The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A collection of precompiled Windows exploits for privilege escalation.
A collection of precompiled Windows exploits for privilege escalation.
A leading online publication providing news, analysis, and insights on cybersecurity, IT leadership, and technology trends.
A leading online publication providing news, analysis, and insights on cybersecurity, IT leadership, and technology trends.
Microservice for scanning files with Yara
A PowerShell module for threat hunting via Windows Event Logs
A utility tool for decrypting data from weak public keys and attempting to recover the corresponding private key, primarily for educational purposes.
A utility tool for decrypting data from weak public keys and attempting to recover the corresponding private key, primarily for educational purposes.
Generate Bro intel files from pdf or html reports.
An intrusion prevention system for SSH that blocks IP addresses after a set number of consecutive failed login attempts.
An intrusion prevention system for SSH that blocks IP addresses after a set number of consecutive failed login attempts.
Docker file for building Androguard dependencies with an optional interactive shell environment.
Docker file for building Androguard dependencies with an optional interactive shell environment.
Robust Python SDK and Command Line Client for interacting with IntelOwl's API.
Robust Python SDK and Command Line Client for interacting with IntelOwl's API.
Participation in the Red Team for Pacific Rim CCDC 2017 with insights on infrastructure design and competition tips.
Participation in the Red Team for Pacific Rim CCDC 2017 with insights on infrastructure design and competition tips.
Open-source project for building instrumented environments to simulate attacks and test detections.
Open-source project for building instrumented environments to simulate attacks and test detections.
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
KLara is a distributed system written in Python that helps Threat Intelligence researchers hunt for new malware using Yara.
KLara is a distributed system written in Python that helps Threat Intelligence researchers hunt for new malware using Yara.
Adversary emulation framework for testing security measures in network environments.
Adversary emulation framework for testing security measures in network environments.
OCaml wrapper for YARA matching engine for malware identification
Instrumentation-based approach for resolving reflective calls in Android apps.
Instrumentation-based approach for resolving reflective calls in Android apps.
MISP is an open source threat intelligence platform that enhances threat information sharing and analysis.
MISP is an open source threat intelligence platform that enhances threat information sharing and analysis.
Resmo's Cybersecurity Blog provides expert insights and tools for securing SaaS applications and cloud documents for IT and security teams.
Resmo's Cybersecurity Blog provides expert insights and tools for securing SaaS applications and cloud documents for IT and security teams.
Multi-honeypot platform with various honeypots and monitoring tools.
Tool used for dumping memory from Android devices with root access requirement and forensic soundness considerations.
Tool used for dumping memory from Android devices with root access requirement and forensic soundness considerations.
Scans SPF and DMARC records for issues that could allow email spoofing.
Scans SPF and DMARC records for issues that could allow email spoofing.
A WebSocket Manipulation Proxy with a user interface to capture, intercept, and send custom messages for WebSocket and Socket.IO communications.