A sentimental tour of late 1990s and early 2000s hacking tools
speckx
60 points
22 comments
May 13, 2026
Related Discussions
Found 5 related stories in 89.6ms across 8,303 title embeddings via pgvector HNSW
- Random musings: 80s hardware, cyberdecks speckx · 28 pts · April 17, 2026 · 51% similar
- Show HN: Modembin – A pastebin that encodes your text into real FSK modem audio a13x57 · 12 pts · March 03, 2026 · 49% similar
- Show HN: Modembin – A pastebin that encodes your text into real FSK modem audio a13x57 · 24 pts · March 06, 2026 · 49% similar
- The Claude Code Source Leak: fake tools, frustration regexes, undercover mode alex000kim · 1057 pts · March 31, 2026 · 49% similar
- A 6502 disassembler with a TUI: A modern take on Regenerator wslh · 14 pts · March 20, 2026 · 49% similar
Discussion Highlights (16 comments)
deweywsu
What, no mention of SoftIce or IDA? What about W32Dasm? OllyDBG? Even WinDbg has a place.
rickcarlino
Your ads are out of control.
tptacek
I'm sure language issues motivated the choice but I think this would be a lot more pleasant to read in your own voice and not in an LLMs. It reads pretty slick and magaziney.
JohnMakin
> Beyond pure operations, IRC was also a social space with its own culture, rituals, and hierarchy. You proved yourself by sharing information, by having access to tools before others did, by being present when something interesting happened. The channels were chaotic, frequently toxic, and also a brutal apprenticeship in network security for anyone who could not afford a conference ticket. Many people who are now respected professionals in DFIR, threat intelligence, and red teaming learned the fundamentals there. toxic indeed - I somehow ended up in IRC channels as a curious, lonely ten year old with a computer and parents that frequently confined me to my room with nothing but a computer, an internet connection (which they thought could only be used for email), and books. One of my more formative experiences was getting my pc pwned, getting so upset about it, I resolved to learn everything I could get my hands about it in my teens. Never got super far as some did, but that curiosity sparked in me a drive that has lasted nearly 30 years now.
pavel_lishin
I remember looking up, or maybe even using? Back Orifice in the high school library, and the librarian being somewhat scandalized by the logo, thinking I was looking at porn.
Terr_
Oh man, this is all one solid block of "I remember that!" nostalgia. For example, in the late 90s I volunteered in a DALNet support channel, helping people diagnose and remove exactly those infections. [0] We had a hard policy of never going "I'll connect to it and remove it for you." Sure, it could be quicker, but it would also be legally problematic, especially if the person seeking help was actually an impersonator. [0] I admit, I harmlessly pranked one very close friend with a CD-ROM tray that kept moving "on its own". And pointed out some weak passwords to school IT...
nobleach
I read Hacking Exposed around that time period. Up until then, my only "hacking" experience was with AOHell and everything that came along with that. It was interesting, but I wasn't really into the idea of trying to use CreditWiz to increase my odds of prison time. (I was a kid, I thought everything would lead to prison). Back Orifice just seemed like a great sysadmin tool!
schnitzelstoat
I remember SubSeven and John The Ripper. I’m not even sure why I had them as a kid, I never managed to actually use them.
Hasz
Aw man, what about hashcat or LOIC? Maybe a bit too new for this article https://en.wikipedia.org/wiki/Low_Orbit_Ion_Cannon
j_walter
I loved L0phtCrack...
user3939382
I hoped to see more coverage of progz and punters. BlackIce. hackers.com used to have a cool section with all of these tools from attrition, cdc. Packetstorm security back in the day. Good times.
myself248
The best thing when someone sent me a sub7 or BO dropper, was to immediately rename the extension (so I wouldn't accidentally execute it), then open it up in a file viewer and skip to the end. Both programs just appended their configuration variables to the end of the executable file. Which meant I now knew what port and password the sender was expecting to connect to me with. However, most of them were skids, and had inadvertently executed their own dropper on their own machine at some point. And I knew their IP from the DCC. Which meant I now knew what port and password to connect back to them with...
repple
tangentially related, but The Scene was a fun mini series https://youtube.com/playlist?list=PLC2FCB2871C396459&si=stCC...
hattmall
Netbus was everywhere. I would just scan random subnets and find open servers. I had one file bundled with a subseven server that somehow got passed around extensively to the point that I was constantly getting ICQ notifications of people being online that I had no idea who they were. One of my favorite tools though was the Munga Bunga HTTP brute forcer. Uncovered tons of awesome hidden parts of websites. Also the trick where you could specify a domaing like https://freemoneygiveaway.hotmail.com@192.168.1.1 or whatever and people would think it was some legitimate Hotmail thing and dump in their credentials.
richstokes
It was the Wild West back then. Good times!
optymizer
I left this scene many years ago. The article brought back memories and curiosity. What does today's scene look like?