The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A framework for managing cyber threat intelligence in structured formats.
A framework for managing cyber threat intelligence in structured formats.
A series of vulnerable virtual machine images with documentation to teach Linux, Apache, PHP, MySQL security.
A series of vulnerable virtual machine images with documentation to teach Linux, Apache, PHP, MySQL security.
Graham Cluley offers expert cybersecurity insights and commentary through various media including podcasts and speaking engagements.
Graham Cluley offers expert cybersecurity insights and commentary through various media including podcasts and speaking engagements.
Exterro is a data risk management platform that optimizes e-discovery, digital forensics, and cybersecurity compliance operations.
Exterro is a data risk management platform that optimizes e-discovery, digital forensics, and cybersecurity compliance operations.
Practical security policy enforcement for Android apps via bytecode rewriting and in-place reference monitor.
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
YARA extension for Visual Studio Code with code completion and snippets
YARA extension for Visual Studio Code with code completion and snippets
Java code implementing the AutoYara algorithm for automatic Yara rule generation from input samples.
Java code implementing the AutoYara algorithm for automatic Yara rule generation from input samples.
A tool for detecting and exploiting Android application vulnerabilities
A tool for detecting and exploiting Android application vulnerabilities
A tool for identifying security issues in CloudFormation templates.
A comprehensive online resource for application security knowledge
A comprehensive online resource for application security knowledge
Troje is a honeypot that creates a realistic environment within lxc containers to monitor and record traffic and changes to drives.
Troje is a honeypot that creates a realistic environment within lxc containers to monitor and record traffic and changes to drives.
Second-order subdomain takeover scanner
Hippocampe is a threat feed aggregator with configurable confidence levels and a Hipposcore for determining maliciousness.
Hippocampe is a threat feed aggregator with configurable confidence levels and a Hipposcore for determining maliciousness.
A cross-platform network detection tool that identifies Responder presence by sending LLMNR queries for non-existent hostnames.
A cross-platform network detection tool that identifies Responder presence by sending LLMNR queries for non-existent hostnames.
Learn about 'Admin Free' Active Directory and the significance of privileged groups in AD.
Learn about 'Admin Free' Active Directory and the significance of privileged groups in AD.
Certificate Transparency Monitor that alerts you when an SSL/TLS certificate is issued for your domains.
Certificate Transparency Monitor that alerts you when an SSL/TLS certificate is issued for your domains.
Automated digital image forensics tool
A read-only FUSE driver that enables Linux systems to mount and access Apple File System (APFS) volumes, including encrypted and fusion drives.
A read-only FUSE driver that enables Linux systems to mount and access Apple File System (APFS) volumes, including encrypted and fusion drives.
A game packed with real-life examples of how not to store secrets in software, with 46 challenges to solve.
A game packed with real-life examples of how not to store secrets in software, with 46 challenges to solve.
A tool for SSH server auditing with comprehensive analysis capabilities.
A tool for SSH server auditing with comprehensive analysis capabilities.
Domain registration and web hosting services with free features and 24/7 customer support
Domain registration and web hosting services with free features and 24/7 customer support
An open source cloud security platform for discovering, prioritizing, and remediating risks in the cloud.
An open source cloud security platform for discovering, prioritizing, and remediating risks in the cloud.
A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.
A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.