Suricata is an Intrusion Detection and Prevention (IDS/IPS) engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support, file extraction capabilities, and many more features. It's capable of loading existing Snort rules and signatures, and supports many frontends through Barnyard2.
AntiJOP is an anti-malware solution that recodes assembly language to remove JOP attack gadgets. JOP attacks on x86 often hinge on the availability of 0xFF bytes in preexisting code, which can be co-opted to serve as register-indirect call instructions. AntiJOP removes instances of 0xFF bytes that may exist, for example, in immediate values, MOD/RM bytes, etc.
txtorcon is a Twisted-based asynchronous Tor control protocol implementation. Twisted is an event-driven networking engine written in Python, and Tor is an onion-routing network designed to improve people’s privacy and security on the Internet. It includes unit-tests with 96%+ coverage, multiple examples, and documentation. There are abstractions to track Tor configuration and state (circuits, streams), launch private instances, support Hidden Service, and more.
The CyaSSL embedded SSL library is a lightweight SSL library written in ANSI C and targeted for embedded and RTOS environments, primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments and cloud services as well because of its royalty-free pricing and excellent cross platform support. CyaSSL supports industry standards up to the current TLS 1.2 and DTLS 1.2 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as HC-128, RABBIT, and NTRU.
CERTivity is a powerful multi-platform visual tool for creating, managing, and handling different key store types (such as JKS, JCEKS, PKCS12, the Bouncy Castle types BKS and UBER, and Windows Native), public, private and secret keys in different formats (PKCS, OpenSSL, RSA/DSA, etc.), certificates (version 1 and 3), and certificates chains. It allows you to import and export keys, key pairs and certificates, manage certificate extensions, extend the validity period for self-signed certificates, test certificates, obtain revocation status, convert from one key store type to another, and much more.
Dar is a shell command that makes backup of a directory tree and files. Its features include splitting archives over several files, DVD, CD, ZIP, or floppies, compression, full or differential backups, strong encryption, proper saving and restoration of hard links, extended attributes, file forks, Door inodes, and sparse files, remote backup using pipes and external commands (such as ssh), and rearrangement of the "slices" of an existing archive. It can run commands between slices, before and after saving some defined files or directories (for a proper database backup, for example), and quickly retrieve individual files from differential and full backups. Several external GUIs exist as alternatives to its CLI interface, like kdar, DarGUI, SaraB, etc.
SSLsplit is a tool that performs man-in-the-middle attacks against SSL/TLS encrypted network connections for network forensics and penetration testing. It terminates SSL/TLS and initiates a new connection to the original destination, logging all data transmitted. It supports plain TCP and SSL, HTTP and HTTPS, and IPv4 and IPv6. For SSL and HTTPS, it generates and signs forged X509v3 certificates on-the-fly using the original certificate's subject DN and subjectAltName extension. It supports Server Name Indication, RSA, DSA, and ECDSA keys, and DHE and ECDHE cipher suites. It can also use existing certificates if the private key is available.
Spiderinabox provides an out-of-the-box solution for secure browsing on Mac systems. It includes a basic preconfigured installation of OpenBSD prepared as a VirtualBox image loaded with Firefox and a few scripts and programs to launch it and invoke Firefox over a secure connection. The visualization of Firefox is done on the OS X side using XQuartz, so you don't need to exit your working environment and switch between OS X and OpenBSD. Firefox runs encapsulated in OpenBSD and doesn't have access to OS X in any way.
SaluSafe is an encrypted email, chat, and file storage and sharing system. Your email and files are highly encrypted end-to-end, and cannot be intercepted by any third party. It was built from the ground up for security via strong cryptography, and is not just another security wrapper on top of an existing email solution.