Lynis is an auditing and hardening tool for Unix derivatives like Linux/BSD/Solaris. It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.
Passwd_exp notifies users via email of upcoming password or account expiration. Its simple modular architecture allows you to perform expiration checks on any data source you use (SQL databases, LDAP...), send expiration warnings only to desired users or group and on selected days only. Administrators can use it to review expired accounts in the system. Support for Linux and Solaris shadow (including LDAP and NIS systems) and BSD passwd systems is included.
The RegLookup project is devoted to direct analysis of Windows NT-based registry files. RegLookup provides command line tools, a C API, and a Python module for accessing registry data structures. The project has a focus on providing tools for digital forensic examiners (though it is useful for many purposes), and includes algorithms for retrieving deleted data structures from registry hives.
dietsniff is a tiny tool for analyzing traffic on a network. It's not intended to replace well-known tools like tcpdump or ethereal. It's intended for the case when a small and especially static sniffer is required. Accordingly, it's also by far not that powerful, and is also bound to Linux as a platform. While it doesn't use or need the libpcap, it produces pcap-logs that can be analyzed by more sophisticated tools like tcpdump or Ethereal.
INSERT (the Inside Security Rescue Toolkit) aims to be a multi-functional, multi-purpose disaster recovery and network analysis system. It boots from a credit card-sized CD-ROM and is basically a stripped-down version of Knoppix. It features good hardware detection, fluxbox, emelfm, links-hacked, ssh, tcpdump, nmap, chntpwd, and much more. It provides full read-write support for NTFS partitions (using ntfs-3g), and the ClamAV virus scanner (including a fairly recent signature database and a GUI). It provides partition handling with gParted and also has a network boot facility.
Advisory Check is a program that reads security advisories for you. It gathers security advisories using RSS, RDF, or XML feeds, compares them against the installed software, and alerts you if you're vulnerable. A wide variety of package managers can be queried to detect installed software. Remote systems can be monitored by using the integrated SSH, Windows-RPC, and Nmap support.
RFDUMP is a GUI to edit the "User Data Fields" on RFID tags and to test if a tag is protected against reading or writing. It implements a real life cookie on RFID tags. The tags that are supported for reading, writing, and editing are ISO 15693, ISO 14443 A, ISO 14443 B, SR176(1,2), Tag-it®, and I-Code®.