PocketConsole (and related tools) 
http://www.symbolictools.de/public/pocketconsole/
Pocket console makes it easier for developers to port applications that use stdout to the Pocket PC and other Windows CE devices. Here are a few of the related project (hosted on the same site as PocketConsole) that you should be aware of:
PocketCMD
After installing PocketConsole this is probably the next app to setup. It works in a similar fashion as the Windows command prompt and is needed to run some of the apps listed below.
NetTools (Ping, Ipconfig, Route, Net, Netstat)
A few basic network tools Microsoft left out of Pocket PC. They may not be as full featured as their Windows XP cousins but they are still useful. The function of Ping and Ipconfig are obvious. Route lets you set up IP routing information (I'm not sure how useful this is since I never plan to use my PPC as a gateway device, but it's still cool that someone spent the time to figure it out). Net allows you view SMB shares and map share points. Netstat gives you various network statistics.
SNMPUtils
Allows you to retrieve and set SMNP values.
Telnet
Not as pretty as PocketPuTTY (mentioned below) but since you can specify ports it's more useful for doing banner grabs. For example, if you want to do a banner grab to find out what version of SSH a box is running you could use a command something like the following:
open some.server.com 22
If you are a developer you may want to look into using PocketConsole when porting over your Windows console apps.
PocketLAN 
http://www.pocketgear.com/software_detail.asp?id=2825
PocketLAN costs $14.99 and seems like a nice tool for mapping share points to SMB file servers and finding out what machines are around you. I like the network scan function that does a quick ping sweep and reverse DNS lookup, then tells you information like the network card vendor (based on MAC address) and Domain/Workgroup the hosts belong to. You can view a report of the hosts it finds in HTML format, then copy the reports off of the PPC for later viewing (Quick tip: dock your PPC and look in My Computer->Mobile Device->My Pocket PC\\Program Files\Z2\PocketLAN to find the report).
V-Mobile Network Browser
http://www.pocketgear.com/software_detail.asp?id=14818
VM Network Browser costs $17.95 and does the same basic things as PocketLAN, but looks more like the classic Network Neighborhood interface. Unlike PocketLAN, VM Net Browser does not seem to do a ping sweep, but instead pulls its information from NetBIOS traffic or the Windows Browsemaster on the network (it's hard to tell without talking to the developers). VM Net Browser is not as responsive as PocketLAN and it doesn't give as much information about the hosts it scans.
NeoScan 
http://www.dotnetux.net/
I don't know about paying $15 for a port scanner but of the ones I've tested it seems the fastest. Luckly there's a demo version. Just make sure you set it to only port scan hosts that respond to a ping, otherwise you will be waiting awhile. The bad side: I see no way to save your scans for later viewing.
NbtstatCE
http://sourceforge.net/projects/nbtstatce/
NbtstatCE does ping sweeps and is supposed to retrieve NetBios info. It appears to have no way to save the scan. Nice, not as slick as other tools but hell, it's open source. As of right now I can't seem to get it to actually pull NetBIOS info, but keep an eye on this app since it shows promise.
Netcat 
http://prt.fernuni-hagen.de/~bischoff/wince/#netcat
Yep, there's a version of Netcat, the network Swiss army knife, for Windows CE. Netcat can be a bit clumsy to use but it's very versatile. With it you can shovel shells, port scan, do banner grabs and a host of other things. See the following website for many of the possible uses for Netcat:
http://www.giac.org/certified_professionals/practicals/gsec/0436.php
If Netcat loses the connection before you can see the output check the files nc-stdin.txt, nc-stdout.txt and nc-stderr.txt located in the same directory as the Netcat executable. One bug with Netcat for Windows CE is that the backspace key does not work, so be carefull when you type in a command. To give you one example of usage, here is how you could use Netcat to do a quick banner grab to find out what version of sshd a host is running:
1. Start Netcat by tapping on nc.exe in the File Explorer.
2. Issue the command (replace "targethost" with the name or IP of the host you are connecting to):
targethost 22
3. Hit the enter key and open nc-stdout.txt if Netcat closes before you can read the output.
Clients
While not technically pen-testing tools, every pen-tester needs various clients to access the services they are targeting. Here's a short list of clients I find quite useful on the PPC platform.
