The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A Burp intruder extender for automating and validating XSS vulnerabilities
A Burp intruder extender for automating and validating XSS vulnerabilities
A tool that uses NLP and ML to identify potential software vulnerabilities from git commit messages
A tool that uses NLP and ML to identify potential software vulnerabilities from git commit messages
A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.
A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.
A fast and reliable port scanner for attack surface discovery
CloudScraper is a tool for enumerating cloud resources, including S3 Buckets, Azure Blobs, and Digital Ocean Storage Space.
CloudScraper is a tool for enumerating cloud resources, including S3 Buckets, Azure Blobs, and Digital Ocean Storage Space.
A correlated injection proxy tool for XSS Hunter
Open Redirection Analyzer
A repository containing material from a talk on sub-domain enumeration techniques
A repository containing material from a talk on sub-domain enumeration techniques
Converts the format of various S3 buckets for bug bounty and security testing.
Converts the format of various S3 buckets for bug bounty and security testing.
A tool that recovers passwords from pixelized screenshots
A command-line tool for identifying NoSQL injection vulnerabilities in MongoDB databases
A command-line tool for identifying NoSQL injection vulnerabilities in MongoDB databases
A tool for scanning Adobe Experience Manager instances for potential security vulnerabilities
A tool for scanning Adobe Experience Manager instances for potential security vulnerabilities
A tool to identify publicly accessible S3 objects
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
A cross-platform web fuzzer written in Nim
A tool for testing subdomain takeover possibilities at a mass scale.
A subdomain enumeration tool for bug hunting and pentesting
A multi-tool for subdomain enumeration
A code scanning tool that detects and prevents secrets like API keys and credentials from being committed to source code repositories.
A code scanning tool that detects and prevents secrets like API keys and credentials from being committed to source code repositories.