stegnate is a program to hide data in BMPs or WAVs. stegnate-gtk is the GTK version. Under GTK versions later than 1.2, it may not compile, but it works from a command prompt and doesnt need GTK at all. At the moment, this software can only hide data in 8 or 16 bit BMPs and 8 or 16 bit WAVs.
The stmpclean utility removes old files (and old empty directories) from the specified directory. It is meant to be used to clean directories such as "/tmp" where old files tend to accumulate. stmpclean never removes files or directories owned by root, which is a feature, not a bug. Great care is taken while descending into the directory, and the operation is secure. Anything that's not a directory, regular file, or symbolic link is also left alone (because programs like screen(1) create sockets and FIFOs under /tmp and expect them to be long-lived). Unlike other programs that do the same task, stmpclean never forks and consumes limited amount of memory. If stmpclean determines a race condition it will log the situation and exit with a failure.
strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.
suPHP is a combination of an Apache module (mod_suphp) and an executable which provides a wrapper for PHP. With both together, it is possible to execute PHP scripts with the permissions of their owner without having to place a PHP binary in each user's cgi-bin directory. suPHP doesn't need Apache's suExec, and provides a logging function.
sud (superuser daemon) permits a user to switch to root privileges and to use a suid program in a nosuid environment. It is based on a client/server model and on the ability to pass file descriptors between processes. sud permits you to choose your authentication method, and your effective credentials will be checked by using a Unix domain socket.
sydbox is a ptrace-based sandbox implementation. It intercepts system calls, checks for allowed filesystem prefixes, and denies them when checks fail. It has basic support for disallowing network connections. It has basic support to sandbox execve calls. It is based in part on catbox and strace.
Systraq sends you a daily email listing the state of your system. If critical system files or user access files (e.g. ~/.ssh/authorized_keys) have changed, you'll get an email within a shorter notice. It consists of few very small shell scripts. It can help you implement a (not too strict) security policy.