OpenConnect server (ocserv) is an SSL VPN GNU/Linux server. Its purpose is to be a secure, small, fast, and configurable VPN server which depends on standard protocols like TLS 1.2 and Datagram TLS. It implements the AnyConnect SSL VPN protocol and is compatible with the OpenConnect VPN client (compatibility with other Anyconnect SSL VPN clients is experimental).
cqueues is a comprehensive event and networking library for Lua 5.2 and LuaJIT using modern Unix O(1) polling facilities. It includes libraries for buffered socket I/O, SSL/TLS sockets, DNS querying, signal handling, threading, file change notification, and X.509 key management. It natively supports Linux, *BSD, OS X, and Solaris systems without third-party dependencies, and is interoperable with any event loop that accepts plain descriptors, or is usable standalone.
pymiproxy is a small, lightweight, man-in-the-middle embeddable proxy capable of performing HTTP and HTTPS (or SSL) inspection. The proxy provides a built-in certificate authority that is capable of generating certificates for SSL-based destinations. Pymiproxy is also extensible, and provides two methods for extending the proxy: method overloading and a pluggable interface. It is ideal for situations where you're in dire need of a proxy to tamper with out- and/or in-bound HTTP data.
SSLsplit is a tool that performs man-in-the-middle attacks against SSL/TLS encrypted network connections for network forensics and penetration testing. It terminates SSL/TLS and initiates a new connection to the original destination, logging all data transmitted. It supports plain TCP and SSL, HTTP and HTTPS, and IPv4 and IPv6. For SSL and HTTPS, it generates and signs forged X509v3 certificates on-the-fly using the original certificate's subject DN and subjectAltName extension. It supports Server Name Indication, RSA, DSA, and ECDSA keys, and DHE and ECDHE cipher suites. It can also use existing certificates if the private key is available.
NXWEB is ultra-fast and super-lightweight web server for applications written in C. It can serve thousands of concurrent requests with a small memory footprint using an event-driven and multi-threaded model that is designed to scale. It features an exceptionally light code base, a simple API, decent HTTP protocol handling, keep-alive connections, SSL support (via GNUTLS), HTTP proxy (with keep-alive connection pooling), non-blocking sendfile support (with configurable small file memory cache), cacheable gzip content encoding, cacheable image thumbnails with watermarks (via ImageMagick), a modular design for developers, and the ability to run as a daemon.
sec-wall is a feature-packed security proxy that supports SSL/TLS, WS-Security, HTTP Auth Basic/Digest, extensible authentication schemes based on custom HTTP headers and XPath expressions, powerful URL matching/rewriting, and an optional header enrichment. It's a security wall with which you can conveniently fence otherwise defenseless backend servers.
Pagekite is software to make servers on "localhost" visible to the wider Internet. It can be used by Web developers to show off their works in progress to clients or colleagues, embedded developers who need direct access to devices in the field, or as an alternative to dynamic DNS for individuals/hobbyists who would rather host their own content than rely on 3rd party hosting. It creates and maintains a tunnel between your server on localhost and a remote "front-end" (a reverse proxy). Only the front-end has to have a visible IP address; the server itself can reside on a heavily firewalled computer, a mobile device, or even an anonymous node on the Tor network.
VyperBlog is an all-in-one site template for the Google App Engine. It is meant for small businesses or enterprises that want to get into the Google cloud using a turn-key solution that provides security and safety for the data being stored in the back-end database. VyperBlog provides protection from hackers and crackers who might want to abuse forms and other resources being published by those who are using VyperBlog. VyperBlog employs a unique method for securing sites called Secure-Site.