The Largest Collection of Cybersecurity Tools
Explore 2989 curated tools and resources
Search by name, description, or purpose... (⌘+K)
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A framework to analyze container images and gather useful information.
A framework to analyze container images and gather useful information.
Compares target's patch levels against Microsoft vulnerability database and detects missing patches.
Compares target's patch levels against Microsoft vulnerability database and detects missing patches.
A customized AWS EKS setup for PCI-DSS, SOC2, and HIPAA compliance
A customized AWS EKS setup for PCI-DSS, SOC2, and HIPAA compliance
A demonstration site for the Acunetix Web Vulnerability Scanner, featuring intentionally vulnerable PHP code to test web application security.
A demonstration site for the Acunetix Web Vulnerability Scanner, featuring intentionally vulnerable PHP code to test web application security.
Tool for fingerprinting malware HTTP requests.
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
Real-time, eBPF-based Security Observability and Runtime Enforcement component
Real-time, eBPF-based Security Observability and Runtime Enforcement component
A browser with XSS detection capabilities
FTP Honeypot tool with FTP + SSL-FTP features, used for catching credentials and malware files, distributing honeytoken files, and generating SSL certificates.
A yara module for searching strings inside zip files
Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.
Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.
A multi-threading tool for sniffing HTTP header records with support for offline and live sniffing, TCP flow statistics, and JSON output.
A multi-threading tool for sniffing HTTP header records with support for offline and live sniffing, TCP flow statistics, and JSON output.
Comprehensive cheat sheet for SQLite SQL injection techniques and payloads.
Comprehensive cheat sheet for SQLite SQL injection techniques and payloads.
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
A collection of tools for forensics teams to collect evidence from cloud platforms
A collection of tools for forensics teams to collect evidence from cloud platforms
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool powered by Shodan.
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool powered by Shodan.
A tool that automatically audits website security by crawling an entire website and identifying vulnerabilities
A tool that automatically audits website security by crawling an entire website and identifying vulnerabilities
A low-interaction honeypot for detecting and analyzing potential attacks on Android devices via ADB over TCP/IP
A low-interaction honeypot for detecting and analyzing potential attacks on Android devices via ADB over TCP/IP
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
Project hosting scripts for implementing Pass the Hash mitigations with PtHTools module commands.
Project hosting scripts for implementing Pass the Hash mitigations with PtHTools module commands.
SAST and malware analysis tool for Android APKs with detailed scan information.
SAST and malware analysis tool for Android APKs with detailed scan information.
Platform for the latest threat intelligence information
CyBot is a free and open source threat intelligence chat bot with a community-driven plugin framework.
CyBot is a free and open source threat intelligence chat bot with a community-driven plugin framework.
Exploiting simple stack overflow vulnerabilities using return oriented programming (ROP) to defeat data execution prevention - DEP.
Exploiting simple stack overflow vulnerabilities using return oriented programming (ROP) to defeat data execution prevention - DEP.