This is a bit dated (it came out last week), but here is the list of the top 100 network security tools, as compiled from a survey by Fyodor:
Since Fyodor conducted the survey, nMap was disqualified, so you
won't see it on the list. Most of the tools are well known and have
been around for a while.
There's nothing specific to SQL Server, but several of the tools
have the ability to either directly or indirectly test security on SQL
Server. A classic one is the Metasploit Framework.