The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A module-based AWS response tool for incident response in AWS environments.
A module-based AWS response tool for incident response in AWS environments.
Check if a domain is in the Alexa or Cisco top one million domain list.
Check if a domain is in the Alexa or Cisco top one million domain list.
Open-source universal secret manager for developers with seamless integration to various cloud services and vaults.
Open-source universal secret manager for developers with seamless integration to various cloud services and vaults.
A framework for reverse engineering Flutter apps with modified Flutter library for dynamic analysis and traffic monitoring.
A framework for reverse engineering Flutter apps with modified Flutter library for dynamic analysis and traffic monitoring.
NodeGoat provides an environment to learn and address OWASP Top 10 security risks in Node.js web applications.
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
A collection of security vulnerabilities in regular expressions used in WAFs with a focus on bypass examples and high severity issues.
A PoC tool for generating Excel files with embedded macros without using Excel.
A PoC tool for generating Excel files with embedded macros without using Excel.
A comprehensive cheat sheet for Windows and Linux terminals and command lines, covering essential commands and syntax for various tasks.
A comprehensive cheat sheet for Windows and Linux terminals and command lines, covering essential commands and syntax for various tasks.
A microservice for string padding to prevent global issues like the left-pad incident.
A microservice for string padding to prevent global issues like the left-pad incident.
CrackMapExec (CME) - A tool for querying internal database for host and credential information in cybersecurity.
CrackMapExec (CME) - A tool for querying internal database for host and credential information in cybersecurity.
A blog post about bypassing AppLocker using PowerShell diagnostic scripts
A blog post about bypassing AppLocker using PowerShell diagnostic scripts
OSSEC is a versatile HIDS known for its powerful log analysis and intrusion detection capabilities.
OSSEC is a versatile HIDS known for its powerful log analysis and intrusion detection capabilities.
A security feature to prevent unexpected manipulation of fetched resources.
A security feature to prevent unexpected manipulation of fetched resources.
Collection of recent infosec/hacking videos from conferences.
Collection of recent infosec/hacking videos from conferences.
Command line interface for managing and inspecting images, policies, subscriptions, and registries with support for various operating systems and packages.
Command line interface for managing and inspecting images, policies, subscriptions, and registries with support for various operating systems and packages.
Leading provider of free cybersecurity training resources
Brian Krebs is a cybersecurity journalist and blogger, known for his in-depth reporting on cybercrime and cybersecurity issues.
Brian Krebs is a cybersecurity journalist and blogger, known for his in-depth reporting on cybercrime and cybersecurity issues.
Enables code injection into Mac OS X processes with detailed version history and contributing guidelines.
Enables code injection into Mac OS X processes with detailed version history and contributing guidelines.