Sysdig is open source, system-level exploration: capture system state and activity from a running Linux instance, then save, filter and analyze. Think of it as strace + tcpdump + lsof + awesome sauce. With a little Lua cherry on top.
A Middlebox Detection Tool
Observes filesystem changes using the same underlying API as Spotlight Provides a graphical representation of the file activity
Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.
advchk is a tool for monitoring the security of installed software. Advisory Check gathers security advisories using RSS / RDF / XML feeds, compares them against a list of known software, and alerts you if you`re vulnerable.