The Largest Collection of Cybersecurity Tools

Mandos

Commercial

Consulting

Checkmarx SCA

Commercial

Application Security

Orca Security

Commercial

Cloud Security

DryRun

Commercial

Application Security

LATEST ADDITIONS

• 

  CredMaster

  CredMaster enhances password spraying tactics with IP rotation to maintain anonymity and efficiency.

  0

  Free

  Offensive Security

  Password Spraying

  Share

  

  CredMaster

  CredMaster enhances password spraying tactics with IP rotation to maintain anonymity and efficiency.

  0

  Free

  Offensive Security

  Password Spraying
• 

  Silk Guardian

  An anti-forensic Linux Kernel Module kill-switch for USB ports.

  0

  Free

  Digital Forensics

  Linux

  Kernel Module

  Anti Forensic

  Usb Security

  Security Tool

  Share

  

  Silk Guardian

  An anti-forensic Linux Kernel Module kill-switch for USB ports.

  0

  Free

  Digital Forensics

  Linux

  Kernel Module

  Anti Forensic

  +2
• 

  AndroZoo

  A collection of Android Applications with malware analysis results

  0

  Free

  Malware Analysis

  Appsec

  Malware

  Antivirus

  Dataset

  Research

  Share

  

  AndroZoo

  A collection of Android Applications with malware analysis results

  0

  Free

  Malware Analysis

  Appsec

  Malware

  Antivirus

  +2
• 

  HASSH

  A Profiling Method for SSH Clients and Servers.

  0

  Free

  Network Security

  Ssh

  Brute Force

  Share

  

  HASSH

  A Profiling Method for SSH Clients and Servers.

  0

  Free

  Network Security

  Ssh

  Brute Force
• 

  Open Backup Extractor

  Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups.

  0

  Free

  Digital Forensics

  Ios

  Backup

  Macos

  Security

  Share

  

  Open Backup Extractor

  Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups.

  0

  Free

  Digital Forensics

  Ios

  Backup

  Macos

  +1
• 

  Operator Handbook: Red Team + OSINT + Blue Team Reference

  A detailed manual for cybersecurity professionals focusing on red team, OSINT, and blue team strategies.

  1

  Free

  Resources

  Red Team

  Osint

  Blue Team

  Share

  

  Operator Handbook: Red Team + OSINT + Blue Team Reference

  A detailed manual for cybersecurity professionals focusing on red team, OSINT, and blue team strategies.

  1

  Free

  Resources

  Red Team

  Osint

  Blue Team
• 

  Mystikal

  A macOS Initial Access Payload Generator for penetration testing and red teaming exercises.

  0

  Free

  Offensive Security

  Mac

  Macos

  Payload Generation

  Penetration Testing

  Red Team

  Share

  

  Mystikal

  A macOS Initial Access Payload Generator for penetration testing and red teaming exercises.

  0

  Free

  Offensive Security

  Mac

  Macos

  Payload Generation

  +2
• 

  Certbot

  Certbot is a free tool for automatically enabling HTTPS on websites using Let's Encrypt certificates.

  0

  Free

  IAM

  Ssl

  Tls

  Https

  Security

  Share

  

  Certbot

  Certbot is a free tool for automatically enabling HTTPS on websites using Let's Encrypt certificates.

  0

  Free

  IAM

  Ssl

  Tls

  Https

  +1
• 

  Webshell-Sniper

  A webshell manager via terminal for controlling web servers running PHP or MySQL.

  0

  Free

  Application Security

  Php

  Mysql

  Unix

  Terminal

  Web Server

  Share

  

  Webshell-Sniper

  A webshell manager via terminal for controlling web servers running PHP or MySQL.

  0

  Free

  Application Security

  Php

  Mysql

  Unix

  +2
• 

  Tcpreplay

  Tcpreplay is a network traffic editing and replay tool used for testing network devices and applications.

  0

  Free

  Network Security

  Network Security

  Tcpdump

  Network Traffic

  Packet Capture

  Network Testing

  Security Testing

  Share

  

  Tcpreplay

  Tcpreplay is a network traffic editing and replay tool used for testing network devices and applications.

  0

  Free

  Network Security

  Network Security

  Tcpdump

  Network Traffic

  +3
• 

  Zeek Analysis Tools (ZAT)

  Python package for processing and analyzing Zeek data with Pandas, scikit-learn, Kafka, and Spark, with offloading capabilities and improved data analysis features.

  0

  Free

  Specialized Security

  Aws

  Data Analysis

  Machine Learning

  Share

  

  Zeek Analysis Tools (ZAT)

  Python package for processing and analyzing Zeek data with Pandas, scikit-learn, Kafka, and Spark, with offloading capabilities and improved data analysis features.

  0

  Free

  Specialized Security

  Aws

  Data Analysis

  Machine Learning
• 

  Yara-Repo

  Collects Yara rules from over 150 free resources, a free alternative to Valhalla.

  0

  Free

  Malware Analysis

  Yara

  Rules

  Resources

  Script

  Collection

  Share

  

  Yara-Repo

  Collects Yara rules from over 150 free resources, a free alternative to Valhalla.

