The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A simpler version of a honeypot that looks for connections from external parties and performs a specific action, usually blacklisting.
Acronis Cyber Protect is an integrated cybersecurity and data protection platform that provides comprehensive protection for businesses, service providers, and individuals.
Acronis Cyber Protect is an integrated cybersecurity and data protection platform that provides comprehensive protection for businesses, service providers, and individuals.
A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.
A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.
Fuzzapi is a Rails application with a user-friendly UI for API_Fuzzer gem and Docker setup.
A collaborative malware analysis framework with various features for automated analysis tasks.
A collaborative malware analysis framework with various features for automated analysis tasks.
A web application security testing platform that helps you test your knowledge on web application security through realistic scenarios with known vulnerabilities.
A web application security testing platform that helps you test your knowledge on web application security through realistic scenarios with known vulnerabilities.
HoneyThing is a honeypot for Internet of TR-069 things, emulating vulnerabilities and supporting TR-069 protocol.
HoneyThing is a honeypot for Internet of TR-069 things, emulating vulnerabilities and supporting TR-069 protocol.
A collection of detections for Panther SIEM with detailed setup instructions.
A collection of detections for Panther SIEM with detailed setup instructions.
GBHackers offers up-to-date cybersecurity news and insights, focusing on threats, vulnerabilities, and innovative defense strategies.
GBHackers offers up-to-date cybersecurity news and insights, focusing on threats, vulnerabilities, and innovative defense strategies.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.
Steganography brute-force utility with performance issues, deprecated in favor of stegseek.
Steganography brute-force utility with performance issues, deprecated in favor of stegseek.
Open source tool for generating YARA rules about installed software from a running OS.
Open source tool for generating YARA rules about installed software from a running OS.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
Kube-bench is a tool for checking Kubernetes security based on CIS Kubernetes Benchmark.
Kube-bench is a tool for checking Kubernetes security based on CIS Kubernetes Benchmark.
SecurityTrails API provides access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains for cyber forensics and investigations.
SecurityTrails API provides access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains for cyber forensics and investigations.
A simple, self-contained modular host-based IOC scanner for incident responders.
Honey-Pod for SSH that logs username and password tries during brute-force attacks.
GVfs is a userspace virtual filesystem implementation for GIO with various backends and features.
GVfs is a userspace virtual filesystem implementation for GIO with various backends and features.
Detect and warn about potential malicious behaviors in Android applications through static analysis.
Detect and warn about potential malicious behaviors in Android applications through static analysis.
jimi is an orchestration automation tool for multi-team collaboration and automation in IT/Security operations, Development, and CI/CD pipelines.
jimi is an orchestration automation tool for multi-team collaboration and automation in IT/Security operations, Development, and CI/CD pipelines.
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.
Vulnerability scanner for Linux/FreeBSD, written in Go, agent-less, informs users of vulnerabilities related to the system and affected servers.
Vulnerability scanner for Linux/FreeBSD, written in Go, agent-less, informs users of vulnerabilities related to the system and affected servers.
An open-source security tool that simulates network breaches by self-propagating across data centers to test organizational resilience against lateral movement attacks.
An open-source security tool that simulates network breaches by self-propagating across data centers to test organizational resilience against lateral movement attacks.