Loading...

Popular Free Commercial Categories Tasks Blog

CybersecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS

LEGAL

Terms of services Privacy policy

Free Cybersecurity Tools

Find the right solution for your security needs without any cost.Explore 2629 curated tools and resources

Search by name, description, or purpose... (⌘+K)

Home
Free Tools

PINNED

Promoted • 6 tools

Commercial

Data Protection

Commercial

Network Security

Commercial

Consulting

Commercial

Application Security

Commercial

Cloud Security

Commercial

Application Security

Want your tool featured here?

Get maximum visibility with pinned placement

LATEST ADDITIONS

Vaya-Ciego-Nen
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
0
Free
Malware Analysis
Xss
Blind Xss
Vulnerability Detection
Vulnerability Exploitation
Security Testing
Web Security
Vaya-Ciego-Nen
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
0
Free
Malware Analysis
Xss
Blind Xss
Vulnerability Detection
+3
JSShell
An interactive multi-user web JS shell
0
Free
Offensive Security
Interactive
Web
Javascript
Shell
JSShell
An interactive multi-user web JS shell
0
Free
Offensive Security
Interactive
Web
Javascript
+1
cors-scanner
A multi-threaded scanner for identifying CORS flaws and misconfigurations
0
Free
Network Security
Cors
Scanner
Web Security
Vulnerability Scanning
Multi Threaded
Web App Security
cors-scanner
A multi-threaded scanner for identifying CORS flaws and misconfigurations
0
Free
Network Security
Cors
Scanner
Web Security
+3
xssor2
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
0
Free
Malware Analysis
Xss
Javascript
Security Testing
Vulnerability Exploitation
Web App Security
xssor2
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
0
Free
Malware Analysis
Xss
Javascript
Security Testing
+2
findom-xss
A fast and simple DOM based XSS vulnerability scanner
0
Free
Malware Analysis
Xss
Scanner
Vulnerability
Proof Of Concept
findom-xss
A fast and simple DOM based XSS vulnerability scanner
0
Free
Malware Analysis
Xss
Scanner
Vulnerability
+1
GraphQLmap
A scripting engine for interacting with GraphQL endpoints for pentesting purposes.
0
Free
Offensive Security
Graphql
Pentesting
Scripting
Endpoint
Security Testing
Api Security
GraphQLmap
A scripting engine for interacting with GraphQL endpoints for pentesting purposes.
0
Free
Offensive Security
Graphql
Pentesting
Scripting
+3
liffier
A simple snippet to increment ../ on the URL.
0
Free
Miscellaneous
Vulnerability Detection
Web App Security
Security Audit
Penetration Testing
Vulnerability Assessment
liffier
A simple snippet to increment ../ on the URL.
0
Free
Miscellaneous
Vulnerability Detection
Web App Security
Security Audit
+2
Liffy
A local file inclusion exploitation tool
0
Free
Honeypots
Exploit
Local File Inclusion
Web Application Security
Vulnerability Exploitation
Liffy
A local file inclusion exploitation tool
0
Free
Honeypots
Exploit
Local File Inclusion
Web Application Security
+1
dom-red
A command-line script that tests multiple domains from a list for open redirect vulnerabilities and reports findings.
0
Free
Vulnerability Management
Vulnerability Scanner
Open Redirect
Command Line Tool
Domain Check
Web Security
Penetration Testing
Security Testing
Vulnerability Detection
Cli
Scanner
dom-red
A command-line script that tests multiple domains from a list for open redirect vulnerabilities and reports findings.
0
Free
Vulnerability Management
Vulnerability Scanner
Open Redirect
Command Line Tool
+7
haktrails
Golang client for querying SecurityTrails API data
0
Free
Cloud Security
Golang
Security
haktrails
Golang client for querying SecurityTrails API data
0
Free
Cloud Security
Golang
Security
XSSCon
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
0
Free
Malware Analysis
Xss
Xss Scanner
Web Security
Penetration Testing
Security Research
XSSCon
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
0
Free
Malware Analysis
Xss
Xss Scanner
Web Security
+2
jwt-cracker
A simple JWT token brute force cracker
0
Free
Malware Analysis
Jwt
Jwt Security
jwt-cracker
A simple JWT token brute force cracker
0
Free
Malware Analysis
Jwt
Jwt Security
crtndstry
