Answer:
Important note: Sharing information about hacking isn't illegal, and in the right hands can make the Internet safer. However, the use of these tools is illegal in most circumstances, even if you try to use them against a friend's computer. Even if your friend gives permission, the ISP that owns the network can still report your activity as illegal hacking. Anyone who wants to toy around with these tools must practice in a private, non-Internet-connected lab.
There are too many hacking tools to list here, and many hackers (both ethical and unethical) write their own tools to accomplish their tasks. There are, however, some very well-known tools.
Nmap - One of the most famous hacking tools around. Nmap is a port scanner, meaning that it scans a system in an attempt to identify open ports. In addition to identifying open ports, it can guess the operating system of the target and the name and version number of running services.
Netcat - Another famous tool, designed for reading and writing data across TCP or UDP connections, and sometimes called "the Swiss Army Knife" of TCP/IP. It allows you to set-up almost any kind of connection you need, making it a remarkably flexible backdoor.
Nessus - Formerly free, Nessus is a UNIX vulnerability assessment tool, making the penetration testing process much easier. It uses "plugins" to conduct a very wide variety of scans. The plugins can be either downloaded, or a more savvy user can write their own plugins with the embedded scripting language.
Metasploit Framework - A groundbreaking exploit testing platform, making the kind of automated exploitation found in Canvas and Core Impact available for free. It's a system that allows you to develop and test exploit code - a shellcoder's dream. It can generate flawless shellcode, even including no-op code generation, and combined with configurable payloads, there isn't a test that couldn't be devised with this software.
Hping2 - Often described as "ping on steroids," it allows you to craft custom ICMP, TCP, or UDP packets. Good for scanning large targets and for mapping out firewall rulesets.
Wireshark - formerly Ethereal, this is a "sniffer" - it pulls data off the network and displays it. In promiscuous mode, it will pull any data that is "visible;" that is, any data in the same broadcast domain is fair game to be displayed. If that data is unencrypted, it can be easily seen. Lots of interesting confidential information can be found shared in plaintext on a network wire, and Wireshark will find it. It has powerful customizable filters allowing you to only display the packets that interest you.
Kismet - no discussion of sniffers is complete without mention of Kismet, a passive wireless scanner. Instead of sending out probes to discover networks, which is what an active WiFi scanner does (and what an ordinary WiFi client does when it is seeking networks), and thus revealing the scanner's presence, Kismet simply listens without sending packets, and analyzes and displays this information. It can not only identify all wireless networks that are sending packets, but it can name networks with no-SSID-broadcast enabled; it can identify all associated clients, which is useful for mapping out MAC filtering; it can also pull raw packets and display their content.
Nikto - Like the vulnerability scanners listed above, except designed for Web site security. It performs comprehensive tests against Web servers.
Cain and Abel - simply the best password recovery tool for the Windows platform. In addition to sniffing the network for passwords, it performs encrypted password cracking, ranging from a customizable dictionary attack through to good ol'-fashioned brute-force.
This is just a very small treatment of the tools out there. Again, many tools are undocumented because they were programmed on-the-fly to meet a particular purpose. There are many, many more tools that probably should've been mentioned, but there just isn't room. Interested students of computer security should visit their local bookstore or library to find very detailed treatment of the use of these tools and more.