aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
Autossh is a program to monitor and automatically reestablish SSH connections. It is similar to rstunnel (Reliable SSH Tunnel), however, it is implemented in C, and is easier to set up and use, especially for connections to multiple hosts. Autossh has been compiled and tested on OpenBSD, Linux, and Solaris, and should run without needing changes on FreeBSD and NetBSD.
BFBTester is good for doing quick, proactive security checks of binary programs. BFBTester will perform checks of single and multiple argument command line overflows and environment variable overflows. It can also watch for tempfile creation activity to alert the user of any programs using unsafe tempfile names.
BSDftpd-ssl is a secure and easy-to-use FTP server that supports industry standard TLS/SSL encryption and authentication for whole FTP sessions and data transfers. This implementation supports both the original FTP protocol and the RFC2228-compliant TLS/SSL enhancement. The package contains the secure FTP server (named "ftpd") and a command line TLS/SSL-aware FTP client (named "ftps"). The server's features include logging of transfers, changing of a session root (known as "chroot"), and virtual host support.
Big Brother is a combination of monitoring methods. Unlike SNMP where information is just collected and devices polled, Big Brother is designed in such a way that each local system broadcasts its own information to a central location. Simultaneously, Big Brother also polls all networked systems from a central location. This creates a highly efficient and redundant method for proactive network monitoring.
Botan is a crypto library written in C++. It provides a variety of cryptographic algorithms, including common ones such as AES, MD5, SHA, HMAC, RSA, Diffie-Hellman, DSA, and ECDSA, as well as many others that are more obscure or specialized. It also offers SSL/TLS (client and server), X.509v3 certificates and CRLs, and PKCS #10 certificate requests. A message processing system that uses a filter/pipeline metaphor allows for many common cryptographic tasks to be completed with just a few lines of code. Assembly and SIMD optimizations for common CPUs offers speedups for critical algorithms like AES and SHA-1.
C-Kermit is a combined serial and network communication software package offering a consistent, medium-independent, cross-platform approach to connection establishment, terminal sessions, file transfer, character-set translation, numeric and alphanumeric paging, and automation of communication tasks. Recent versions include FTP and HTTP clients as well as an SSH interface, all of which can be scripted and aware of character-sets. It supports built-in security methods, including Kerberos IV, Kerberos V, SSL/TLS, and SRP, FTP protocol features such as MLSD, and source-code parity with Kermit 95 2.1 for Windows and OS/2.
CCSAT (Cisco Configuration Security Auditing Tool) is a tool for automated auditing of configuration security for large numbers of Cisco routers and switches. The tool is based upon industry best practices, including Cisco, NSA, and SANS security guides and recommendations. It is flexible and can report details down to individual device interfaces, lines, ACLs, and ASs, etc. This tool has been tested and used successfully on FreeBSD, Solaris 8, and Linux, and should work on all major UNIX platforms (POSIX.2).