Gathering information:
(set) http://www.subnetonline.com/
(set) http://ping.eu/
(ping, dns_tools, traceroute, web_tools) http://serversniff.net/
(DIG / nslookup, whois, traceroute) http://networking.ringofsaturn.com/Tools/
(whois, dns_tools, service_scan, traceroute) http://centralops.net/co/DomainDossier.aspx
(whois, dns_tools, domain_search) http://www.whois.ws/
(whois, dns_tools) http://www.robtex.com/
(whois) http://www.ripn.net:8080/nic/whois
(whois) http://whois-search.ru/
(domain_search) http://searchdns.netcraft.com/
(ping and traceroute from all continents) http://www.wipmania.com/ru/tools/

Search Engines:
(exploit_search) http://exploitsearch.com/
(search_on_daemon) http://shodan.surtri.com/

Network scanning:
(nmap, openvas, sqlix, sqlmap, nikto, sub_domain) http://hackertarget.com/free-security-vulnerability-scans/
(scanner site structure) http://madnet.name/tools/madss/
(scanner site structure) http://defec.ru/scaner/

Selection of passwords:
(Lm, halflmchall, SHA1, md5, NTLM, WL, doublemd5, mysql323) http://plain-text.info/add/
(md5, SHA1, Lm, NTLM) http://www.tmto.org/?category=main&page=search
(md5, mysql323, MySQL5, SHA1) https://hashcracking.info
(Lm, NTLM, md5, mysql/3/4) http://hashcrack.com/
(md4, md5, NTLM) http://www.cryptohaze.com/addhashes.php
(md5, SHA1) http://md5.rednoize.com/
(md5, SHA1) http://isc.sans.org/tools/reversehash.html
(md5, Lm) http://milw0rm.com/cracker/insert.php
(md5, Lm) http://www.c0llision.net/webcrack.php
(! md5) http://md5cracker.tk/ (recommended)
(! md5) http://www.hashchecker.de/
(! md5) http://www.kinginfet.net/md5_cracker/
(Lm) http://lmcrack.com
(Lm) http://cracker.offensive-security.com/
(md5) http://gdataonline.com/seekhash.php
(md5) http://opencrack.hashkiller.com/
(md5) http://passcracking.ru/
(md5) http://md5crack.com/
(md5) http://md5decryption.com/
(md5) http://authsecu.com/decrypter-dechiffrer-cracker-hash-md5/decrypter-dechiffrer-cracker-hash-md5.php
(md5) http://hash.insidepro.com/
(md5) http://md5decrypter.com/
(md5) http://md5pass.info/
(md5) http://crackfor.me/
(md5) http://www.xmd5.org/
(md5) http://socialware.ru/md5_crack.php

Selection of key WPA / PSK:
http://www.wpacracker.com/
http://tools.question-defense.com/wpa-password-cracker/

Preparations for the attack Cross-Site Scripting:
http://h4k.in/encoding/
http://www.businessinfo.co.uk/labs/hackvertor/hackvertor.php
http://ha.ckers.org/xss.html
http://utf-8.jp/public/jjencode.html

Encoding / Decoding:
http://www.planetcreator.net/planetcreator/encode-decode
http://www.showmycode.com/
http://home2.paulschou.net/tools/xlate/
http://h4k.in/characters/

Working with shellcode:
http://metasploit.com:55555/
http://sandsprite.com/shellcode_2_exe.php

Help (Web-hacking):
(the structure of Web-based applications) http://itdefence.ru/dbitems/
(SQL Injection Cheat Sheet) http://pentestmonkey.net/cheat-sheets/

Check for malicious code:
(41AV) http://www.virustotal.com/
(37AV) http://www.virscan.org/
(20AV) http://virusscan.jotti.org
(behavioral analysis, inspection sites) http://anubis.iseclab.org/
(test sites) http://wepawet.cs.ucsb.edu/

CVSS2-calculator: http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2

Self check:
http://leader.ru/secure/who.html
http://browserspy.dk/ http://panopticlick.eff.org/
http://secunia.com/vulnerability_scanning/online/
http://nmap-online.com/

Checking password strength:

http://www.planetcreator.net/planetcreator/password-generator
http://www.passwordmeter.com/

Privacy / HTTP-anonymizer:
http://anonymizer.nntime.com/