The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Find exploits in local and online databases instantly
A powerful directory/file, DNS and VHost busting tool written in Go.
A fast and simple recursive content discovery tool
Monitor GitHub for sensitive data
A collection of XSS payloads designed to turn alert(1) into P1
A collection of XSS payloads designed to turn alert(1) into P1
An open-source attack surface management platform for identifying and managing vulnerabilities
An open-source attack surface management platform for identifying and managing vulnerabilities
A Python-based tool for identifying and exploiting file inclusion and directory traversal vulnerabilities in web applications.
A Python-based tool for identifying and exploiting file inclusion and directory traversal vulnerabilities in web applications.
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
A multi-threaded scanner for identifying CORS flaws and misconfigurations
A multi-threaded scanner for identifying CORS flaws and misconfigurations
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A fast and simple DOM based XSS vulnerability scanner
A scripting engine for interacting with GraphQL endpoints for pentesting purposes.
A scripting engine for interacting with GraphQL endpoints for pentesting purposes.
A simple snippet to increment ../ on the URL.
A local file inclusion exploitation tool
A small script to check a list of domains against open redirect vulnerability
A small script to check a list of domains against open redirect vulnerability
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
A collection of payloads and methodologies for web pentesting.
A collection of payloads and methodologies for web pentesting.
A golang utility to spider through a website searching for additional links.
A golang utility to spider through a website searching for additional links.
Automate the exploitation of XXE vulnerabilities