0trace : 0trace.sh is a reconnaissance / firewall bypassing tool that enables hop enumeration ( http://jon.oberheide.org/0trace/ )
afterglow : A collection of Perl scripts which facilitate the process of generating graphs from CSV inputs ( http://afterglow.sourceforge.net/ )
armitage : Cyber Attack Management for Metasploit ( http://www.fastandeasyhacking.com/ )
armitage-bin : Cyber Attack Management for Metasploit ( http://www.fastandeasyhacking.com/ )
arpantispoofer : An utility to detect and resist arp spoofing ( http://sourceforge.net/projects/arpantispoofer/ )
autoscan-network : Utility for network exploration with Samba support ( http://autoscan.fr )
blindelephant : generic web application fingerprinter that produces results by examining a small set of static files ( http://blindelephant.sourceforge.net/ )
cisco-auditing-tool : Perl script which scans cisco routers for common vulnerabilities ( http://www.scrypt.net/~g0ne )
cisco-bruteforce-enabler : cisco internal bruteforcer ( http://packetstormsecurity.org/cisco/enabler.c )
cisco-scanner : scan a network for cisco routers with default passwords ( http://packetstormsecurity.org/cisco/ciscos.c )
cisco-torch : Cisco mass scanning, fingerprinting, and exploitation tool ( http://www.arhont.com/en/category/resources/tools-utilities/ )
davtest : tests WebDAV enabled servers ( http://code.google.com/p/davtest/ )
dirb : A Web Content Scanner to look for existing/hidden content ( http://dirb.sourceforge.net/ )
dnsa : Swiss-army knife tool for dns auditing ( http://packetfactory.openwall.net/projects/dnsa/index.html )
dnsrecon : DNS Enumeration Script ( https://github.com/darkoperator/dnsrecon )
dsniff : A collection of tools for network auditing and penetration testing ( http://monkey.org/~dugsong/dsniff/ )
enum4linux : a tool for enumerating information from Windows and Samba systems ( http://labs.portcullis.co.uk/application/enum4linux/ )
evilgrade : A modular framework that takes advantage of poor upgrade implementations by injecting fake updates ( http://www.infobytesec.com/developments.html )
fierce : Fierce is a DNS reconnaissance tool written in perl ( http://ha.ckers.org/fierce/ )
geoedge : This little tools is designed to get geolocalization information of a host ( http://www.edge-security.com/edge-soft.php )
geoipgen : Generate a list of hostnames based on country ( http://www.morningstarsecurity.com/research/geoipgen )
httprint : HTTP fingerprinter tool ( http://net-square.com/httprint.html )
hyenae : a highly flexible packet generator ( http://sourceforge.net/projects/hyenae/ )
ike-scan : A utility for finding, fingerprinting and testing IKE VPN servers ( http://www.nta-monitor.com/tools-resources/security-tools/ike-scan )
inguma : Inguma is an open source penetration testing toolkit written completely in Python ( http://inguma.eu/projects/inguma )
jmsdigger-bin : JMSDigger is an Enterprise Messaging Application assessment tool focuses on ActiveMQ ( https://github.com/OpenSecurityResearch/jmsdigger )
maketh : Ethernet packet injector and creator ( http://simpp-kode.tuxfamily.org/maketh/index.html )
masscan : Mass IP port scanner ( https://github.com/robertdavidgraham/masscan" SRC_URI="${HOMEPAGE}/archive/${PV}.tar.gz -> ${P}.tar.gz )
medusa : A Modular,Parallel,Multiprotocol, Network Login Auditor ( http://www.foofus.net/jmk/medusa/medusa.html )
metacoretex-ng : A nice, java-based, MYSQL/Oracle/MSSQL/ODBC attack framework ( http://metacoretex-ng.sourceforge.net )
metagoofil : Metagoofil is an information gathering tool designed for extracting metadata of public documents ( http://www.edge-security.com/metagoofil.php )
metasploit : Advanced open-source framework for developing, testing, and using vulnerability exploit code ( http://www.metasploit.org/ )
mosref : A secure remote execution framework using a compact Scheme-influenced VM ( http://sourceforge.net/projects/mosref/ )
nDPI : an open source GPLv3 library for deep-packet inspection. ( http://www.ntop.org/ )
nacker : Bypass NAC by hijacking non-802.1x configurable hosts ( https://github.com/carmaa/nacker )
nbtool : Some tools for NetBIOS and DNS investigation, attacks, and communication ( http://www.skullsecurity.org/wiki/index.php/Nbtool )
nessus-bin : A remote security scanner for Linux ( http://www.nessus.org/" einfo "Please download ${A} from ${HOMEPAGE}/download" elog "${HOMEPAGE}/documentation/ )
