1. Nmap (Network Mapper)
Website**: [Nmap](
https://nmap.org/ )
Description**: Open-source tool for network discovery and security auditing.
2. Burp Suite (Community Edition)
Website**: [Burp Suite Community Edition](
https://portswigger.net/burp/communitydownload )
Description**: Free version of the popular web vulnerability scanner.
3. SQLmap
Website**: [SQLmap](
http://sqlmap.org/ )
Description**: Open-source tool for automating the detection and exploitation of SQL injection flaws.
4. Nikto
Website**: [Nikto](
https://cirt.net/Nikto2 )
Description**: Open-source web server scanner.
5. Metasploit Framework
Website**: [Metasploit Framework](
https://www.metasploit.com/ )
Description**: Free, open-source version of the comprehensive penetration testing framework.
6. OWASP ZAP (Zed Attack Proxy)
Website**: [OWASP ZAP](
https://www.zaproxy.org/ )
Description**: Open-source web application security scanner.
7. John the Ripper
Website**: [John the Ripper](
https://www.openwall.com/john/ )
Description**: Open-source password cracker.
8. Aircrack-ng
Website**: [Aircrack-ng](
https://www.aircrack-ng.org/ )
Description**: Open-source suite for assessing Wi-Fi network security.
9. Hydra
Website**: [Hydra](
https://github.com/vanhauser-thc/thc-hydra )
Description**: Fast and flexible network login cracker.
10. Wpscan
Website**: [Wpscan](
https://wpscan.com/ )
Description**: Free, open-source WordPress security scanner.