Software by Adam Shostack

Microsoft SDL Threat Modeling Tool V3
I drove the creation of several revisions of this tool, which is no longer available.
P3P Analyzer
I was heavily involved in the creation of Zero-Knowledge's P3P Analyzer, a tool to help companies deal with IE6, its interaction with P3P compact policies.
HackerShield (tool)
I was a leader of the design team for one of the first vulnerability scanners, Hackershield. We introduced a large number of innovations in security scanning, including scheduled scans, drill-down style reporting and "RapidFire Updates" which have now become standard features in these products.
Freedom Network (Source Release)
Drove the release of the source code to The Freedom Network, released under a non-commercial use license. The files were encrypted under some traditional magic words, which I believe were either squeamish ossifrage or open sesame.
PGP Key Auto-retriever (Procmail)
I turned a procmail script that does PGP key retrieval for any (signed, encrypted) message you get. Requires UNIX. Nothing flashy, but useful.