Golem Security Scanner!

SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers.

A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets. Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.

Audit your website security and web applications for SQL injection, Cross site scripting and other web vulnerabilities with Acunetix Web Security Scanner. Download Free Edition!

w3af is a Web Application Attack and Audit Framework

IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can create their own custom security scanners using it. Though an advanced user with Python/Ruby scripting expertise would be able to make full use of the platform, a lot of the tool's features are simple enough to be used by absolute beginners.

Wapiti allows you to audit the security of your web applications. Wapiti is a command line tool.

Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.

The CobWeb Internal Scanner (CWIS, pronounced see-wis) is a lightweight antivirus scanner application. The scanner designed to detect adware and malware, backdoors and exploits, phishing code, trojans and viruses, CMS and server vulnerabilities and other threats within database content and files uploaded to your system.Main Features

Firefox add-on that lets you change headers and request parameters before they're sent to the server. Unlike proxy request modifiers, it's integrated into the browser, so it has no problem with HTTPS connections, client authentication certificates, or other features that the browser supports.

Intruder is a proactive security monitoring platform for internet-facing systems.

Ammonite is a web application security scanner extension for Fiddler. Ammonite detects common vulnerabilities such as SQL injection, OS command injection, cross-site scripting, file inclusion, format string vulnerabilities, and buffer overflows. Ammonite includes unique features that make it particularly well suited for penetration testers and security professionals.