If you really want to understand a security researcher, look at the tools they tinker with after hours. To celebrate our final runZero Hour of 2025 (and the fact that we’re giving away three $200 Hak5 gift cards) we asked the runZero research crew to share their favorite hacker toys.
These are the gadgets that spark their curiosity and inspire experimentation.
Tod Beardsley’s pick: WiFi Pineapple #
The WiFi Pineapple is a portable wireless auditing platform for exploring the behavior and security of Wi-Fi networks. It can detect rogue access points, capture packets, identify client vulnerabilities, and emulate various wireless attack scenarios. It’s extremely flexible, making it a go-to device for anyone interested in understanding how networks respond to untrusted or impersonated access points.
HD Moore’s pick: The Key Croc #
The Key Croc is a stealth USB keystroke logger disguised as a simple keyboard passthrough. Once connected, it records keystrokes, triggers payloads when specific text patterns appear, and even provides remote shell access for deeper testing. It’s ideal for assessing how well systems defend against malicious USB peripherals — and it’s powerful enough to bypass certain input-approval prompts on modern OSes.
HD Moore’s second pick: The Hacker Pager (by Amir) #
Built by Amir and the exploitee.rs collective, the Hacker Pager is a fully open-source, retro-style wireless communicator powered by Meshtastic and LoRa. It creates its own off-grid mesh network for peer-to-peer messaging (no cell towers, Wi-Fi, or infrastructure needed). With its built-in LCD screen, LoRa radio, ESP32-S3 processor, and SD card support, it works as both a standalone communicator and a playground for experimenting with long-range wireless tech. It can capture and log LoRa traffic, run spectrum scans, be customized down to the firmware and UIK, and even play CHIP-8 games.
Matthew Kienow’s pick: 4-Port UART Adapter #
UART adapters are essential tools for hardware exploration. A 4-port UART board makes it easy to connect to serial consoles on IoT devices, routers, embedded boards, and anything hiding behind a debug header. With it, researchers can intercept boot logs, recover bricked systems, dump firmware, and uncover hidden menus. It’s simple, inexpensive, and endlessly useful for hardware reverse engineering.
Matthew Kienow’s other go-to: Shodan.io #
Alongside his hardware tools, Matthew also relies heavily on Shodan. Shodan.io scans the global internet and indexes exposed devices, services, and protocols—from forgotten RDP servers to ICS equipment. It’s an invaluable resource for mapping real-world attack surfaces, spotting configuration mistakes, and tracking exposure trends across industries. If it’s online, Shodan probably knows about it.
Want to win your own hacker gear? #
We’re closing out the year with runZero Hour Episode 25: The Holiday Hackstravaganza on Wednesday, December 17 at 1PM ET / 10AM PT and we’re giving away three $200 Hak5 gift cards live during the event.
Just show up, join our trivia, and drop the fastest correct answer in the chat.
We’ll look back at 2025’s wildest vulnerabilities, share runZero research highlights and feature releases, make some predictions for 2026, and bring in a few familiar guests for sharp insights, good humor, and a bit of holiday chaos.
