Gathering information:
(set) http://www.subnetonline.com/
(set) http://ping.eu/
(ping, dns_tools, traceroute, web_tools) http://serversniff.net/
(DIG / nslookup, whois, traceroute) http://networking.ringofsaturn.com/Tools/
(whois, dns_tools, service_scan, traceroute) http://centralops.net/co/DomainDossier.aspx
(whois, dns_tools, domain_search) http://www.whois.ws/
(whois, dns_tools) http://www.robtex.com/
(whois) http://www.ripn.net:8080/nic/whois
(whois) http://whois-search.ru/
(domain_search) http://searchdns.netcraft.com/
(ping and traceroute from all continents) http://www.wipmania.com/ru/tools/

Search Engines:
(exploit_search) http://exploitsearch.com/
(search_on_daemon) http://shodan.surtri.com/

Network scanning:
(nmap, openvas, sqlix, sqlmap, nikto, sub_domain) http://hackertarget.com/free-security-vulnerability-scans/
(scanner site structure) http://madnet.name/tools/madss/
(scanner site structure) http://defec.ru/scaner/

Selection of passwords:
(Lm, halflmchall, SHA1, md5, NTLM, WL, doublemd5, mysql323) http://plain-text.info/add/
(md5, SHA1, Lm, NTLM) http://www.tmto.org/?category=main&page=search
(md5, mysql323, MySQL5, SHA1) https://hashcracking.info
(Lm, NTLM, md5, mysql/3/4) http://hashcrack.com/
(md4, md5, NTLM) http://www.cryptohaze.com/addhashes.php
(md5, SHA1) http://md5.rednoize.com/
(md5, SHA1) http://isc.sans.org/tools/reversehash.html
(md5, Lm) http://milw0rm.com/cracker/insert.php
(md5, Lm) http://www.c0llision.net/webcrack.php
(! md5) http://md5cracker.tk/ (recommended)
(! md5) http://www.hashchecker.de/
(! md5) http://www.kinginfet.net/md5_cracker/
(Lm) http://lmcrack.com
(Lm) http://cracker.offensive-security.com/
(md5) http://gdataonline.com/seekhash.php
(md5) http://opencrack.hashkiller.com/
(md5) http://passcracking.ru/
(md5) http://md5crack.com/
(md5) http://md5decryption.com/
(md5) http://authsecu.com/decrypter-dechiffrer-cracker-hash-md5/decrypter-dechiffrer-cracker-hash-md5.php
(md5) http://hash.insidepro.com/
(md5) http://md5decrypter.com/
(md5) http://md5pass.info/
(md5) http://crackfor.me/
(md5) http://www.xmd5.org/
(md5) http://socialware.ru/md5_crack.php

Selection of key WPA / PSK:
http://www.wpacracker.com/
http://tools.question-defense.com/wpa-password-cracker/

Preparations for the attack Cross-Site Scripting:
http://h4k.in/encoding/
http://www.businessinfo.co.uk/labs/hackvertor/hackvertor.php
http://ha.ckers.org/xss.html
http://utf-8.jp/public/jjencode.html

Encoding / Decoding:
http://www.planetcreator.net/planetcreator/encode-decode
http://www.showmycode.com/
http://home2.paulschou.net/tools/xlate/
http://h4k.in/characters/

Working with shellcode:
http://metasploit.com:55555/
http://sandsprite.com/shellcode_2_exe.php

Help (Web-hacking):
(the structure of Web-based applications) http://itdefence.ru/dbitems/
(SQL Injection Cheat Sheet) http://pentestmonkey.net/cheat-sheets/

Check for malicious code:
(41AV) http://www.virustotal.com/
(37AV) http://www.virscan.org/
(20AV) http://virusscan.jotti.org
(behavioral analysis, inspection sites) http://anubis.iseclab.org/
(test sites) http://wepawet.cs.ucsb.edu/

CVSS2-calculator: http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2

Self check:
http://leader.ru/secure/who.html
http://browserspy.dk/ http://panopticlick.eff.org/
http://secunia.com/vulnerability_scanning/online/
http://nmap-online.com/

Checking password strength:

http://www.planetcreator.net/planetcreator/password-generator
http://www.passwordmeter.com/

Privacy / HTTP-anonymizer:
http://anonymizer.nntime.com/

Explore More

About WPA & WPA2

Wi-Fi Protected Access (WPA and WPA2) is a class of systems to secure wireless (Wi-Fi) computer networks. It was created in response to several serious weaknesses researchers had found in

LDAP Injection Vulnerabilities

LDAP Injection Overview LDAP Injection attacks are not as common as the other types of injection attacks, but if your product uses an LDAP server this must be tested. An

SQL Injection Cheat Sheet

(wiki) SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either