The Largest Hub of Cybersecurity Tools
Explore 2944 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
TRENDING CATEGORIES
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
Real-time, eBPF-based Security Observability and Runtime Enforcement component
Real-time, eBPF-based Security Observability and Runtime Enforcement component
A browser with XSS detection capabilities
FTP Honeypot tool with FTP + SSL-FTP features, used for catching credentials and malware files, distributing honeytoken files, and generating SSL certificates.
A yara module for searching strings inside zip files
Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.
Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.
A multi-threading tool for sniffing HTTP header records with support for offline and live sniffing, TCP flow statistics, and JSON output.
A multi-threading tool for sniffing HTTP header records with support for offline and live sniffing, TCP flow statistics, and JSON output.
Comprehensive cheat sheet for SQLite SQL injection techniques and payloads.
Comprehensive cheat sheet for SQLite SQL injection techniques and payloads.
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
A collection of tools for forensics teams to collect evidence from cloud platforms
A collection of tools for forensics teams to collect evidence from cloud platforms
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool powered by Shodan.
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool powered by Shodan.
A tool that automatically audits website security by crawling an entire website and identifying vulnerabilities
A tool that automatically audits website security by crawling an entire website and identifying vulnerabilities
A low-interaction honeypot for detecting and analyzing potential attacks on Android devices via ADB over TCP/IP
A low-interaction honeypot for detecting and analyzing potential attacks on Android devices via ADB over TCP/IP
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.