Hello Reader,

I'm excited to share some news today—Evan Anderson, who you might recognize from our Vibe Coding livestreams, has just launched a new product: Puck!

Puck (available at puck.tools) is the result of Evan’s 20 years in cybersecurity, including extensive experience in offensive operations and advanced red team deployments. At its core, Puck simulates a threat actor within your network with one simple mission: to get back home.

But let’s be clear—Puck isn’t an automated pentesting framework, a vulnerability scanner, or an attack surface mapping tool. It does just one thing, and it does it exceptionally well: it tests your network's egress controls. Using a wide array of protocols, techniques, and methods—much like a sophisticated command-and-control (C2) tool or real-world threat actor—Puck tries to reach out. If it succeeds, it reports back with the exact methods that worked, alerting you to any changes that may have weakened your defenses.

Puck is especially valuable in environments that require strict segmentation, such as PCI-regulated networks and other high-security zones where internet access is supposed to be tightly controlled. It can be deployed either as a virtual machine or a physical device, running continuously to ensure you're immediately aware of any egress violations caused by network changes.

Check it out at puck.tools—I genuinely think it’s a fantastic tool!