Canvas (#51, 
37)
Canvas is a commercial vulnerability exploitation tool from Dave Aitel's ImmunitySec. It includes more than 370 exploits and is less expensive than Core Impact or the commercial versions of Metasploit. It comes with full source code, and occasionally even includes zero-day exploits. Read 3 reviews.
Latest release: version 6.73 on Oct. 26, 2011 (7 years, 4 months ago).
(1)★★★fgdump (#52, 
5)
fgdump is a newer version of the pwdump tool for extracting NTLM and LanMan password hashes from Windows. It is also capable of displaying password histories if they are available. It outputs the data in L0phtCrack-compatible form, and can write to an output file. fgdump attempts to disable antivirus software before running. It then runs pwdump, cachedump (cached credentials dump), and pstgdump (protected storage dump). Read 2 reviews.
Latest release: version 2.1.0 on Sept. 18, 2008 (10 years, 6 months ago).
(1)★★★★★Tor (#53, 6)
Tor is a network of virtual tunnels designed to improve privacy and security on the Internet by routing your requests through a series of intermediate machines. It uses a normal proxy server interface so that ordinary Internet applications like web browsers and chat programs can be configured to use it. In addition to helping preserve users' anonymity, Tor can help evade firewall restrictions. Tor's hidden services allow users publish web sites and other services without revealing their identity or location. For a free cross-platform GUI, users recommend Vidalia. Remember that Tor exit nodes are sometimes run by malicious parties and can sniff your traffic, so avoid authenticating using insecure network protocols (such as non-SSL web sites and mail servers). That is always dangerous, but particularly bad when routing through Tor.Read 1 review.
Latest release: version 0.2.6.10 on July 12, 2015 (3 years, 8 months ago).
(1)★★★Retina (#54, 29)
Like Nessus, Retina's function is to scan all the hosts on a network and report on any vulnerabilities found. It was written by eEye, who are well known for their security research. Read 2 reviews.
(3)★★★★Firefox (#55, new!)
Firefox is a web browser, a descendant of Mozilla. It emerged as a serious competitor to Internet Explorer, with improved security as one of its features. While Firefox no longer has a stellar security record, security professionals still appreciate it for its wide selection of security-related add-ons, including Tamper Data, Firebug, and NoScript. Read 3 reviews.
Latest release: version 40.0.3 on Aug. 27, 2015 (3 years, 6 months ago).
no ratingOpenVPN (#56, 36)
OpenVPN is an open-source SSL VPN package which can accommodate a wide range of configurations, including remote access, site-to-site VPNs, WiFi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. OpenVPN implements OSI layer 2 or 3 secure network extension using the industry standard SSL/TLS protocol, supports flexible client authentication methods based on certificates, smart cards, and/or 2-factor authentication, and allows user or group-specific access control policies using firewall rules applied to the VPN virtual interface. OpenVPN uses OpenSSL as its primary cryptographic library. Review this tool.
Latest release: version 2.3.8 on Aug. 4, 2015 (3 years, 7 months ago).
(5)★★★★½L0phtCrack (#57, 30)
L0phtCrack attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). LC5 was discontinued by Symantec in 2006, then re-acquired by the original L0pht guys and reborn as LC6 in 2009. For free alternatives, consider ophcrack, Cain and Abel, or John the Ripper. Read 6 reviews.
Latest release: version 6.0.11 on Jan. 9, 2011 (8 years, 2 months ago).
(62)★★★★★Social Engineer Toolkit (#58, new!)
The Social Engineer Toolkit incorporates many useful social-engineering attacks all in one interface. The main purpose of SET is to automate and improve on many of the social-engineering attacks out there. It can automatically generate exploit-hiding web pages or email messages, and can use Metasploit payloads to, for example, connect back with a shell once the page is opened. Read 82 reviews.
(2)★★★★★Yersinia (#59, 7)
Yersinia is a low-level protocol attack tool useful for penetration testing. It is capable of many diverse attacks over multiple protocols, such as becoming the root role in the Spanning Tree (Spanning Tree Protocol), creating virtual CDP (Cisco Discovery Protocol) neighbors, becoming the active router in a HSRP (Hot Standby Router Protocol) scenario, faking DHCP replies, and other low-level attacks. Read 2 reviews.
Latest release: version 0.7.1 on Jan. 26, 2007 (12 years, 1 month ago).
(4)★★★★★Fiddler (#60, new!)
Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language. Read 4 reviews.
Latest release: version 4.5.1.5 on July 23, 2015 (3 years, 7 months ago).
(2)★★★★sslstrip (#61, new!)
sslstrip is an SSL stripping proxy, designed to make unencrypted HTTP sessions look as much as possible like HTTPS sessions. It converts https links to http or to https with a known private key. It even provides a padlock favicon for the illusion of a secure channel. Many HTTPS sites are normally accessed from a redirect on an HTTP page, and many users don't notice when their connection isn't upgraded. Read 2 reviews.
Latest release: version 0.7 on Dec. 18, 2009 (9 years, 3 months ago).
no ratingSolarWinds (#62, 16)
SolarWinds has created and sells dozens of special-purpose tools targeted at systems administrators. Security-related tools include many network discovery scanners, an SNMP brute-force cracker, router password decryption, a TCP connection reset program, one of the fastest and easiest router config download/upload applications available and more. Read 1 review.
no ratingNgrep (#63, 25)
ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI, Token Ring and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop. Review this tool.
