Tools And Resources
Cybersecurity tools help you inspect evidence, repeat tests, and understand systems. They do not replace reasoning. A tool can show you output, but you still need to decide what the output means.
This page is a starting reference for common tools and Layer Zero resources. You do not need to install everything at once. Add tools as the challenges require them.
Layer Zero Resources
| Resource | Use It For | Link |
|---|---|---|
| Layer Zero Training | Reading training documents and topic guides | Layer Zero Training |
| Layer Zero Lab | Practicing hands-on cybersecurity challenges | Layer Zero Lab |
| Layer Zero Discord | Community updates, CTF information, and help | Layer Zero Discord |
Use the documents, lab, and Discord together. Read enough to get oriented, practice in the lab, then ask better questions when you get stuck.
Tool Selection Mindset
Before using a tool, ask:
- What question am I trying to answer?
- What input does this tool need?
- What output do I expect?
- Is the data safe to paste, upload, or scan?
- Can I reproduce what I did later?
A small tool you understand is usually better than a large tool you are using blindly.
Setup And Environment
| Tool Or Resource | Use It For | Link |
|---|---|---|
| Kali Linux | Security-focused Linux distribution commonly used in training | Kali Downloads |
| Parrot OS | Security-focused Linux distribution with a Security Edition | Parrot OS Downloads |
| VirtualBox | Running local virtual machines | VirtualBox Downloads |
| VMware Workstation Pro | Running local virtual machines on Windows or Linux | VMware Workstation Pro |
| UTM | Running virtual machines on macOS | UTM |
| QEMU | Emulation and virtualization used directly or by other tools | QEMU |
| Python | Scripting, parsing, automation, and small experiments | Python Downloads |
| Git | Version control for notes, scripts, and training artifacts | Git Downloads |
| Visual Studio Code | Text editing, notes, scripts, and terminal workflows | VS Code |
Start with one VM and a notes folder. A clean, resettable environment matters more than having every tool installed.
Web Security
| Tool Or Resource | Use It For | Link |
|---|---|---|
| Browser developer tools | Inspecting HTML, storage, console output, and network requests | Chrome DevTools |
| MDN browser devtools guide | Learning what browser developer tools are and how to use them | MDN DevTools Guide |
| Burp Suite Community Edition | Intercepting, modifying, and replaying authorized web requests | Burp Suite Community |
| OWASP ZAP | Intercepting and testing authorized web applications | ZAP Download |
Use interception tools only against systems you are authorized to test. For beginner labs, focus on understanding requests and responses before scanning.
Cryptography And Data Formats
| Tool Or Resource | Use It For | Link |
|---|---|---|
| CyberChef | Encoding, decoding, hashing, XOR, compression, and data transformation experiments | CyberChef |
| CyberChef GitHub | Source code and local-running options for CyberChef | CyberChef GitHub |
| Python | Writing small repeatable scripts for transformations and brute-force experiments | Python Downloads |
| hashcat | Authorized password-recovery and hash-cracking labs | hashcat |
| John the Ripper | Authorized password-auditing and hash-cracking labs | John the Ripper |
Password-recovery tools should only be used on hashes, files, and systems you are authorized to test. Do not use them against real accounts or data you do not own.
Networking
| Tool Or Resource | Use It For | Link |
|---|---|---|
| Wireshark | Packet capture analysis and protocol inspection | Wireshark Download |
| Nmap | Authorized host and service discovery | Nmap Download |
| curl | HTTP requests from the command line | curl |
| dig | DNS query inspection | BIND Tools |
Networking tools can affect real systems. Scan only targets that are explicitly in scope.
Linux And Command Line
| Tool Or Resource | Use It For | Link |
|---|---|---|
| man pages | Local command documentation | Run man command in Linux |
| ExplainShell | Breaking down shell commands while learning | ExplainShell |
| Python | Scripting and data processing | Python Downloads |
| Git | Tracking notes and scripts | Git Downloads |
Many Linux skills come from combining small commands. Build pipelines one step at a time and inspect output before adding the next command.
Digital Forensics
| Tool Or Resource | Use It For | Link |
|---|---|---|
| ExifTool | Reading and editing file metadata | ExifTool |
| Autopsy | Disk image and filesystem forensics | Autopsy |
| Volatility 3 | Memory forensics | Volatility 3 GitHub |
| Wireshark | Network forensics and packet capture review | Wireshark Download |
Keep original evidence unchanged. Work from copies and record what each tool did.
OSINT
| Tool Or Resource | Use It For | Link |
|---|---|---|
| Wayback Machine | Viewing archived versions of public web pages | Wayback Machine |
| crt.sh | Searching public certificate transparency records | crt.sh |
| Have I Been Pwned | Checking whether your own email appears in known breach data | Have I Been Pwned |
| VirusTotal | Checking URLs, domains, and files in public security datasets | VirusTotal |
Be careful with OSINT tools. Public does not mean harmless, and online services may store or share submitted data.
Reverse Engineering
| Tool Or Resource | Use It For | Link |
|---|---|---|
| Ghidra | Local decompilation, disassembly, graphing, and scripting | Ghidra |
| Dogbolt Decompiler Explorer | Comparing decompiler output in the browser | Dogbolt |
| Binary Ninja Free | Local reverse engineering with a free non-commercial option | Binary Ninja Free |
| Binary Ninja Cloud | Browser-based binary analysis | Binary Ninja Cloud |
| IDA Free | Free non-commercial disassembler and cloud decompiler option | IDA Free |
| Compiler Explorer | Learning how source code compiles to assembly | Compiler Explorer |
Do not upload private binaries, proprietary software, malware from real incidents, or unknown sensitive files to online reverse engineering tools. Use local tools when the file contents matter.
Online Tool Safety
Before using an online tool, ask:
- Is this public training data?
- Could this file contain personal data, credentials, tokens, keys, or proprietary code?
- Does the service store submissions?
- Does the service share submissions with partners or other users?
- Can I use a local tool instead?
If you are unsure, treat the data as sensitive and do not upload it.
Building Your Toolkit Over Time
Recommended beginner progression:
- Browser, notes, and Layer Zero Lab access
- Linux VM with basic terminal tools
- Python and CyberChef
- Browser developer tools and Burp or ZAP
- Wireshark
- ExifTool and basic forensics tools
- Ghidra, Dogbolt, or Binary Ninja for reverse engineering
Add tools when you have a reason. Installing tools is not the same as learning them.
Summary
Tools are useful when they answer clear questions.
Remember these key points:
- Use official downloads when possible.
- Learn a small toolkit before expanding.
- Keep notes about commands, settings, and outputs.
- Do not upload sensitive data to online tools.
- Use scanners and offensive tools only in authorized environments.
- Let the challenge evidence choose the tool, not the other way around.
Return to this page when you need a tool, but rely on your observations to decide what to try next.