Audacity - Windows version - Allows for analysis of audio files.

WaoN - Windows/Linux - command line tool that takes in sound files and outputs midi files

MidiSheetMusic - Windows - Translates Midi files to 1) Sheet Music, and 2) Letter Notes

John the Ripper (Magnum) - Brute force passwords

rsatool.py - Takes p and q and returns a private key

xortool - Tries to find the key for xor encrypted data

PEDA - Irreplaceable addition to GDB. Adds a lot of useful features for finding and exploiting bugs in binaries.

ROPGadget - Finds gadgets in programs. For use with ROP exploits.

pwntools - Very useful when coding remote exploits for CTFs. Has a feature rich library that aims at making exploit developement for CTFs easier. Definitely check this one out.

Wireshark - The standard pcap analysis tool. Displays network traffic.

pcapfix - Fixes corrupt pcap files.

aircrack-ng - WEP and WPA-PSK cracking tool (uses pcap files).

HxD - Windows - Freeware Hex and Disk Editor.

HexEdit - Windows - Another Hex Editor.

binwalk - Linux/OSX - Firmware analysis tool.

Java Decompiler - Useful when needing to decompile Java class files.

IDA - The standard decompiler.

Radare2 - Seems like a better GDB. There appears to be a slight learning curve but this looks promising.

VB Decompiler - This program will take a VB program and give you a decent amount of information about it. Helpful for seeing the code inside of forms.

Stegsolve - Displays various aspects of pictures.

Steganabara - Provides additional tools for analyzing pictures.

binwalk - Linux/OSX - See binwalk in Forensics. Also capable of retrieving embedded photos.

Burp Suite - Web proxy. Very helpful for web challenges.

sqlmap - This helps automate easy SQL injection challenges. Most CTFs try to prevent the brute force approach but this should be useful for the easier challenges.

Postman - Chrome Extension - Create and send POST requests from within Chrome.

Tamper Data - Firefox add-on - Intercept, tamper with, and resend POST requests from within Firefox.