We examined the popularity of open-source tools used for information security analysis (infosec tools). This information would be useful, e.g. in security research, but it was not available. In our study, we created first a corpus of 423 tools from various sources. Then we collected source popularity metrics by Google search, tweets, GitHub stars, SecTools.org ranking, and cross-references between tools. We found a strong correlation between the metrics. We created an aggregate popularity metric from Google search, GitHub stars, and tool cross-reference source metrics using principal component analysis. The aggregate metric explains 70% of the variance in the source metrics. The three most popular tools are Metasploit, Nmap, and Wireshark. We estimated the impact of source metric errors and concluded that the aggregate metric gives an estimate of tool popularity, rather than an exact popularity rank. Furthermore, we divide the tools into overlapping categories by tool scope and type of activity. In the top 100, 51 tools are in the network scope, 27 in the host scope, 15 in the storage scope, 13 in the passwords scope, and 4 in the other tools scope.