This is a list of available software and hardware tools that are designed for or are particularly suited to various kinds of security assessment and security testing.
Several operating systems and tool suites provide bundles of tools useful for various types of security assessment.
| Tool | Vendor | Type | License | Tasks | Commercial status | |
|---|---|---|---|---|---|---|
| Aircrack-ng | GPL | Packet sniffer and injector; WEP encryption key recovery | Free | |||
| Metasploit | Rapid7 | application, framework | EULA | Vulnerability scanning, vulnerability development | Multiple editions with various licensing terms, including one free-of-charge. | |
| Nessus | Tenable Network Security | Proprietary
| Vulnerability scanner | |||
| Nmap | terminal application | GPL v2 | computer security, network management | Free | ||
| OpenVAS | GPL | |||||
| Nikto Web Scanner | GPL | |||||
| SQLmap | ||||||
| Wireshark | Riverbed Technology (sponsor) | desktop application | GPL2 | Network sniffing, traffic analysis | Free. also offers limited vendor support, professional tools, and hardware for a fee |