Information Assurance: Net Vulnerability and Exploit Frameworks

Open-source environment for exploitation code development, testing, and execution. Has extensible integration of payloads, encoders, no-op generators, and exploits. It also downloads with hundreds of ready-made exploits.

Clones websites, inserts payloads, and is extensible.

Server vulnerability scanner. Test for dangerous files/CGI versions on over 625 servers, and version specific problems on over 230 servers. Includes automatic updates.

Java based web proxy. Assesses web application vulnerability. Supports editing/viewing HTTP/HTTPS messages on-the-fly to change items such as cookies and form fields. Does web traffic recording and web spiders. Scans for web application attacks like SQL injection and cross-site scripting.

Nmap is a general purpose scanner and network administrator. It has abundant functionality.

Maintained by the company of the same name, Secunia reports many of the most recent vulnerabilities and offers free trial versions of its vulnerability scanning software.

Massive vulnerability database, is maintained by Security Focus.

Maintained by the Computer Emergency Readiness Team, besides vulnerabilities it also keeps track of security research papers.