The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Comprehensive documentation for ThreatConnect's REST API and SDKs.
Comprehensive documentation for ThreatConnect's REST API and SDKs.
Interactive incremental disassembler with data/control flow analysis capabilities.
Interactive incremental disassembler with data/control flow analysis capabilities.
A Java API for searching and downloading Android applications from Google Play with additional check-in features for generating ANDROID-ID.
A Java API for searching and downloading Android applications from Google Play with additional check-in features for generating ANDROID-ID.
A sophisticated npm attack attributed to North Korean threat actors, targeting technology firms and their employees.
A sophisticated npm attack attributed to North Korean threat actors, targeting technology firms and their employees.
Krakatau provides an assembler and disassembler for Java bytecode, supporting conversion, creation, examination, comparison, and decompilation of Java binaries.
Krakatau provides an assembler and disassembler for Java bytecode, supporting conversion, creation, examination, comparison, and decompilation of Java binaries.
A tool to locally check for signs of a rootkit with various checks and tests.
A tool to locally check for signs of a rootkit with various checks and tests.
Nessus efficiently scans for system vulnerabilities, misconfigurations, and compliance issues.
Nessus efficiently scans for system vulnerabilities, misconfigurations, and compliance issues.
A powerful tool for hiding the true location of your Teamserver, evading detection from Incident Response, redirecting users, blocking specific IP addresses, and managing Malleable C2 traffic in Red Team engagements.
A powerful tool for hiding the true location of your Teamserver, evading detection from Incident Response, redirecting users, blocking specific IP addresses, and managing Malleable C2 traffic in Red Team engagements.
A Bash completion script for Android command-line tools
A nonprofit security organization that collects and shares threat data to make the Internet more secure.
A nonprofit security organization that collects and shares threat data to make the Internet more secure.
A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.
A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.
A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL
A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL
An online hash checker utility that retrieves information from various online sources, including Virustotal, HybridAnalysis, and more.
An online hash checker utility that retrieves information from various online sources, including Virustotal, HybridAnalysis, and more.
Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.
Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.
A library to access the Extensible Storage Engine (ESE) Database File (EDB) format used in various Windows applications.
A library to access the Extensible Storage Engine (ESE) Database File (EDB) format used in various Windows applications.
Cutting-edge open-source security tools for adversary simulation and threat hunting.
Cutting-edge open-source security tools for adversary simulation and threat hunting.
FlowDroid is a context-, flow-, field-, object-sensitive and lifecycle-aware static taint analysis tool for Android applications.
FlowDroid is a context-, flow-, field-, object-sensitive and lifecycle-aware static taint analysis tool for Android applications.
An open-source Python software for creating honeypots and honeynets securely.
An open-source Python software for creating honeypots and honeynets securely.
Fast suspicious file finder for threat hunting and live forensics.
Fast suspicious file finder for threat hunting and live forensics.
DroidBox is a tool for dynamic analysis of Android applications, providing insights into package behavior and security.
DroidBox is a tool for dynamic analysis of Android applications, providing insights into package behavior and security.
A simple Elasticsearch honeypot to catch attackers exploiting RCE vulnerabilities.
A simple Elasticsearch honeypot to catch attackers exploiting RCE vulnerabilities.
Comprehensive suite of tools and resources by Microsoft Azure for ensuring security and protection of data and applications in the cloud.
Comprehensive suite of tools and resources by Microsoft Azure for ensuring security and protection of data and applications in the cloud.
SSLyze is a fast and powerful SSL/TLS scanning tool and Python library with a focus on speed, reliability, and ease of integration.
SSLyze is a fast and powerful SSL/TLS scanning tool and Python library with a focus on speed, reliability, and ease of integration.