AppSamurai is a mod_perl based system to protect vulnerable or sensitive Web applications. The target use is in reverse proxy configurations, with an Apache/mod_perl reverse proxy inside a DMZ and a backend Web server in another DMZ or an internal network. AppSamurai's features include a modular, multi-factor authentication system, form based or basic auth based logins, encrypted storage of session data on a proxy, the ability to use any Apache::Session storage type (including databases for clustered deployment), and the ability to configure it from httpd.conf.
Burp proxy is an interactive HTTP/S proxy server for attacking Web-enabled applications. It operates as a man-in-the-middle between the end browser and the target Web server, and allows the attacker to intercept, inspect, and modify the raw traffic passing in both directions. Text and hex editing may be performed on intercepted traffic. Downstream proxies are supported. Authentication may be done to downstream proxy and Web servers, using basic, NTLM, or digest authentication types.
CECID (The CEnsorship CIrcumvention Device) is a PHP script designed to anonymize and filter HTTP requests, especially for users behind restrictive firewalls (e.g. workplaces, schools, etc.). It remotely loads a page that a user specifies, and filters it for words on its 'weighted phrase list', a list of words commonly blocked by network administrators. It alters these words to avoid detection, and displays the page requested. It can also be used for anonymizing HTTP requests, for situations where cloaking and security are required.
CensorNet Professional is a Web filtering and Internet management tool that is designed to protect, control, and monitor individuals accessing Internet resources on a local area network. It features the ability to control users and machines, group policies, time quotas, realtime content filters (by file extension or image/MIME type), modules, comprehensive reporting with audit trails and management reports, access schedules, and bandwidth limitations. Transparent authentication with Active Directory is available for ease of deployment. Administration can been done using a Web interface.
Cyan Secure Web Proxy Server is a carrier grade, high performance Internet filtering proxy server for Linux. It includes scalable (user/group/host) Web filter and virus scan utilities for blocking malicious applications at the gateway. It has an advanced URL database, authentication support (Active Directory, LDAP, NTLM), SSL Interception, easy deployment, and remote administration.
The DansGuardian Anti-Virus Scanner gives you the ability to virus-scan all content that passes through DansGuardian. It uses the scanning code from the MailScanner project to do the actual virus scanning, so it supports all the virus engines that the MailScanner project supports. The scanning is done as the file is being downloaded, so your current network apps don't have to be modified, etc. They just have to support using a proxy.
DeleGate is a multi-purpose application level gateway or proxy server that mediates communication of various protocols, applying cache and conversion for mediated data, controlling access from clients, and routing toward servers. It translates protocols between clients and servers, converting between IPv4 and IPv6, applying SSL (TLS) to arbitrary protocols, merging several servers into a single server view with aliasing and filtering. It can be used as a simple origin server for some protocols (HTTP, FTP, and NNTP).
Etherpuppet is a small program for Linux that will create a virtual interface (TUN/TAP) on one machine from the ethernet interface of another machine through a TCP connection. Everything seen by the real interface will be seen by the virtual one. Everything sent to the virtual interface will be emitted by the real one. It has been designed because one often has a small machine as his Internet gateway, and sometimes want to run some big applications that need raw access to this interface, for sniffing (Ethereal, etc.) or for crafting packets that do not survive being reassembled, NATed, etc. It can even run on Linux embedded routers such as the Linksys WRT54G.
FreeRADIUS is a high-performance, highly configurable, and feature-rich RADIUS server. Supported features include EAP (wireless authentication, PEAP, TTLS), MySQL, PostgreSQL, Oracle, LDAP, X9.9 token cards, VMPS, and many more. It comes with more than 50 vendor dictionaries, and interoperates with many others. It is the only open source RADIUS server that has implemented EAP, and it is currently deployed in multiple million-user systems.