- Nikto - Web Application Scanner Downloadable Package
- Nmap - Port Scanner, Command line based
- Nessus - Vulnerability Scanner
- FireSheep - Firefox Extension that steals login cookie from the local network and allows the person running firesheep to use the cookie to hijack the session
- Social Engineers Toolkit by Dave "Rel1k" Kennedy - Clone any website you want and to use the Java Applet to attack automatically.
- Metasploit - Ruby based framework for exploits/scanners by Rapid7 Extensive Tutorials for Metasploit
- TeamSploit - Pen Testing With Friends by Justin Wray which is a free penetration automation tool suite
- Armitage - GUI for Metasploit written by Raphael Mudge, its extremely powerful and easy to use
- Burp Suite - Burp Suite is an integrated platform for performing security testing of web applications.
- Remote Administration Tools (RATs) - Poison Ivy and more as I find them and have time to get info on them
- Pen Testing Hardware - All those beautiful little toys that can do so much
- Kryptos - This OpenWire Sec Web App is designed to help Pen Testers collaborate
- From Fuzzing to Metasploit Part 1 Part 2 Part 3
- Introducing Vulnserver
- John The Ripper - Free and Open Source fast password cracker primarily used to detect weak Unix passwords
- HASHCat - Worlds fastest WPA cracker with dictionary mutation engine
- Cain and Able - Password recovery tool for Microsoft Operating Systems
- Unsploitable by Justin Wray - Automatically Patch Metasploitable Vulnerabilities
- Full Database Activity Auditing for the MySQL User Base - Mcafee MySQL Audit Application
- Network Miner - Windows based capture tool capable of pulling objects out of a tcp stream
- US Gov Baseline Config - Security configuration baselines for Information Technology products widely deployed across the federal agencies.
- Mandiant Community Resources Software Downloads More details forthcoming...
- ModSecurity - Open Source WAF
- OWASP Countermeasures- Details countermeasures and tools used.
- Forensic Tools - Gotta figure out what happened
- Master Boot Record by Jamie Levy - MBR parser
- Basic Linux Administration
- Introduction to IDS and IPS concepts by Tony Robinson - Best IDS resource you will find
- Snort IDS - A free lightweight network intrusion detection system for UNIX & Windows.
- Collection of reverse engineering tutorials for beginners by Lenas
- ZeroAccess Rootkit - Four part article series with step-by-step tutorials on how to reverse engineer the ZeroAccess Rootkit
- [REMnux: A Linux Toolkit for Reverse-Engineering and Analyzing Malware](http://zeltser.com/remnux/ Remnux)
- HopperApp - Reverse engineering tool for OS X and Linux, that lets you disassemble, decompile and debug your 32/64bits as executables
- OllyDebug - OllyDbg is a 32-bit assembler level analysing debugger for Windows
- IDA - IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger if you have money...It's expensive.
- Sandboxie - A sandbox-based isolation program developed by Invincea (which acquired it from the original author Ronen Tzur) which prevents programs from making permanent changes to other programs and data
- Cuckoo - An open source automated dynamic malware analysis system
- GMER - Rootkit Detector for NT/W2K/XP/VISTA/7 and Samples
- SysInternals - Toolkit for Windows
- Mandiant's RedLine - Windows XP, Windows Vista, Windows 7 (32-bit and 64-bit)
- XXD - Free Linux command line hex editor
- FireEye's FLARE Team Reversing Repository
- Wireshark - Packet Analysis tool
- QR Decoder - can also do barcodes
- pngcheck - Tool for checking CRC values within a PNG file.
- Hex Workshop - Windows Hex Editor
- GNS3 - Graphical Network Simulator using Virtual Box