Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available.
click here for NMAP tool
web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers
click here for Nikto tool
Amap is a next-generation tool for assistingnetwork penetration testing.
It performs fast and reliable application protocol detection, independant
on the TCP/UDP port they are being bound to.
click here for THC-Amap
Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Its open source license allows talented experts in the networking community to add enhancements. It runs on all popular computing platforms, including Unix, Linux, and Windows.
click here for Ethereal
Number one of the biggest security holes are passwords, as every password security study shows.
Hydra is a parallized login cracker which supports numerous protocols to attack. New modules
are easy to add, beside that, it is flexible and very fast.
click here for THC-Hydra
Nessus vulnerability scanner, is the world-leader in active scanners, featuring high speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks.
click here for nessus