipher suites), Twofish encryption, a simple XOR cipher, plain-text sessions, peer-side session snooping, a daemon option, and reconnection features. It is known to compile and run under Linux, FreeBSD, NetBSD, OpenBSD, and QNX.
gnoMint is a tool for easily creating and managing certification authorities. It provides fancy visualization of all the pieces of information that pertain to a CA, such as x509 certificates, CSRs, and CRLs. gnoMint is currently capable of managing a CA that emits certificates that are able to authenticate people or machines in VPNs (IPSec or other protocols), secure HTTP communications with SSL/TLS, authenticate and cipher HTTP communications through Web-client certificates, and sign or crypt email messages.
Seahorse is a Gnome front end for GnuPG, the GNU Privacy Guard program. It is a tool for secure communications and data storage. Data encryption and digital signature creation can easily be performed through a GUI and Key Management operations can easily be carried out through an intuitive interface.
SSLsplit is a tool that performs man-in-the-middle attacks against SSL/TLS encrypted network connections for network forensics and penetration testing. It terminates SSL/TLS and initiates a new connection to the original destination, logging all data transmitted. It supports plain TCP and SSL, HTTP and HTTPS, and IPv4 and IPv6. For SSL and HTTPS, it generates and signs forged X509v3 certificates on-the-fly using the original certificate's subject DN and subjectAltName extension. It supports Server Name Indication, RSA, DSA, and ECDSA keys, and DHE and ECDHE cipher suites. It can also use existing certificates if the private key is available.
SoftHSM is an implementation of a cryptographic store accessible through a PKCS#11 interface. You can use it to explore PKCS#11 without having a Hardware Security Module. It is being developed as a part of the OpenDNSSEC project. SoftHSM uses Botan for its cryptographic operations.
OpenCT implements driver and middlerware for smart card readers. OpenCT drivers can be used via the ct-api interface, the ifdhandler interface, or its own interface/middleware. It implements drivers for several USB crypto tokens, USB smart card readers, serial smart card readers, and PCMCIA smart card readers.
DIIT provides a simple tool that can hide a message inside a 24-bit colour image so that knowing how it was embedded, or performing statistical analysis, does not make it any easier to find the concealed information. It also provides a framework for implementing other steganography algorithms for use in the tool.
Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. This prevents /dev/random from ever becoming empty. This is useful, for example, for virtual machines which naturally have no source of randomness.