netmap : A tool for creating a graphical representation of your network ( http://myoss.belgoline.com/netmap )
nikto : Web Server vulnerability scanner ( http://www.cirt.net/Nikto2 )
nmap_vulscan : A NSE vulnerability scanner which uses an offline version of different vulnerability databases ( http://www.scip.ch/ )
ntp-fingerprint : NTP fingerprinting utility ( http://www.arhont.com/en/category/resources/tools-utilities/ )
onesixtyone : An efficient SNMP scanner ( http://labs.portcullis.co.uk/application/onesixtyone/ http://www.phreedom.org/software/onesixtyone/ )
packet-o-matic : packet-o-matic is a real time packet processor ( http://www.packet-o-matic.org/ )
padbuster : Automated script for performing Padding Oracle attacks ( http://gdssecurity.com )
polenum : a python script for extracting the password policy information from a Windows/Samba machine ( http://labs.portcullis.co.uk/application/polenum/ )
ppscan : port scanner with HTTP and FTP tunneling support ( http://aconole.brad-x.com/programs/ )
recon-ng : Web Reconnaissance Framework ( https://bitbucket.org/LaNMaSteR53/recon-ng )
rpcapd : Remote packet capture daemon ( http://www.winpcap.org/devel.htm )
sessionlist : A HTTP packets sniffer ( https://github.com/iamrage/sessionlist )
sipvicious : A voip pentest tools suite ( http://code.google.com/p/sipvicious/ )
smtpmap : a very complete and well done fingerprinter for SMTP, FTP and POP3 fingerprinter ( http://www.projectiwear.org/~plasmahh/software.html )
snmpenum : A perl script to enumerate SNMP table dumper ( http://packetstormsecurity.org )
sqlninja : A SQL Server injection and takeover tool ( http://sqlninja.sourceforge.net/ )
sslcat : netcat like application with ssl support ( http://www.bindshell.net/tools/sslcat )
sslscan : SSLScan determines what ciphers are supported on SSL-based services ( https://github.com/ioerror/sslscan )
ssltest : SSL testing tool written in perl ( http://sites.google.com/site/lupingreycorner/ )
sslyze : Fast and full-featured SSL scanner ( https://github.com/iSECPartners/sslyze )
subdomainer : This script will search in Google, Msn.search and Yahoo for subdomains related to the target domain ( http://www.edge-security.com/subdomainer.php )
suricata : next generation intrusion detection and prevention engine ( http://www.openinfosecfoundation.org )
thc-pptp-bruter : a brute force program that works against pptp vpn endpoints ( http://www.thc.org )
thc-ssl-dos : THC-SSL-DOS is a tool to verify the performance of SSL servers ( http://www.thc.org )
ucsniff : VoIP audio and video sniffer ( http://ucsniff.sourceforge.net )
unicornscan : A utility for information gathering or security auditing ( http://www.unicornscan.org )
upnpwn : UPNP pentesting tool and library ( http://bigbrainlabs.blogspot.com/ )
videojak : VideoJak is an IP Video security assessment tool ( http://videojak.sourceforge.net/ )
voiphopper : VoIP Hopper is a tool that rapidly runs a VLAN Hop into the Voice VLAN ( http://voiphopper.sourceforge.net/ )
vomit : Converts a Cisco IP phone conversation into a wav file" ( http://vomit.xtdnet.nl/ )
w3af : Web Application Attack and Audit Framework ( http://w3af.sourceforge.net/ )
wafp : A webapplication fingerprinter written in ruby ( http://code.google.com/p/webapplicationfingerprinter/ )
wapiti : Web application security auditor ( http://wapiti.sourceforge.net/ )
webshag : An enhanced HTTP URL Scanner and fuzzer ( http://www.scrt.ch/pages/outils.html )
wfuzz : Wfuzz is a tool designed for bruteforcing Web Applications ( http://www.edge-security.com/wfuzz.php )
whatweb : Next generation web scanner, identifies what software websites are running ( http://www.morningstarsecurity.com/research/whatweb )
wireshark : A network protocol analyzer formerly known as ethereal ( http://www.wireshark.org/" SRC_URI="${HOMEPAGE}download/src/all-versions/${P}.tar.bz2 )
wpscan : Wordpress security scanner ( http://wpscan.org/ )
xplico : Extract data from TCP/IP traffic ( http://www.xplico.org )
zarp : Local network attack toolkit ( https://defense.ballastsecurity.net/wiki/index.php/Zarp )
Add an ebuild in portage :
The ebuild is now in the portage tree.
You can also use layman : emerge layman then layman -a spike
For Paludis use this rsync : rsync://gentoo.zugaina.org/spike-portage
If you have a problem : ycarus(-at-)zugaina.org