XCA is an interface for managing RSA and DSA keys, certificates, certificate signing requests, revocation lists and templates. It uses the OpenSSL and Qt4 libraries. Certificates and requests can be created and signed and many x509v3 extensions can be added. XCA supports multiple root and intermediate Certificate authorities. The CAs can be used to create CRLs and extend certificates. The following file-formats are supported: PEM, DER, PKCS#7, PKCS#8, PKCS#10, PKCS#12, and SPKAC.
EncFS is an encrypted pass-through filesystem which runs in userspace on Linux (using the FUSE kernel module). Similar in design to CFS and other pass-through filesystems, all data is encrypted and stored in the underlying filesystem. Unlike loopback filesystems, there is no predetermined or pre-allocated filesystem size.
Secluded Notes is a simple text editor that keeps each document as a part of its own executable. That part is called an "attachment", and the program encrypts/decrypts it on the fly with an AES 128-bit cipher. As long as you close the application, it automatically updates itself for the next run.
Cardpeek is a tool to read the contents of ISO7816 smartcards. It features a GUI to represent card data in a tree view, and it is extendable with a scripting language (LUA). The goal of this project is to allow smartcard owners to be better informed about what type of personal information is stored in these devices. The tool currently reads the contents of: EMV bank cards, Calypso public transport cards (such as Navigo, RavKav, and Mobib), Belgian eID cards, GSM SIM cards, the French Vitale 2 health card, some Mifare cards, and Moneo electronic purse cards.
SSLsplit is a tool that performs man-in-the-middle attacks against SSL/TLS encrypted network connections for network forensics and penetration testing. It terminates SSL/TLS and initiates a new connection to the original destination, logging all data transmitted. It supports plain TCP and SSL, HTTP and HTTPS, and IPv4 and IPv6. For SSL and HTTPS, it generates and signs forged X509v3 certificates on-the-fly using the original certificate's subject DN and subjectAltName extension. It supports Server Name Indication, RSA, DSA, and ECDSA keys, and DHE and ECDHE cipher suites. It can also use existing certificates if the private key is available.