‘Hacker Tools’ Developers

We Interview Kali Linux Tools Developers

We Interviewed Kali Linux Hacking Tool Developers!

If you’ve created a tool and would like to contribute please click here.

ABOUT THIS HACKER TOOLS ‘INTERVIEW RESOURCE’

Kali Linux is by far the most popular (Debian-derived) Linux distro out there used by digital forensic experts and penetration testers. Developed and curated by Mati Aharoni, Devon Kearns and Raphael Hertzog – ‘Kali’ as it is affectionately known, ships with over 300 hacking tools and programs.

Whilst we might all use these tools and take them for granted, we felt that the guys and gals that create these awesome hacking tools needed some love! In much the same way that an International Superstar DJ gets all the credit for playing other musicians music – we also believe that the folk we’ve interviewed below deserve tons of praise for the tools that come bundled within Kali Linux!

We’ve asked the developers how they created their tools and other information such as their favorite scripting language.

Thank you to everyone who participated in this project!

Hacking Tool Name: dnsenum

Filip Waeytens [LinkedIn] Developer of dnsenum, included in Kali Linux

Filip is a Red Team Lead at Euroclear.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
dnsenum: I develop tools if they don’t exist yet, or if the existing tools don’t do what I want or simply don’t have the functionality that I want. I started with dnsenum a long time ago and at that time there was no tool that did dns enumeration. Of course you can do most of the stuff with ‘dig’ or ‘nslookup’ and some bash-fu, but a good tool compiles what you need. It took some years before similar tools showed up and I guess it wasn’t too bad since people seem to use it.

What language did you develop your tool in and why did you choose that particular language?
Perl. In 2003 it was still the most popular scripting language. It had libraries for dns and I was familiar with the language. These days, if I had to redo it, it would probably be python.

Which is your favorite hacking tool? Is it a framework?
Since I do mostly web app stuff lately, it’s Burpsuite Pro.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
It’s on github. It’s opensource. People can contribute to it and fix bugs, make it more stable, add stuff … This is what has happened over time as well when I got contacted by tix, a hacker I didn’t know who I worked with to extend initia; functionality and who is a far better coder than I am.

Hacking Tool Name: WhatWeb, URLCrazy & Username Anarchy

Andrew Horton [Website] Developer of WhatWeb, URLCrazy & Username Anarchy included in Kali Linux

I’m a New Zealander living in Melbourne, Australia. I currently work as a security consultant for HackLabs

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
I developed WhatWeb to be a web scanner that would quickly and intelligently recognise websites. It is like nmap for the web and now has over 1700 plugins. I developed it because I wanted to be able to scan the websites of an entire nation and no tools existed at the time. URLCrazy is a domain name threat discovery tool. I built this to discover and defend against domain attacks including typo-squatting and bit-flipping. This was the first open-source tool develop to study these attacks and is arguably still the most sophisticated.

Username Anarchy is a tool to generate possible usernames. I developed it so that I could find weak Windows domain accounts during external penetration tests. There’s always someone with the password of Welcome1 or Password1. I have written other tools but WhatWeb and URLCrazy are the best known and are both included in Kali Linux.

What language did you develop your tool in and why did you choose that particular language?
I prefer to code in Ruby. The language is designed according to a set of conventions that make coding a more natural and enjoyable experience. Ruby literally brings the coding closer to English.

Which is your favorite hacking tool? Is it a framework?
Rather than pick a favourite which everyone knows about, I’ll give a shoutout to MiTM attack tools. The weakest attack surfaces have shifted from the server-side in the early 2000’s to the client-side, and now it is shifting to the network communications. For MiTM attacks I use BetterCap, evilgrade, and yersinia.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
I’ve literally got more plans and ideas than I could achieve in a lifetime. I’m very interested in domain threat intelligence and am working on that at the moment and it may become a successor to URLCrazy.

Hacking Tool Name: mfterm

Anders [Github] Developer of mfterm, included in Kali Linux

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
The tool is called mfterm which comes from the Mifare NFC tag type it can be used with and “”term”” from the terminal cli UI. When NFC tags started showing up everywhere, from public transport to key cards, I became interested in finding out how they worked. I soon discovered that Mifare 1k/4k tags were really common. I used tools like mfoc and mfcuk to recover keys, but didn’t find any convenient tool to edit and read the tags data. So I started developing mfterm for myself and my friends. I rely heavily on libnfc and couldn’t have done it without the work done by people in that project.

What language did you develop your tool in and why did you choose that particular language?
mfterm is written in C. It was convenient since the canonic library libnfc was a C library.

Which is your favorite hacking tool? Is it a framework?
Hackers are the MacGyver:s of the world and we try to not get hung up on particular tools, but instead try to find the best tool for the task at hand (or create a new tool if we can’t find one). However some tools that I keep coming back to are nmap, burpsuite, sqlmap, metasploit as well as the “basic” linux programs nc, whois, traceroute, ping, ssh, curl, etc.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
mfterm is now a “mature” tool and active development has slowed down. Currently I consider it feature complete for the use cases I have. However I still fix bugs and some times merge requests from contributors that contact me. Recently it was added to homebrew by a person that contacted me and wanted to do it. That part is great! When some one finds your tool and contacts you with a suggestion or wants to contribute some little part.

Hacking Tool Name: over 40 tools!

Robin Wood [Website] Developer of over 40 tools!

Hacker, coder, climber. Co-founder of SteelCon, [Cybersecurity Conference in the UK] freelance tester, author of many tools. Always trying to learn new things.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
I’ve got over 40 tools published so far. The majority have been developed during testing to help make the test easier or to squeeze more data out for the report.

What language did you develop your tool in and why did you choose that particular language?
I use many languages. Always choose the one that is appropriate for the job, don’t try to get the language to fit to the project.

Which is your favorite hacking tool? Is it a framework?
Firefox – the majority of my work is web app testing and so it all starts in the browser.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
I want to see my tools used. How they develop is up to the people using them and their feedback.

