uses_

Mobile machine. The battery life and weight alone make it worth it. Still wicked fast, if a few years old. 

An old gal but still a decent workhorse. Mostly OSINT work, testing and VMs.

Dual-boot Kali / Windows. Dedicated to heavier lab work, malware analysis, and anything I don't want near my main drive.

Running Pi-hole for network-level ad/tracker blocking. Also doubles as a honeypot when I'm feeling experimental.

Hardware 2FA everywhere it's supported. If you work in security and don't use one of these, no judgment, but also — why not.

For anything offensive. The tooling is pre-loaded and the community is enormous. Yes, you can use other distros. This one's just faster to get going.

Daily driver terminal. Split panes, profiles per context (work / lab / personal). tmux on top for persistence.

The git plugin alone pays for the setup time. Powerlevel10k for the prompt because I like knowing my context at a glance.

I refused to learn it for too long. Now I can't go back. LazyVim config if you're starting out and don't want to configure from scratch.

The web app testing standard. The community edition works fine for learning; Pro is worth it once you're doing this professionally.

Nmap for thorough scanning with script engine. Masscan when I need to go fast across large ranges. Usually used together.

Framework for exploitation and post-exploitation. More useful as a learning tool than people give it credit for.

Wireshark for interactive traffic analysis, tcpdump for quick captures over SSH. Both live permanently in my toolkit.

All my research, CTF notes, and methodology docs live here. Local-first, markdown-based, and searchable. No subscription needed.

Subdomain enumeration. Run both and compare results — they hit different data sources and the overlap is rarely complete.

For passive external recon on infrastructure. The membership is cheap and the dorks are genuinely useful.

Email, domain, and employee enumeration from public sources. Fast starting point before going deeper on a target.

Everything lives here. Automation, tooling, quick scripts, PoC exploits. The security ecosystem is massive.

For anything that's just gluing commands together. If it's more than 50 lines, I switch to Python.

When Neovim isn't the right tool — larger projects, pair programming, or anything with a debugger I actually want to click through.

For isolated lab environments, running tools without polluting the host, and spinning up vulnerable apps to practice on.

Primary practice platform. The Pro Labs are the closest thing to a real engagement environment I've found.

Better for structured learning paths and beginners. I still use it for specific topic refreshers.

The best free web security training that exists. Period. The labs are hands-on and the content is accurate and deep.