Terminal Services Client
Not much to say here. Terminal Service Client comes with Pocket PC and it works fine if you can tolerate the small screen size and a lot of scrolling. Damn useful for connecting to a Windows Terminal Server or an XP box running Remote Desktop.
VNC Client
http://www.cs.utah.edu/~midgley/wince/vnc.html
or
http://sourceforge.net/projects/dotnetvnc/
While both of these VNC clients work, they seem slower than my grandma at the grocery. I think the slowness has something to do with my VPN or just a limitation of Windows CE networking (the VNC client on my Zaurus runs plenty fast). Neither has an installation wizard so just copy them to your PPC and run them using File Explorer. The cool thing about the .Net VNC client is that you can use the same executable on both your PPC and your Windows PC.
PocketPuTTY 
http://pocketputty.duxy.net/
PocketPuTTY is the Pocket PC port of the popular Putty SSH client (now try to say that out loud). PocketPuTTY is pretty much your best option for connecting to your *nix box from the PPC. PocketPuTTY does not come with an installation wizard so just copy the files to your PPC. There are two different versions out on their site as of this writing. Make sure you get v0.1-prealpha-0.53b if you're running PPC2003 and newer or download v0.2-alpha-2k2-0.53b if you're using PPC 2002. One huge downside to this app is that I see no place to set it to connect on a non-standard port, so if you want to try banner grabbing use Netcat or the PocketConsole version of Telnet mentioned above.
Pocket IE (PIE) 
Pocket IE comes bundled with PPC. The version that ships with PPC 2003 and later shows many speed improvements over the older one in 2002. Till Minimo is ready for prime time I'd recommend sticking to Pocket IE. Keep in mind that Microsoft does not keep PIE all that up to date, so you may want to make yourself aware of some of its vulnerabilities [3].
Minimo 
http://www.mozilla.org/projects/minimo/
http://www.meer.net/~dougt/minimo_ce/MinimoCE_0.002.zip
Minimo is a version of Mozilla meant for PDA size devices. They are working on porting it to Pocket PC (see a link to the early development version above). While it does not seem to be fully functional yet keep an eye on it in the future. By the way, just so you know, I did not mess up the screen shot to the right-it really looked like that when I ran it.
neoFTP
http://www.dotnetux.net/
A simple little freeware FTP client for those that need one.
Closing
That about sums it up for the PPC tools I've found useful. Sadly, Open Source developers have by and large ignored the Pocket PC platform in favor of other more open environments. If you know of any good pen-testing tools for the Pocket PC platform please email me and I'll update my list. By the way, if you don't have a Pocket PC yourself port scan your network for 999/tcp and you may find a co-worker that does.
[0] See if you PPC device supports Linux:
http://www.handhelds.org/
[1] Airmagnet Homepage
http://www.airmagnet.com/
[2] Wigle, my favorite hot spot finder and mapper
http://www.wigle.net/
[3] Information about Pocket PC security
http://www.cewindows.net/security.htm
Further Research:
Ports of various *nix tools:
http://www.rainer-keuchel.de/software.html
Various freeware sites for the Pocket PC:
http://www.freewareppc.com
http://www.pocketpcfreewares.com/en/index.php
http://www.ppc4all.com
http://ppc.palmopensource.com/?category=14
If you are having problems getting PocketWarrior or MiniStumbler working on your Intersil Prism2 base Wi-Fi card check out his thread:
http://discussion.brighthand.com/showthread.php?s=&threadid=86559
CELIB, WinCE ANSI C/POSIX library which may help you port over *nix apps:
http://sourceforge.net/projects/celib/
