Wireshark is a network protocol analyzer that lets you see what's happening on the network down to the finest detail, but a pen testing tool is needed to exploit any vulnerabilities.

Nmap is a port scanner more than a penetration testing tool, but it aids pen testing by flagging the best areas to target in an attack.

Fiddler is a useful collection of manual tools for dealing with web debugging, web session manipulation, and security and performance testing.

Nessus is a widely used paid vulnerability assessment tool that is best for experienced security teams, and should be used in conjunction with pen testing tools.

Metasploit helps IT security teams find and test vulnerabilities – and analyze the results so remediation steps can be done efficiently.