List of security assessment tools
This is a list of available software and hardware tools that are designed for or are particularly suited to various kinds of security assessment and security testing.
Operating systems and tool suites
Several operating systems and tool suites provide bundles of tools useful for various types of security assessment.Operating system distributions
- Kali Linux, a penetration-test-focused Linux distribution based on Debian
- Pentoo, a penetration-test-focused Linux distribution based on Gentoo
- ParrotOS, a Linux distro focused on penetration testing, forensics, and online anonymity.
Tools
| Tool | Vendor | Type | License | Tasks | Commercial status |
| Aircrack-ng | GPL | Packet sniffer and injector; WEP encryption key recovery | Free | ||
| Metasploit | Rapid7 | application, framework | EULA | Vulnerability scanning, vulnerability development | Multiple editions with various licensing terms, including one free-of-charge. |
| Nessus | Proprietary; GPL | Vulnerability scanner | |||
| Nmap | terminal application | GPL v2 | computer security, network management | Free | |
| OpenVAS | GPL | ||||
| Nikto Web Scanner | GPL | ||||
| SQLmap | |||||
| Wireshark | Riverbed Technology | desktop application | GPL2 | Network sniffing, traffic analysis | Free. also offers limited vendor support, professional tools, and hardware for a fee |