Suppose you are a non-technical leader in security. In that case, I strongly recommend at least reading about the tools your teams and others in the field use so you understand the context of the capabilities and limitations of your controls. I’m not suggesting that you know the tools in depth (although that would be great), but at least understand the concepts. It’s similar to driving a car. You don’t have to know how every part of the car works, but you understand the concepts at a high level, which allows you to be a better driver.

I spent the evenings this week relearning technical tools such as Nmap, Burp Suite, PowerShell, and others. The time spent was well worth it as I refreshed my skills and awareness of their capabilities (always be learning.)

Don’t know where to start? Try Wikipedia, and you’ll get the overview you need to have the basics down. There are many tools out there, here are some tools to begin with:

NMAP
WireShark
Nessus
Kali Linux
Metasploit
John the Ripper
many others…