Packet Shaper:

: a command line packet shaper
: The Packet Toolkit - A network packet shaper.
 by Antirez: a command line TCP/IP packet shaper
: stands for ‘Send ICMP Nasty Garbage’; sends fully customizeable ICMP packets
: a new python-based packet generator


Password Cracker/Login Hacker:
: a well-known password cracker for Windows and *nix Systems
: a distributed password cracker based on “ ”
: an advanced password recovery tool for windows systems. It sniffs the network packets an cracks authentication brute-force or with dictionary attacks.
: Advanced instant NT password cracker
: The shmoo group provides pre-generated rainbow tables for bittorrent download. The tables are generated with RainbowCrack (see above).
Windows NT   by Peter Nordahl
 by THC. It tries to guess username and password against the modem carrier. As far as I know the only available dialup password guesser for *NIX.
 by THC: a multi-protocol login hacker. Hydra is also integrated with  .
: parallel network login auditor
: a very fast imap password brute forcer
: a login/password bruteforcer for x25 pad
: a generic web brute force tool (Windows only; requires .NET Framework)
: a very fast MD4/MD5/NTLMv1 hash cracker; works optionally with precomputed hash tables
Advanced Sniffers:
 (formerly known as Ethereal): an open source network protocol analyzer
 by Dug Song: a combination of very useful sniffer and man-in-the-middle attack tools
: a multipurpose sniffer/interceptor/logger for switched LAN environments
: monitors AOL instant messager communication on the network
: a tool ,similar to ettercap, to capture network traffic in switched environments
: Cisco discovery protocol (CDP) decoding sniffer
Port Scanner / Information Gathering:
: the currently most well-known port scanner. Since version 3.45 it supports  . Have a look at   for diffing different nmap scans.
 released their nmap wrapper  , which shows all known protocols for the discovered ports form the Open Protocol Resource Database
: Perl output parser for nmap
 by THC: An advanced portscanner which determines the application behind a network port by its application handshake. Thus it detects well-known applications on non-standard ports or unknown applications on well-known ports.
 by THC: version mapper to determine the version (sic!) of scanned daemons
: a information gathering and correlation engine
 (Deepmagic Information Gathering Tool): a host information gathering tool for *nix systems
: a search engine query tool for passive information gathering
Security Scanner:
 - In version 2 an OpenSource network scanner. Version 3 is only available in binary form and under a proprietary license.
: a fork of Nessus 2.2.5 (formerly known as GNessUs)
Nessj: a java based   (and compatibles) client (formerly known as Reason)
Paul Clip from @stake released  , a security scanner for Palm OS 3.5+.
Webserver:
: a web server scanner with anti IDS features. Based on Rain Forest Puppies   library.
: a webserver assessment tool (Windows only; requires .NET framework)
: a black box web pen testing tool from Foundstone (Windows based)
: a java based information gathering tool for web sites
Fingerprinting:
: a fingerprinting tool which requires only an open tcp port and sends maximum 3 packets
: much more than a simple fingerprinting tool.It scans for Windows shares, enumerates usernames, groups, sids and much more.
: Michal Zalewski announced his new release of p0f 2, a passive OS fingerprinting tool. p0f 2 is a completely rewrite of the old p0f code.
: a remote active operating system fingerprinting tool from Ofir Arkin and the xprobe2 team
: an active OS fingerprinting tool based on TCP timeout behavior. This project was formerly known as “RING” and is now published as a nmap addon.
Proxy Server:
: an interactive HTTP/S proxy server for attacking and debugging web-enabled applications
: a http/https-proxy server with a scripting engine for data manipulation and searching
: a man-in-the-middle proxy and application vulnerability scanner
: a framework for analyzing web applications. One of it’s basic functionality is the usage as intercepting proxy.
War Dialers:
: a classic war dialer,  now also with VOIP (IAX2) support. One of a few wardialers for *nix operation systems, and the only with VOIP functionality (to my knowledge)

