Penetration Testing / Red Teaming requires the use of a lot of tools.
I don't mind getting called a "script kiddie" because I can accomplish more and faster when I don't have to code every single task I need to do. This post is to point out companies that make this possible and give a small bit of thanks.
(If you've ever tried to convince a company to give something away for free, you can understand how big this really is). Some give a lot, some only one tool, but even one is more than some.
Of course the first is going to be Rapid7 and the Metasploit team: https://github.com/rapid7/metasploit-framework
Other company's free tools sections:
Sunera: http://security.sunera.com/p/tools.html
Immunity Inc: http://immunityinc.com/resources-freesoftware.shtml
SecureState: http://www.securestate.com/Research%20and%20Innovation/Pages/Tools.aspx
Core Security: http://corelabs.coresecurity.com/index.php?module=Wiki&action=list&type=tool
Hex-Rays: http://www.hex-rays.com/products/ida/support/download_freeware.shtml
Spider Labs: https://www.trustwave.com/spiderLabs-tools.php and https://github.com/SpiderLabs
RandomStorm: http://www.randomstorm.com/free-security-tools.php
SensePost: http://www.sensepost.com/labs/tools/pentest
Mc^H^H Foundstone: http://www.mcafee.com/us/downloads/free-tools/index.aspx
Stach and Liu: http://www.stachliu.com/resources/tools/
Secure Ideas: http://www.secureideas.net/publications.php (Projects on the right)
Buguroo: http://blog.buguroo.com/?cat=6
IOActive: http://ioactive.com/ioactive_labs_tools.html
NirSoft: http://www.nirsoft.net/
Joeware: http://www.joeware.net/freetools/
...and of course Micros^H^H^H^H^H^H Sys Internals:
http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx
If you know of more, please leave a comment below and I'll add it to the list.
Cross-posted from Room362
