The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Reformat and re-indent bookmarklets, ugly JavaScript, and unpack scripts with options available via UI.
Reformat and re-indent bookmarklets, ugly JavaScript, and unpack scripts with options available via UI.
A method for profiling SSL/TLS Clients with easy-to-produce client fingerprints.
A method for profiling SSL/TLS Clients with easy-to-produce client fingerprints.
A YARA interactive debugger for the YARA language written in Rust, providing features like function calls, constant evaluation, and string matching.
A tool for auditing and reporting Unix host security with the ability to perform a lockdown.
A tool for auditing and reporting Unix host security with the ability to perform a lockdown.
A tutorial on setting up Dionaea on an EC2 instance in 20 minutes
A robust Python implementation of TAXII Services with a friendly pythonic API.
A robust Python implementation of TAXII Services with a friendly pythonic API.
A modified version of OpenSSH deamon forwarding commands to Cowrie for logging brute force attacks and shell interactions.
SauronEye helps in identifying files containing sensitive data such as passwords through targeted directory searches.
SauronEye helps in identifying files containing sensitive data such as passwords through targeted directory searches.
An Active Defense framework for detecting and responding to phishing attacks in Office 365 Message Trace logs.
An Active Defense framework for detecting and responding to phishing attacks in Office 365 Message Trace logs.
Sysreptor provides a customizable reporting platform for pentesters and red teamers to efficiently document security assessments.
Sysreptor provides a customizable reporting platform for pentesters and red teamers to efficiently document security assessments.
A demonstration of a method to delete a locked executable or currently running file from disk.
A demonstration of a method to delete a locked executable or currently running file from disk.
Repository of automatically generated YARA rules from Malpedia's YARA-Signator with detailed statistics.
Repository of automatically generated YARA rules from Malpedia's YARA-Signator with detailed statistics.
Comprehensive host-survey tool for security checks in C#.
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
A project with Terraform and Ansible scripts to create an orchestrated BlueTeam Lab for testing attacks and forensic artifacts on Windows environment.
A project with Terraform and Ansible scripts to create an orchestrated BlueTeam Lab for testing attacks and forensic artifacts on Windows environment.
A pocket reference guide providing various options for navigating and pivoting through different environments and situations.
A pocket reference guide providing various options for navigating and pivoting through different environments and situations.
OpenEDR is an open-source platform enhancing cybersecurity through real-time detection and analysis of cyber threats.
OpenEDR is an open-source platform enhancing cybersecurity through real-time detection and analysis of cyber threats.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.
Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.
A comprehensive list of IP addresses for cybersecurity purposes, including threat intelligence, incident response, and security research.
A comprehensive list of IP addresses for cybersecurity purposes, including threat intelligence, incident response, and security research.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
Automated script for creating a vulnerable Azure cloud lab to train offensive security skills.
Automated script for creating a vulnerable Azure cloud lab to train offensive security skills.
A C#-based Command and Control Framework for remote access and control of compromised systems.
A C#-based Command and Control Framework for remote access and control of compromised systems.