Hacking Tool Name: WPScan

Ryan Dewhurst [Github] Developer of Damn Vulnerable Web App (DVWA) and WPScan.

Ryan is the founder of Dewhurst Security and has been working in the security industry since 2009. He has completed a BSc Hons in Ethical Hacking for Computer Security with a First class honours. When he’s not helping his clients build more secure software he enjoys managing and contributing to various Open Source software projects. Some of his own projects include Damn Vulnerable Web App (DVWA), WPScan and others. Born in the UK, brought up in Spain and now lives on the French side of the Basque Country.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
WPScan – Back in 2009 I was running my own WordPress blog and saw a vulnerability posted for WordPress on the Full Disclosure mailing list. I wrote a quick script to exploit the vulnerability. I started investigating what other issues affected WordPress. This lead to adding additional code to the initial script and thinking of expanding the script into a more robust tool. I released the code, started getting feedback from users and other developers got involved. The other developers, now known as the WPScan Team, helped make the WPScan tool what it is today. Damn Vulnerable Web App (DVWA) – I wrote this tool when I was at university. The course did not cover web security until the later stages and I was eager to learn sooner. I thought the best way to teach myself web security was to write deliberately insecure code examples for specific vulnerabilities. This way I knew what the insecure code looked like and could also practice exploiting the vulnerability in a legal environment. I started to create a web application with all the vulnerable code, attempting to make the application a little realistic and not just a bunch of vulnerable pages. I released the code, which at the time was horrible, but soon someone came on board and helped me mature the project.

What language did you develop your tool in and why did you choose that particular language?
For WPScan I wrote it in Ruby from the beginning. It was a language I wanted to learn at the time. For DVWA, I wrote it in PHP as it was easy to learn and easy to implement vulnerabilities.

Which is your favorite hacking tool? Is it a framework?
Nikto, Burp Suite, cURL, Nmap.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
To have a commercial SaaS offering for non-technical users.

Hacking Tool Name: CDPSnarf/ raw2vmdk & Arachni

Tasos Laskos [LinkedIn | GitHub | Twitter] Developer of several tools, included in Kali Linux

Tasos is the CEO at Sarosys LLC

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?



CDPSnarf is a sniffer for the CDP (Cisco Discovery Protocol) and was created as an educational exercise during my BSc Network Computing studies. One of the courses included Cisco networking and at some point we where studying the CDP protocol; in order to get a better understanding of it, I decided to write a pacet sniffer for it. raw2vmdk is a forensic utility that generates VMDK files from ‘dd’ disk images to allow for those images to be loaded in a VM for analysis. It was created around the same time as CDPSnarf and the reason of its creation was to help a friend analyze HDD dumps of a honeynet we had created as a means to gather attack data for his PhD research. The honeynet nodes were real machines, once we were done we took HDD images using the ‘dd’ utility and raw2vmdk helped extract HDD geometry and other data needed to create a VMDK file in order to load those images in a VM for forensic analysis.

Arachni is a Web Application Security Scanner and was created shortly after raw2vmdk, as an educational exercise, in order to pass the time during a free summer. I wanted to learn Ruby for quite some time and always had an interest in webapp scanners, so I decided to kill 2 birds with one stone by writing a webappsec scanner in Ruby. The system and the problems it presented turned out to be very interesting, so I basically started working on it and never stopped.

What language did you develop your tool in and why did you choose that particular language?
CDPSnarf was developed in C because I was interested in C at the time and also that was the easiest way for me to access the pcap library which was necessary for the CDP packet capture. raw2vmdk was developed in Java because I wanted the utility to be platform independent and because a supporting library that does most of the disk image analysis was written in Java. Arachni was developed in Ruby simply because I wanted to learn Ruby.

Which is your favorite hacking tool? Is it a framework?
Call me biased, but my favorite tool is Arachni and it’s also a framework. I’ve been exclusively dealing with web application security for a long time and Arachni provides a lot of functionality to help in that arena, not only as a scanner, but also as a set of libraries that one can use to write their own pentesting scripts, tools or even custom scanners.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
I think that all aforementioned tools have reached their goals, especially CDPSnarf and raw2vmdk which have been done for a long time now. With Arachni there’s still a lot of room for improvement, especially when it comes to performance and I’m constantly working on that, but by and large I’d say that the project has reached its goal. It’s feature complete and based on independent industry-wide benchmarks it provides the best crawl coverage, vulnerability identification and accuracy of any alternative; of course, YMMV in real world cases, but based on the feedback I’ve received by and large it performs similarly well there too.

Hacking Tool Name: Bluepot

Andrew Smith [Github] Developer of Bluepot, included in Kali Linux

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
Bluepot.

What language did you develop your tool in and why did you choose that particular language?
Java.

Which is your favorite hacking tool? Is it a framework?
nmap.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
I’d like someone to help fix it!

Hacking Tool Name: KillerBee, KillerZee, Asleap & CoWPAtty

Joshua Wright [Github] Developer of KillerBee, KillerZee, Asleap, CoWPAtty, included in Kali Linux

Joshua Wright is a hacker, a public speaker, an educator, and an author. Josh’s publications include [Amazon] “Hacking Exposed: Wireless” (McGraw-Hill) and articles for technical publications, trade magazines, and academic journals. As a senior instructor for the SANS Institute, Josh has authored and teaches classes on mobile and wireless hacking techniques to private and government institutions. As a public speaker, Josh regularly presents information security trends and innovative attack techniques at public conferences and private audiences including RSA, ShmooCon and DEF CON. As a hacker, Josh has disclosed critical vulnerabilities in major technology products and standards affecting companies including Oracle Corporation, Apple Corporation, and Cisco Systems, as well as vulnerabilities affecting standards-based projects including WiFi, ZigBee, Z-Wave, and RFID, while contributing widely-used attack tools and exploits to the penetration testing community. Josh is a graduate of Johnson & Wales University, BS, 1997.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
All of the tools I’ve created were born from an opportunity to demonstrate a flaw or a weakness, fulfilling a gap where a tool did not already exist. Major tools include KillerBee, KillerZee, Asleap, CoWPAtty, etc.

