A company is doing legitimate security testing in Germany, which requires the use of 'hacking tools' (eg. Kali Linux, metasploit etc.) to conduct this work.
A quick online search suggests there are strict laws around the use of such tools (for any purpose) in Germany.
Does anyone know where one could find more details (or get approval) for the legitimate use of such tools in this country, to deliver information security engagements?