The Largest Collection of Cybersecurity Tools
Explore 2996 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Detect stegano-hidden data in PNG & BMP using zsteg tool.
A collection of disposable and temporary email address domains used for spamming or abusing services.
A collection of disposable and temporary email address domains used for spamming or abusing services.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.
Comprehensive endpoint protection platform providing unified visibility and security for cloud workloads, endpoints, and containers.
Comprehensive endpoint protection platform providing unified visibility and security for cloud workloads, endpoints, and containers.
An information gathering tool for DNS, subdomains, ports, and directories enumeration.
An information gathering tool for DNS, subdomains, ports, and directories enumeration.
A distributed systems simulator that creates vulnerable Kubernetes clusters in AWS for security training and vulnerability mitigation practice.
A distributed systems simulator that creates vulnerable Kubernetes clusters in AWS for security training and vulnerability mitigation practice.
A honeypot system designed to detect and analyze potential security threats
A honeypot system designed to detect and analyze potential security threats
A technique for social engineering and untrusted command execution using ClickOnce technology
A technique for social engineering and untrusted command execution using ClickOnce technology
A comprehensive guide to Nessus, a vulnerability scanner, covering data directories, binary directories, logs directories, plugin directories, advanced settings, API, and good practices.
A comprehensive guide to Nessus, a vulnerability scanner, covering data directories, binary directories, logs directories, plugin directories, advanced settings, API, and good practices.
A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.
A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.
Holistic malware analysis platform with interactive sandbox, static analyzer, and emulation capabilities.
Holistic malware analysis platform with interactive sandbox, static analyzer, and emulation capabilities.
A tool for monitoring and managing device compliance and security across multiple platforms
A tool for monitoring and managing device compliance and security across multiple platforms
Distributed low interaction honeypot with Agent/Master design supporting various protocol handlers.
Distributed low interaction honeypot with Agent/Master design supporting various protocol handlers.
A tool for scanning networks, enumerating Siemens PLCs, and gathering detailed information about them.
A tool for scanning networks, enumerating Siemens PLCs, and gathering detailed information about them.
A collection of CTF source files and write-ups that anyone can contribute to
A collection of CTF source files and write-ups that anyone can contribute to
A daemon for blocking USB keystroke injection devices on Linux systems
A daemon for blocking USB keystroke injection devices on Linux systems
Review of various MFT parsers used in digital forensics for analyzing NTFS file systems.
Review of various MFT parsers used in digital forensics for analyzing NTFS file systems.
GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.
GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.
Fast Intercept is a security automation platform that empowers users to maximize their existing security products and automate routine tasks.
Fast Intercept is a security automation platform that empowers users to maximize their existing security products and automate routine tasks.
Detects and handles potential malware in Microsoft Exchange 2019 messages with various techniques and third-party libraries.
Detects and handles potential malware in Microsoft Exchange 2019 messages with various techniques and third-party libraries.
BPF+ is a generalized packet filter framework that achieves both high-level expressiveness and good performance for network monitoring and intrusion detection applications.
BPF+ is a generalized packet filter framework that achieves both high-level expressiveness and good performance for network monitoring and intrusion detection applications.
A Terraform module to set up a secure AWS account configuration baseline
A Terraform module to set up a secure AWS account configuration baseline
