SCARE (Source Code Analysis Risk Evaluation) analyzes source code and provides a realistic and factual representation of the potential of that source code to create a problematic binary. This metric will not say that the binary will be exploited, nor does it do a static analysis for known limitations like vulnerabilities. However, it will flag code for a particular interaction type or control and allow the developer to understand which operational security (OpSec) holes are not protected even if it can't say the effectiveness of that protection at this time.
Buck-Security is a security scanner for Debian and Ubuntu Linux. It helps you to harden your system by running some important security checks. For example, it finds world-writable files and directories, setuid and setgid programs, superuser accounts, and installed attack tool packages. It also checks your umask and checks if the sticky bit is set for /tmp, among other checks.
NetSecL ToolSet is a sub-project of NetSecL Linux containing all penetration tools as in the live CD of NetSecL Linux. The goal of this sub-project is to have a minimal Linux distribution in VM with a shh webshell (ajaxterm), no GrSecurity or hardening as in the live CD. After starting the appliance you can use it remotely via ssh or via Web browser.
Patchman is a patch status monitoring tool for Linux systems. Patchman clients send a list of installed packages and enabled repositories to the server. The server (CLI or Web) tells the user which hosts require updates, whether those updates are normal or security updates, and shows installed packages that are not part of any repository. Hosts, packages, repositories. and operating systems can be filtered using features or arbitrary tags. For example, you can find out which hosts have a certain version of a package installed, and which repository it comes from. Patchman does not (yet) have the ability to update packages on hosts.
SecQua is a tool that quantifies the security of a given Information System, using a novel security metric. It tries to provide a deterministic, unbiased, objective, and efficient measurement. The approach is vulnerability driven and uses the National Vulnerability Database. A security metric must answer questions such as "How secure am I?", "Am I better compared to my last checkpoint/year?", "Am I spending the right amount of money for security?", "How do I compare to my peers?", and "What risk transfer options do I have?". SecQua can state that a system is now 60.2% secure, when last month it was 46.5%. Moreover, it tries to depict how vulnerability patterns expose the information system over time.
LPVS (Linux Package Vulnerability Scanner) is a Linux distribution news feed based package version scanner that shows which security advisories apply to your system, which packages are installed in a vulnerable version, and to which versions you should upgrade. Currently supported distributions: Ubuntu and CentOS.