amass : Subdomain OSINT Enumeration ( https://github.com/caffix/amass )
armitage : Cyber Attack Management for Metasploit ( http://www.fastandeasyhacking.com/ )
armitage-bin : Cyber Attack Management for Metasploit ( http://www.fastandeasyhacking.com/ )
arpantispoofer : An utility to detect and resist arp spoofing ( http://sourceforge.net/projects/arpantispoofer/ )
autoscan-network : Utility for network exploration with Samba support. ( http://autoscan-network.com/ )
bettercap : A complete, modular, portable and easily extensible MITM framework ( https://github.com/bettercap/bettercap/ )
blindelephant : generic web application fingerprinter that produces results by examining a small set of static files ( http://blindelephant.sourceforge.net/ )
bonesi : BoNeSi - the DDoS Botnet Simulator ( https://github.com/Markus-Go/bonesi )
cisco-auditing-tool : Perl script which scans cisco routers for common vulnerabilities. ( http://www.scrypt.net/~g0ne )
cisco-bruteforce-enabler : cisco internal bruteforcer ( http://packetstormsecurity.org/cisco/enabler.c )
cisco-scanner : scan a network for cisco routers with default passwords ( http://packetstormsecurity.org/cisco/ciscos.c )
cisco-torch : Cisco mass scanning, fingerprinting, and exploitation tool ( http://www.arhont.com/en/category/resources/tools-utilities/ )
crackmapexec : A swiss army knife for pentesting Windows/Active Directory environments ( https://github.com/byt3bl33d3r/CrackMapExec/releases )
davtest : tests WebDAV enabled servers ( https://github.com/cldrn/davtest )
dirb : A Web Content Scanner to look for existing/hidden content ( http://dirb.sourceforge.net/ )
dnsa : Swiss-army knife tool for dns auditing ( http://packetfactory.openwall.net/projects/dnsa/index.html )
dnsrecon : DNS Enumeration Script ( https://github.com/darkoperator/dnsrecon )
dripcap-bin : Caffeinated Modern Packet Analyzer ( https://dripcap.org )
enum4linux : a tool for enumerating information from Windows and Samba systems ( http://labs.portcullis.co.uk/application/enum4linux/ )
evilgrade : A modular framework that takes advantage of poor upgrade implementations by injecting fake updates. ( http://www.infobytesec.com/developments.html )
fierce : A DNS reconnaissance tool for locating non-contiguous IP space ( https://github.com/mschwager/fierce )
geoedge : This little tools is designed to get geolocalization information of a host ( http://www.edge-security.com/edge-soft.php )
geoipgen : Generate a list of hostnames based on country ( http://www.morningstarsecurity.com/research/geoipgen )
httprint : HTTP fingerprinter tool ( http://net-square.com/httprint.html )
hyenae : a highly flexible packet generator ( http://sourceforge.net/projects/hyenae/ )
ike-scan : A utility for finding, fingerprinting and testing IKE VPN servers ( http://www.nta-monitor.com/wiki/index.php/Ike-scan_Documentation )
inguma : Inguma is an open source penetration testing toolkit written completely in Python ( http://inguma.eu/projects/inguma )
jmsdigger-bin : JMSDigger is an Enterprise Messaging Application assessment tool focuses on ActiveMQ ( https://github.com/OpenSecurityResearch/jmsdigger )
maketh : Ethernet packet injector and creator ( http://simpp-kode.tuxfamily.org/maketh/index.html )
masscan : Mass IP port scanner ( https://github.com/robertdavidgraham/masscan" SRC_URI="${HOMEPAGE}/archive/${PV}.tar.gz -> ${P}.tar.gz )
medusa : A Modular,Parallel,Multiprotocol, Network Login Auditor ( http://www.foofus.net/jmk/medusa/medusa.html )
metacoretex-ng : A nice, java-based, MYSQL/Oracle/MSSQL/ODBC attack framework ( http://metacoretex-ng.sourceforge.net )
metagoofil : Information gathering tool designed for extracting metadata of public documents ( http://www.edge-security.com/metagoofil.php )
metasploit : Advanced framework for developing, testing, and using vulnerability exploit code ( http://www.metasploit.org/ )
mosref : A secure remote execution framework using a compact Scheme-influenced VM ( http://sourceforge.net/projects/mosref/ )
nacker : Bypass NAC by hijacking non-802.1x configurable hosts ( https://github.com/carmaa/nacker )
nbtool : Some tools for NetBIOS and DNS investigation, attacks, and communication ( http://www.skullsecurity.org/wiki/index.php/Nbtool )
nessus-bin : A remote security scanner for Linux ( http://www.nessus.org" einfo "Please download ${A} from ${HOMEPAGE}/download" elog "${HOMEPAGE}/documentation/ )
nikto : Web server vulnerability scanner ( http://www.cirt.net/Nikto2 )
nmap-vulners : NSE script based on Vulners.com API ( https://github.com/vulnersCom/nmap-vulners )
nmap_vulscan : A NSE vulnerability scanner which uses an offline version of scip VulDB ( http://www.computec.ch/projekte/vulscan/ )
