BFBTester is good for doing quick, proactive security checks of binary programs. BFBTester will perform checks of single and multiple argument command line overflows and environment variable overflows. It can also watch for tempfile creation activity to alert the user of any programs using unsafe tempfile names.
CMake is a cross-platform, open-source build system. It is used to control the software compilation process using simple platform and compiler independent configuration files. It generates native makefiles and workspaces that can be used in the compiler environment of your choice. CMake is quite sophisticated: it is possible to support complex environments requiring system configuration, pre-processor generation, and code generation.
DUMA (Detect Unintended Memory Access) stops your program on the exact instruction that overruns (or underruns) a malloc() memory buffer. GDB will then display the source-code line that causes the bug. It works by using the virtual-memory hardware to create a red-zone at the border of each buffer: touch that, and your program stops. It can catch formerly impossible-to-catch overrun bugs. DUMA is a fork of Bruce Perens' Electric Fence library.
Hammerhead is a stress testing tool for Web sites. It initiates connections from multiple IP aliases and simulates a user from each alias. It is fully configurable, and there are numerous other options for creating problems with a site. Extensive data collection is also available.
Impost is a network security auditing tool designed to analyze the forensics behind compromised and/or vulnerable daemons. There are two different kinds of operating modes; it can either act as a honey pot and take orders from a Perl script controlling how it responds and communicates with connecting clients, or it can operate as a packet sniffer and monitor incoming data to specified destination port supplied by the command-line arguments.
Java Memory Profiler (JMP) uses the JVMPI interface to track objects and method times in the JVM (Java Virtual Machine). It uses a GTK+ interface to display statistics. The current instance count and the total amount of memory for each class is shown as is the total time spent in each method.
JTAG-O-MAT provides a simple but highly flexible interface to JTAG hardware. Unlike similar projects, the focus is on running automatic JTAG sequences. It is mainly intended for bringing up virgin hardware, for use in an automated test environment, or to preload boards in a production environment. JTAG debugging is not supported. Currently supported hardware includes ARM7TDMI targets and Wiggler as well as Turtelizer programming adapters.