Week 1: 55 New Tools, 3 Fresh Categories, and a Whole Lot of Books
Hey, welcome back! Grab a coffee because we have a lot to share.
It's been exactly one week since launch and, honestly, we may have gotten a bit carried away. In a good way though. Here's what happened.
The Quick Version
- -55 new tools (we're at 306 now!)
- -3 new categories that we really should have had from the start
- -22 new books added to the library
- -A whole new Gear page for hardware
- -Every single tool and book now has a proper detailed description
Okay, let's get into it.
Three Categories We Should Have Launched With
Look, we'll be honest - we shipped without a few categories that were obviously needed. We fixed that this week.
Threat Intelligence is the big one. If you work in a SOC or on an incident response team, these are your daily drivers. We added MISP (the threat intel sharing platform everyone uses), OpenCTI (knowledge graphs for threat data), TheHive (case management that actually works), Cortex (automated observable analysis), GRR Rapid Response (Google's remote forensics framework), KAPE (the fastest forensic triage tool out there), osquery (SQL queries against your endpoints - it's as cool as it sounds), Wazuh (open-source SIEM/XDR), and Sigma (write detection rules once, deploy them everywhere). Nine tools, and every single one is worth knowing about.
Container Security was another obvious gap. Docker and Kubernetes are everywhere, and the tooling for testing their security has gotten really good. Falco does runtime threat detection using eBPF, kube-hunter finds weaknesses in your K8s clusters, CDK is a zero-dependency container escape toolkit (red teamers, you'll love this one), Deepce enumerates Docker environments from the inside, Dockle lints your images against CIS benchmarks, and Syft generates SBOMs so you actually know what's running in your containers.
Reverse Engineering rounds out the trio. We had Ghidra, Radare2, and Cutter in the dual-use category before, but reverse engineering deserves its own home. We added dnSpy and ILSpy for .NET reversing, x64dbg (the open-source Windows debugger that just keeps getting better), Detect It Easy for quick binary triage, angr for symbolic execution, RetDec for multi-architecture decompilation, Rizin (the radare2 fork with a cleaner API), Unicorn Engine for CPU emulation, and Capstone (the disassembly framework that powers half the tools on this list).
55 New Tools Across the Board
The three new categories account for 24 of the new tools, but we didn't stop there. Here's what else landed:
Network Recon got some heavy hitters - Scapy for packet crafting (if you haven't used it, you're missing out), Zeek for deep network analysis, Arkime for full packet capture and search, and Suricata for high-performance IDS/IPS.
Web Scanning picked up Interactsh (out-of-band detection from ProjectDiscovery - essential for finding blind vulns), Aquatone and EyeWitness for visual web discovery (screenshot hundreds of URLs and browse them in a report), CRLFuzz for CRLF injection scanning, and Smuggler for HTTP request smuggling.
Wireless was one of our smaller categories, so we beefed it up with Reaver (WPS brute force), Pixiewps (the Pixie Dust attack - recovers WPS PINs in seconds instead of hours), mdk4 (802.11 protocol exploitation), hostapd-mana (evil twin toolkit), and WiFi-Pumpkin3 (rogue AP framework with captive portals).
Offensive Ops got Penelope (the reverse shell handler that makes netcat feel ancient), PetitPotam (NTLM relay coercion - still one of the most impactful AD attack paths), and Whisker (shadow credentials for stealthy lateral movement).
Password Attacks added CUPP (generates targeted wordlists from personal info about the target), Patator (multi-protocol brute forcer), and Mentalist (visual wordlist rule builder with a GUI).
Forensics picked up RegRipper (the Windows registry forensics standard) and bulk_extractor (blazing fast data carving).
Dual Use got some gems - CyberChef (GCHQ's "Cyber Swiss Army Knife" with 300+ operations - honestly surprised we didn't have this from day one), plus Notify and PDTM from ProjectDiscovery.
And OSINT General got Ignorant for phone number reconnaissance across platforms.
The Library Nearly Doubled
We added 22 new books and we're really happy with this batch:
The Hacker Playbook series (all three books) by Peter Kim - these are the step-by-step pentesting methodology guides that half the industry learned from.
Joseph Haynes' Operator's Handbook trilogy - Red Team, Blue Team, and Purple Team editions. If you're doing adversary emulation or detection engineering, these are brilliant field references.
The Tribe of Hackers series (four books!) - interviews with top security professionals. The Red Team edition is our favourite, but the Blue Team and Security Leaders editions are just as worth reading.
Sandworm and Tracers in the Dark by Andy Greenberg, Countdown to Zero Day by Kim Zetter, and Dark Wire by Joseph Cox - four of the best cybersecurity books written in the last decade. If you haven't read Tracers in the Dark (the blockchain forensics story), seriously, go read it.
Plus Social Engineering by Hadnagy, Silence on the Wire and The Tangled Web by Zalewski, Mastering Ethereum and Mastering Bitcoin by Antonopoulos, Operator Handbook by Picolet, and Red Team by Zenko.
Every book in the library now has a proper description so you know what you're getting.
New Gear Page
Hardware and devices now have their own dedicated Gear section, separate from the books. It's organized by what you're actually looking for - RF/SDR equipment, multi-tools, RFID/NFC tools, WiFi adapters, and laptops. Each item links to related software tools on the site, so if you're looking at the HackRF One you can jump straight to the HackRF software tool page.
What's Coming Next Week
We've got more tools in the pipeline, we're looking at expanding the gear section, and we want to improve the comparison pages. If there's a tool you think we're missing, let us know!
Subscribe to the newsletter if you want these updates in your inbox every Monday. We promise we'll only bother you once a week.
See you next Monday!