The CyaSSL embedded SSL library is a lightweight SSL library written in ANSI C and targeted for embedded and RTOS environments, primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments and cloud services as well because of its royalty-free pricing and excellent cross platform support. CyaSSL supports industry standards up to the current TLS 1.2 and DTLS 1.2 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as HC-128, RABBIT, and NTRU.
sslsweep tests TCP services for the presence of SSL and reports things about the services found, such as the certificate's CN, the certificate's expiration timestamp, what kinds of ciphers the SSL service supports, and what versions of SSL the service supports. It can be used for security testing as well as ongoing monitoring of services. It can produce output in human readable text, HTML, and CSV. It can also run as a Nagios plugin. It can accept input on the command line or on standard input (one host:port pair per line). It can also accept Nmap scan output (in the greppable format) as input, and it will test all open TCP ports found by the Nmap scan.
vncssld is a VNC SSL repeater for Unix. You can use it to access your user's desktop using VNC SSL. The advantage of using a repeater is that you don't need to configure your firewall to be able to connect to your user's desktop: both VNC server and VNC client connect to the repeater. Since it is using SSL, It can even work using a standard HTTP/HTTPS proxy (like squid or DansGuardian).
sessiond allows a cluster of SSL/TLS servers to share their session caches in order to prevent each node of the cluster from negotiating a separate session. SSL/TLS session is basically a set of secret values (symmetric encryption keys, MAC secrets) shared between a client and a server. The use of asymmetric cryptography required to establish new sessions is the main performance bottleneck of the SSL/TLS protocol.
VyperBlog is an all-in-one site template for the Google App Engine. It is meant for small businesses or enterprises that want to get into the Google cloud using a turn-key solution that provides security and safety for the data being stored in the back-end database. VyperBlog provides protection from hackers and crackers who might want to abuse forms and other resources being published by those who are using VyperBlog. VyperBlog employs a unique method for securing sites called Secure-Site.
sec-wall is a feature-packed security proxy that supports SSL/TLS, WS-Security, HTTP Auth Basic/Digest, extensible authentication schemes based on custom HTTP headers and XPath expressions, powerful URL matching/rewriting, and an optional header enrichment. It's a security wall with which you can conveniently fence otherwise defenseless backend servers.
NXWEB is ultra-fast and super-lightweight web server for applications written in C. It can serve thousands of concurrent requests with a small memory footprint using an event-driven and multi-threaded model that is designed to scale. It features an exceptionally light code base, a simple API, decent HTTP protocol handling, keep-alive connections, SSL support (via GNUTLS), HTTP proxy (with keep-alive connection pooling), non-blocking sendfile support (with configurable small file memory cache), cacheable gzip content encoding, cacheable image thumbnails with watermarks (via ImageMagick), a modular design for developers, and the ability to run as a daemon.
SSLsplit is a tool that performs man-in-the-middle attacks against SSL/TLS encrypted network connections for network forensics and penetration testing. It terminates SSL/TLS and initiates a new connection to the original destination, logging all data transmitted. It supports plain TCP and SSL, HTTP and HTTPS, and IPv4 and IPv6. For SSL and HTTPS, it generates and signs forged X509v3 certificates on-the-fly using the original certificate's subject DN and subjectAltName extension. It supports Server Name Indication, RSA, DSA, and ECDSA keys, and DHE and ECDHE cipher suites. It can also use existing certificates if the private key is available.