What language did you develop your tool in and why did you choose that particular language?
I choose whichever language makes sense depending on the technique at hand. Sometimes it’s 8086 assembler; sometimes it’s Python.

Which is your favorite hacking tool? Is it a framework?
My favorite tool is my brain.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
My end goal is to demonstrate a flaw, let people use my tools to reproduce the flaw on their own, then to let the community take over my source and continuing to develop the tools to make them better than I could have imagined.

Hacking Tool Name: Rootkit Hunter

Michael Boelen [Website | Github | LinkedIn] Developer of Lynis included in Kali Linux

I care about open source and security. These two ingredients together inspired me to create tools like rkhunter and Lynis. While being technical, I have the chance to run a business that makes this possible. My full biography might be of inspiration for other and can be found here. You are welcome to link with me on LinkedIn, and follow me on Twitter @mboelen.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
After my work in 2003 on Rootkit Hunter, I started the Lynis project in 2007. Now almost 10 years old, the tool keeps helping people to make a quick inventory of their Linux/UNIX systems. It performs an in-depth scan of the security measures implemented, and possible room for improvement. Like many tools, this project was born from a point of frustration. Hardening guides take a while to read, understand, and implement. Then they also become very quickly outdated. I needed a tool that does the checks and becomes smarter with every new test added to it: Lynis was born.

What language did you develop your tool in and why did you choose that particular language?
Lynis is written in plain old shell script. One of the main reasons is the possibility to have a tool without any external dependency, where other tools pull in a lot of unwanted packages. Another reason is portability and the low level of entry to create custom tests. If you are a system administrator or security professional, you most likely created a little bit of shell script or an one-liner before.

Which is your favorite hacking tool? Is it a framework?
At this moment I have actually no favorite tool. So many tools are great, from nmap to a download utility like cURL.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
With Lynis we are actually already very close to its ideal goal of being user-friendly, easy to use, and quick. One of the goals we currently have with the project is more contributors and people sharing it in their presentations. That really boosts the project and allow more people to get their systems secured.

Hacking Tool Name: Bluesnarfer

Davide Del Vecchio [Website] Developer of Bluesnarfer, included in Kali Linux

My name is Davide Del Vecchio aka Dante and I work in Bologna (Italy) as Head of Enterprise Security for YNAP (Yoox Net a Porter Group) the world leader e-retailer of fashion and luxury. I am a co-founder of the “Hermes Center for Transparency and Digital Human Rights” a nonprofit association that develops and promotes Transparency and Freedom-Enabling Technologies. I love to spread the word of security and privacy in the information technology field, speaking at congresses and writing articles since I believe in the power of awareness. I am also a freelance author for WIRED, ICT Security Magazine, Fastweb and other magazines and active member of many associations like ISACA, CLUSIT, CSA (Cloud Security Alliance) and co-authored the “Italian informationSecurity Association Report” since 2012. Before becoming a manager I have been an independent security researcher and I published some advisories (mostly on HP-UX), researches and the (in)famous tool Bluesnarfer.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
Bluesnarfer is a tool to basically exploit a vulnerability in the bluetooth implementation of some mobile phones. The idea came out after the first vulnerabilities started to come out in the while. There was not a tool to exploit them easily.

What language did you develop your tool in and why did you choose that particular language?
The tool has been developed in C because it was the language I knew better at that time.

Which is your favorite hacking tool? Is it a framework?
I guess the old good nmap is still one of my fav so far.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
I think my tool will be just a “module” of somebody else tool one day.

Hacking Tool Name: TestDisk

Christophe Grenier [LinkedIn] Developer of TestDisk, included in Kali Linux

As IT Operations Manager, I am in charge of a 15 Engineers and Technicians team. On a day to day basis, my team and myself are working to provide IT services (Cloud computing) to more than 1,000 companies and 30,000 end-users.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
TestDisk has been created in 1998 to recover lost partitions. Today it can recover data in a lot more situations. PhotoRec is born in 2002 when I bought my first digital camera to recover, if the need arose, my pictures. It can recover more than 400 file family. I have delopped CmosPwd in 1998 to recover BIOS passwords stored in cmos memory.

What language did you develop your tool in and why did you choose that particular language?
C language is good to deal with low level disk access under MSDos, Windows, Linux, Mac OS X.

Which is your favorite hacking tool? Is it a framework?
pwntools is great to craft exploits to hack vulnerable binaries.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
More developers will be cool: a GUI for testdisk, a better bruteforce mode in PhotoRec to recover fragmented jpg.

Hacking Tool Name: SSLsplit

Daniel Roethlisberger [Github] Developer of SSLsplit, included in Kali Linux

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
I wrote the initial code that would later become SSLsplit to scratch an itch I had during my time as a pentester. Later I polished and published it when I had the need to replace other tools that did not support modern TLS features, were not portable and abandoned by their original developers. FakeIKEd I wrote much earlier to prove a point when I was studying at a university that at the time had an insecure group password setup. In both cases, writing a tool not only provided me with the tool I needed, but also proved to be a very valuable learning exercise. This is also true for contributions to existing security tools that I had made in the past, such as SCTP support for Fyodor’s venerable Nmap.

What language did you develop your tool in and why did you choose that particular language?
Plain old c. These days I also write a lot of python and I have been developing in numerous other programming languages in the past. For SSLsplit, the choice of using c was mostly because I wanted it to perform well, I needed to be as close to OpenSSL as possible in order to overcome some of its API design limitations from a MitM attacker perspective, and I needed to be able to access low-level APIs of different NAT engines on different platforms.

