Botan is a crypto library written in C++. It provides a variety of cryptographic algorithms, including common ones such as AES, MD5, SHA, HMAC, RSA, Diffie-Hellman, DSA, and ECDSA, as well as many others that are more obscure or specialized. It also offers SSL/TLS (client and server), X.509v3 certificates and CRLs, and PKCS #10 certificate requests. A message processing system that uses a filter/pipeline metaphor allows for many common cryptographic tasks to be completed with just a few lines of code. Assembly and SIMD optimizations for common CPUs offers speedups for critical algorithms like AES and SHA-1.
Dar is a shell command that makes backup of a directory tree and files. Its features include splitting archives over several files, DVD, CD, ZIP, or floppies, compression, full or differential backups, strong encryption, proper saving and restoration of hard links, extended attributes, file forks, Door inodes, and sparse files, remote backup using pipes and external commands (such as ssh), and rearrangement of the "slices" of an existing archive. It can run commands between slices, before and after saving some defined files or directories (for a proper database backup, for example), and quickly retrieve individual files from differential and full backups. Several external GUIs exist as alternatives to its CLI interface, like kdar, DarGUI, SaraB, etc.
Ettercap is a network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like SSH and HTTPS). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.
fupids2 is a so-called human oriented IDS based on the FUPIDS project. fupids2 calculates an attacker level for every user on all Unix/Linux/BSD systems in the network. It looks at the behavior of the user (the programs the user uses, the daytime the user is active, the building and room the user uses, the part of the room in which the user sits, and so on) and reports if the user engages in behavior that is unusual for that person. This method can often detect accounts overtaken by attackers.
Hiawatha is a secure and advanced Web server for Unix. It has been written with security as its main goal. It features advanced access control, prevention of SQL injection and cross-site scripting, banning of clients who try such exploits, the ability to run CGIs under any UID/GID you want, and many other features. These features make Hiawatha an interesting Web server for those who need more security than what the other available Web servers are offering. Hiawatha is also fast and easy to configure.
OpenVPN is a robust and highly configurable VPN (Virtual Private Network) daemon which can be used to securely link two or more private networks using an encrypted tunnel over the Internet. OpenVPN's principal strengths include wide cross-platform portability, excellent stability, support for dynamic IP addresses and NAT, adaptive link compression, single TCP/UDP port usage, a modular design that offloads most crypto tasks to the OpenSSL library, and relatively easy installation that in most cases doesn't require a special kernel module.