ZAP

https://www.zaproxy.org/

Nessus

https://www.tenable.com/downloads/nessus

BackTrack

https://www.backtrack-linux.org/

Nikto

including over 6400 potentially dangerous files/CGIs

https://datahunter.org/nikto

w3af

framework for finding and exploiting web application vulnerabilities.

OpenVAS

forked from the last free version of Nessus after Nessus went proprietary in 2005

Scapy

interactive packet manipulation tool, packet generator, network scanner
( interact with it using the Python )

Hping

sends custom ICMP, UDP, or TCP packets and then displays any replies.

THC Hydra

brute force crack a remote authentication service