The process of ethical hacking requires a qualitative set of different automatic tools which makes the job easier and less time consuming. The requirement of the tools vary in accordance to the types of the host devices to be hacked or secured. Generally a toolkit includes a port scanner (Nmap recommended), cracking tool (john the ripper, hydra, etc), some tools for gathering information, vulnerability scanner, vulnerability management, IDS and other necessary tools depending on the nature of the hosts platform.
Edit
1. Nessus
Nessus is one of the most important hacking tool. It is a reliable vulnerability scanner developed by Tenable network security. It is available at null cost for the home users employing it for noncommercial purposes. It is very helpful in detecting critical bugs on a system. It can effectively detect weak passwords, misconfiguration or unpatched services and other vulnerbilities on a system.
Edit
2. Nmap
Nmap is one of the best hacking tools designed to be used in second phase of ethical hacking. Earlier versions of Nmap supported only Linux/Unix based operating systems but its fresh version is compatible with windows operating systems as well. It features fragmentation scanning, TCP FIN scanning, TCP SYN scanning, TCP reverse ident scanning, etc. It is employed for Operating system fingerprinting too.
Edit
3. Nikto
Nikto is a very helpful tool which helps in measuring web application security. It is one of the most popular tool used in finding out the bug on a web application. It can diagnose a web server for over 5000 files/CGIs with potential threats. It also checks for outdated versions of over thousand servers and helps in detecting misconfiguration files. It is a very effective tool for finding out the insecure files and programs.
Edit
4. Kismet
Kismet is one of the most preferred tools for checking vulnerability of wireless networks. Just like Kismac for MAC and netstumbler for windows, there is Kismet for Linux. It detects and sniffs the wireless LAN to extract maximum information about that network. It works by passively collecting packets and detecting networks which enables it to expose the names of hidden networks and the presence of non-beaconing networks with the help of data traffic.
Edit
5. Metasploit
It is one of the best tools used by the most penetration tester as well as the hackers. It is an open source security project which bundles the information about vulnerabilities. It is employed to execute exploit code against a machine and get the desire task done. It provides metasploit express, metasploit pro and metasploit framework. It is available at no cost for Windows and Linux based operating systems.