Which is your favorite hacking tool? Is it a framework?
There are so many awesome tools and frameworks out there, but I don’t have a favorite hacking tool. Different tools are best suited for different tasks. I think it’s important to be flexible enough to pick up how to use new tools quickly, and if necessary, to be able to hack together your own if there is no tool that fits the job at hand. If I had to name one tool that I would bring if I were to be stranded on a deserted island, it would be a Unix shell environment including a c compiler and a python interpreter.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
I hope to be able to support my tools, especially SSLsplit, for as long as possible, and implement some improvements, but there is no big development roadmap. They served their purpose and I hope to keep them working as long as they are useful.

Hacking Tool Name: SIPVicious

Sandro Gauci [Github] Developer of SIPVicious, included in Kali Linux

Sandro Gauci founded Enable Security in 2008. He’s helped protect clients from hacker attacks for 15 years as an authority in information security and penetration testing. He’s written advisories and suggested fixes for Microsoft, Cisco, and Juniper Networks, among others. Sandro’s published works include topics on attacking Web Application Firewalls, VOIP (Voice over IP) systems, and HTTP sessions. His open source security tools are used by other penetration testers and security auditors, and his work is cited in published security literature.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. It was created when I was testing some SIP-based PBX systems and noticed that the tools out there were not covering my needs. Various excellent friends helped me polish these tools, which were then collectively published as SIPVicious. The aim was that other pentesters and security folks too can efficiently demonstrate basic security vulnerabilities that affect various SIP systems.

WAFW00F is another tool that I, together with Wendel G. Henrique, published. It allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website. It was created since, as a pentester, I was often being told, that my attacks are not effective because of WAFs. I guess I just wanted to show how obviously detectable WAFs are so that security researchers could then bypass the WAF.

What language did you develop your tool in and why did you choose that particular language?
Python which is quite a neat language and makes it easy for pentesters to rapidly develop code to demonstrate a number of attacks.

Which is your favorite hacking tool? Is it a framework?
Nmap.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
Community support and contributions are welcome, especially for wafw00f.

Hacking Tool Name: httptunnel

Lars Brinkhoff [Github] Developer of httptunnel, included in Kali Linux

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
httptunnel

What language did you develop your tool in and why did you choose that particular language?
C

Which is your favorite hacking tool? Is it a framework?
Lisp

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
It’s quite stable, so there’s no pressing need for future development.

Hacking Tool Name: peepdf

Jose Miguel Esparza [LinkedIn] Developer of peepdf, included in Kali Linux

I am leading the Fox-IT InTELL team where we gather intelligence from threat actors and botnets, we analyze new malware and threats, and we warn and protect customers from them. I have experience managing a highly technical team and keeping it motivated and happy. My background is analysis of banking malware, exploit kits, vulnerabilities, etc. and design/build a malware lab from scratch.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
The tool I developed is called peepdf and it is a tool to analyze PDF files. All started when I was attending a Black Hat talk in 2008 about PDF analysis and the guys presenting told the audience that they would release a tool that they did not release at the end. Then I thought that it was a good idea to develop it myself. However, for several reasons, it took me a while until I released it, in 2011, and there were already more tools out there. But still, I tried to do something different, putting together all the functionalities needed when you are analyzing a malicious PDF file so the users don´t need to use 5 different tools for that. This plus the good feedback, the fact that it was developed in Python (cross-platform) and that it was doing some things other tools were not doing was a good motivation to continue dedicating time to it.



What language did you develop your tool in and why did you choose that particular language?
peepdf is written in Python. I chose that language because at that time I was more familiar with it, it was easy and fast to develop and there was a big community supporting it. My tool did not need a high performance at that time so it was a good option.

Which is your favorite hacking tool? Is it a framework?
That´s a difficult question…It really depends on the task you want do. I am more familiar with tools related to malware and threat analysis, so I tend to like debuggers and disassemblers like IDA Pro, radare, OllyDbg. If we are speaking about pentesting and exploiting Metasploit is a great framework which can be extended with your own modules too, so I would choose that one.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
Maybe this sounds quite unrealistic, but I would like to reach a point where the tool is completely stable and robust, so just new features need to be added. There are a lot of things to do like improving the performance, support some more PDF specifications, full support for JSON and maybe in the future being able to extend the functionality with custom commands the users can develop.

Hacking Tool Name: snmpcheck

Matteo Cantoni [Website] Developer of snmpcheck, included in Kali Linux

I’m employed as security analyst. My jobs include network security, penetration testing, policy auditing, vulnerability research, forensic analysis of a compromised system, DDos mitigation and IP lawful interception.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
I developed snmpcheck, a tool useful to automate the process of gathering information of any devices with SNMP protocol during a penetration test.

What language did you develop your tool in and why did you choose that particular language?
At first in perl, later it was rewritten in Ruby being more powerful.

Which is your favorite hacking tool? Is it a framework?
Metasploit.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
Keep it updated by incorporating new functions. Ideal goal is to become a valuable tool in every penetration test activities.

Hacking Tool Name: diStorm & diStormx

Gil Dabah [LinkedIn | Github] Developer of diStorm and diStormx, included in Kali Linux

Senior Director, Head of SW Security at Magic Leap

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
diStorm and diStormx

What language did you develop your tool in and why did you choose that particular language?
C. Because it’s a very strong language and can be easily ported to so many other platforms. As diStorm supports to be compiled to many target architectures. In hindsight, it could have been C++ also. C felt cleaner to me for this specific tool. Also I wanted speed hence the choice.

Which is your favorite hacking tool? Is it a framework?
Probably IDA 🙂

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
I’m really past that tool already. I am happy to see people use it. I started it for fun to learn how the x86 and x64 architectures work, and it was a really great experiment. After I finished the first version, I decided it’s time to publish it and I got great feedback and many people and companies around the world use it. It was very important for me to have high standards there, like performance, memory and disk footprints, clean and documented code, lots of documentation and support for other platforms and bindings for many other languages. I wish more people have contributed to it with new instruction sets.

