Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web…

Acunetix

Audit your website security and web applications for SQL injection, Cross site scripting and other…

Arachni is a Free/Public-Source Web Application Security Scanner aimed towards helping users evaluate the security of web applications.

Burp Suite is an integrated platform for performing security testing of web applications.

Censys helps organizations, individuals, and researchers find and monitor every server on the Internet to reduce exposure and improve security.

Network recon framework, including a web interface to browse Nmap scan results.

Learn, download and use the most flexible and powerful web application security testing framework.

Nmap Free Security Scanner, Port Scanner, & Network Exploration Tool. Download open source software for Linux, Windows, UNIX, FreeBSD, etc.

PunkSPIDER is a global-reaching web application vulnerability search engine.

Find security vulnerabilities right from your browser.

Shodan is the world’s first search engine for Internet-connected devices.

Firefox add-on that lets you change headers and request parameters before they’re sent to the…

Search engine for the Internet of Things

Subgraph Vega | Free and Open Source Web Application Vulnerability and Security Scanner

Websecurify free and premium security tools automatically scan websites for vulnerabilities like SQL Injection, Cross-site Scripting and others

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding…

Network mapping service

A fully automated, active web application security reconnaissance tool.

w3af is a Web Application Attack and Audit Framework

Wapiti allows you to audit the security of your web applications. Wapiti is a command line tool.