(Based on a post from April, but re-written.)
ITSecurity brings us 103 free security applications for the most important platforms today. I haven't tried every application on this list, but the ones I have, are generally worthy of inclusion.
Normally my approach to spyware is "take off and nuke the site from orbit, it's the only way to be sure," but sometimes that's just not possible, or at least not possible right away, and it's always worth spending anywhere between 10 minutes and an hour to see if you can figure out what's up. For that, the trifecta of Windows Defender, Ad-Aware, and Spybot S&D have rarely disappointed.
I'm not personally a big fan of antivirus software - it usually protects you best against threats you already know about, and generally speaking, once you've got virus software on your system you have a bigger problem (how did it get there?). In about 18 years of using personal computers, I've never once gotten a virus that I didn't deliberately give myself, despite engaging in some extremely high risk behaviours as a teenager. (Isn't that what being a teenager is for?) Generally, I run pants-down without av, particularly on non-Windows platforms. Knock on wood, of course. Having said that, not everybody is as careful as I am.
Rootkits, chkrootkit has generally been good to me when investigating things - as much for what it told me wasn't there as anything else.
I'm not sure how they slipped Thunderbird into the list, but they ought to have included Enigmail given that they did.
WinSCP is an excellent file transfer utility for Windows, but they missed Fugu for the Mac. Back to Windows, they included PuTTY, but left out Pageant, which is available from the same site - it's an ssh-agent for Windows. WinSCP works with it too. PuTTYGen (again, same site as PuTTY) can be used to generate keys, or to convert keys generated on other platforms. Again, not sure why Firefox made it into the list, and I'm not sure what they mean by "uses SSL browsing by default" - if you go an http URL, it's not SSL, and Firefox doesn't somehow magically save you from this. I've used SiteAdvisor, it was ok, but generally speaking I just don't go to sites I suspect.
While I agree that knowing what services and hosts are up and down is important to security, I'd have difficulty classifying Nagios as a security application, even with something like a check_nmap plugin. nmap and Nessus are definitely list-worthy though. They also missed Metasploit. Arguably that's an application that's too complex to include a list that generally seems geared towards beginners, but having spent a fair bit of time wrangling Nagios configs, I'm here to tell you that it's no easier, and Nessus and Snort aren't exactly lightweights either. I'm just getting into Snort, but I suspect it's much easier to use when paired with something like Sguil.
HijackThis is an excellent tool for its purpose, although I'd have put it up under spyware detection and not "temporary files."
I've not used Kismet much, but I've used KisMAC a fair bit, and that is an excellent tool - so much better now that it supports passive mode on the Airport Extreme.