nsat is a fast, stable bulk security scanner designed to audit remote network services and check for versions, security problems, gather information about the servers and the machine, and much more. Unlike many other auditing tools, it can collect information about services independently of vulnerabilities, which makes it less dependent on frequent updates as new vulnerabilities are found.
Packet2sql will convert any text file/log file which contains ipchains packet logs into a stream of SQL inserts. The SQL can be saved into a file and used as a query to any SQL-92 compliant database. This can even be done on-the-fly from syslogd directly to the database. The database can be used as a base for a firewall-analyzing application, to identify attack signatures, to share security information easily with other sites, and to extract the domains of logged attackers for whois.
changedfiles is a framework for filesystem replication, security monitoring, and/or automatic file transformations--essentially any application where you'd poll files or directories and either do something to them or send them somewhere else (or both). The difference is that the kernel tells you when they change instead of you having to poll. It's an easy real time FTP push mirror to one or multiple sites. It's also a full fledged MySQL client, so you can do realtime database operations (for example, batch imports). It consists of two parts: a kernel module (works with Linux kernel version 2.4) which reports to a device whenever a file on the filesystem changes, and a daemon which runs in user space and can be configured to do almost any action when a change to a file matching the one of the patterns it looks for is reported. The kernel module is SMP safe and has been tested on Intel, PowerPC, and Alpha.