The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Comprehensive tutorial on modern exploitation techniques with a focus on understanding exploitation from scratch.
Comprehensive tutorial on modern exploitation techniques with a focus on understanding exploitation from scratch.
3GL is a high-level programming language with a focus on ASM for 6502.
yarAnalyzer creates statistics on a yara rule set and files in a sample directory, generating tables and CSV files, including an inventory feature.
yarAnalyzer creates statistics on a yara rule set and files in a sample directory, generating tables and CSV files, including an inventory feature.
ClamAV is an open-source antivirus engine that detects trojans, viruses, malware, and other malicious threats.
ClamAV is an open-source antivirus engine that detects trojans, viruses, malware, and other malicious threats.
A list of Windows privilege escalation techniques, categorized and explained in detail.
A list of Windows privilege escalation techniques, categorized and explained in detail.
HTB Academy offers guided cybersecurity training with industry certifications to help you become a market-ready professional.
HTB Academy offers guided cybersecurity training with industry certifications to help you become a market-ready professional.
Non-profit organization supporting the advancement of open source software.
Non-profit organization supporting the advancement of open source software.
A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.
A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.
Tool for dataviz and statistical analysis of threat intelligence feeds, presented in cybersecurity conferences for measuring IQ of threat intelligence feeds.
Tool for dataviz and statistical analysis of threat intelligence feeds, presented in cybersecurity conferences for measuring IQ of threat intelligence feeds.
Browse a library of EQL analytics now natively integrated in Elasticsearch.
Browse a library of EQL analytics now natively integrated in Elasticsearch.
A tool to secure your shell commands history by clearing sensitive commands
A tool to secure your shell commands history by clearing sensitive commands
A curated list of important security news, helping readers stay up-to-date with the latest developments in cybersecurity.
A curated list of important security news, helping readers stay up-to-date with the latest developments in cybersecurity.
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.
A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.
A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.
Mellivora Mellivora is a PHP-based CTF engine with a wide range of features for managing Capture The Flag competitions.
Mellivora Mellivora is a PHP-based CTF engine with a wide range of features for managing Capture The Flag competitions.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
A local privilege escalation vulnerability in the Linux kernel known for its catchy name and potential damages.
A local privilege escalation vulnerability in the Linux kernel known for its catchy name and potential damages.
Scumblr is a web application for periodic syncs of data sources and security analysis to streamline proactive security.
Scumblr is a web application for periodic syncs of data sources and security analysis to streamline proactive security.
A portable Docker container with preinstalled AWS security tools for SecOps on AWS.
A portable Docker container with preinstalled AWS security tools for SecOps on AWS.
A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.
Tool for setting up Glutton, a cybersecurity tool for monitoring SSH traffic.
Tool for setting up Glutton, a cybersecurity tool for monitoring SSH traffic.
A collection of tools to perform searches on GitHub.
An open-source phishing toolkit for businesses and penetration testers.
An open-source phishing toolkit for businesses and penetration testers.
