This is a (non-comprehensive) list of the various security tools I have used. I started this list to keep track of tools that I've tried out and the level of satisfaction with them. Obviously there are hundreds of tools that any IT security professional uses throughout their career, so I'm just starting to put down the most recent, interesting or particularly effective. As I have time, I'll update and add comments/reviews/examples as well as break this into categories as the list grows.
Assessment / Attack Tools
Web Application Attack and Audit Framework (w3af) w3af.sourceforge.net
IBM Rational AppScan www-01.ibm.com/software/awdtools/appscan
Samurai Web Testing Framework samurai.inguardians.com
SecViz Security Visualization (davix) www.secviz.org/node/89
V3RITY Oracle Database Forensics (www.v3rity.com/v3rity.php) – "V3RITY is a tool that can be used in an Oracle forensics investigation of a suspected breach. It is the first of its kind and is currently in the beta stages of development."