The Largest Hub of Cybersecurity Tools
Explore 2911 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
TRENDING CATEGORIES
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
LATEST ADDITIONS
Cloud security project focusing on discovering and protecting privileged entities in AWS and Azure environments.
Cloud security project focusing on discovering and protecting privileged entities in AWS and Azure environments.
Official repository of YARA rules for threat detection and hunting
Official repository of YARA rules for threat detection and hunting
Repository containing MITRE ATT&CK and CAPEC datasets in STIX 2.0 for cybersecurity threat modeling.
Repository containing MITRE ATT&CK and CAPEC datasets in STIX 2.0 for cybersecurity threat modeling.
Online hacking game with realistic hacking experience and player interaction.
Online hacking game with realistic hacking experience and player interaction.
A tool for reverse engineering Android apk files.
Bmaptool is a project no longer maintained by Intel, users are advised to create their own fork for ongoing use.
Bmaptool is a project no longer maintained by Intel, users are advised to create their own fork for ongoing use.
Maltiverse automates Threat Intelligence for small and medium-sized SecOps teams, providing an effective and affordable service.
Maltiverse automates Threat Intelligence for small and medium-sized SecOps teams, providing an effective and affordable service.
Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.
Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.
A repository of CTF source files and write-ups from 2015, addressing common issues in CTF write-ups.
A repository of CTF source files and write-ups from 2015, addressing common issues in CTF write-ups.
Python-based extension for integrating a Yara scanner into Burp Suite for on-demand website scans based on custom rules.
Python-based extension for integrating a Yara scanner into Burp Suite for on-demand website scans based on custom rules.
ENISA Training Resources offers online training material for cybersecurity specialists, covering technical and artefact analysis fundamentals.
ENISA Training Resources offers online training material for cybersecurity specialists, covering technical and artefact analysis fundamentals.
An open-source penetration testing framework for social engineering with custom attack vectors.
An open-source penetration testing framework for social engineering with custom attack vectors.
Cheat sheet with common enumeration and attack methods for Windows Active Directory.
Cheat sheet with common enumeration and attack methods for Windows Active Directory.
A NodeJS/Typescript library for generating IAM Policy Actions Statements for AWS CDK with predefined constants and a factory class.