GNU Anubis is an SMTP message submission daemon. It represents an intermediate layer between the mail user agent (MUA) and mail transport agent (MTA), receiving messages from the MUA, applying to them a set of predefined changes, and finally inserting modified messages into an MTA routing network. The set of changes applied to a message is configurable on a system-wide and per-user basis. The built-in configuration language used for defining sets of changes allows for considerable flexibility and is easily extensible.
EncFS is an encrypted pass-through filesystem which runs in userspace on Linux (using the FUSE kernel module). Similar in design to CFS and other pass-through filesystems, all data is encrypted and stored in the underlying filesystem. Unlike loopback filesystems, there is no predetermined or pre-allocated filesystem size.
Pak transfers multiple, possibly very big, regular files between possibly different hosts you have shell access to. It transmits segment IDs instead of file names and uses on-the-fly Blowfish-CBC encryption while being absolutely restartable with practically no loss of data already transmitted. Encrypted pak streams can be stored in intermediary regular files on untrusted hosts. Several stored pak streams, even truncated ones, can be merged for re-piping without decryption. Integrity is never checked. File offsets of any magnitude are supported via recompilation (the default width is 64 bits). Either UNIX 95 or UNIX 98 conformance is required and sufficient.
gnoMint is a tool for easily creating and managing certification authorities. It provides fancy visualization of all the pieces of information that pertain to a CA, such as x509 certificates, CSRs, and CRLs. gnoMint is currently capable of managing a CA that emits certificates that are able to authenticate people or machines in VPNs (IPSec or other protocols), secure HTTP communications with SSL/TLS, authenticate and cipher HTTP communications through Web-client certificates, and sign or crypt email messages.
MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for creating and validating credentials. It is designed to be highly scalable for use in an HPC cluster environment. It allows a process to authenticate the UID and GID of another local or remote process within a group of hosts having common users and groups. These hosts form a security realm that is defined by a shared cryptographic key. Clients within this security realm can create and validate credentials without the use of root privileges, reserved ports, or platform-specific methods.
Dnetj is a client/server wrapper around John The Ripper that allows the use of a central server and any number of cracking nodes, in much the same way setiathome or distributed.net works. The server loads a set of password hashes, and splits the available keyspace into "work units" of a configurable size. The clients connect and retrieve the hashes, as well as a set of work units to process. Once a client has processed some work units, it connects back to the server to submit the completed units as well as any passwords that have been cracked.
Gringotts is a small utility that allows you to jot down sensitive data (passwords, PINs, small files, etc.) in an easy-to-read, easy-to-access, and most of all very secure form. It lets the user choose from among eight strong encryption algorithms (RIJNDAEL-128, RIJNDAEL-256, SERPENT, TWOFISH, CAST-256, SAFER+, LOKI97, 3DES), two hashing algorithms (SHA1, RIPEMD 160), and two compression techniques (ZLib and BZip2) with four compression ratios. It allows the user to use any file or an entire floppy disk as a password, as an alternative to the usual text string.