Cybersecurity is really hard, and I'm trying to make parts of it more accessible
Greetings indie hackers,
I am the creator of Cursed Tools - a product aimed at solving the complexity and frustrations related to cybersecurity investigations. The name comes from the “cursed” experience of juggling tools, virtual machines, data formats and messy notes in attempts to connect the dots.
I developed a product after drawing inspiration from a number of reddit posts showing frustrations with tools and observations from experience in dealing with forensics and incident response cases for both myself and peers of mine.
I've created an IH product page that tells the story of the product and shares a bit of the journey here - https://www.indiehackers.com/product/cursed-tools
I recognize the product is quite niche, but would love to get some thoughts on it from the community. You can visit it at https://cursed.tools
There were a lot of lessons along the way in building it from scratch, securing it, architecting it to scale, be privacy-oriented, have a good look and feel (UX) and many more. I'll be posting more about it over time to share the journey and the lessons learned from building a cybersecurity product as a solo founder.
I hope at minimum it can give you a glance into another industry vertical, which unfortunately has too much gatekeeping and is shrouded too often in mystery. Let me know what you think!
What you’re solving is the part of cybersecurity most people only discover during their first real incident response: the investigation isn’t hard because of threats, it’s hard because of tool entropy. If Cursed Tools helps analysts reduce context-switching between logs, disk images, and memory dumps, that’s already a huge win. IR is basically a race against cognitive overload, not just adversaries.
Really interesting project, Yordan!
As someone who has worked in corporate infrastructure and cybersecurity for many years, I completely relate to the “cursed” feeling of juggling multiple forensic tools, inconsistent data formats, and documentation chaos during investigations.
I appreciate your focus on simplifying that workflow — it’s something many professionals struggle with but rarely get right.
I’m curious how you approached scalability and data security in your architecture. Did you build everything from scratch or leverage existing open-source frameworks?
Great job turning frustration into innovation!
Thanks for sharing. It looks like you've put a lot of time and effort into building this!
A few questions I'm curious about:
I ask because I learned the hard way that understanding your exact customer is crucial. I learned this with SignalWhisperBot: I initially thought everyone would want transcription, but business users are much more willing to pay than casual users.
The cybersecurity space seems like it would have very specific buyer personas with different pain points.
Anyway, impressive technical execution!
Hey, thank you for the kind words! Those are some great questions and I have done a lot of thinking on them.
Right now I’m focused on getting it in front of different target audience groups, who are specialists that can benefit from the service. I shared it first for a quick preview with friends and former colleagues and got some thoughts from them. After, I published a post on Reddit - not to sell or advertise, but to get thoughts and feedback. I’m taking it slow at the start so I can monitor the service and respond tactfully to any feedback, comments or questions and fix any bugs.
The target customers as of now are security specialists and system administrators, as well as businesses that want to use the service as a self-hosted tool or for automation via API. And you are very right on the cybersecurity space having distinct personas. I’ve done plenty of research and experimentation has just started! I’ll be posting more on that matter soon.