The tools listed here are open source and we are not listing any licensed software here.
Also I would like to add that METASPLOIT" has been excluded from this list because it combines the power of several tools listed in top 10 so here we will only rate individual products.
1. NMAP - And the tradition continues and NMAP still the number one. Nmap ,by far is the best security scanning and hacking tool ever made. This software tops every list of top hacking softwares for its two reasons. Firstly,its ease of use and secondly,its wide usage.
It provides
a wide range of features like port scanning, fingureprinting, os
detection , ping , scanning an IP range , alive hosts etc. It has a rich
command mode for advanced users which can combine several commands
together to execute ones. Its the most recomended tool for new as well
as advanced learners and security experts. It hosts its google
opensource project every year. Download Nmap.
2.SUPER-SCAN- Powerful
TCP port scanner, pinger, resolver. SuperScan 4 is an update of the
highly popular Windows port scanning tool, SuperScan. If you need an
alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice. It provides a cool scanning experience with lot of information displayed. Download Superscan.
3. NESSUS vulnerability scanner -
I believe that this is the only tool that can break the top spot of
Nmap and reach at number 1. Its a powerful tool but owing to its nature
of operation, it is a lot buggy and hangs too. This tool has been
the best tool for both network administrators and hackers because of
its wide implimentation.The Nessus® vulnerability scanner is the
world-leader in active scanners, featuring high-speed discovery,
configuration auditing, asset profiling, sensitive data discovery and
vulnerability analysis of your security posture. Nessus scanners can be
distributed throughout an entire enterprise, inside DMZs and across
physically separate networks. Download Nessus
4. John The Riper -
The fastest password cracker. It is available for several versions of
unix and windows and has remained the all time favorite brute force
password cracker. currently available for many flavors of Unix (11 are
officially supported, not counting different architectures), DOS, Win32,
BeOS, and OpenVMS. Its primary purpose is to detect weak Unix
passwords. Besides several crypt(3) password hash types most commonly
found on various Unix flavors, supported out of the box are Kerberos AFS
and Windows NT/2000/XP/2003 LM hashes. Download JTR.
5. WIRESHARK and KISMET- Improving by 2 points to reach the number 5th spot is wireshark. The 5th spot is combined spot for kismet as well as wireshark.It is the most preferred wireless security assessment tool and a single of its type in this field. It is a must have tool for all wireless junkies. Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. Download Wireshark.
Kismet is an 802.11 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring mode, and can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic (devices and drivers permitting). Download Kismet
6. PANGOLIN SQL injection scanner -
This is by far the best SQL injection scanner which scans a website for
sql injection attacks. It performs test on the database to check if
vulnerability exists or not. The tool is built to scan numerous popular
databases and works quiet effectively for poorly configured websites. It
had a tough competition with Havij but the nature of platform made me
to choose Pangolin as the winner in this segment. Download Pangolin
7. NIKTO 2- A
fresh arival and a must have. Nikto is an Open Source (GPL) web server
scanner which performs comprehensive tests against web servers for
multiple items, including over 6400 potentially dangerous files/CGIs,
checks for outdated versions of over 1200 servers, and version specific
problems on over 270 servers. It also checks for server configuration
items such as the presence of multiple index files, HTTP server options,
and will attempt to identify installed web servers and software. Scan
items and plugins are frequently updated and can be automatically
updated. Download Nikto
8. Low orbit Ion Cannon- LOIC
is an effective DOS attack tool which is said to have been made by the
popular Anonymous hacking group. This tool can be used to flood a
webserver with lots of data packets so that the service goes down and it
becomes inaccessible. Recentely this tool was used to bring down PayPal
and several other top websites around the globe. Download LOIC
9.CAIN & ABEL- The favourite
password cracker of all kind. IT fell several ranks this year owing to
its low support for new platform and stiff competition from several
similar tools who are constantly updating.Download Cain and Abel
10. HIDE IP- There
were several tools fighting for this last spot but the high usage of
anonymous surfing made me to finally put Hide IP on the 10th spot. It is
a great tool for anonymous surfing and having anonymity on the web
which is very essential while performing hacks and penetration testing.
It had TOR as is closest competitor but owing to the slow speed of TOR i
decided Hide IP as the owner of this spot.Download Platinum Hide IP
