| 2fa | Command-line client for two-factor authentication |
| acme-client | Client for issuing certificates from ACME-complaint servers |
| acmesh | Let's Encrypt ACME client in shell script |
| adguardhome | Powerful network-wide ads and trackers blocking DNS server |
| age | Simple, modern and secure encryption tool |
| aide | Free intrusion detection system for checking file integrity |
| aide06 | Older intrusion detection system for checking file integrity |
| aircrack-ng (V) | WiFi security auditing tools suite |
| amap | Applications and Services scanner |
| amass | In-depth Attack Surface Mapping and Asset Discovery |
| antonym | Anonymous nymserver account maintenance tool |
| ap-modsecurity2 | Intrusion detection and prevention engine for web applications |
| ap24-evasive | Apache Evasive Maneuvers Module |
| apg | Tool set for random password generation |
| argon2 | Password hash Argon2 |
| arirang | Powerful webserver security scanner |
| asignify | Yet another signify tool |
| authelia | Single Sign-On Multi-Factor portal for web apps |
| avcheck | Mail content filter for SMTP servers |
| Bastille | System hardening tool focusing on educating the user |
| bcrypt | Cross platform file encryption utility |
| bearssl | Implementation of the SSL/TLS protocol (RFC 5246) |
| beecrypt | Multipurpose cryptographic library |
| bitstir | Entropy restoration daemon |
| botan1 | Portable, easy to use, and efficient C++ crypto library (v1) |
| botan2 | Portable, easy to use, and efficient C++ crypto library (v2) |
| botan3 | Portable, easy to use, and efficient C++ crypto library (v3) |
| ca-certificates | Root CA certificates from the Mozilla Project |
| caff | Various GnuPG related tools |
| cargo-audit | Audit Cargo.lock files for crates with security vulnerabilities |
| cargo-auditable | Make production Rust binaries auditable |
| cargo-deny | Check project dependencies |
| ccid | Middleware to access a smart card using SCard API (PC/SC) |
| cfs | Encrypting file system, using NFS as its interface |
| cfssl | CloudFlare PKI toolkit |
| chkrootkit | Locally checks for signs of a rootkit |
| clamav | Anti-virus toolkit |
| clamav-doc | Anti-virus toolkit documents |
| clusterssh | Cluster administration tool |
| codecrypt | Post-quantum cryptographic software |
| CoolKey | Driver support for the CoolKey and CAC products |
| courier-authlib | Courier Authentication Library |
| crack | The Sensible Unix Password Cracker |
| cracklib | Library used to enforce strong passwords |
| crypto++ | Free C++ class library of Cryptographic Primitives |
| cryptopassphrase | Deterministic password generator based on scrypt |
| CSP | Simple PKI Toolkit |
| cvm | Credential Validation Modules |
| cy2-anonymous | Cyrus SASL ANONYMOUS authentication plugin |
| cy2-crammd5 | Cyrus SASL CRAM-MD5 authentication plugin |
| cy2-digestmd5 | Cyrus SASL DIGEST-MD5 authentication plugin |
| cy2-gssapi | Cyrus SASL GSSAPI authentication plugin |
| cy2-ldapdb | Cyrus SASL LDAPDB authentication plugin |
| cy2-login | Cyrus SASL LOGIN authentication plugin |
| cy2-ntlm | Cyrus SASL NTLM authentication plugin |
| cy2-otp | Cyrus SASL OTP authentication plugin |
| cy2-plain | Cyrus SASL PLAIN authentication plugin |
| cy2-saml | Crude SAML assertion validator for bridging WebSSO and SASL |
| cy2-scram | Cyrus SASL SCRAM authentication plugin |
| cy2-sql | Cyrus SASL SQL authentication plugin |
| cyrus-sasl | Simple Authentication and Security Layer |
| cyrus-sasl-oauth2-oidc | Cyrus SASL OAuth2/OIDC Plugin |
| cyrus-sasl-xoauth2 | XOAUTH2 mechanism plugin for cyrus-sasl |
| cyrus-saslauthd | Cyrus SASL plaintext authentication daemon |
| d0_blind_id | Library to perform identification using Blind RSA Signatures |
| dcfldd | Enhanced version of GNU dd with features useful for forensics |
| ddos-scan | Scan for a limited set of distributed denial of service (ddos) agents |
| defguard | True Zero-Trust WireGuard VPN with 2FA/MFA |
| defguard-gateway | True Zero-Trust WireGuard VPN with 2FA/MFA |
| defguard-proxy | True Zero-Trust WireGuard VPN with 2FA/MFA |
| dehydrated | Letsencrypt/acme client implemented as a shell-script |
| destroy | Program to securely destroy files on the hard disk |
| dhbitty | Small public key ECDH encryption/decryption program |
| dirb | Web Content Scanner |
| dnssec-tools | Toolkit to ease the deployment of DNSSEC related technologies |
| dnsx | DNS toolkit designed for running DNS queries |
| doas | Execute commands as another user |
| dropbear | Small SSH2 server and client, aimed at embedded market |
| dsniff | Password sniffer (webspy) |
| dsniff-nox11 | Password sniffer |
| duo-unix | Duo two-factor authentication for Unix systems |
| easy-rsa | CLI utility to build and manage a PKI CA |
| ecap_clamav_adapter | eCAP ClamAV adapter |
| egd | EGD: Entropy Gathering Daemon |
| ent | Entropy calculation and analysis of putative random sequences |
| erlang-epam | Epam helper for Erlang / Elixir PAM authentication support |
| erlang-fast_tls | TLS / SSL OpenSSL-based native driver for Erlang / Elixir |
| erlang-jose | JSON Object Signing and Encryption |
| erlang-p1_acme | Erlang ACME client (RFC8555) |
| erlang-p1_oauth2 | Erlang Oauth2 implementation |
| erlang-pkix | PKIX certificates management library for Erlang |
| ettercap (V) | Suite for man in the middle attacks |
| fail2ban | Scans log files and bans IP that makes too many password failures |
| flawfinder | Python program to find flaws in C/C++ programs |
| flawz | TUI for browsing security vulnerabilities |
| fprint-demo | Simple GTK+ application to demonstrate libfprint's capabilities |
| fsh | Fast remote command execution |
| gajim-plugin-omemo (V) | OMEMO encryption support for Gajim |
| gcr | Library for crypto UI and related tasks |
| gcr4 | Library for crypto UI and related tasks |