Hacking Tool Name: Kautilya

Nikhil Mittal [LinkedIn | Website] Developer of Kautilya, included in Kali Linux

Nikhil Mittal is a hacker, infosec researcher, speaker and enthusiast. His area of interest includes penetration testing, attack research, defence strategies and post exploitation research. He has 7+ years of experience in Penetration Testing for his clients which include many global corporate giants. He is also a member of Red teams of selected clients. He specializes in assessing security risks at secure environments which require novel attack vectors and “out of the box” approach. He has worked extensively on using Human Interface Device in Penetration Tests and PowerShell for post exploitation. He is creator of Kautilya, a toolkit which makes it easy to use HIDs in penetration tests and Nishang, a post exploitation framework in PowerShell. In his spare time, Nikhil researches on new attack methodologies and updates his tools and frameworks. Nikhil has held trainings and boot camps for various corporate clients (in US, Europe and SE Asia), and at the world’s top information security conferences.

He has spoken at conferences like Defcon, BlackHat USA, BlackHat Europe, RSA China, Troopers, DeepSec, PHDays, BlackHat Abu Dhabi, Hackfest, ClubHack, EuSecWest, HITB and more.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
Kautilya – A tool which makes it easy to use Human Interface Devices in penetration tests. I created this tool during a red team engagement years ago when I was asked to run a social engineering campaign to test security awareness of a client’s employees. The client had mass storage devices blocked in its environment and that is when I created Kautilya. Using HID for security testing was already public knowledge, I just created (hopefully) an easy to use tool for that.

Nishang – A tool which makes it easy to use PowerShell during red team engagements and penetration tests. I created this tool as most of my existing payloads were getting detected during penetration tests. I also wanted to have some custom post-exploitation scripts on Windows boxes outside the metasploit framework.

What language did you develop your tool in and why did you choose that particular language?
I used Ruby for Kautilya as I was comfortable with it. I used PowerShell for Windows payloads of Kautilya and developed Nishang completely in PowerShell as it is available by default on all modern Windows boxes and provides access to Windows API, .Net, WMI, Registry, FileSystem and other boxes on the network.

Which is your favorite hacking tool? Is it a framework?
PowerShell. It is a Windows scripting language.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
Make the tools more useful for the community which enables me to learn new and interesting things.

Hacking Tool Name: mitmproxy

Aldo Cortesi [LinkedIn] Developer of mitmproxy, included in Kali Linux

I make software, break software, and make software that breaks software. You can find my various projects here. The most widely used tool I work on is mitmproxy.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
mitmproxy – I wanted to be able to inspect and tamper with traffic from mobile and embedded devices. The tool has since grown to be useful in a wide variety of other circumstances too.

What language did you develop your tool in and why did you choose that particular language?
Python – it’s a good, general high-level programming language with a mature library ecosystem.

Which is your favorite hacking tool? Is it a framework?
Everything I do relates to or is underpinned by code. My favourite hacking tool – the only thing without which I absolutely couldn’t do my job – is a good, productive programming language. For quick scripts I use Python, for network services and places where a bit more heft is required I use Go.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
Next steps for mitmproxy is to solidify general TCP interception, work on fostering an addon ecosystem, and mature our web interface.

Hacking Tool Name: DotDotPwn

Christian Navarrete [LinkedIn | Website | Github] Developer of DotDotPwn, included in Kali Linux

My name is Christian Navarrete and I am a Security Researcher from Mexico. My core skills are related to Pentesting, Ethical Hacking, Reverse Engineering Malware Analysis and Vulnerability Research.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
The tool’s name is DotDotPwn. The idea behind the tool became a long time ago while I was performing pen testing on Web applications. I realized that some of the parameters passed to certain pages were including files and such files were requested from the file system to then later, being displayed on the screen. I recall about Directory Traversal vulnerabilities and then I decided to use some of the regular traversal payloads and luckily it worked.

I started to think about how many other methods exists to take advantage of this vulnerability type and here is when I started researching about Directory Traversal vulnerabilities in deep. Some time later, I came back to re-test the security fixes provided by the development team and of course, didn’t work, but when trying a different set of payloads it worked – again. Here is where I said. “”Man, that was Dot-Dot Pwn!”” and that’s why the name. I was more interested in what’s next and then after more research on the topic, I realized that this type vulnerability affected not only web-based applications but also network software – and even not-networked software – that can suffer from the same problem.

After that. I was wondering how to perform – in an automated fashion – a complete (tons of payloads and customizations) discovery of Directory Traversal vulnerabilities in any software or web application that performs calls to the file system in any way. My first attempt was to do it by supporting HTTP and FTP servers.

The first version (1.0) was released in August 2010, then after some talks with my friend Alejandro Hernandez (@nitr0usmx) he decided to join the coding effort and started to work on version 2.0, which was released soon after the previous one. 2.0 introduced new protocol support as well as flexible parameters to configure the scans. After that, several enhancements and modules were included as well and then the version 2.1 was released at the BugCon Security Conference in October 2010. For 3.0 we had two major dates, the first one was the BETA release which was at the Black Hat USA – Arsenal and a live demo at Campus Party in Mexico. The official 3.0 release was at the BugCon Security Conference in February 2012.

I thought that would be very interesting to share the tool with the community and then I decided to contact the BackTrack Linux staff to request a tool addition to the distro. A voting for the tool was in place in their tool section of their forum and after a couple of days, we received their answer that the tool was accepted and that will be included soon and it was ready for BackTrack R2. Now, the tool is included in Kali Linux

and recently also added to the BlackArch Linux, an Arch-based distro.

The feedback from many people was great and in March 2013 started more code contributions from some twitter followers and also the main repo was created on Github. Since then, new features and support were introduced thanks for such contributions that has been playing a crucial role in the evolution of the tool.

