The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Apache 2 based honeypot for detecting and blocking Struts CVE 2017-5638 exploit with added support for content disposition filename parsing vulnerability.
A tracker that detects and logs SYN packets with a specific signature generated by the Mirai malware, providing real-time information on Mirai-based campaigns.
A tracker that detects and logs SYN packets with a specific signature generated by the Mirai malware, providing real-time information on Mirai-based campaigns.
A multiarch honeypot platform supporting 20+ honeypots and offering visualization options and security tools.
A multiarch honeypot platform supporting 20+ honeypots and offering visualization options and security tools.
A wrapper around jNetPcap for packet capturing with Clojure, available for Linux and Windows.
A wrapper around jNetPcap for packet capturing with Clojure, available for Linux and Windows.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Statistical renaming, Type inference, and Deobfuscation tool for JavaScript code.
Statistical renaming, Type inference, and Deobfuscation tool for JavaScript code.
An open-source network security monitoring tool.
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
An open source platform for secure remote access management with granular access control and fast speeds.
An open source platform for secure remote access management with granular access control and fast speeds.
FortiEDR is an automated endpoint security solution that integrates with the Fortinet Security Fabric and third-party solutions to reduce MTTR and provide real-time breach detection and response.
FortiEDR is an automated endpoint security solution that integrates with the Fortinet Security Fabric and third-party solutions to reduce MTTR and provide real-time breach detection and response.
A robust endpoint security solution that offers data security, network security, and advanced threat prevention, all managed from a single console to protect your devices and data.
A robust endpoint security solution that offers data security, network security, and advanced threat prevention, all managed from a single console to protect your devices and data.
A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.
A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.
A comprehensive SQL injection cheat sheet covering various database management systems and techniques.
A comprehensive SQL injection cheat sheet covering various database management systems and techniques.
Forensic imaging program with full hash authentication and various acquisition options.
Forensic imaging program with full hash authentication and various acquisition options.
PowerGRR is a PowerShell module for the GRR API, allowing automation and scripting for incident response and remote live forensics.
PowerGRR is a PowerShell module for the GRR API, allowing automation and scripting for incident response and remote live forensics.
Sample detection rules and dashboards for Google Security Operations
Sample detection rules and dashboards for Google Security Operations
A modern post-exploitation command and control framework with a client-server architecture and extensibility features.
A modern post-exploitation command and control framework with a client-server architecture and extensibility features.
Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.
Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.
Cybersecurity tool merging DarunGrim's analysis algorithms, currently in internal testing for official release.
Cybersecurity tool merging DarunGrim's analysis algorithms, currently in internal testing for official release.
Create a vulnerable active directory for testing various Active Directory attacks.
Create a vulnerable active directory for testing various Active Directory attacks.
Generate Amazon GuardDuty findings related to real AWS resources with multiple tests available.
Generate Amazon GuardDuty findings related to real AWS resources with multiple tests available.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
A vulnerable web site in NodeJS for testing security source code analyzers.
A vulnerable web site in NodeJS for testing security source code analyzers.