Zorp is a proxy firewall suite with its core architecture is built around today's security demands: it uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.
Diladele Web Safety is an ICAP server that integrates with an existing Squid proxy server and provides rich content and Web filtering functionality to sanitize Internet traffic passing into an internal home/enterprise network. It blocks pornography and explicit (adult) content by deep inspecting HTML content and URLs, blocks file downloads, performs filtering based on groups, controls Web usage by categories, removes annoying Web ads, and protects online privacy by disallowing access to Web trackers. It runs on any FreeBSD derived platform, RedHat, CentOS, Debian, and Ubuntu Linux, Raspberry PI, and Apple OS X, providing a comprehensive Web filtering solution easily manageable via a Web UI.
The WiKID Strong Authentication System is a highly scalable, secure two-factor authentication system. It is simple to implement and maintain, allows users to be validated automatically, requires no hardware tokens, has a simple API for application support (via Ruby, PHP, Java, COM, Python, etc.), supports multiple domains, and supports replication for fault tolerance and scalability. It also supports mutual /host and transaction authentication, wireless tokens only domains, locked tokens (to your PC), anti-keystroke logger keypad PIN entry, etc.
Joseph is a Python class and program that parses config files into iptables commands. It supports ACL definitions to reduce the repetition of rules. The config file format is a custom, native English-like format that supports internal, external, and DMZ interfaces with allowed, masqueraded, and redirected services (ports).
pyOpenSSL is a Python wrapper for a subset of OpenSSL's functionality, featuring an advanced error management system, connection objects that wrap socket methods, and flexible context objects. Also included is a rudimentary crypto module that can be used to create and verify certificates (X509 objects).
Endian Firewall is an all-in-on Linux security distribution that turns any system into a full-featured security appliance. It features a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, POP3, SMTP), anti-virus support, virus and spam filtering for email traffic (POP and SMTP), content filtering of Web traffic, and a "hassle free" VPN system based on OpenVPN.
CAKE (Key Addressed Crypto Encapsulation) is a bunch of Python and C++ for implementing the CAKE protocol. The CAKE protocol is a protocol in which all messages have source and destination addresses that are public keys. This is in the same way that IP packets have a source and destination address that is an IP address.
Better ASN is a Java ASN.1 API that focuses on speed and efficiency rather than extended functionality. This strategy prescribes one-pass decoding and near 100% encoding efficiency for typical ASN.1 usage patterns. Although BASN was developed for use by a Certificate Authority, the release comes packaged with an ASN.1 to Java compiler, which can be used to generate Java implementations of ASN.1 structures. This allows the API to be used for any Java application that may require ASN.1 decoding/manipulation/encoding.