The tool became very popular in the community and we started to find that some Internet magazines and a research paper mentioned the tool. On September 2014, the OWASP Testing Guide v4.0 mentioned the tool under the tool section for Testing Directory traversal/file include (OTG-AUTHZ-001). During testing of the tool, we released 9 security advisories and we heard that many other people discovered vulnerabilities using this tool as well.

What language did you develop your tool in and why did you choose that particular language?
At that time, I was basically playing a lot with Perl, that was my first scripting language so I decided to write it using it. There’s no a particular reason about the language, but we are planning to rewrite the tool in Python, which will be including new enhancements and fixes.

Which is your favorite hacking tool? Is it a framework?
I am very *very* old school and I like such way as of today. My best “Framework” includes a HEX editor, ASCII table, Compiler/Interpreter, Disassembler, Debugger, the Internet and for sure a great brain. I usually don’t use frameworks or at least, I try to not rely entirely on them. I see Frameworks as a complement, and for sure Metasploit will be on that list too. Nowadays, people relies too much on using Frameworks, but I think that there are cases in where certain customization will be required at a certain point.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
We have had very good cooperation in the shape of code contributions and I think that with the upcoming additions to the tool will create more interest of more people to contribute to the project.

Hacking Tool Name: HexInject

Emanuele “crossbower” Acri [Github] Developer of HexInject, included in Kali Linux

I always been a very reserved guy, not linking to be in the spotlight. Our society is now inextricably tangled with the “cyber” world: manipulating the virtual deeply affects the real. This may be the motive I approached the security field: being able to uncover the weaknesses and the assumptions that lies under our reality. For the same reason, I find much more pleasure in dealing with the low level aspects of networks and programming. My tools reflects this attitude.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
HexInject and the Complemento Suite are both tools to manipulate network at a very low level. HexInject make it very easy to inject and sniff frames and packets on a network. It has been created to facilitate and extends the possibilities of the user: for example, it only deals with the annoying things of injecting packets on a network (such as calculating checksums for injected packets) leaving all the creativity of the user unconstrained. It is also designed to easily cooperate with other tools the user may already use. Complemento is similar, but more focused on specific weaknesses of networks and OS’ protocol stacks.

A different tool, but still reflecting my preference for the low-level, is Cymothoa. It is a stealth backdooring tool, that inject backdoor’s shellcode into an existing process. It also allowed me to try some different approaches to backdooring, for example the possibility of executing a parasite inside a process, without forking it, but simulating an internal scheduler (https://crossbowerbt.github.io/docs/phrack68/p68_0x09_Single%20Process%20Parasite_by_Crossbower.txt).

What language did you develop your tool in and why did you choose that particular language?
I do not have a favourite programming language, but i prefer languages that have a simple, but flexible core, C for example.< These languages tends to be portable to many systems, and do not have many dependencies.

In the security fields you often face very restricted and exotic systems, so you need languages that adapts easily.

Which is your favorite hacking tool? Is it a framework?
You do not need much more than a unix-like operating system, with a compiler and a scripting language, to carry out more of the 80% of the penetration testing work.

There are of course some great tools out there, that really simplify many tasks. For example, I like sqlmap very much, because is a very smart tool, that learns a lot of things on the target, without asking too much questions to you. It is a tool that extends your possibilities, without limiting your creativity. Metasploit is also great, but I find framework a bit an overkill to me, and they force you to thing in a constructed way. I tend to use smaller, more focused tools.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
The ideal is to develop a tool that is a perfect extension of the mind of the user. This is not easily done, but often involves not only the features that should be implemented, but also those that should be left out.

This quote is very inflactionate, but nevertheless is true, especially in our over-complex today systems: “Perfection is finally attained not when there is no longer anything to add, but when there is no longer anything to take away.”

Hacking Tool Name: findmyhash, Oauzz & Iker

Julio Gomez Ortega [LinkedIn | Github] Developer of findmyhash, Oauzz and iker, included in Kali Linux

Product Manager / Security Consultant at Telefonica

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
The 3 most important tools I’ve developed are: findmyhash (a script that uses online resources to crack password hashes. The idea came when I was tired of wasting hundred of hours bruteforcing hashes and I thought about using commercial rainbow tables, some of the accesible form the Internet); Oauzz (a fuzzer to analyze the security of Oauth based applications); and iker (a script that automate most of the tests that are usually carried out during a ipsec assessment).

What language did you develop your tool in and why did you choose that particular language?
I use Python because it’s a multiplatform language and very easy to use in scripting.

Which is your favorite hacking tool? Is it a framework?
nmap, sqlmap and metasploit.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
Although I worked in version 2.0 of findmyhash (and it is almost finished), it never was published. The version 2.0 was a full framework of password cracking, implementing cracking algorithms and connecting with external tools such as J-t-R.

Hacking Tool Name: multimon-ng

Elias Oenal [Website] Developer of multimon-ng, included in Kali Linux

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
I started multimon-ng in 2012 when I first got into SDR. (Software Defined Radio) Scanning the spectrum for signals I noticed pager communications and was disappointed to learn there wasn’t an easy way to decode such data on Linux. I tried multimon which came bundled with Debian, yet the project had been unmaintained for many years and the 64-bit builds were completely non-functional. In turn the initial work was focused on fixing bugs and porting it to different operating systems, like Windows and MacOS X. Once I got the basics working again, others joined the development and helped me to extend the functionality greatly.

What language did you develop your tool in and why did you choose that particular language?
The original multimon was written in C to begin with, so that never really was my choice. I probably would have gone for C nonetheless, since my day job involves a lot of embedded development and I appreciate the strengths of the language. Once many people started deploying multimon-ng on embedded platforms like the raspberry pi I was glad the project uses resources sparingly.

Which is your favorite hacking tool? Is it a framework?
I’m not sure whether I have a favourite, but working with a lot of hardware I am quite fond of the open source signal analysis software sigrok.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
I never had particular plans for multimon-ng, but I really like how it seems to develop naturally according to people’s demands. It has been used for anything from decoding firing sequences of professional pyrotechnics to satellite communications.

