The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Automate mass scanning of technologies used on websites
A tool for recursively querying webservers
A tool for enumerating subdomains of a given domain
A tool for finding and exploiting SQL injection vulnerabilities in web applications
A tool for finding and exploiting SQL injection vulnerabilities in web applications
A next-generation crawling and spidering framework for extracting data from websites
A next-generation crawling and spidering framework for extracting data from websites
WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.
WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.
A fast and multi-purpose HTTP toolkit for sending HTTP requests and parsing responses
A fast and multi-purpose HTTP toolkit for sending HTTP requests and parsing responses
A powerful XSS scanning and parameter analysis tool
A Python script to test the security of AWS S3 buckets
A multithreaded vulnerability scanner for web-based applications
A collection of tests for Local File Inclusion (LFI) vulnerabilities using Burp Suite.
A collection of tests for Local File Inclusion (LFI) vulnerabilities using Burp Suite.
Dalfox is a powerful open-source XSS scanner and utility focused on automation.
Dalfox is a powerful open-source XSS scanner and utility focused on automation.
A python tool for discovering endpoints, parameters, and wordlists in a given target
A python tool for discovering endpoints, parameters, and wordlists in a given target
Automated SSRF finder with options for XSS and open redirects
A tool for identifying potential security threats by fetching known URLs and filtering out URLs with open redirection or SSRF parameters.
A tool for identifying potential security threats by fetching known URLs and filtering out URLs with open redirection or SSRF parameters.
Fast passive subdomain enumeration tool
A tool for searching a Git repository for interesting content
A tool to fuzz query strings and identify vulnerabilities
A login cracker that can be used to crack many types of authentication protocols.
A login cracker that can be used to crack many types of authentication protocols.
InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection
InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection