The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A medium interaction printer honeypot that simulates a standard networked printer
A medium interaction printer honeypot that simulates a standard networked printer
An open-source shellcode and PE packer for creating and managing portable executable files.
An open-source shellcode and PE packer for creating and managing portable executable files.
APT Simulator is a tool for simulating a compromised system on Windows.
APT Simulator is a tool for simulating a compromised system on Windows.
A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.
A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.
A setuid implementation of a subset of user namespaces, providing a way to run unprivileged containers without requiring root privileges.
A setuid implementation of a subset of user namespaces, providing a way to run unprivileged containers without requiring root privileges.
FunctionShield is a Serverless Security Library for Developers to enforce strict security controls on AWS Lambda & Google Cloud Functions runtimes.
FunctionShield is a Serverless Security Library for Developers to enforce strict security controls on AWS Lambda & Google Cloud Functions runtimes.
A Django web interface for managing Yara rules with features like search, categorization, and bulk edits.
A Django web interface for managing Yara rules with features like search, categorization, and bulk edits.
A software utility with forensic tools for smartphones, offering powerful data extraction and decoding capabilities.
A software utility with forensic tools for smartphones, offering powerful data extraction and decoding capabilities.
Repository for IBM SOAR Apps source-code and development resources.
Repository for IBM SOAR Apps source-code and development resources.
An open source project for static analysis of vulnerabilities in application containers
An open source project for static analysis of vulnerabilities in application containers
Simple script to check a domain's email protections and identify vulnerabilities.
Simple script to check a domain's email protections and identify vulnerabilities.
A modular and script-friendly multithread bruteforcer for managing task parameters in Python scripts.
A modular and script-friendly multithread bruteforcer for managing task parameters in Python scripts.
BotScout.com provides proactive bot detection, screening, and banning through a powerful API.
BotScout.com provides proactive bot detection, screening, and banning through a powerful API.
WackoPicko is a vulnerable website with known vulnerabilities, now available as a Docker image and included in the OWASP Broken Web Applications Project.
WackoPicko is a vulnerable website with known vulnerabilities, now available as a Docker image and included in the OWASP Broken Web Applications Project.
Open-source cloud-agnostic resource manager for analyzing and managing cloud cost, usage, security, and governance.
Open-source cloud-agnostic resource manager for analyzing and managing cloud cost, usage, security, and governance.
A leading cybersecurity podcast network offering in-depth discussions on current security trends and insights.
A leading cybersecurity podcast network offering in-depth discussions on current security trends and insights.
Sysreptor provides a customizable security reporting solution for penetration testers and red teamers.
Sysreptor provides a customizable security reporting solution for penetration testers and red teamers.
Search AWS CloudWatch logs on the command line with aws-sdk-for-go.
A Node.js Ebook by GENTILHOMME Thomas, covering Node.js development and resources
A Node.js Ebook by GENTILHOMME Thomas, covering Node.js development and resources
Docker's Actuary automates security best-practices checks for Docker containers.
Docker's Actuary automates security best-practices checks for Docker containers.
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
hpfeeds is a lightweight authenticated publish-subscribe protocol with Python 3 compatible broker and client.
A full featured script to visualize statistics from a Shockpot honeypot, based on Kippo-Graph and utilizing various PHP libraries.
A full featured script to visualize statistics from a Shockpot honeypot, based on Kippo-Graph and utilizing various PHP libraries.