A subdomain finder tool
0
Free
Honeypots
Subdomain Discovery
Security Research
crtndstry
A subdomain finder tool
0
Free
Honeypots
Subdomain Discovery
Security Research
IntruderPayloads
A collection of payloads and methodologies for web pentesting.
0
Free
Offensive Security
Burp Suite
Payloads
Fuzzing
Pentesting
Security Testing
IntruderPayloads
A collection of payloads and methodologies for web pentesting.
0
Free
Offensive Security
Burp Suite
Payloads
Fuzzing
+2
urlgrab
A golang utility to spider through a website searching for additional links.
0
Free
Miscellaneous
Web Security
Web Scraping
Malware Detection
Golang
urlgrab
A golang utility to spider through a website searching for additional links.
0
Free
Miscellaneous
Web Security
Web Scraping
Malware Detection
+1
XXEinjector
Automate the exploitation of XXE vulnerabilities
0
Free
Malware Analysis
Xxe
Vulnerability Exploitation
Penetration Testing
Security Research
XXEinjector
Automate the exploitation of XXE vulnerabilities
0
Free
Malware Analysis
Xxe
Vulnerability Exploitation
Penetration Testing
+1
s3viewer
A storage exploration tool that provides unified access to view publicly accessible Amazon S3 buckets, Azure Blob storage, FTP servers, and HTTP directory listings.
0
Free
Cloud Security
Cloud Security
S3
Azure
Security Assessment
Cloud
Aws
Misconfiguration
Data Security
Security Audit
s3viewer
A storage exploration tool that provides unified access to view publicly accessible Amazon S3 buckets, Azure Blob storage, FTP servers, and HTTP directory listings.
0
Free
Cloud Security
Cloud Security
S3
Azure
+6
Webanalyze
An automated tool for identifying technologies used on websites with mass scanning capabilities, based on the Wappalyzer detection engine.
0
Free
Application Security
Web Security
Reconnaissance
Scanner
Automation
Mass Scanning
Fingerprinting
Web Application Security
Cli Tool
Github
Webanalyze
An automated tool for identifying technologies used on websites with mass scanning capabilities, based on the Wappalyzer detection engine.
0
Free
Application Security
Web Security
Reconnaissance
Scanner
+6
Recursebuster
A tool for recursively querying webservers
0
Free
Offensive Security
Pentesting
Web Scanning
Recursebuster
A tool for recursively querying webservers
0
Free
Offensive Security
Pentesting
Web Scanning
as3nt
A tool for enumerating subdomains of a given domain
0
Free
Network Security
Subdomain Enumeration
Domain Enumeration
Security Research
Penetration Testing
Infosec
as3nt
A tool for enumerating subdomains of a given domain
0
Free
Network Security
Subdomain Enumeration
Domain Enumeration
Security Research
+2
SQLi-Hunter
SQLi-Hunter is an HTTP/HTTPS proxy server and SQLMAP API wrapper that simplifies the identification and exploitation of SQL injection vulnerabilities in web applications.
0
Free
Offensive Security
Sql Injection
Proxy
Penetration Testing
Vulnerability Scanner
Web Security
Sql
Offensive Security
Web Application Security
Exploitation
Scanner
SQLi-Hunter
SQLi-Hunter is an HTTP/HTTPS proxy server and SQLMAP API wrapper that simplifies the identification and exploitation of SQL injection vulnerabilities in web applications.
0
Free
Offensive Security
Sql Injection
Proxy
Penetration Testing
+7
Katana
A next-generation crawling and spidering framework for extracting data from websites
0
Free
Digital Forensics
Crawling
Web Scraping
Web Application Security
Data Extraction
Katana
A next-generation crawling and spidering framework for extracting data from websites
0
Free
Digital Forensics
Crawling
Web Scraping
Web Application Security
+1
WPRecon
WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.
0
Free
Application Security
Wordpress
Vulnerability Scanning
WPRecon
WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.
0
Free
Application Security
Wordpress
Vulnerability Scanning
httpx
A fast and multi-purpose HTTP toolkit for sending HTTP requests and parsing responses
0
Free
Network Security
Http
Http Requests
Web Scraping
Testing
httpx
A fast and multi-purpose HTTP toolkit for sending HTTP requests and parsing responses
0
Free
Network Security
Http
Http Requests
Web Scraping
+1

Previous
2
3
4
5
6
110
Next