Hacking Tool Name: Digital Forensics Framework

Solal Jacob [LinkedIn | Website | Github] Developer of ‘Digital Forensics Framework’, included in Kali Linux

Chairman and Founder at ArxSys

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
I created Digital Forensics Framework. It was in 2007 and I was student. I had to choose an end of study project, I was at those time in the security laboratory of my school and also taught security courses about software exploitation to others students. I read some book about digital forensics that was not very known and used at those time. I saw that most of the tools was commercial one that I can’t afford as a student so I decided to work on digital forensics and create an open source framework that became DFF.

What language did you develop your tool in and why did you choose that particular language?
I developed it in C++ and python. Two object oriented language, because I knew that the project will become large overtime and that it will be better to have most reusable component as possible, to avoid rewrite code. Also, good use of composition and inheritance can help make software more modular, and code easier to read and less prone to bug as there is less code to check (but also it can be tricky some time as in C++ there is lot of things that is implicit). C++ was choose for the core and some module also because it’s a fast language as it’s compiled language. Also, it permit to use multi-thread what is not really the case in Python as all the thread are old by a global interpreter, the GIL. Python was choose as a secondary language, because it’s also an object oriented language so the API could be easily reused (I use SWIG to automatically generate the binding) and Python code is lot easier to write as many thing like memory allocation is already managed and many languages modules are provided by default, so it was choose to make easier to write script or module. Also the GUI is written in PyQt who is a Python binding to the C++ Qt library, so it’s faster and easier to write and test code without recompiling each time. Anyway DFF became very large (more than 200 000) lines of code, and many C/C++ library was linked (mainly for modules) and some python too, so it became very difficult to maintain, but could reused some work from other opensource forensics project (volatility for Python and lot of Joachim Metz library, libyal). If I had to write it again today I would maybe look towards language like Go and Rust.

Which is your favorite hacking tool? Is it a framework?
I will say vim and gcc, with those you can do what you need 😉

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
I would like to find more people that will contribute to the tool. And also I would like to have more time to contribute on it. (If I could be paid to develop only DFF it would be perfect 😉

Hacking Tool Name: Kismet

Mike Kershaw [Website | Twitter] Developer of Kismet, included in Kali Linux

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
Kismet – wireless packet capture, IDS tool – Kismet started as a fork of the original Airsnort, hacked to display SSIDs. There were only a handful of wireless cards at the time (2001/2002) and they had incompatible packet formats, so it made sense to write a tool with a common processing layer and multiple input layers, and it’s just grown since then. After some time off while being swamped with Real Work, Kismet development has kicked back up, with new methods for storing the data and a new shiny web ui and scriptable REST interface, and the ability to easily capture other protocols that aren’t 802.11 based.

What language did you develop your tool in and why did you choose that particular language?
Kismet is written in C++ – at the time, the processing and memory cost incurred by a fully interpreted system would have been too high (originally running on 200 – 500mhz systems with 64 or 128 meg of RAM). C++ incurred a memory cost as well (template expansion and C++ runtime) but much less than a fully dynamic scripting language of the day. Today, Kismet is still in C++, but has adopted a much more flexible model for storing data with the tradeoff of some additional processing and memory, and by exporting data over REST with JSON or msgpack formats, the user interface duties can be easily moved to a web-based system, or any other scripting language presenting the UI.

Which is your favorite hacking tool? Is it a framework?
When it comes to packet analysis, Wireshark has to be the number one go-to tool.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
At this point, Kismet is old enough to get it’s learners permit to drive – but the biggest changes have come in the past year with the transition to a web ui and a much more flexible system. Ultimately, I’d like Kismet to handle anything wireless – now that SDRs have become cheap, monitoring non-Wi-Fi wireless is affordable and sometimes even trivial.

Hacking Tool Name: Plecost

Francisco Rodriguez [LinkedIn | Github> | Twitter | Website] Developer of Plecost, included in Kali Linux

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
Plecost: WordPress vulnerabilities finder. Early 2010 year WordPress was growing rapidly. Every day new blogs were creating and plugins count increasing every hour. In the same way bugs and vulnerabilities were discovered, we needed a tool to scan new WordPress installations in order to detect vulnerable versions, those days we performed penetration testing in a Tiger Team and reconnaissance phase is fundamental. First version of Plecost was just a proof of concept developed in a few hours, Plecost first release came few weeks later thanks to my co-worker @ggdaniel. It was a non threading script but included a global scan across Google looking for vulnerable WordPress plugins (this feature is not longer available).

What language did you develop your tool in and why did you choose that particular language?
Plecost is coding in Python because we were familiar with this language and we used to use it.

Which is your favorite hacking tool? Is it a framework?
Scapy

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
The ideal goal for Plecost is to create a collaborative framework to create a huge knowledge database about WordPress installations.

Hacking Tool Name: Intersect Framework

Adam M. Swanda [LinkedIn | Website] Developer of Intersect Framework, included in Kali Linux

Security researcher with a strong focus on cyber crime investigation, malware research and reverse engineering, and Python software development to design collections and analysis systems that aid in cyber security research and investigation tasks. Lately that development has involved various aspects of machine learning such as; classification and clustering, similarity learning, and natural language processing.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
Intersect Framework: At the time there was a large gap in tools that covered this area of penetration testing even though the actual tasks are something every penetration tester needs to do. I built the tool with the idea that if I could help others automate the Linux post-exploitation process, make it freely available, and hopefully get feedback and input from the community then the professional and up-and-coming pentesting community would be better off for it. It was also very much my way of giving back to a community that has given me some great tools I’ve used, and contributing is one of the best ways to get involved and keep the innovation and contributions going.