Latest release: version 1.45 on Nov. 28, 2006 (12 years, 3 months ago).
(1)★★★★★EtherApe (#64, 21)
Featuring link layer, IP, and TCP modes, EtherApe displays network activity graphically with a color coded protocols display. Hosts and links change in size with traffic. It supports Ethernet, WLAN, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffic to be shown, and can read traffic from a file as well as live from the network. Read 1 review.
Latest release: version 0.9.13 on May 5, 2013 (5 years, 10 months ago).
(6)★★★★½Splunk (#65, new!)
Splunk is a tool to search, report, monitor and analyze real-time streaming and historical IT data. It collects logs from a variety of sources and makes them searchable in a unified interface. Read 6 reviews.
Latest release: version 4.1.7 on Feb. 14, 2011 (8 years, 1 month ago).
(3)★★½Angry IP Scanner (#66, 15)
Angry IP Scanner is a small open source Java application which performs host discovery ("ping scan") and port scans. The old 2.x release was Windows-only, but the new 3.X series runs on Linux, Mac, or Windows as long as Java is installed. Version 3.X omits the vampire zebra logo. As with all connect()-based scanners, performance on Windows XP SP2 and newer be poor due to limitations added to tcpip.sys. The FAQprovides details and workarounds. A short review was posted to nmap-dev in 2008. Read 5 reviews.
Latest release: version 3.0-beta4 on March 23, 2009 (9 years, 12 months ago).
(2)★★★½NetWitness NextGen (#67, new!)
NetWitness NextGen is a network security monitor. The heart of the monitor is the Decoder subsystem that records network traffic for analysis. The Investigator is a protocol analyzer meant to be run on captured traffic. Read 2 reviews.
Latest release: version 9.0.5.4 on March 17, 2010 (9 years ago).
(6)★★★★½Secunia PSI (#68, new!)
Secunia PSI (Personal Software Inspector) is a free security tool designed to detect vulnerable and out-dated programs and plug-ins that expose your PC to attacks. Attacks exploiting vulnerable programs and plug-ins are rarely blocked by traditional anti-virus programs. Secunia PSI checks only the machine it is running on, while its commercial sibling Secunia CSI (Corporate Software Inspector) scans multiple machines on a network. Read 6 reviews.
Latest release: version 2.0 on Jan. 10, 2011 (8 years, 2 months ago).
(6)★★★★★Nagios (#69, 2)
Nagios is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better. Some of its many features include monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, etc.), monitoring of host resources (processor load, disk usage, etc.), and contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method). Read 8 reviews.
Latest release: version 4.0.8 on Aug. 12, 2014 (4 years, 7 months ago).
(4)★★★½Immunity Debugger (#70, new!)
Immunity Debugger is a debugger whose design reflects the need to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility. Read 6 reviews.
Latest release: version 1.80 on Dec. 6, 2010 (8 years, 3 months ago).
(2)★★★Superscan (#71, 49)
Superscan is a free Windows-only closed-source TCP/UDP port scanner by Foundstone (now part of McAfee). It includes a variety of additional networking tools such as ping, traceroute, HTTP HEAD, and whois. Some functionality has been crippled by restrictions imposed by Microsoft in Windows XP SP2 and newer releases. This tool is not really maintained (the latest release was in 2004). Read 4 reviews.
Latest release: version 4.0 on March 11, 2004 (15 years ago).
no ratingsqlninja (#72, new!)
sqlininja exploits web applications that use Microsoft SQL Server as a database backend. Its focus is on getting a running shell on the remote host. sqlninja doesn't find an SQL injection in the first place, but automates the exploitation process once one has been discovered. Review this tool.
Latest release: version 0.2.6-r1 on April 29, 2012 (6 years, 10 months ago).
no ratingHelix (#73, 21)
Helix is a Ubuntu live CD customized for computer forensics. Helix has been designed very carefully to not touch the host computer in any way and it is forensically sound. Helix will not auto mount swap space, or auto mount any attached devices. Helix also has a special Windows autorun side for Incident Response and Forensics. Downloading of the live CD is only provided as a complement to membership in the e-fense members-only forum. An unsupported, older, no-cost version is available as well. Review this tool.
Latest release: version 2009R3 on Dec. 23, 2009 (9 years, 2 months ago).
(6)★★★★★Malwarebytes' Anti-Malware (#74, new!)
Malwarebytes' Anti-Malware is a malware scanner for Windows. The authors claim to use a variety of technologies to find malware undetectable by other malware scanners. There is a free trial with limited options and a supported full version with the ability to run scheduled scans. Read 7 reviews.
Latest release: version 2.1.8.1057 on June 29, 2015 (3 years, 8 months ago).
(5)★★★★★Netsparker (#75, new!)
Netsparker is a web application security scanner, with support for both detection and exploitation of vulnerabilities. It aims to be false positive–free by only reporting confirmed vulnerabilities after successfully exploiting or otherwise testing them. Read 6 reviews.
Latest release: version 1.8.3.3 on Feb. 10, 2011 (8 years, 1 month ago).