: a war dialer for DOS, Windows and DOS emulators
Malware / Exploit Collections:
: Huge collections of tools and exploits
: The project tries to publish an exploit for each MS Security Bulltin. A script kiddie dream come true.
: Another malware collection site
: try the ExploitTree to get a collection of exploit code; have a look at the ToolTree for a huge list of pentest stuff
Databases / SQL:
: a tool to exploit sql injection vulnerabilities in web applications with MS SQL Servers (alpha stage)
: scans Oracle 8i for compliance with the CIS Oracle Database Benchmark
: an active and passive scanner for MSSQL server. Works on Windows 2000, XP and 2003.
: a gui-based tool that automates the process of downloading the schema & contents of a database that is vulnerable to Blind SQL Injection (see   and  ).
: a GUI based SQL injector for web pages (Windows, .Net Framework 1.1 required, Internet Explorer 5.0+ required)
Voice over IP (VOIP):

 (voice over misconfigured internet telephones): converts Cisco IP phone conversations into wave files
: a VOIP vulnerability scanner - SIP protocol (beta, Windows only)
: mostly a password cracker, can also record VOIP conversations (Windows only)
 (SIP swis army knife): a SIP packet generator
: a SIP test tool and packet generator
: a SIP bogus message generator
: dumps G711 encoded VOIP communications to wave files. Supports: SIP, H323, Cisco Skinny Client Protocol, RTP and RTCP
 by Thomas Skora: sip-scan, sip-kill, sip-redirectrtp, rtpproxy and ipq_rules
: a toolset for rtp recording and playing
Networkbased Tools:
: a network tool designed to take advantage of some weakeness in different network protocols (STP, CDP, DTP, DHCP, HSRP, 802.1q, VTP)
: alters content of network packets while forwarding the packets
: a IPv6 stack integrity tester
VPN:
: an IPSec enumeration and fingerprinting tool
: ike scanning tool
: a tool for profiling ipsec traffic in a dump file. Initial alpha release
: a Java application to observer network traffic. It graphically represents network connections and highlights all VPN connections. Nice for demonstrations, if somewhat of limited use in a real pen test.
:an IKE/IPSec cracker for pre-shared keys (in aggressive mode authentication [RFC2409])
: DNS Auditing tool by Pierre Betouin
: a session hijacking tool with curses GUI
: a Windows MAC Address Modifying Utility. Supports Windows 2000 and XP.
: a web application written in Java with intentional vulnerabilities. Supports an interactive learning environment with individual lessons.
: a Windows Terminal Server brute forcer
Ollie Whitehouse from @stake released some new cellular phone based pentesting tools for scanning ( ,  ). All tools require a Sony Ericsson P800 mobile phone. Unfortunately, @stake seems no longer to support much of their free security tools. So, use instead the alternativ download links above.
: generates fuzzy fingerprints that look almost nearly equal to a given fingerprint/hash-sum. Very useful for MITM attacks.
, a password finder for LM/NTLM hashes. Currently, there is no support for NTLM2 hashes. In order to get the hashes from network traffic, try  .
: a linux kernel based keylogger
: an “advanced open-source platform for developing, testing, and using exploit code”.
 (Attack Tool Kit): a comination of security scanner and exploit framework (Windows only)
: an exploitation framework to test the security of email content filters. See also the 
: a tool which provides the means to locate keys within a buffer. Based on the article “ ” by Adi Shamir.
: identifies an executables dynamic link library (DLL) files
: a security tool for testing dhcp security
: a perl script for enumeration against ldap servers.
: a dictionary based password checker for oracle databases
: a windows command line tool to manipulate the registry, initiate a dialup connection and much more
: a tools for auditing user permissions on a windows system
: a toolset for footprinting, profiling and assesment via the MSN Search. Windows-only, .NET required
:a tool to gather information via snmp. Works on Linux, *BSD and Windows systems.
: extract NTLM and LanMan hashes from Windows targets

还有无线的一些。在用CENTOS

本文转sinojelly51CTO博客，原文链接：http://blog.51cto.com/pnig0s1992/338176，如需转载请自行联系原作者