The general philosophy in computer security is that bad actors will be using the tools they need to use anyway, and the world is actually more secure if the best tools to use are widely available, since the security professionals in charge of defending systems are trained on their use, and can better anticipate an attacker's methods. Even better if they're open source, so that they're easily analyzable, and the barrier for training is lowered.