Nmap makes it easy for one to perform network discovery and security auditing. It used in managing upgrade schedules. It guides one in understanding the features of any target network. Features such as host, services, etc. It works on almost all the environment.
Metasploit is a research security project that delivers to the user vital information regarding security vulnerabilities and helps to formulate penetration testing , strategies and methods of execution.
It is a very popular security tool that focuses on vulnerability scanning. It is the most perfect vulnerabilities identifier: Nessus scans for .It also scans for default passwords.It specialized in compliance checks, Sensitive data searches, website security scanning etc. It also helps in finding weak-spots. It works on most of the environments.
Hydra is a powerful password guessing tool.It guesses weak passwords from databases that have been stored in or are in transit within a computer system or network.Brute force password guessing.
It is known for the following powerful features: passwords recovery, and revealing password boxes,wireless scanning, network sniffing etc. It also contains an Access Database password decoder, RDP password decode and Hash Calculator.
Kismet is a wireless network detector, sniffer, and intrusion detection security penetration tool. Kismet can monitor and sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. It is open source and widely used.
The Random Password Generator from random.org generates random passwords based on the guidelines provided.
Faraday is a Collaborative Penetration Test and Vulnerability Management Platform
WinDump is a powerful network packet analyzer that can be used for network debugging and security monitoring.
John the Ripper is a popular password cracking penetration tool that is mostly used to perform dictionary attacks. This tool can also be used to perform a variety of alterations to dictionary attacks. John the Ripper as an offline password cracker.
It is a Vulnerability Assessment System that offers various tools and services for vulnerability scanning and management.
OpenPuff is a tool with the following features: Whitening and encoding, ability to add a decoy password to reveal decoy data and ability to split the hidden data over multiple carriers.
It is a top security tool which offers powerful vulnerability assessment across the whole operating systems, devices, application softwares , and virtual environments within a given network. It uses a database that is being updated regularly so it can detect latest security issues.
It is a modular framework that facilitates a user to take advantage of poor upgrade implementations entering fake updates.
This tool is very efficient program that finds vulnerabilities in web applications. . ZAP provides automated scanners,tools that allow one to discover security vulnerabilities. It is recommended for those intending to be career penetrates.
Nikto is web server scanner that scans and detect web serves for any vulnerabilities. Nikto also scans for outdated versions. ,It also check the server configurations and also identifies installed web servers and web applications.
It is a powerful tool that helps the user to discover, audit and execute what is in the web while the program is running.
This is a network security tool that allows the user to access the wireless card from other computers and allows the user to run tools on a remote computer. It allows network analysis, wireless packet capturing, and packet injection.
It allows the user to completely remove data from the hard drive by overwriting each data block many times using an erasure method.
Automated penetration testing software that consists of various modules that aids penetration testing operations like exploiting, crediting and scanning. It also identifies, designs and checks network vulnerability.
KeePass is a password manager that allows one to store username and password combinations in a highly configured database. Access to the database is secured using a master password or key file.
22. Open stego
It is a powerful tool that attaches secret message file into an image file. It is also used to unhide data from the output file and uses password to encrypt. This tool is open source.
It is an integrated platform for attacking web applications.
It is a powerful Network monitoring which is installed in a few minutes and it discovers one's entire network automatically
It is a tool that is used to test and reports on SQL injection. Acunetix generates detailed reports while identifying security issues and vulnerabilities
It is a free and open source network security too. It mainly analysis computer network protocols within a security auditing context and also is an effective scanner
27. Vera code
It ensures security of code development and minimizes vulnerabilities.
28. Punk spider:
This security tool is a web scanner that performs more than most of the other scanners
29. IBM Appscan:
It is a security tool that scans and identifies the problem and then gives the remedy to the problem.
30. SATAN:(Security Administrator Tool for analyzing Networks). It is used for collecting and reporting network security vulnerability.
31. Maltego:
This tool focus on highlighting relationships between people or sites , infrastructure etc.
32. Iron Wasp:
It is a unique scanner for web application
33. Secunia PSI:
It is a software inspector that keeps the system secured
34. HconSTF:
It is used to exploit vulnerabilities in password, database etc.
35. Sqlmap:
it is a good open source tool. It is mostly used for detecting issues in an application.
36. Burp suite:
It is a scanner, interceptor of proxy. It also crawl content and functions.
37. Netsparker:
This tool is a scanner that identifies problems and suggests remedial action.
38. Immunity’s CANVAS:
This tool is used for web application and wireless systems.
39. BeEF
The Browser Exploitation Framework , This tool focus on the web browser.
40. Netstumbler
This tool helps the user find open wireless access points on the network.
41. Superscan:
This is a good manual on website.
42. Socat:
This is a tool that works over a number of protocols and through a files, pipes, devices etc. It provides forking, logging, and dumping, different modes of communication, and many more other options
43. Snort:
(IDS intrusion detection systems)
44. HPing2:
packet crafting tools
45. TCPDump:
packet sniffers
46. Scapy:
It used for scanning large number of machines
47. Chkrootkit:
it is a free, open source utility. It detects almost all the latest rootkits.
48. Canvas:
an automated exploitation system development framework to penetration testers and security professionals worldwide.
49. TrueCrypt
it is able to perform a powerful attack based on: Dictionary or Alphabet
50. SGuil:
This tool sources out for all the network problems and gives out remedies
51. Yersinia:
a good protocol attack tool used in penetration testing.
52. Splunk:
a tool that searches, reports, monitors and analyzes streaming data.
53. Fiddler
a Web Debugging tool which logs all HTTP traffic between one's computer and the Internet.