Toolkits
Packet capture tools
Cisco IOS Router and Cisco ASA (http://www.cisco.com/) captures packets.
Netsniff-ng (http://netsniff-ng.org/) netsniff-ng is a free Linux networking toolkit, a Swiss army knife for your daily Linux network plumbing if you will.
Sniffit (http://sniffit.sourceforge.net/) SniffIt is a Distribted Sniffer System, which allows users to capture network traffic from an unique machine using a graphical client application
Tcpdump (http://www.tcpdump.org/) This is the home web site of tcpdump, a powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture.
T-Shark (http://www.wireshark.org/docs/man-pages/tshark.html) TShark is a network protocol analyzer. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file.
Wireshark (http://www.wireshark.org/) Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions. Wireshark development thrives thanks to the volunteer contributions of networking experts around the globe and is the continuation of a project started by Gerald Combs in 1998.
Network scanners
Network Mapper (Nmap) (http://www.nmap.org/) is a free and Open Source (license) utility for network discovery and security auditing.
OpenVAS (http://www.openvas.org/) – Open Vulnerability Assessment Scanner
Web testing tools
Burp Suite (https://portswigger.net/burp/) is an integrated platform security testing of web applications free.
Nikto2 (https://cirt.net/Nikto2/) Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers
OWASP Mutillidae II (https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project) NOWASP (Mutillidae) is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiest.
Password crackers
Cain and Abel (http://www.oxid.it/cain.html) is a Windows-based password recovery tool. Capture and monitor network traffic for passwords, and crack encrypted passwords.
John the Ripper (http://www.openwall.com/john/) John the Ripper is an Open Source password security auditing and password recovery tool available for many operating systems.
L0phtCrack (http://www.l0phtcrack.com/) Cracks Windows passwords from hashes, which it can obtain (given proper access) from stand-alone Windows workstations, networked servers, primary domain controllers, or active directory. Sometimes, it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, and so on).
Ophcrack (http://ophcrack.sourceforge.net/) Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface
Penetration testing tools
BackTrack (http://www.backtrack-linux.org/) - Backtrack is no longer being maintained; it has been switched over to Kali Linux.
Kali Linux (https://www.kali.org/) Kali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.
Metasploit Framework (https://www.metasploit.com/) Offensive focused comprehensive Toolkit.
IPS/IDS
Bro (http://bro-ids.org/) An Open Source Network Security Monitoring Tool. Zeek(https://zeek.org/) (formerly Bro) is the world’s leading platform for network security monitoring.
OSSEC(https://www.ossec.net/) OSSEC has a powerful correlation and analysis engine, integrating log analysis, file integrity monitoring, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response.
Snort (http://www.snort.org/) Snort is the foremost Open Source Intrusion Prevention System (IPS) in the world. Snort IPS uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts for users.
Suricata (http://www.openinfosecfoundation.org/index.php/download-suricata) The Open Information Security Foundation is a a 501(c)3 nonprofit organization created to build community and to support open source security technologies like Suricata, the world-class IDS/IPS network monitoring engine.
Network security monitoring tools
Security Onion (https://securityonion.net/) Security Onion, a free and open platform for threat hunting, network security monitoring, and log management. Security Onion includes best-of-breed free and open tools including Suricata, Zeek, Wazuh, the Elastic Stack and many others.
Sguil (http://sguil.sourceforge.net/) intuitive GUI that provides access to realtime events, session data, and raw packet captures.
ELSA (https://github.com/mcholste/elsa/) Enterprise Log Search and Archive (ELSA) is a three-tier log receiver, archiver, indexer, and web frontend for incoming syslog. It leverages syslog-ng's pattern-db parser for efficient log normalization and Sphinx full-text indexing for log searching.
Splunk Enterprise (http://www.splunk.com/) is a platform for real-time operational intelligence. Splunk is the easy, fast, and secure way to search, analyze, and visualize the massive streams of log data.
Security intelligence tools
The Talos Intelligence Group(http://www.talosintelligence.com) is threat intelligence for Cisco products that detects, analyzes, and protects against both known and emerging threats. (Add. Reference: Talos Intelligence Group blog http://blogs.cisco.com/talos.)
The Common Vulnerability Scoring System (CVSS) (https://www.first.org/cvss/) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes.
OWASP (https://www.owasp.org/) The Open Web Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software.
VirusShare.com (https://virusshare.com/) is a repository of malware samples to provide security researchers, incident responders, forensic analysts, of malicious code.
VirusTotal (https://www.virustotal.com/) isubsidiary of Google. Analyze suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community