it is mainly used for network discovery and security auditing.Nmap uses raw IP packets in to determine hosts available in a network, services (application name and version) running OS versions, and what type of packet filters/firewalls are in use, and other characteristics.
2.Lynis – Security auditing tool for Unix/Linux systems(for servers)
it is an open source security auditing tool used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux/Unix-based systems.
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
4.OWASP(Open Web Application Security Project) ZAP – Zed Attack Proxy Project for application.
it is mostly used for penetration testing to find vulnerabilities in web applications. any one can use it.for futher information visit