GnuTLS is a secure communications library implementing the SSL, TLS, and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
php_mt_seed finds possible seeds given the very first PHP mt_rand() output after possible seeding with mt_srand(). With advanced invocation modes, php_mt_seed is also able to match multiple, non-first, and/or inexact mt_rand() outputs to possible seed values. php_mt_seed is written in C with optional SIMD intrinsics (SSE4.1/AVX, XOP, AVX2, MIC) and OpenMP. On a modern quad-core CPU, it is able to search the full 32-bit seed space in one minute (or in just seven seconds on Xeon Phi).
The OpenCA OCSP Responder is an RFC 2560 compliant OCSPD responder. It can be used to verify the status of a certificate using OCSP clients (such as Mozilla/Netscape7). The Responder is actually included in the main OpenCA distribution package. It is also possible to install the daemon as a stand-alone application, in which case you will need a CRL (or access to an LDAP server where the CRL can be obtained).
Password Manager Daemon serves clients data via a Unix domain socket or over a remote TLS connection. The data is stored in an (optionally) encrypted XML file, and the client must provide the key to modify it. It has the option to use gpg-agent for key management (including smartcards). It is multi-threaded, allowing more than one client to be connected at the same time. Key retrieval may be done via a key file or a pinentry program. A key cache is used, so a client won't need to enter a passphrase each time one is required. It is very configurable. Libpwmd is also available as a separate project and is a library making it easy for applications to use Pwmd.
Shasplit takes a large data block, splits it into smaller parts, and puts those parts into an SHA-based content-addressed store. Reassembling those parts is a trivial "cat" invocation. Repeating parts (e.g., from previous split operations) are stored only once, which allows efficient incremental backups of whole LVM snapshots via Rsync. Shasplit shows its strengths on encrypted block devices, but might be useful for non-encrypted data, too.
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, lots of other hashes and ciphers are added in the community-enhanced version (-jumbo), and some are added in John the Ripper Pro.
MixIt is a program which encrypts a given input file using a password and a level. Shifting and coding methods are used to make the input data unreadable. The strength of the encryption depends on the password, the level, and the length of the input data. A brute force code breaker, named breakit, is included for those who want to test the strength of MixIt. It includes features for unbreakable communication via email using one time pads and password books.