The Largest Hub of Cybersecurity Tools
Explore 2944 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
TRENDING CATEGORIES
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
A robust Python implementation of TAXII Services with a friendly pythonic API.
A robust Python implementation of TAXII Services with a friendly pythonic API.
A modified version of OpenSSH deamon forwarding commands to Cowrie for logging brute force attacks and shell interactions.
SauronEye helps in identifying files containing sensitive data such as passwords through targeted directory searches.
SauronEye helps in identifying files containing sensitive data such as passwords through targeted directory searches.
An Active Defense framework for detecting and responding to phishing attacks in Office 365 Message Trace logs.
An Active Defense framework for detecting and responding to phishing attacks in Office 365 Message Trace logs.
Sysreptor provides a customizable reporting platform for pentesters and red teamers to efficiently document security assessments.
Sysreptor provides a customizable reporting platform for pentesters and red teamers to efficiently document security assessments.
A demonstration of a method to delete a locked executable or currently running file from disk.
A demonstration of a method to delete a locked executable or currently running file from disk.
Repository of automatically generated YARA rules from Malpedia's YARA-Signator with detailed statistics.
Repository of automatically generated YARA rules from Malpedia's YARA-Signator with detailed statistics.
Comprehensive host-survey tool for security checks in C#.
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
A project with Terraform and Ansible scripts to create an orchestrated BlueTeam Lab for testing attacks and forensic artifacts on Windows environment.
A project with Terraform and Ansible scripts to create an orchestrated BlueTeam Lab for testing attacks and forensic artifacts on Windows environment.
A pocket reference guide providing various options for navigating and pivoting through different environments and situations.
A pocket reference guide providing various options for navigating and pivoting through different environments and situations.
OpenEDR is an open-source platform enhancing cybersecurity through real-time detection and analysis of cyber threats.
OpenEDR is an open-source platform enhancing cybersecurity through real-time detection and analysis of cyber threats.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.
Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.