I'm not sure there is a definitive answer to the category question, but here are a few more you should consider: Footprinting -- These tools are mostly open source, such as domain queries via "whois" or "nslookup" and are primarily used to identify potential targets. Scanning -- These tools, such as "nmap" and "ncat" are used by an attacker to find open ports which potentially could be attacked. War Dialers -- These tools simply dial number after number, looking for modems. Rootkits -- These tools are what the so-called "script-kiddies" use to exploit known vulnerabilities. For a more complete discussion of this subject, I highly recommend Hacking Exposed, written by Stuart McClure, Joel Scambray and George Kurtz, published by Osborne. In it you will find a discussion of all of these types of tools, how they are used and a list of tools and where to find them. I'm reasonably certain that the second edition of this book was recently published.
Dig Deeper on Hacker tools and techniques: Underground hacking sites
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.