Hacking ▍

Hacker Tradecraft · Deep Dive · 21 volumes

Hacker Tradecraft

21 volumes on how to think about, plan, and run an engagement.

OPSEC, tool selection, lab discipline — the meta-skill that ties every tool together.

Search every volume:

Volumes

  1. Vol 1 Hacker Tradecraft Volume 1 — Overview, the Hat Spectrum, and How to Read This Series What 'tradecraft' means here, the seven hats at a glance, the two-axis problem, the decision graph, and how this series threads back into the rest of the Hack Tools hub
  2. Vol 2 Hacker Tradecraft Volume 2 — History I: Proto-Hacking, 1950s–1970s From MIT Tech Model Railroad Club model trains to the Cap'n-Crunch whistle and the blue box, the AI Lab's hacker ethic, and the Menlo Park garage where Homebrew handed the microcomputer to the rest of us
  3. Vol 3 Hacker Tradecraft Volume 3 — History II: The Golden Age and Criminalization, 1980s–1990s BBS culture and the warez nets, the 414s and the *WarGames* moral panic, the Computer Fraud and Abuse Act and the legal climate it created, the Morris Worm and the birth of CERT, *Phrack* and *2600* and the Legion of Doom, Operation Sundevil and the founding of the EFF, the Mitnick manhunt and its press myth, and DEF CON 1
  4. Vol 4 Hacker Tradecraft Volume 4 — History III: The Modern Era, 2000s–Present Professionalization and the pentest industry, the disclosure wars and the 0-day market, Stuxnet and the APT vocabulary, Snowden and the cryptographic counter-reaction, the bug-bounty economy, ransomware-as-a-business and the initial-access-broker supply chain, and the toolchain democratization that put a 1990s pentest in a $200 backpack
  5. Vol 5 Hacker Tradecraft Volume 5 — The 'Hat' Metaphor: Where the Colors Came From From the silent-era B-Western trope through 1990s trade-press migration into security culture, the cementing of 'Black Hat' by Jeff Moss's 1997 conference, the chronological expansion to grey / green / blue / red / purple, and the two-axis problem — ethical-stance hats vs. engagement-role team colors — that the next seven volumes will treat one at a time
  6. Vol 6 Hacker Tradecraft Volume 6 — The White Hat: The Authorized Professional Authorization as the load-bearing concept; the engagement lifecycle from scope to retest; the toolchain woven across network, web, and RF; how the ethical professional actually gets hired
  7. Vol 7 Hacker Tradecraft Volume 7 — The Black Hat: The Adversary The unauthorized adversary, the structured criminal economy, the figures behind the case law, and the legal line that defines the whole hat
  8. Vol 8 Hacker Tradecraft Volume 8 — The Grey Hat: The Ambiguous Middle Acts without authorization, without malice — the L0pht era, the full-disclosure wars, the disclosure decision point, and the bug-bounty pathway that converts grey to white
  9. Vol 9 Hacker Tradecraft Volume 9 — The Green Hat: The Newcomer CTFs, home labs, TryHackMe, HackTheBox, and the RF starter kit from RTL-SDR through Flipper Zero to HackRF — how people actually enter the field
  10. Vol 10 Hacker Tradecraft Volume 10 — The Blue Hat: The Defender The SOC analyst, the incident responder, the threat hunter, the detection engineer — and the Microsoft BlueHat disambiguation that lives in the same word; with the RF defensive angle (rogue-AP detection, IMSI catcher detection, spectrum monitoring) that ties the defender's hat back to the rest of the Hack Tools project
  11. Vol 11 Hacker Tradecraft Volume 11 — The Red Hat: The Aggressor Sanctioned adversary emulation, C2 frameworks, MITRE ATT&CK, AD attack tooling, and physical-entry RF/HID staging — with the triple disambiguation of 'red hat' carried up front and the boundary against the black hat held by the same paperwork that holds the white hat
  12. Vol 12 Hacker Tradecraft Volume 12 — The Purple Hat: The Synthesis Purple as the integration of red and blue — the collaborative adversary-emulation-to-detection-engineering feedback loop, Atomic Red Team / CALDERA / VECTR as the canonical tooling, SANS SEC599 and SEC699 as the canonical curriculum, and the practitioner-vs-practice disambiguation that keeps purple from being read as a third role parallel to red and blue
  13. Vol 13 Hacker Tradecraft Volume 13 — RF Tradecraft I: SDR and Sub-GHz SDR fundamentals at schematic depth, the security-relevant spectrum map, the sub-GHz protocol zoo, the capture-analyze-replay workflow with concrete commands, and the gear from RTL-SDR through HackRF and PortaRF to the Flipper Zero
  14. Vol 14 Hacker Tradecraft Volume 14 — RF Tradecraft II: Wi-Fi and BLE The 802.11 attack surface from frame types through WPA3, the rogue-AP family lineage from KARMA to MANA, the WPA2/WPA3 handshake-capture-and-offline-crack pipeline, the BLE protocol stack at engineer depth, and the gear from WiFi Pineapple through Marauder and Nyan Box to Ubertooth
  15. Vol 15 Hacker Tradecraft Volume 15 — RF Tradecraft III: RFID, NFC, and Access Control The card families from 125 kHz EM4100 through 13.56 MHz MIFARE and iCLASS, the NFC protocol stack at engineer depth, the capability-level catalog of clone-replay-relay-downgrade attacks, and the gear from Proxmark3 and Flipper Zero through HydraNFC, ChameleonUltra, and iCopy-X
  16. Vol 16 Hacker Tradecraft Volume 16 — Computer-Hacking Tradecraft: Keyloggers, BadUSB, and Implants Physical-access computer intrusion at engineer depth — HID keystroke injection from the original USB Rubber Ducky through BadUSB and the Hak5 implant family, hardware versus software keyloggers, network implants and drop boxes, the combined RF-plus-physical staging chain, and the defender's view
  17. Vol 17 Hacker Tradecraft Volume 17 — Social Engineering Tradecraft The human attack surface at engineer depth — the academic psychology that underwrites the technique, OSINT as the reconnaissance phase, pretexting as the operational core, the phishing / vishing / smishing delivery channels, physical entry, and the layered defense model that has to assume every other control will eventually fail
  18. Vol 18 Hacker Tradecraft Volume 18 — Careers: How the Ethical Hats Get Hired Synthesis of the per-hat hiring sections plus the broader certification landscape, portfolio strategy, interview reality, US 2026 compensation bands, and the long-form reputation play that makes a security career compound
  19. Vol 19 Hacker Tradecraft Volume 19 — The Legal Line and Ethics The Computer Fraud and Abuse Act at depth, Van Buren and the post-2021 narrowing, international equivalents, authorization in practice — SOW / scope / ROE / get-out-of-jail letter — disclosure ethics and the four-path decision tree, the RF and spectrum-law overlay, and the ethical frameworks that sit beneath the legal minimum
  20. Vol 20 Hacker Tradecraft Volume 20 — Cheatsheet Field-grade laminate-ready synthesis cards
  21. Vol 21 Hacker Tradecraft Volume 21 — Glossary and the Canonical Anchor Index A-Z glossary of every term of art used in the series + the complete frozen anchor catalog + worked link-in example — the reference other Hack Tools deep dives bookmark into