ntp-fingerprint : NTP fingerprinting utility ( http://www.arhont.com/en/category/resources/tools-utilities/ )
onesixtyone : An efficient SNMP scanner ( http://labs.portcullis.co.uk/application/onesixtyone/ http://www.phreedom.org/software/onesixtyone/ )
owtf : The Offensive Web Testing Framework ( https://github.com/owtf/owtf )
packet-o-matic : packet-o-matic is a real time packet processor ( http://www.packet-o-matic.org/ )
padbuster : Automated script for performing Padding Oracle attacks ( http://gdssecurity.com )
plecost : Wordpress finger printing tool, retrieve information about the plugins and versions installed ( http://www.iniqua.com/labs/plecost/ )
polenum : Extract password policy from a windows machine ( https://github.com/Wh1t3Fox/polenum )
ppscan : Port scanner with HTTP and FTP tunneling support ( https://packetstormsecurity.com/files/82897/PPScan-Portscanner-0.3.html )
recon-ng : Web Reconnaissance Framework ( https://bitbucket.org/LaNMaSteR53/recon-ng )
rpcapd : Remote packet capture daemon ( http://www.winpcap.org/devel.htm )
ruler : A tool to abuse Exchange services ( https://github.com/sensepost/ruler )
scamper : Actively probes the Internet in order to analyze topology and performance ( http://www.caida.org/tools/measurement/scamper/ )
scapy : A Python interactive packet manipulation program for mastering the network ( http://www.secdev.org/projects/scapy/ https://github.com/secdev/scapy )
sessionlist : A HTTP packets sniffer ( https://github.com/iamrage/sessionlist )
set : A social engineering framework ( https://www.trustedsec.com/downloads/social-engineer-toolkit/ )
sipvicious : A voip pentest tools suite ( http://code.google.com/p/sipvicious/ )
snmpenum : A perl script to enumerate SNMP table dumper ( http://packetstormsecurity.org )
sqlninja : A SQL Server injection and takeover tool ( http://sqlninja.sourceforge.net/ )
sslcat : netcat like application with ssl support ( http://www.bindshell.net/tools/sslcat )
sslstrip : sslstrip remove https and forwards http ( http://www.thoughtcrime.org/software/sslstrip/ )
ssltest : SSL testing tool written in perl ( http://sites.google.com/site/lupingreycorner/" HOMEPAGE="https://github.com/stephenbradshaw/ssltest )
sslyze : Fast and full-featured SSL scanner ( https://github.com/nabla-c0d3/sslyze )
subdomainer : This script will search in Google, Msn.search and Yahoo for subdomains related to the target domain ( http://www.edge-security.com/subdomainer.php )
sublist3r : Enumerate subdomains of websites using OSINT ( https://github.com/aboul3la/Sublist3r )
thc-pptp-bruter : a brute force program that works against pptp vpn endpoints ( http://www.thc.org )
thc-ssl-dos : THC-SSL-DOS is a tool to verify the performance of SSL servers ( http://www.thc.org )
theHarvester : The Harvester is a tool designed to collect email accounts of the target domain ( http://www.edge-security.com/theharvester.php )
ucsniff : VoIP audio and video sniffer ( http://ucsniff.sourceforge.net )
unicornscan : A utility for information gathering or security auditing ( http://www.unicornscan.org )
upnpwn : UPNP pentesting tool and library ( http://bigbrainlabs.blogspot.com/ )
videojak : VideoJak is an IP Video security assessment tool ( http://videojak.sourceforge.net/ )
voiphopper : VoIP Hopper is a tool that rapidly runs a VLAN Hop into the Voice VLAN ( http://voiphopper.sourceforge.net/ )
vomit : Converts a Cisco IP phone conversation into a wav file" ( http://vomit.xtdnet.nl/ )
w3af : Web Application Attack and Audit Framework ( http://w3af.sourceforge.net/ )
wafp : A webapplication fingerprinter written in ruby ( http://code.google.com/p/webapplicationfingerprinter/ )
wafw00f : Identifies and fingerprints Web Application Firewall (WAF) products ( https://github.com/sandrogauci/wafw00f )
wapiti : Web application security auditor ( http://wapiti.sourceforge.net/ )
webshag : An enhanced HTTP URL Scanner and fuzzer ( https://www.scrt.ch/en/attack/downloads/webshag )
wfuzz : Wfuzz is a tool designed for bruteforcing Web Applications ( http://www.edge-security.com/wfuzz.php )
whatweb : Next generation web scanner, identifies what software websites are running ( http://www.morningstarsecurity.com/research/whatweb )
wpscan : Wordpress security scanner ( http://wpscan.org/ )
xplico : Extract data from TCP/IP traffic ( http://www.xplico.org )
zarp : Local network attack toolkit ( https://github.com/hatRiot/zarp )
Add an ebuild in portage :
The ebuild is now in the portage tree.
You can also use layman : emerge layman then layman -a pentoo
For Paludis use this rsync : rsync://gentoo.zugaina.org/pentoo-portage
If you have a problem : ycarus(-at-)zugaina.org