The Largest Hub of Cybersecurity Tools
Explore 2944 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
TRENDING CATEGORIES
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
A PHP/MySQL web application designed to aid security professionals in testing their skills and tools in a legal environment.
A PHP/MySQL web application designed to aid security professionals in testing their skills and tools in a legal environment.
Real-time capture the flag (CTF) scoring engine for computer wargames with a fun game-like environment for learning cybersecurity skills.
Real-time capture the flag (CTF) scoring engine for computer wargames with a fun game-like environment for learning cybersecurity skills.
A Yara scanner for IMAP feeds and saved streams, extracting attachments and scanning them with chosen Yara rule files.
A Yara scanner for IMAP feeds and saved streams, extracting attachments and scanning them with chosen Yara rule files.
replayproxy allows you to 're-live' a HTTP session captured in a .pcap file, parsing HTTP streams, caching them, and starting a HTTP proxy to reply to requests with matching responses.
replayproxy allows you to 're-live' a HTTP session captured in a .pcap file, parsing HTTP streams, caching them, and starting a HTTP proxy to reply to requests with matching responses.
A framework for creating XNU based rootkits for OS X and iOS security research
Argus-SAF is a static analysis framework for security vetting Android applications.
Argus-SAF is a static analysis framework for security vetting Android applications.
Multi-cloud antivirus scanning API with CLAMAV and YARA support for AWS S3, Azure Blob Storage, and GCP Cloud Storage.
A comprehensive guide to incident response and computer forensics, covering the entire lifecycle of incident response and remediation.
A comprehensive guide to incident response and computer forensics, covering the entire lifecycle of incident response and remediation.
A comprehensive .NET post-exploitation library designed for advanced security testing.
A comprehensive .NET post-exploitation library designed for advanced security testing.
Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.
OCyara performs OCR on image files and scans them for matches to Yara rules, supporting Debian-based Linux distros.
OCyara performs OCR on image files and scans them for matches to Yara rules, supporting Debian-based Linux distros.
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
A pure Python parser for Windows Event Log files with access to File and Chunk headers, record templates, and event entries.