The MSF eXploit Builder (MSF-XB) is a free win32 application (GUI) that wants to be an Exploit Development Platform. The main goal is to speed up the exploit development process, this is accomplished by using the powerful functionalities and neat design of The Metasploit Framework.
MSF-XB automatically generates MSF compliants exploits modules.
The MSF-XB package also includes [...]

SSA (Security System Analyzer) is free non-intrusive OVAL-Compatible software. It provides security testers, auditors with an advanced overview of the security policy level applied.
Features :

OVAL-compatible product
SCAP (Security Content Automation Protocol)
Perform a deep inventory audit on installed softwares and applications
Scan and map vulnerabilities using non-intrusive techniques based on schemas
Detect and identify missed patches and hotfixes
Define [...]

The concept of passing the hash on Windows came about a while ago, now there’s a tool for it in it’s second revision (which fixed some problems with foreign language Windows versions and Windows 2003).
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools [...]

SSA (Security System Analyzer) is free non-intrusive OVAL-Compatible software. It provides security testers, auditors with an advanced overview of the security policy level applied.

Features :

OVAL-compatible product
SCAP (Security Content Automation Protocol)
Perform a deep inventory audit on installed softwares and applications

Scan and map vulnerabilities using non-intrusive techniques based on schemas
Detect and identify missed patches and hotfixes
Define a [...]

New versions of the excellent pwdump6 and fgdump have been released (1.6.0 for both!).
For those that don’t know what pwdump or gfdump are..
pwdump6 is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories. It is based on pwdump3e, [...]

Some cool free tools made by folks from the French Honeynet Project.
FakeNetBIOS is a family of tools designed to simulate Windows hosts on a LAN. The individual tools are:

FakeNetbiosDGM (NetBIOS Datagram)
FakeNetbiosNS (NetBIOS Name Service)

Each tool can be used as a standalone tool or as a honeyd responder or subsystem.
FakeNetbiosDGM sends NetBIOS Datagram service packets on [...]

A new version of SSA (Security System Analyzer) has been released - version 1.5.1.
SSA is a scanner based on OVAL, the command line tool provided by MITRE is not very easy to use so the guys at Security Database decided to write a GUI to make it simple to use and understand and then free [...]

Open Vulnerability and Assessment Language (OVAL) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout [...]

Finally it’s out of BETA, Metasploit Framework Version 3.0 has been released and it’s a lot more Windows friendly.
The Metasploit Framework (”Metasploit”) is a development platform for creating security tools and exploits. Version 3.0 contains 177 exploits, 104 payloads, 17 encoders, and 3 nop modules. Additionally, 30 auxiliary modules are included that perform a wide [...]

ADN - Active Directory Navigator is a little tool to visually explore an Active Directory and perform a simple dictionary attack against users’ password.
You can download the tool here:

ADN - Active Directory Navigator
MD5 4a1e3bb33a25d91d7d7a70877f8374ef
SHA1 a0bf80e9426835b88cc6604784d2d949efe5645f
Notes: It requires .NET framework and PCSoft framework