The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Fnord is a pattern extractor for obfuscated code that extracts byte sequences and creates statistics, as well as generates experimental YARA rules.
Fnord is a pattern extractor for obfuscated code that extracts byte sequences and creates statistics, as well as generates experimental YARA rules.
Collection of vulnerable ARM binaries for beginner vulnerability researchers & exploit developers.
Collection of vulnerable ARM binaries for beginner vulnerability researchers & exploit developers.
A proof-of-concept for an adaptive parallelised DNS prober
SSH honeypot with rich features for recording and analyzing malicious activities.
CSET is a free software tool for identifying vulnerabilities in enterprise and industrial control cyber systems.
CSET is a free software tool for identifying vulnerabilities in enterprise and industrial control cyber systems.
CTF toolkit for rapid exploit development and prototyping.
Chameleon aids in evading proxy categorization to bypass internet filters.
Chameleon aids in evading proxy categorization to bypass internet filters.
Developing APIs to access memory on industrial control system devices.
Developing APIs to access memory on industrial control system devices.
FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity
FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity
Guide on emulating Raspberry Pi with QEMU and exploring Arm TrustZone research.
Guide on emulating Raspberry Pi with QEMU and exploring Arm TrustZone research.
CFRipper is a Library and CLI security analyzer for AWS CloudFormation templates.
CFRipper is a Library and CLI security analyzer for AWS CloudFormation templates.
A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.
A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.
Cilium is a networking, observability, and security solution with an eBPF-based dataplane.
Cilium is a networking, observability, and security solution with an eBPF-based dataplane.
International cybersecurity festival for all, who wants to dive into the world of cyber security and have a great time.
International cybersecurity festival for all, who wants to dive into the world of cyber security and have a great time.
A collection of reverse engineering challenges covering a wide range of topics and difficulty levels.
A collection of reverse engineering challenges covering a wide range of topics and difficulty levels.
Automatically compile AWS SCPs for compliant AWS services based on preferred frameworks.
Automatically compile AWS SCPs for compliant AWS services based on preferred frameworks.
Enhances the reading experience of smali code in Emacs.
Enhances the reading experience of smali code in Emacs.
Create and monitor fake HTTP endpoints automatically with Honeyku, deployable on Heroku or your own server.
Create and monitor fake HTTP endpoints automatically with Honeyku, deployable on Heroku or your own server.
A Python tool for patching Dalvik bytecode in DEX files and assisting in Android application analysis
A Python tool for patching Dalvik bytecode in DEX files and assisting in Android application analysis
Platform providing community-driven threat intelligence on cyber threats with a focus on malware and botnets.
Platform providing community-driven threat intelligence on cyber threats with a focus on malware and botnets.
A modular, menu-driven tool for building repeatable, time-delayed, distributed security events.
A modular, menu-driven tool for building repeatable, time-delayed, distributed security events.
SANS Blog provides extensive cybersecurity training and certifications tailored to a wide range of IT security areas and skill levels.
SANS Blog provides extensive cybersecurity training and certifications tailored to a wide range of IT security areas and skill levels.
CLI tool for deleting AWS resources in bulk with inspecting functionality.
CLI tool for deleting AWS resources in bulk with inspecting functionality.