EN
ENNA
|ENNA

Weekly Update: 55 New Tools, 3 New Categories, and 22 New Books

weekly-updatenew-toolsnew-categories

This is our first weekly update since launching ENNA on March 30th. It's been a big week.

By the Numbers

  • -Tools: 251 to 306 (+55)
  • -Categories: 16 to 19 (+3)
  • -Books: 23 to 45 (+22)
  • -Every tool and book now has a detailed description

Three New Categories

We added three categories that were clearly missing from the original launch:

Threat Intelligence - Platforms for IOC management, incident response, and threat sharing. This includes MISP, OpenCTI, TheHive, Cortex, GRR Rapid Response, KAPE, osquery, Wazuh, and Sigma. These tools are the backbone of SOC and CSIRT operations, and they deserved their own dedicated category.

Container Security - Docker and Kubernetes security tools including Falco for runtime threat detection, kube-hunter for cluster pentesting, CDK for container escape testing, Deepce for Docker enumeration, Dockle for image security linting, and Syft for generating software bills of materials. Containerized infrastructure is everywhere now and the security tooling around it has matured significantly.

Reverse Engineering - Binary analysis, disassembly, and decompilation tools. We added dnSpy, ILSpy, x64dbg, Detect It Easy, angr, RetDec, Rizin, Unicorn Engine, and Capstone. Whether you're analyzing malware, reverse engineering firmware, or solving CTF challenges, these tools cover the full spectrum from .NET decompilation to multi-architecture CPU emulation.

55 New Tools

Here's everything we added, organized by category:

  • -Cloud Recon (5 new): Cartography, Steampipe, cloud_enum, CloudFlair, WeirdAAL
  • -Threat Intelligence (9 new): MISP, OpenCTI, TheHive, GRR Rapid Response, KAPE, Cortex, osquery, Wazuh, Sigma
  • -Reverse Engineering (9 new): dnSpy, ILSpy, x64dbg, Detect It Easy, angr, RetDec, Rizin, Unicorn Engine, Capstone
  • -Container Security (6 new): Falco, kube-hunter, CDK, Deepce, Dockle, Syft
  • -Network Recon (4 new): Scapy, Zeek, Arkime, Suricata
  • -Web Scanning (5 new): Interactsh, Aquatone, EyeWitness, CRLFuzz, Smuggler
  • -Wireless (5 new): Reaver, Pixiewps, mdk4, hostapd-mana, WiFi-Pumpkin3
  • -Offensive Ops (3 new): Penelope, PetitPotam, Whisker
  • -Password Attacks (3 new): CUPP, Patator, Mentalist
  • -Forensics (2 new): RegRipper, bulk_extractor
  • -Dual Use (3 new): Notify, PDTM, CyberChef
  • -OSINT General (1 new): Ignorant

Every new tool has a full description, installation commands, use cases, alternative tools, tags, and live GitHub stats.

Better Tool Discovery

All 306 tools now have proper cross-links to their alternatives. If you're on the Nmap page, you'll see links to Masscan, RustScan, and ZMap. If you're looking at Falco, you'll see links to kube-hunter, Trivy, and Grype. These links work both ways, so navigating between related tools is seamless. There are now 672 cross-links connecting tools across the entire index.

22 New Books

The library nearly doubled in size with 22 new titles:

  • -The Hacker Playbook series (Books 1-3) by Peter Kim - the go-to practical pentesting guides
  • -Operator's Handbook trilogy by Joseph Haynes - Red Team, Blue Team, and Purple Team editions
  • -Tribe of Hackers series (4 books) by Marcus Carey and Jennifer Jin - career wisdom from top security professionals
  • -Social Engineering: The Science of Human Hacking by Christopher Hadnagy
  • -Silence on the Wire and The Tangled Web by Michal Zalewski - deep technical classics
  • -Sandworm and Tracers in the Dark by Andy Greenberg - essential cybersecurity journalism
  • -Countdown to Zero Day by Kim Zetter - the definitive Stuxnet account
  • -Dark Wire by Joseph Cox - the inside story of the FBI's ANOM operation
  • -Mastering Ethereum and Mastering Bitcoin by Andreas Antonopoulos
  • -Operator Handbook by Joshua Picolet and Red Team by Micah Zenko

Every book in the library now has a detailed description so you know exactly what you're getting before you buy.

New Gear Page

Hardware and devices now have their own dedicated Gear page, separate from the book library. Items are organized by category: RF/SDR equipment, multi-tools like the Flipper Zero, RFID/NFC tools like the Proxmark3, WiFi adapters with monitor mode support, and laptops suited for security work. Each item links to its purchase page and to related software tools on the site.

What's Next

Next week we'll be looking at adding more tools, expanding the gear section, and improving the comparison pages. If you have tool suggestions or feedback, we'd love to hear from you.

Subscribe to the newsletter to get these updates in your inbox every Monday.

See you next week.

Weekly Newsletter

New tools, updates, and changes delivered every Monday morning.

Subscribe on Substack