Nmap (Network Mapper)Nmap makes it easy for one to perform network discovery and security auditing. It used in managing upgrade schedules. It guides one in understanding the features of any target network. Features such as host, services, etc. It works on almost all the environment.
Metasploit penetrating softwareMetasploit is a research security project that delivers to the user vital information regarding security vulnerabilities and helps to formulate penetration testing , strategies and methods of execution.
NessusIt is a very popular security tool that focuses on vulnerability scanning. It is the most perfect vulnerabilities identifier: Nessus scans for .It also scans for default passwords.It specialized in compliance checks, Sensitive data searches, website security scanning etc. It also helps in finding weak-spots. It works on most of the environments.
HydraHydra is a powerful password guessing tool.It guesses weak passwords from databases that have been stored in or are in transit within a computer system or network.
Brute force password guessing
Cain and AbelIt is known for the following powerful features: passwords recovery, and revealing password boxes,wireless scanning, network sniffing etc. It also contains an Access Database password decoder, RDP password decode and Hash Calculator.
KismetKismet is a wireless network detector, sniffer, and intrusion detection security penetration tool. Kismet can monitor and sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. It is open source and widely used.
Random.org password generator
The Random Password Generator from random.org generates random passwords based on the guidelines provided.
FaradayFaraday is a Collaborative Penetration Test and Vulnerability Management Platform
WinDumpWinDump is a powerful network packet analyzer that can be used for network debugging and security monitoring.
John the RipperJohn the Ripper is a popular password cracking penetration tool that is mostly used to perform dictionary attacks. This tool can also be used to perform a variety of alterations to dictionary attacks. John the Ripper as an offline password cracker.
OpenVASIt is a Vulnerability Assessment System that offers various tools and services for vulnerability scanning and management.
OpenPuffOpenPuff is a tool with the following features: Whitening and encoding, ability to add a decoy password to reveal decoy data and ability to split the hidden data over multiple carriers.
Retina community networkIt is a top security tool which offers powerful vulnerability assessment across the whole operating systems, devices, application softwares , and virtual environments within a given network. It uses a database that is being updated regularly so it can detect latest security issues.
Evil gradeIt is a modular framework that facilitates a user to take advantage of poor upgrade implementations entering fake updates.
OWASP Zed freeThis tool is very efficient program that finds vulnerabilities in web applications. . ZAP provides automated scanners,tools that allow one to discover security vulnerabilities. It is recommended for those intending to be career penetrates.
Nikto website vulnerability scannerNikto is web server scanner that scans and detect web serves for any vulnerabilities. Nikto also scans for outdated versions. ,It also check the server configurations and also identifies installed web servers and web applications.
GNU Project debuggerIt is a powerful tool that helps the user to discover, audit and execute what is in the web while the program is running.
aircrack-ngThis is a network security tool that allows the user to access the wireless card from other computers and allows the user to run tools on a remote computer. It allows network analysis, wireless packet capturing, and packet injection.
EraserIt allows the user to completely remove data from the hard drive by overwriting each data block many times using an erasure method.
Router sploitAutomated penetration testing software that consists of various modules that aids penetration testing operations like exploiting, crediting and scanning. It also identifies, designs and checks network vulnerability.
KeePassKeePass is a password manager that allows one to store username and password combinations in a highly configured database. Access to the database is secured using a master password or key file
Open stegoIt is a powerful tool that attaches secret message file into an image file. It is also used to unhide data from the output file and uses password to encrypt. This tool is open source.
Burp SuiteIt is an integrated platform for attacking web applications.
CommixIt is a powerful Network monitoring which is installed in a few minutes and it discovers one's entire network automatically
AcunetixIt is a tool that is used to test and reports on SQL injection. Acunetix generates detailed reports while identifying security issues and vulnerabilities
EttercapIt is a free and open source network security too. It mainly analysis computer network protocols within a security auditing context and also is an effective scanner
Vera code: It ensures security of code development and minimizes vulnerabilities.
Punk spider: This security tool is a web scanner that performs more than most of the other scanners
IBM Appscan: It is a security tool that scans and identifies the problem and then gives the remedy to the problem.
SATAN: (Security Administrator Tool for analyzing Networks). It is used for collecting and reporting network security vulnerability.
Maltego: This tool focus on highlighting relationships between people or sites , infrastructure etc.
Iron Wasp: It is a unique scanner for web application
Secunia PSI: It is a software inspector that keeps the system secured
HconSTF: It is used to exploit vulnerabilities in password, database etc.
Sqlmap: is a good open source tool. It is mostly used for detecting issues in an application.
Burp suite: It is a scanner, interceptor of proxy. It also crawl content and functions.
Netsparker: This tool is a scanner that identifies problems and suggests remedial action.
Immunity’s CANVAS: This tool is used for web application and wireless systems.
BeEF (The Browser Exploitation Framework: This tool focus on the web browser.
Netstumbler: This tool helps the user find open wireless access points on the network.
Superscan: This is a good manual on website.
Socat: This is a tool that works over a number of protocols and through a files, pipes, devices etc. It provides forking, logging, and dumping, different modes of communication, and many more other options
Snort: (IDS intrusion detection systems)
HPing2: packet crafting tools
TCPDump: packet sniffers
Scapy: It used for scanning large number of machines
Chkrootkit: it is a free, open source utility. It detects almost all the latest rootkits.
Canvas: an automated exploitation system development framework to penetration testers and security professionals worldwide.
TrueCrypt: is able to perform a powerful attack based on: Dictionary or Alphabet
SGuil: This tool sources out for all the network problems and gives out remedies
Yersinia: is a good protocol attack tool used in penetration testing.
Splunk: is a tool that searches, reports, monitors and analyzes streaming data.
Fiddler: is a Web Debugging tool which logs all HTTP traffic between one's computer and the Internet.