ENNAENNA
|ENNA

Week 3: 51 New Tools, Community Reviews, Cheat Sheets, and the ENNA Arsenal

weekly-updatenew-toolscommunitycheat-sheetsworkflows

This was the biggest week since launch. We went from 325 tools to 376, shipped community features, and launched a sponsors program. Let us break it down.

51 New Tools (376 Total)

We scraped five major awesome lists (awesome-osint, awesome-pentest, awesome-security, Awesome-Hacking, awesome-ctf), cross-referenced every tool against our index, and added everything we were missing. Here are the highlights by category.

OSINT

Snoop searches for usernames across 2,500+ sites, making it the widest-net username hunter we have indexed. NExfil does the same with a cleaner output format. Toutatis pulls Instagram account details including email and phone via the API. Telegram Nearby Map discovers and maps Telegram users via the People Nearby feature. ExifLooter finds geolocation data from EXIF metadata across target websites. pagodo automates Google dorking using the Google Hacking Database at scale.

Offensive Ops

Pupy is a cross-platform RAT with in-memory execution and reflective loading. Faraday is a collaborative pentest platform where your whole team sees findings in real time. Amber converts PE files to position-independent shellcode for evasion. RedELK monitors your red team infrastructure with ELK stack integration. PayloadsAllTheThings is the definitive payload reference for web pentesting. PHPSploit tunnels C2 through PHP web shells. Ronin is a Ruby security toolkit with built-in exploit development.

Reverse Engineering

GEF (GDB Enhanced Features) joins pwndbg as another excellent GDB plugin. Triton does dynamic binary analysis with symbolic execution and taint tracking. Z3 is Microsoft's SMT solver that powers half the serious RE tools out there. xortool breaks multi-byte XOR ciphers. cwe_checker detects common bug classes in compiled binaries using a Ghidra backend.

Exploitation

RouterSploit is Metasploit for embedded devices and routers. ROPgadget and one_gadget are essential for binary exploitation and CTF challenges. RsaCtfTool attacks weak RSA keys with multiple techniques.

Web Scanning

wafw00f fingerprints WAF products. SSLyze analyzes TLS/SSL configurations. Wapiti is a black-box web vuln scanner. Bearer does SAST for security risks and sensitive data flows. Bandit is the Python security linter.

Network, Wireless, and More

SMBMap enumerates SMB shares with permission checking. ssh-audit audits SSH server configurations. Pwnagotchi is the AI-powered WiFi handshake collector (this week's Tool of the Week). airgeddon has 20+ wireless attack modes. Wifiphisher does automated evil twin attacks. CrowdSec is a collaborative IPS with crowd-sourced threat intel. Snort3 is the next-gen IDS. Vulhub gives you pre-built vulnerable Docker environments for practice.

Plus Sublist3r for subdomain enumeration, Vuls for agentless vulnerability scanning, boofuzz for protocol fuzzing, ThreatMapper for container runtime scanning, Checkov for IaC security, CTFd for hosting CTF competitions, Depix for recovering pixelized text, usbrip for USB forensics, and OpenSnitch as a Linux application firewall.

Every single one has a full description, GitHub stats, and install commands.

Community Features Are Live

This is the part we are most excited about.

Sign in with GitHub and you can now:

  • -Review and rate tools — star rating plus a written review on every tool page. One review per tool, edit anytime.
  • -"I use this" button — one click to mark a tool in your personal toolkit. Shows how many people use each tool.
  • -Personal profiles — visit en-na.com/u/your-username to see your toolkit and reviews. Share it as your public security setup.
  • -Leaderboard — top reviewers ranked at /leaderboard with gold, silver, and bronze medals.
  • -Activity feed — the homepage shows recent reviews and toolkit adds from the community.

All powered by Neon Postgres and NextAuth with GitHub OAuth. Your reviews and toolkit persist across sessions.

10 Cheat Sheets

Quick-reference command cards for the tools you use every day:

  • -Nmap — host discovery, scan types, NSE scripts, output formats, timing
  • -Hashcat — attack modes, hash types, masks, rules, sessions
  • -SQLMap — injection testing, tampers, data extraction, OS access
  • -ffuf — directory bruting, filters, vhost fuzzing, rate limiting
  • -Nuclei — template selection, severity filters, rate limiting, workflows
  • -Subfinder — sources, config, output, piping to other tools
  • -Metasploit — msfconsole, msfvenom, meterpreter, post modules
  • -Wireshark — display filters, protocol filters, statistics, streams
  • -Burp Suite — shortcuts, intruder, repeater, scope, extensions
  • -John the Ripper — formats, wordlists, rules, incremental, sessions

Each command has a copy button. Browse them all at /cheatsheets.

