Free Penetration Testing & Information Gathering Tools
Badstore is a GNU open source software showing you how hackers attack web application vulnerabilities.
Cain & Abel is a powerful password recovery tool. Cain & Abel is able to sniff the network and use both dictionary and brute force attacks as well as other methods in order to recover passwords.
CallerIP can monitor all incoming and outgoing connections to your computer
dsniff is a number of tools used for network auditing and penetration testing.
DNSstuff can be used to extract DNS information.
G-Lock Software provides Advanced Administrative Tools (AATools) which can capture lots of useful information about your computer such as open ports, outbound and inbound network connections, processes and applications loaded into your computer's memory and more.
HTTrack Website Copier can copy a full website from the internet to your local directory.
Internet Archive will give you all the content information of a website that has ever been published.
Kismet is a wireless (layer 2, 802.11) detector, sniffer and IDS all in one tool used to find and sniff wireless access point traffic.
Nessus is a vulnerability scanner tool that is free for home users. A corporate version is available but has to be purchased.
Netstumbler is a free tool used for finding wireless access points.
Paros is a tool used to evaluate the security of your web applications. Paros will intercept HTTP and HTTPS traffic and look for common attacks such as SSL injection, cross site scripting, buffer overflow and so on.
Path Analyser is an advanced networking utility for route tracing.
Sam Spade is a free hacking tool with many useful utilities driven by a simple interface GUI. You can download Sam Spade from various websites.
Sensepost provide Wikto which scans website directories, looks for scripts on web servers and other useful tasks.
THC Hydra is a powerful network authentication cracker.
Visual Route is a network diagnostic tool.
Visualware deliver email Tracker which is able to identity more information on an email and it's header information.
WebDataExtractor is able to extract all kinds of data from a website.
3D Traceroute shows traceroute connections in 3D visual representation.