The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Repository of scripts, signatures, and IOCs related to various malware analysis topics.
Repository of scripts, signatures, and IOCs related to various malware analysis topics.
A serverless application that demonstrates common serverless security flaws and weaknesses
A serverless application that demonstrates common serverless security flaws and weaknesses
dc3dd is a patch to the GNU dd program, tailored for forensic acquisition with features like hashing and file verification.
dc3dd is a patch to the GNU dd program, tailored for forensic acquisition with features like hashing and file verification.
Collection of cybersecurity conference videos from GreHack 2018 covering various cutting-edge topics.
Collection of cybersecurity conference videos from GreHack 2018 covering various cutting-edge topics.
Free online ethical hacking course covering penetration testing, web app assessments, exploit development, and security operations.
Free online ethical hacking course covering penetration testing, web app assessments, exploit development, and security operations.
AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.
AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.
Catch possible phishing domains in near real time by looking for suspicious TLS certificate issuances reported to the Certificate Transparency Log (CTL) via the CertStream API.
Catch possible phishing domains in near real time by looking for suspicious TLS certificate issuances reported to the Certificate Transparency Log (CTL) via the CertStream API.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
Network Forensic Analysis Tool for deep network traffic inspection and analysis.
Network Forensic Analysis Tool for deep network traffic inspection and analysis.
A collection of scripts for debugging SSRF, blind XSS, and XXE vulnerabilities
A blog about various cybersecurity-related topics, including home networking, compiler development, and security vulnerabilities.
A blog about various cybersecurity-related topics, including home networking, compiler development, and security vulnerabilities.
minikube implements a local Kubernetes cluster for easy application development and supports various Kubernetes features.
minikube implements a local Kubernetes cluster for easy application development and supports various Kubernetes features.
CPO Magazine is a cybersecurity news and information website providing articles, news, and insights on cybersecurity, privacy, and technology.
CPO Magazine is a cybersecurity news and information website providing articles, news, and insights on cybersecurity, privacy, and technology.
Forager is a threat intelligence tool that simplifies the retrieval, storage, and maintenance of threat data with a user-friendly interface and support for various data sources.
Forager is a threat intelligence tool that simplifies the retrieval, storage, and maintenance of threat data with a user-friendly interface and support for various data sources.
A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.
A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.
A small project for continuous auditing of internet-facing AWS services
A small project for continuous auditing of internet-facing AWS services
CTF write-ups from SababaSec team
A program to manage yara ruleset in a database with support for different databases and configuration options.
A program to manage yara ruleset in a database with support for different databases and configuration options.
A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.
A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.
Web-based tool for incident response with easy local installation using Docker.
Web-based tool for incident response with easy local installation using Docker.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
An alternative to the auditd daemon with goals of safety, speed, JSON output, and pluggable pipelines connecting to the Linux kernel via netlink.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.