Authforce is an HTTP authentication brute forcer. Using various methods, it attempts brute force username and password pairs for a site. It has the ability to try common usernames and passwords, username derivations, and common username/password pairs. It is used both to test the security of your site and to highlight the insecurity of HTTP authentication due to the fact that users just don't pick good passwords.
DansGuardian is a Web content filtering proxy that uses Squid to do all the fetching. It filters using multiple methods including, but not limited to, phrase matching, file extension matching, MIME type matching, PICS filtering, and URL/domain blocking. It has the ability to switch off filtering by certain criteria including username, domain name, source IP, etc. The configurable logging produces a log in an easy to read format. It has the option to only log text-based pages, thus significantly reducing redundant information (such as every image on a page).
httptype reads a list of http hosts and optionally the port number for each of these. It queries each host, displaying the type of HTTP server running on that host, if any. It reads the http_proxy and no_proxy environment variables to determine whether to use a proxy or not. These options may also be specified through the command line.
ModiWrap is a scriptable, configurable, paranoid setuid wrapper for CGI and other Web scripts (such as PHP). It aims at full compliance with the CGI specifications. It allows users to run their own CGI/webscripts with their own UID while minimizing the risk of compromising the host system. All resource limits and running time alarms can be configured on the fly on a per-user basis with an optional limits daemon. It can be made fully compatible with suexec, cgiwrap, and mod_php. It should be compatible with any Web server.
SmartSign is a set of modules which allow integration of smartcard technology into an OpenCA based Public Key Infrastructure in order to provide smartcard-based digital signature and local authentication security services. It allows direct signing of e-mail and e-news from within Netscape using smartcards and supports signing of generic files from command line. The package includes a PAM module too, which allows system administrators to integrate smartcard-based authentication for local users. A modified version of the OpenSSH client allows secure authentication to a remote server. A couple of command line tools allow signing and verifying generic files from the shell. Finally, a command line interactive shell supports all operations on the card, and can be used to write scripts that automate particular tasks on the card. Currently only Schlumberger Cyberflex Access 16K is supported.
TrinityOS is a step-by-step, example-driven HOWTO on building a very functional Linux box with strong security in mind. TrinityOS is well known for its strong packet firewall ruleset, Chrooted and Split DNS (v9 and v8), secured Sendmail (8.x), Linux PPTP, Serial consoles and Reverse TELNET, DHCPd, SSHd, UPSes, system performance tuning, the automated TrinityOS-Security implementation scripts, and much more.
SSL Proxy server listens on a TCP port, accepts SSL connections, and forwards them to another local or remote TCP port or Unix domain socket. For example, it is possible to create an HTTPS server if you have an HTTP server and you run an SSL Proxy server on port 443 which forwards the connections to port 80. SSL Proxy's design makes it as secure as possible and still perform well.