The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Repository of pcap traces for evaluating Network Intrusion Detection Systems in HVAC systems.
Repository of pcap traces for evaluating Network Intrusion Detection Systems in HVAC systems.
ILSpy is the open-source .NET assembly browser and decompiler with various decompiler frontends and features.
ILSpy is the open-source .NET assembly browser and decompiler with various decompiler frontends and features.
A comprehensive guide to mobile application penetration testing, covering various topics and techniques
A comprehensive guide to mobile application penetration testing, covering various topics and techniques
FingerprintJS is a client-side browser fingerprinting library that provides a unique visitor identifier unaffected by incognito mode.
FingerprintJS is a client-side browser fingerprinting library that provides a unique visitor identifier unaffected by incognito mode.
Extracts resources (bitmaps, icons, cursors, AVI movies, HTML files, and more) from dll files
Extracts resources (bitmaps, icons, cursors, AVI movies, HTML files, and more) from dll files
Static code analysis tool for infrastructure as code (IaC) and software composition analysis (SCA) with over 1000 built-in policies for AWS, Azure, and Google Cloud.
Static code analysis tool for infrastructure as code (IaC) and software composition analysis (SCA) with over 1000 built-in policies for AWS, Azure, and Google Cloud.
A honeypot tool that simulates an open relay to capture and analyze spam
A honeypot tool that simulates an open relay to capture and analyze spam
A tool for processing compiled YARA rules in IDA.
A cybersecurity challenge where you play the role of an incident response consultant investigating an intrusion at Precision Widgets of North Dakota.
A cybersecurity challenge where you play the role of an incident response consultant investigating an intrusion at Precision Widgets of North Dakota.
A free, fast, and flexible multi-platform IOC and YARA scanner for Windows, Linux, and macOS.
Teaching Security provides educational resources and lessons for teaching cybersecurity concepts to high school students.
Teaching Security provides educational resources and lessons for teaching cybersecurity concepts to high school students.
An evolving how-to guide for securing a Linux server with detailed steps and explanations.
IT Security Guru provides up-to-date news and expert insights on a wide range of cybersecurity topics.
IT Security Guru provides up-to-date news and expert insights on a wide range of cybersecurity topics.
AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.
AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.
A proof of concept for using the SSM Agent in Fargate for incident response
A proof of concept for using the SSM Agent in Fargate for incident response
A collection of SQL injection cheat sheets for various databases
A collection of SQL injection cheat sheets for various databases
A tool for tracking, scanning, and filtering yara files with distributed scanning capabilities.
A tool for tracking, scanning, and filtering yara files with distributed scanning capabilities.
Pack up to 3MB of data into a tweetable PNG polyglot file.
Pack up to 3MB of data into a tweetable PNG polyglot file.
A hybrid mobile app for Android that intentionally contains vulnerabilities for testing and education
A hybrid mobile app for Android that intentionally contains vulnerabilities for testing and education
A PHP based web application for managing postmortems with pluggable features.
A PHP based web application for managing postmortems with pluggable features.
Cloud-based service for testing and analyzing Android and iOS apps for malware, vulnerabilities, and security threats.
Cloud-based service for testing and analyzing Android and iOS apps for malware, vulnerabilities, and security threats.
Python tool for monitoring user-select APIs in Android apps using Frida.
Python tool for monitoring user-select APIs in Android apps using Frida.
Monitor WMI consumers and processes for potential malicious activity
Monitor WMI consumers and processes for potential malicious activity
