The Largest Hub of Cybersecurity Tools
Explore 2936 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
TRENDING CATEGORIES
Join Mandos Brief
Get weekly cybersecurity updates, straight in your inbox.
Read by professionals from
PINNED
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
LaBrea is a 'sticky' honeypot and IDS tool that traps malicious actors by creating virtual servers on unused IP addresses.
LaBrea is a 'sticky' honeypot and IDS tool that traps malicious actors by creating virtual servers on unused IP addresses.
Open-Source framework for detecting and preventing dependency confusion leakage with a holistic approach and wide technology support.
Open-Source framework for detecting and preventing dependency confusion leakage with a holistic approach and wide technology support.
Leveraging WebDAV features for covert communication and payload delivery.
Leveraging WebDAV features for covert communication and payload delivery.
DECAF++ is a fast whole-system dynamic taint analysis framework with improved performance and elasticity.
DECAF++ is a fast whole-system dynamic taint analysis framework with improved performance and elasticity.
A CTF platform inspired by motherfuckingwebsite.com, emphasizing simplicity and lightweight features.
A CTF platform inspired by motherfuckingwebsite.com, emphasizing simplicity and lightweight features.
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
StackStorm is an open-source automation platform that connects and automates DevOps workflows and integrates with existing infrastructure.
StackStorm is an open-source automation platform that connects and automates DevOps workflows and integrates with existing infrastructure.
A Live CD and Live USB for penetration testing and security assessment
A Live CD and Live USB for penetration testing and security assessment
Toolkit for post-mortem analysis of Docker runtime environments using forensic HDD copies.
Toolkit for post-mortem analysis of Docker runtime environments using forensic HDD copies.
RedEye is a visual analytic tool for enhancing Red and Blue Team operations.
RedEye is a visual analytic tool for enhancing Red and Blue Team operations.
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.