<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Shlok Shah</title>
    <description>The latest articles on DEV Community by Shlok Shah (@shlokkokk).</description>
    <link>https://dev.to/shlokkokk</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F4035042%2Fddc36cb4-5b74-48a6-9680-932c3a866553.jpg</url>
      <title>DEV Community: Shlok Shah</title>
      <link>https://dev.to/shlokkokk</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/shlokkokk"/>
    <language>en</language>
    <item>
      <title>I was tired of studying security tools from static cheatsheets, so I built ShellStack</title>
      <dc:creator>Shlok Shah</dc:creator>
      <pubDate>Sat, 18 Jul 2026 09:41:35 +0000</pubDate>
      <link>https://dev.to/shlokkokk/i-was-tired-of-studying-security-tools-from-static-cheatsheets-so-i-built-shellstack-46d6</link>
      <guid>https://dev.to/shlokkokk/i-was-tired-of-studying-security-tools-from-static-cheatsheets-so-i-built-shellstack-46d6</guid>
      <description>&lt;h2&gt;
  
  
  I was tired of studying security tools from static cheatsheets, so I built ShellStack
&lt;/h2&gt;

&lt;p&gt;When I started prepping for CEH and doing more CTFs, I ran into the same wall over and over: every resource for learning offensive security tools was either a wall of text in a PDF, a GitHub gist with no context, or a cheatsheet that assumed you already knew what half the flags did.&lt;/p&gt;

&lt;p&gt;I didn't want notes. I wanted something that felt like sitting at an actual terminal — where I could browse tools, see real commands with context, and build the exact command I needed without digging through five tabs.&lt;/p&gt;

&lt;p&gt;So I built &lt;strong&gt;ShellStack&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;🔗 Live: &lt;a href="https://shell-stack.vercel.app/" rel="noopener noreferrer"&gt;https://shell-stack.vercel.app/&lt;/a&gt;&lt;br&gt;
💻 Code: &lt;a href="https://github.com/shlokkokk/ShellStack" rel="noopener noreferrer"&gt;https://github.com/shlokkokk/ShellStack&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  What it actually does
&lt;/h3&gt;

&lt;p&gt;ShellStack is a cybersecurity study platform built around one idea: learning security tools should feel operational, not passive.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;280+ curated offensive security tools&lt;/strong&gt;, organized into 19 categories, each with deep-dive docs — commands, common flags, when to use it, installation notes, and real examples&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Interactive command builders&lt;/strong&gt; — instead of memorizing flag combos, you fill in a form and get a ready-to-copy command generated live&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;20 CEH-aligned learning modules&lt;/strong&gt;, built for structured study instead of flipping through slides&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;1,000+ command cheat sheet&lt;/strong&gt; with fast search and one-click copy&lt;/li&gt;
&lt;li&gt;A terminal-inspired UI that actually feels like a cyber-ops console instead of another docs site&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  The build
&lt;/h3&gt;

&lt;p&gt;Stack: &lt;strong&gt;React 19, TypeScript, Vite, Tailwind CSS, GSAP, React Router, Radix UI primitives&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;A few things I focused on:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Search that actually ranks results.&lt;/strong&gt; Early on, tool search was just naive string matching, which meant typing "nmap" could bury the actual Nmap entry under ten unrelated tools that happened to mention it in a description. I rebuilt it to weight exact and prefix matches higher, so the tool you're looking for shows up first, not buried on page 3.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Command builders that don't feel like a form.&lt;/strong&gt; The tricky part wasn't the UI, it was designing a data model that could represent wildly different tools (a text-flag-heavy tool like Nmap vs. a mostly-positional-args tool) without a special case for every single one. Each tool's builder config lives in its own data file, so adding a new interactive tool doesn't mean touching the builder logic itself.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Content as data, not hardcoded pages.&lt;/strong&gt; All 280+ tools and 20 CEH modules live in structured data files (&lt;code&gt;src/data/tools/&lt;/code&gt;, &lt;code&gt;src/data/modules/&lt;/code&gt;), not scattered across component files. This means the entire tool directory, cheat sheet, and CEH explorer all pull from the same source of truth — adding a new tool is a data entry, not a new component.&lt;/p&gt;

&lt;h3&gt;
  
  
  What's next
&lt;/h3&gt;

&lt;p&gt;I'm still refining the command builder UX — it works, but I'm not 100% sure it's intuitive for someone seeing it cold. If you try it out, I'd genuinely love to know where it trips you up.&lt;/p&gt;

&lt;p&gt;Also planning to expand the CEH module coverage and add a few more interactive builders for tools that currently only have static command references.&lt;/p&gt;

&lt;h3&gt;
  
  
  Try it
&lt;/h3&gt;

&lt;p&gt;If you're studying for CEH, doing CTFs, or just want a faster way to look up a tool's flags without leaving your browser tab, take it for a spin:&lt;/p&gt;

&lt;p&gt;🔗 &lt;a href="https://shell-stack.vercel.app/" rel="noopener noreferrer"&gt;https://shell-stack.vercel.app/&lt;/a&gt;&lt;br&gt;
⭐ Star it on GitHub if it's useful: &lt;a href="https://github.com/shlokkokk/ShellStack" rel="noopener noreferrer"&gt;https://github.com/shlokkokk/ShellStack&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Feedback, issues, and PRs are all welcome — this is very much a living project.&lt;/p&gt;

</description>
      <category>security</category>
      <category>react</category>
      <category>typescript</category>
      <category>showdev</category>
    </item>
  </channel>
</rss>
