The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Free tools for the CrowdStrike customer community to support their use of the Falcon platform.
Free tools for the CrowdStrike customer community to support their use of the Falcon platform.
A collection of structured incident response playbook battle cards that provide prescriptive countermeasures and procedures for combating cyber threats and attacks during security incidents.
A collection of structured incident response playbook battle cards that provide prescriptive countermeasures and procedures for combating cyber threats and attacks during security incidents.
Search OpenBSD manual pages by keyword, section, or manual page name
Search OpenBSD manual pages by keyword, section, or manual page name
A web application designed to be 'Xtremely Vulnerable' for security enthusiasts to learn application security.
A web application designed to be 'Xtremely Vulnerable' for security enthusiasts to learn application security.
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
WordPress security scanner for identifying vulnerabilities in WordPress websites.
No More Ransom is a collaborative project to combat ransomware attacks by providing decryption tools and prevention advice.
No More Ransom is a collaborative project to combat ransomware attacks by providing decryption tools and prevention advice.
Pint is a PIN tool that exposes the PIN API to lua scripts, allowing dynamic instrumentation of binaries.
Pint is a PIN tool that exposes the PIN API to lua scripts, allowing dynamic instrumentation of binaries.
Script to check for artifacts with the same name between repositories to prevent Dependency Confusion Attacks.
Script to check for artifacts with the same name between repositories to prevent Dependency Confusion Attacks.
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
A package for hiding data inside jpeg files using steganography techniques.
A package for hiding data inside jpeg files using steganography techniques.
ELFcrypt encrypts ELF binaries to prevent reverse engineering.
Important security headers for Fastify with granular control over application routes.
Important security headers for Fastify with granular control over application routes.
A tool that checks for hijackable packages in NPM and Python Pypi registries
A tool that checks for hijackable packages in NPM and Python Pypi registries
Next-generation Linux exploit suggester with improved features for finding privilege escalation vulnerabilities.
Next-generation Linux exploit suggester with improved features for finding privilege escalation vulnerabilities.
SecGen creates vulnerable virtual machines and hacking challenges for learning security penetration testing techniques.
SecGen creates vulnerable virtual machines and hacking challenges for learning security penetration testing techniques.
Open-source set of libraries and drivers to accelerate network performance.
Open-source set of libraries and drivers to accelerate network performance.
A tool for pillaging Docker registries to extract image manifests and configurations.
A tool for pillaging Docker registries to extract image manifests and configurations.
A blog post explaining the concept of Active Directory Trusts and their enumeration and exploitation
A blog post explaining the concept of Active Directory Trusts and their enumeration and exploitation
A Windows Registry hive extraction library that reads and writes Windows Registry 'hive' binary files.
A Windows Registry hive extraction library that reads and writes Windows Registry 'hive' binary files.
A bash script for automating Linux swap analysis for post-exploitation or forensics purposes.
A bash script for automating Linux swap analysis for post-exploitation or forensics purposes.
Android vulnerability analysis system with efficient scanning and high accuracy.
Android vulnerability analysis system with efficient scanning and high accuracy.
A .Net wrapper library for the native Yara library with interoperability and portability features.
A .Net wrapper library for the native Yara library with interoperability and portability features.