The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Platform offering cybersecurity courses for Red, Blue, and Purple Teamers by Picus.
Platform offering cybersecurity courses for Red, Blue, and Purple Teamers by Picus.
CLI program for cybersecurity solution management with multiple functionalities and authentication methods.
CLI program for cybersecurity solution management with multiple functionalities and authentication methods.
A command line tool for transparently hiding files within images using LSB steganography.
A command line tool for transparently hiding files within images using LSB steganography.
Dynamic binary analysis library with various analysis and emulation capabilities.
Dynamic binary analysis library with various analysis and emulation capabilities.
Utility that exposes TLS certificate expiry as Prometheus metrics.
Utility that exposes TLS certificate expiry as Prometheus metrics.
kube-hunter hunts for security weaknesses in Kubernetes clusters.
kube-hunter hunts for security weaknesses in Kubernetes clusters.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
A tool that finds more information about a given URL or domain by querying multiple data sources.
A tool that finds more information about a given URL or domain by querying multiple data sources.
Intercepts and examines mobile app connections by stripping SSL/TLS layer.
Intercepts and examines mobile app connections by stripping SSL/TLS layer.
Deliberately vulnerable web application for security professionals to practice attack techniques.
Deliberately vulnerable web application for security professionals to practice attack techniques.
Copy executables with execute, but no read permission on Unix systems.
Scan the internet for publicly exposed network components
Scan the internet for publicly exposed network components
A tool for mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
A tool for mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
A tool for discovering and enumerating external attack surfaces
A project that uses Athena and EventBridge to investigate API activity and notify of actions for incident response and misconfiguration detection.
A project that uses Athena and EventBridge to investigate API activity and notify of actions for incident response and misconfiguration detection.
Load-balancing solution by Microsoft Azure with global infrastructure and financial guidance.
Load-balancing solution by Microsoft Azure with global infrastructure and financial guidance.
Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable fixes.
Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable fixes.
Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.
Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.
A log management solution that optimizes SIEM performance, provides rapid search and troubleshooting, and meets compliance requirements.
A log management solution that optimizes SIEM performance, provides rapid search and troubleshooting, and meets compliance requirements.
A PHP library for secure data encryption with easy-to-use API.
A collection of lab scripts and files for learning about containers and container internals.
A collection of lab scripts and files for learning about containers and container internals.
Comprehensive tutorial series on ARM Assembly covering various topics.
A defense-in-depth security automation and monitoring framework utilizing threat intelligence, machine learning, and serverless technologies.
A defense-in-depth security automation and monitoring framework utilizing threat intelligence, machine learning, and serverless technologies.
