List of security assessment tools

This is a list of available software and hardware tools that are designed for or are particularly suited to various kinds of security assessment and security testing.

Operating systems and tool suites

Several operating systems and tool suites provide bundles of tools useful for various types of security assessment.

Operating system distributions

  • Kali Linux (formerly BackTrack), a penetration-test-focused Linux distribution based on Debian
  • Pentoo, a penetration-test-focused Linux distribution based on Gentoo
  • ParrotOS, a Linux distro focused on penetration testing, forensics, and online anonymity.


Tool Vendor Type License Tasks Commercial status
Aircrack-ng GPL Packet sniffer and injector; WEP encryption key recovery Free
Metasploit Rapid7 application, framework EULA Vulnerability scanning, vulnerability development Multiple editions with various licensing terms, including one free-of-charge.
Nessus Tenable Network Security Proprietary; GPL (2.2.11 and earlier) Vulnerability scanner
Nmap terminal application GPL v2 computer security, network management Free
Nikto Web Scanner GPL
Wireshark Riverbed Technology (sponsor) desktop application GPL2 Network sniffing, traffic analysis Free. also offers limited vendor support, professional tools, and hardware for a fee
  • Top 125 Network Security Tools – a list of security tools suggested by a community