geoipgen is an IP network tool for generating geotargeted lists of IP addresses using MaxMind's GeoLite Country database. It can randomly enumerate all IP addresses or a specified number of IP addresses in a particular country or a list of countries. For example, to get all IPs for Japan in a random order, use "geoipgen jp". For a sample of 10,000 IPs from Australia and New Zealand, use "geoipgen -n 10000 au nz".
PRADS is a "Passive Real-time Asset Detection System". It passively listens to network traffic and gathers information on hosts and services it sees. This information can be used to map your network, letting you know what services and hosts are alive and used. It can also be used together with your favorite IDS/IPS setup for "event to host/service" correlation. It can help you make sure that your inventory database is up to date. PRADS commes in two versions. One written in Perl, and one written in C. Some features might only be found in one of the versions.
nessus-xmlrpc is a Ruby library for the Nessus XML-RPC interface. You can use it to start, stop, pause, and resume scans. It lets you watch progress and status of scans, download reports, etc. It comes with an example command line program that shows how easy it is to interact with the Nessus scanner.
OWASP Zed Attack Proxy (ZAP) is an easy-to-use integrated penetration testing tool for finding vulnerabilities in Web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen tester's toolbox. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
ipredirectd has functionality similar to netcat but with some extra features. Multiple clients and full logging of network traffic are supported. It can also manipulate incoming and outgoing text traffic. Manipulation is based on pattern files that support regular expressions. This feature is probably most useful with HTTP. The software is smart enough not to apply regular expressions on non-HTML data by reading the content-type header. One possible usage is redistribution of pre-authenticated Web pages in foreign domains by replicating authentication and session cookies.
Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don't use Metasploit every day. If you want to learn Metasploit and grow into the advanced features, Armitage can help you.