6 Starter Kits

Pre-built tool collections for common security roles:

  • -Bug Bounty Starter — Subfinder, httpx, Nuclei, ffuf, Katana, Dalfox, and more
  • -SOC Analyst Toolkit — Wazuh, Sigma, osquery, Hayabusa, Timesketch
  • -Crypto Investigator — Bitcoin CLI, TrueBlocks, GraphSense, Cryo, Slither
  • -Red Team Essentials — Sliver, BloodHound, Impacket, Rubeus, Mimikatz
  • -OSINT Investigator — Sherlock, Maigret, theHarvester, SpiderFoot, web-check
  • -Mobile Pentester — MobSF, Frida, JADX, APKLeaks, MVT

Each kit links to the install script generator for one-click setup. Browse at /kits.

8 New Workflows (14 Total)

We more than doubled our workflow count:

  • -Cloud Security Audit — Prowler, ScoutSuite, CloudFox, Stratus Red Team
  • -Mobile App Pentest — MobSF, Frida, JADX, APKLeaks, Burp Suite
  • -Bug Bounty Recon Pipeline — the full subdomain-to-vulns automation
  • -Malware Analysis — Capa, YARA, Ghidra, ImHex, Volatility
  • -Container and K8s Pentest — Trivy, Falco, CDK, kube-hunter
  • -Phishing Campaign Analysis — dnstwist, EyeWitness, CyberChef
  • -Internal Network Pentest — Nmap, fscan, Responder, Impacket
  • -Binary Reverse Engineering — Ghidra, ImHex, pwndbg, angr

Each workflow shows which tools to use at each step with practical tips. Tool pages now show "Used in N Workflows" so you can see where each tool fits.

12 Tool Chains

Short, copy-paste command pipelines at /chains:

  • -Subdomain discovery to vulnerability scan
  • -Port scan to service exploitation
  • -Email to full OSINT profile
  • -AD recon to domain admin
  • -WiFi handshake capture to crack
  • -Container scan to escape
  • -And 6 more

Commercial Alternatives

New /alternatives section with open-source replacements for 10 commercial tools:

Maltego, Burp Suite Pro, Cobalt Strike, Nessus, IDA Pro, Chainalysis, Splunk, Acunetix, Cellebrite, and Qualys. Each page lists the free tools that cover similar functionality.

Install Script Generator

Select tools, pick your package manager (brew, apt, pip, go, docker), and get a single bash script. At /install.

Sponsors Program

We launched a sponsors page at /sponsors with four tiers ($3-$25/mo). Core Contributors get access to the ENNA Arsenal — a private repo with pre-configured Docker stacks for all 6 starter kits, automation scripts (recon pipeline, AD attack chain, crypto tracing), curated configs, and monthly reports.

Other Improvements

  • -Fuzzy search with Fuse.js — typos now find the right tool
  • -Language and platform filters — filter by Python, Go, Rust, etc.
  • -Docker badges on 37 tools linking to Docker Hub
  • -YouTube tutorial links on 15 key tools
  • -Embeddable badges at /api/badge/[slug] for tool authors
  • -Changelog page at /changelog with live stats
  • -Improved OG images with avatars and star counts for social sharing
  • -Discord notifications for new reviews and toolkit adds

What is Coming Next

We are looking at a browser extension, more cheat sheets, and expanding the commercial alternatives section. If there is a tool we are missing, hit the Suggest button in the header or drop it in the Discussions.

See you next Monday!

Tool of the Week

Pwnagotchi

Python · 9.0k stars · wireless

Pwnagotchi is an AI-powered WiFi auditing companion that runs on a Raspberry Pi and uses deep reinforcement learning to get better at capturing WPA handshakes over time. It is a Tamagotchi for hackers — it has a personality, shows expressions on its e-ink display, and literally learns from its environment. Beyond being genuinely fun to carry around, it is a serious tool that passively collects handshakes you can crack later with Hashcat. The community has built hundreds of plugins for GPS logging, Bluetooth scanning, and web UI dashboards. If you do any wireless security work, Pwnagotchi turns idle time into productive handshake collection.

View Pwnagotchi on ENNA

Weekly Newsletter

New tools, updates, and changes delivered every Monday morning.

Subscribe on Substack