FIELD OPERATIONS

The Toolkit

Reconnaissance, exploitation, defense, and security tools โ€” battle-tested and operator-approved.

Security & Privacy

NordVPN

Recommended

Fast, secure VPN with threat protection. Essential for researchers and operators working remotely.

vpnprivacy
Read more →

Proton VPN

Recommended

Swiss-based no-logs VPN with built-in ad blocker, NetShield malware filter, and Secure Core routing through privacy-friendly countries.

vpnprivacyencryption
Read more →

Surfshark

Recommended

All-in-one VPN with CleanWeb ad/malware blocker, unlimited devices, and multi-hop connections. Great value for teams.

vpnprivacyad-blocker
Read more →

Proton Pass

Recommended

Open-source, end-to-end encrypted password manager with built-in 2FA, email aliases, and passkey support. From the makers of ProtonMail.

passwordsprivacyopen-source
Read more →

1Password

recommended

Secure password manager for teams and individuals. Zero-knowledge architecture, breach monitoring built in.

passwordsmanagement
Read more →

Bitwarden

open

Open-source password manager. Self-host or cloud โ€” full control over your credentials.

passwordsopen-source
Read more →

Reconnaissance

Nmap

essential

Network discovery and security auditing tool.

scanningnetwork
Read more →

Shodan

essential

Search engine for internet-connected devices.

osintdiscovery
Read more →

theHarvester

open

Email, subdomain, and name harvesting tool for OSINT.

osintenumeration
Read more →

Exploitation

Metasploit

essential

The world's most used penetration testing framework.

exploitationframework
Read more →

Burp Suite

Recommended

Leading web application security testing toolkit. Community edition is free; Pro unlocks active scanning, advanced crawling, and CI/CD integration.

webproxy
Read more →

SQLMap

open

Automatic SQL injection and database takeover tool.

injectiondatabase
Read more →
Stay anonymous during testing

Protect your traffic with a fast, secure VPN. Essential for red team work.

Get NordVPN โ†’ Get Proton VPN โ†’ Get Surfshark โ†’

Defense & Monitoring

Wireshark

essential

Network protocol analyzer for deep traffic inspection.

networkanalysis
Read more →

Snort

open

Open-source intrusion detection and prevention system.

idsnetwork
Read more →

YARA

open

Pattern matching tool for malware researchers.

malwaredetection
Read more →
Protect your entire team

Unlimited devices, CleanWeb malware blocker, and multi-hop connections.

Get Surfshark โ†’ Get Proton Pass โ†’

Training & Labs

Hack The Box

Recommended

Real-world hacking challenges and enterprise security training. Proving grounds for serious operators.

labstrainingctf
Read more →

TryHackMe

Recommended

Guided learning paths with hands-on cyber labs. Best starting point for beginners and intermediate learners.

labstrainingbeginner
Read more →

OffSec (OSCP)

Recommended

Offensive Security certifications โ€” the gold standard for penetration testers. OSCP, OSEP, OSED.

certificationspentesting
Read more →

SANS Institute

Recommended

World-leading cybersecurity training and GIAC certifications. Deep technical courses for all specialties.

certificationstraining
Read more →
Train like attackers think

Hands-on hacking labs, CTFs, and enterprise security training.

Start Learning โ†’ Start Hacking โ†’

Utilities

CyberChef

open

Web-based data transformation and analysis tool.

encodinganalysis
Read more →

Hashcat

open

Advanced password recovery and hash cracking.

passwordcracking
Read more →

John the Ripper

open

Fast password cracker supporting many hash types.

passwordcracking
Read more →
Need more firepower?

SCW Elite tools: IOC Scanner, Detection Vault, Threat Playbooks, and more.

Explore SCW Elite โ†’