  0

  Free

  Malware Analysis

  Yara

  Rules

  Resources

  +2
• 

  OWASP TOP 10 Presentation

  A presentation about the OWASP Top 10, a list of the most critical security risks to web applications.

  0

  Free

  Vulnerability Management

  Owasp

  Web Application Security

  Security Risks

  Share

  

  OWASP TOP 10 Presentation

  A presentation about the OWASP Top 10, a list of the most critical security risks to web applications.

  0

  Free

  Vulnerability Management

  Owasp

  Web Application Security

  Security Risks
• 

  Incident Response Techniques for Ransomware Attacks

  A comprehensive guide to understanding and responding to modern ransomware attacks, covering incident response, cyber threat intelligence, and forensic analysis.

  0

  Free

  Resources

  Ransomware

  Incident Response

  Cyber Threat Intelligence

  Digital Forensics

  Share

  

  Incident Response Techniques for Ransomware Attacks

  A comprehensive guide to understanding and responding to modern ransomware attacks, covering incident response, cyber threat intelligence, and forensic analysis.

  0

  Free

  Resources

  Ransomware

  Incident Response

  Cyber Threat Intelligence

  +1
• 

  GitMiner

  A powerful tool for searching and scraping data from GitHub

  0

  Free

  Data Protection

  Github

  Search

  Scraping

  Data Mining

  Csv

  Json

  Share

  

  GitMiner

  A powerful tool for searching and scraping data from GitHub

  0

  Free

  Data Protection

  Github

  Search

  Scraping

  +3
• 

  Rexsser

  A Burp plugin for identifying potential vulnerabilities in web applications

  0

  Free

  Malware Analysis

  Appsec

  Bug Bounty

  Cve

  Security Research

  Vulnerability Scanning

  Xss

  Share

  

  Rexsser

  A Burp plugin for identifying potential vulnerabilities in web applications

  0

  Free

  Malware Analysis

  Appsec

  Bug Bounty

  Cve

  +3
• 

  Shell-Storm Repository

  A repository of CTF challenges and resources from various cybersecurity competitions.

  0

  Free

  Resources

  Ctf

  Ctf Challenges

  Cybersecurity

  Education

  Free Tools

  Learning

  Share

  

  Shell-Storm Repository

  A repository of CTF challenges and resources from various cybersecurity competitions.

  0

  Free

  Resources

  Ctf

  Ctf Challenges

  Cybersecurity

  +3
• 

  Kubernetes Goat

  Intentionally vulnerable Kubernetes cluster environment for learning and practicing Kubernetes security.

  0

  Free

  Resources

  Kubernetes

  Kubernetes Security

  Share

  

  Kubernetes Goat

  Intentionally vulnerable Kubernetes cluster environment for learning and practicing Kubernetes security.

  0

  Free

  Resources

  Kubernetes

  Kubernetes Security
• 

  DDE attack with PowerShell Empire

  Weaponize Word documents with PowerShell Empire using the Microsoft DDE exploit.

  0

  Free

  Offensive Security

  Powershell

  Empire

  Microsoft

  Payload

  Attack Vector

  Share

  

  DDE attack with PowerShell Empire

  Weaponize Word documents with PowerShell Empire using the Microsoft DDE exploit.

  0

  Free

  Offensive Security

  Powershell

  Empire

  Microsoft

  +2
• 

  Merlin

  Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang for efficient and secure communication.

  0

  Free

  Offensive Security

  C2

  Golang

  Post Exploitation

  Command And Control

  Share

  

  Merlin

  Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang for efficient and secure communication.

  0

  Free

  Offensive Security

  C2

  Golang

  Post Exploitation

  +1
• 

  Ranges – Cyber Warfare Range LLC

  A network of physical and online cyber warfare ranges for training and testing

  0

  Free

  Resources

  Cyber Range

  Cyber Security

  Share

  

  Ranges – Cyber Warfare Range LLC

  A network of physical and online cyber warfare ranges for training and testing

  0

  Free

  Resources

  Cyber Range

  Cyber Security
• 

  OWASP Juice Shop CTF Extension

  Node package for preparing CTF events with OWASP Juice Shop challenges for popular CTF frameworks.

  0

  Free

  Miscellaneous

  Ctf

  Owasp

  Share

  

  OWASP Juice Shop CTF Extension

  Node package for preparing CTF events with OWASP Juice Shop challenges for popular CTF frameworks.

  0

  Free

  Miscellaneous

  Ctf

  Owasp
• 

  Hack This Site

  A free, safe, and legal training ground for ethical hackers to test and expand their skills

  0

  Free

  Offensive Security

  Ctf

  Ethical Hacking

  Share

  

  Hack This Site

  A free, safe, and legal training ground for ethical hackers to test and expand their skills

  0

  Free

  Offensive Security

  Ctf

  Ethical Hacking
• 

  Tplmap

  Tplmap is a tool for detecting and exploiting server-side template injection vulnerabilities.

  0

  Free

  Malware Analysis

  Appsec

  Appsec Tool

  Code Injection

  Exploit

  Vulnerability Exploitation

  Share

  

  Tplmap

  Tplmap is a tool for detecting and exploiting server-side template injection vulnerabilities.

  0

  Free

  Malware Analysis

  Appsec

  Appsec Tool

  Code Injection

  +2