Starter Kits

Everything you need to start finding vulnerabilities in bug bounty programs. This kit walks you through passive reconnaissance, web content discovery, and automated vulnerability scanning using battle-tested open source tools. Ideal for hunters new to the game or building their first recon pipeline.

A curated stack for security operations center analysts handling detection, triage, and incident response. Covers real-time monitoring and alerting, log analysis with detection rule frameworks, and forensic triage for endpoint investigation. Built around open source tools that integrate well together.

Tools for tracing cryptocurrency transactions, analyzing on-chain activity, and auditing smart contracts. This kit supports investigations across Bitcoin, Ethereum, and EVM-compatible chains with both node-level data access and higher-level analytics platforms. Essential for forensic accountants and blockchain analysts working fraud and money laundering cases.

Core tools for simulated adversary operations in enterprise environments. This kit covers command and control infrastructure, Active Directory attack paths, and lateral movement techniques used in red team engagements. Designed for operators running assumed-breach assessments against Windows-dominant networks.

Open source intelligence gathering tools for investigating people, organizations, and digital assets. This kit covers identity research across social platforms, email and phone number reconnaissance, and website infrastructure analysis. Suitable for journalism, due diligence, fraud investigation, and missing persons cases.

A complete toolkit for Android and iOS application security testing. Covers static analysis of APKs and binaries, dynamic instrumentation and runtime hooking, and mobile device forensics. These tools support both black-box testing of production apps and white-box auditing of source-available projects.