What language did you develop your tool in and why did you choose that particular language?
Intersect is developed in Python, primarily due to it being the language I had the most experience with at the time, and the language is very widely used among professional developers, adhoc scripters, and is easy for beginners to understand and extend upon. The framework itself was designed to be modular and Python seemed to allow that the best way possible.

Which is your favorite hacking tool? Is it a framework?
Veil Framework.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
Intersect has not been actively developed publicly for a few years now, but ideally I was hoping for it to be a pure Python framework for payload building, post exploitation tasks, and provide users with a variety of communication mechanisms in a “plug and play” fashion. In 2016, I restarted the project privately from the ground up to entirely revamp the project and take my coding knowledge from the past several years to make that truly happen. Perhaps sometime in 2017 we will see this finished and released publicly 🙂

Hacking Tool Name: w3af & nimbostratus

Andres Riancho [LinkedIn] Developer of w3af and nimbostratus, included in Kali Linux

Andres Riancho is an application security expert that currently leads the community driven, Open Source, w3af project and provides in-depth Web Application Penetration Testing services to companies around the world. In the research field, he discovered critical vulnerabilities in IPS appliances from 3com and ISS, contributed with SAP research performed at one of his former employers and reported vulnerabilities in hundreds of web applications. His main focus has always been the Web Application Security field, in which he developed w3af, a Web Application Attack and Audit Framework used extensively by penetration testers and security consultants. Andres has spoken and hold trainings at many security conferences around the globe, like PHDays (Moscow), SecTor (Toronto), OWASP (Poland), CONFidence (Poland), OWASP World C0n (USA), CanSecWest (Canada), T2 (Finland) and ekoparty (Buenos Aires).

Andres founded Bonsai, a web security focused consultancy firm, in 2009 in order to further research into automated Web Application Vulnerability detection and exploitation.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
I created two very interesting tools: w3af and nimbostratus.

w3af was my first open source tool, a web application scanner with exploitation capabilities. It was created when there were no good open source solutions for web scanning and I worked full-time doing application security testing.

Nimbostratus was the result of an AWS hacking research I did in 2014 and presented at various conferences. The tool allows an attacker to extract AWS credentials from EC2 instance meta-data and escalate privileges in the AWS account to gain root.

What language did you develop your tool in and why did you choose that particular language?
Python is my language of choice. It’s easy to code in Python, there are plenty of libraries and you can write C extensions if performance is a requirement.

Which is your favorite hacking tool? Is it a framework?
nmap and w3af.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
I would like to see w3af grow into being an “nmap for the web”.

Hacking Tool Name: theHarvester

Christian Martorella [LinkedIn | Github] Developer of theHarvester, included in Kali Linux

Christian Martorella has been working in the field of Information Security for the last 17 years, currently working as Product Security Engineering Lead in Skyscanner, were he focus in creating secure software in a high growth and at scale business. Previous to his current role, he was Principal Program Manager in Skype Product Security team, Microsoft, where his focus was to make sure that Skype products and services were secure from design, in order to protect more than 500 million users.

He is cofounder an active member of Edge-Security team, where security tools and research is released. Christian has contributed with Open Source Security testing and Information Gathering tools like OWASP WebSlayer, Wfuzz, theHarvester and Metagoofil, all included in Kali the Penetration testing Linux Distribution. Christian presented at Blackhat Arsenal USA, Hack.Lu, What The Hack!, NoConName, FIST Conferences, OWASP Summits and Meetings (Spain, London, Portugal and Venice) and Open Source Intelligence Conference (OSIRA). Christian recently graduated as Master in Business Administration (MBA) at Warwick Business School, and holds multiple security certifications like CISSP, CISM, CISA, OPSA and OPST.

Can you tell us the name of the tool(s) you developed and why you had the idea to create them?
I have a few tools, but the main ones are theHarvester, a tool to perform Information Gathering about a company. I came up with the idea long time ago, when I was doing Penetration tests and I decided that would be good to have a tool that can search in multiple sources for data that will provide me interesting information about my target that will help me in the Pentest, like servers, hostnames, e-mail addresses, etc. and that’s how I started with the Harvester, by collecting mainly information from Google, Bing, PGP key servers, LinkedIn, DNS, Shodan, etc. The tool can be used also by the companies to see what information is on the Internet about their servers, services and employees.

Another tool related with Information Gathering, is the Metagoofil. Here the idea came after reading a document about Metadata in Office documents, and I thought wouldn’t be nice if I could search for all public documents belonging to a company that are available on the Internet and extract their Metadata? And that’s what Metagoofil does, it performs a search in Google for Office and PDF documents in the target domain, downloads them and extract metadata like Users that created/modified the documents, servers where the document was stored, etc, pretty interesting findings for a Penetration tester.

Finally another tool that I created is Wfuzz. Wfuzz (currently maintained and modified by Xavier Mendez), this tool is a web application brute forcer. It basically let’s you brute force any part of an HTTP request using dictionaries, ranges, etc. I decided to create this tool after using Dirb (by Ramon Pinuaga) and Burp suite Intruder; I needed something more custom and flexible than those two, and that is when I started developing my own tool for that purpose.

One of the main reasons I wrote my own tools, is that I wanted to learn in the process, understand how other tools worked and give back something to the community.

What language did you develop your tool in and why did you choose that particular language?
I started programming my tools with Perl, but soon after I discovered Python and it has been my language of choice, due to it’s simplicity to learn it and the amount of libraries that you can find that will save you a lot of time in new projects.

Which is your favorite hacking tool? Is it a framework?
It depends on the task at hand, lately I have been focusing on Web Application security, so my favourites in this area are Burp suite, SQLmap, Zap Proxy and Wfuzz 😉 Other tools I like are Nmap and Metasploit.

How would you like to see your tool develop over time, in other words, what is the ‘ideal goal’?
Currently my tools are in Business as usual mode, I am not creating new features at the moment, I am just maintaining them, making sure they work as expected, and maybe adding some small additions. Ideally I would like to see them moving to the cloud in a SaaS model.