Suricata is an Intrusion Detection and Prevention (IDS/IPS) engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support, file extraction capabilities, and many more features. It's capable of loading existing Snort rules and signatures, and supports many frontends through Barnyard2.
Diladele Web Safety is an ICAP server that integrates with an existing Squid proxy server and provides rich content and Web filtering functionality to sanitize Internet traffic passing into an internal home/enterprise network. It blocks pornography and explicit (adult) content by deep inspecting HTML content and URLs, blocks file downloads, performs filtering based on groups, controls Web usage by categories, removes annoying Web ads, and protects online privacy by disallowing access to Web trackers. It runs on any FreeBSD derived platform, RedHat, CentOS, Debian, and Ubuntu Linux, Raspberry PI, and Apple OS X, providing a comprehensive Web filtering solution easily manageable via a Web UI.
samhain is a daemon that can check file integrity, search the file tree for SUID files, and detect kernel module rootkits (Linux only). It can be used either standalone or as a client/server system for centralized monitoring, with strong (192-bit AES) encryption for client/server connections and the option to store databases and configuration files on the server. For tamper resistance, it supports signed database/configuration files and signed reports/audit logs. It has been tested on Linux, FreeBSD, Solaris, AIX, HP-UX, and Unixware.
The Legion of the Bouncy Castle Java Cryptography API provides a lightweight cryptography API in Java, a provider for the JCE and JCA, a clean-room implementation of the JCE 1.2.1, generators for Version 1 and Version 3 X.509 certificates, generators for Version 2 X.509 attribute certificates, PKCS12 support, and APIs for dealing with S/MIME, CMS, OCSP, TSP, CMP, CRMF, EAC, DVCS, OpenPGP, DTLS, and TLS. Versions are provided for the J2ME, and JDK 1.0-1.7.
Site Change Detection is a class that scans a directory to detect file changes. It performs an initial scan of a given directory and records the names and hashes of files found in a MySQL database. Subsequent scans detect any files that were added, changed, or deleted. The class can also setup the database tables to perform the initial configuration.
Zorp is a proxy firewall suite with its core architecture is built around today's security demands: it uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.