Tools are the things that can be used in an attack such as specialized software, hardware, or items and characteristics. Techniques are the ways that the tools are employed in order to achieve a goal. Procedures are the step-by-step actions needed to use a tool as part of a technique.
In cyberwarfare, there is a never-ending wealth of tools and tricks that both attackers and defenders employ to frustrate and defeat their opponents. Both attackers and defenders need to understand and employ many, many tools in order to be successful. Attackers need tools for recon, scanning, gaining access, lateral movement, data exfiltration and covering their tracks; and for each tool the attackers might use, the defenders need a comparable tool to counter-act it. Tools aren’t the whole game, though: a lot of security comes through techniques and procedures. Techniques such as spam filtering on incoming emails and procedures such as manually checking an email sender’s address before clicking can thwart attackers’ plots just as well as any tool can.