C-ICAP Classify is a module that allows classification (labeling) of Web pages, images, and soon video based on content. Labels are placed in HTTP headers. Any PIC-Label META tags are exported into HTTP headers. This allows for creation of very flexible filters according to rules defined by the user, using the ICAP enabled proxy's ACLs. It is not a URL filter, so implementing it with sslBump or similar proxy technologies makes it very difficult to bypass. Text classification is done using Fast Hyperspace (based on Hyperspace from CRM114) and/or a Fast Naive Bayes. Image and video (when implemented) use haar feature detection from the OpenCV library.
Pagekite is software to make servers on "localhost" visible to the wider Internet. It can be used by Web developers to show off their works in progress to clients or colleagues, embedded developers who need direct access to devices in the field, or as an alternative to dynamic DNS for individuals/hobbyists who would rather host their own content than rely on 3rd party hosting. It creates and maintains a tunnel between your server on localhost and a remote "front-end" (a reverse proxy). Only the front-end has to have a visible IP address; the server itself can reside on a heavily firewalled computer, a mobile device, or even an anonymous node on the Tor network.
ipredirectd has functionality similar to netcat but with some extra features. Multiple clients and full logging of network traffic are supported. It can also manipulate incoming and outgoing text traffic. Manipulation is based on pattern files that support regular expressions. This feature is probably most useful with HTTP. The software is smart enough not to apply regular expressions on non-HTML data by reading the content-type header. One possible usage is redistribution of pre-authenticated Web pages in foreign domains by replicating authentication and session cookies.
HATop is an interactive ncurses client and real-time monitoring and statistics displaying tool for the HAProxy TCP/HTTP load balancer. HATop's appearance is similar to top(1). It supports various modes for detailed statistics of all configured proxies and services in near real-time. In addition, it features an interactive CLI for the HAProxy Unix socket. This allows administrators to control the given HAProxy instance (change server weight, put servers into maintenance mode, etc.) directly out of HATop (using keybinds or the CLI) and monitor the results immediately.
Naraio is a complete package of Apache, MySQL, PHP, Perl, Openssl, Openssh, OpenLDAP, Subversion, Ruby, Python, Phpldapadmin, and Trac. Naraio works with secure LDAP. Users of Trac and Subversion are authenticated with the included OpenLDAP. This is similar to LAMP software with more packages. Naraio is designed to be small and flexible. It is suitable both for small and big enterprises.
Portsmith is an application-based firewall that is designed to interact with authorized users, and offers an easy-to-use browser driven interface. Portsmith's unique features include its core logic and its interface. Its logic specifies that ports are kept in a closed position until an authorized user logs into the Portsmith interface and triggers them open. When opened, the ports are only accessible from the authorized user's current IP address.
httpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications. It does not display the raw HTTP data transferred, but instead focuses on parsing and displaying the request/response line along with associated header fields.
cpt aims to be running in front of any HTTPS server. It forwards all requests that don't call for a "CONNECT .." to the normal HTTPS server. There is no error handling for mistaken requests; they go straight to the default server. A request that doesn't pass the conditions is passed forward too, and the Web server will handle it (with the default error page). Users should be unaware that cpt is running as a proxy.