Loading...

Popular Free Commercial Categories Tasks Blog

CyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS

LEGAL

Terms of services Privacy policy

Free Cybersecurity Tools

Find the right solution for your security needs without any cost.Explore 2631 curated tools and resources

Search by name, description, or purpose... (⌘+K)

Home
Free Tools

PINNED

Promoted • 4 tools

Commercial

Consulting

Commercial

Application Security

Commercial

Cloud Security

Commercial

Application Security

Want your tool featured here?

Get maximum visibility with pinned placement

LATEST ADDITIONS

Femida
Automated blind-xss search for Burp Suite
0
Free
Malware Analysis
Appsec
Burp Suite
Blind Xss
Xss
Security Research
Penetration Testing
Python
Femida
Automated blind-xss search for Burp Suite
0
Free
Malware Analysis
Appsec
Burp Suite
Blind Xss
+4
docem
A tool to embed XXE and XSS payloads in various file formats
0
Free
Malware Analysis
Xxe
Xss
docem
A tool to embed XXE and XSS payloads in various file formats
0
Free
Malware Analysis
Xxe
Xss
extended-ssrf-search
A smart SSRF scanner using different methods like parameter brute forcing in post and get requests.
0
Free
Network Security
Ssrf
Web Application Security
Vulnerability Scanning
Penetration Testing
Security Research
extended-ssrf-search
A smart SSRF scanner using different methods like parameter brute forcing in post and get requests.
0
Free
Network Security
Ssrf
Web Application Security
Vulnerability Scanning
+2
DNS Rebind Toolkit
A front-end JavaScript toolkit for creating DNS rebinding attacks
0
Free
Offensive Security
Dns
Rebinding
Attack Tool
Penetration Testing
Security Research
DNS Rebind Toolkit
A front-end JavaScript toolkit for creating DNS rebinding attacks
0
Free
Offensive Security
Dns
Rebinding
Attack Tool
+2
jaeles
Automated web application testing tool
1
Free
Application Security
Appsec
Web Application Security
Vulnerability Scanning
Security Testing
jaeles
Automated web application testing tool
1
Free
Application Security
Appsec
Web Application Security
Vulnerability Scanning
+1
headi
A tool for automated HTTP header injection
0
Free
Application Security
Security Testing
Vulnerability Scanning
Web Application Security
headi
A tool for automated HTTP header injection
0
Free
Application Security
Security Testing
Vulnerability Scanning
Web Application Security
awesome-vulnerable-apps
A list of vulnerable applications for testing and learning
0
Free
Vulnerability Management
Vulnerable Apps
Penetration Testing
Learning
Testing
Security Training
awesome-vulnerable-apps
A list of vulnerable applications for testing and learning
0
Free
Vulnerability Management
Vulnerable Apps
Penetration Testing
Learning
+2
gowitness
A command-line tool for taking screenshots of web pages using Chrome Headless
0
Free
Network Security
Web
Screenshot
Command Line Tool
Web Security
gowitness
A command-line tool for taking screenshots of web pages using Chrome Headless
0
Free
Network Security
Web
Screenshot
Command Line Tool
+1
Trufflehog-Chrome-Extension
A browser extension that helps you find and track sensitive data exposure across the web.
0
Free
Data Protection
Data Breach
Data Security
Machine Learning
Data Science
Browser Extension
Security Tool
Trufflehog-Chrome-Extension
A browser extension that helps you find and track sensitive data exposure across the web.
0
Free
Data Protection
Data Breach
Data Security
Machine Learning
+3
SSRFmap
Automatic SSRF fuzzer and exploitation tool
0
Free
Offensive Security
Ssrf
Fuzzer
Exploitation
Penetration Testing
SSRFmap
Automatic SSRF fuzzer and exploitation tool
0
Free
Offensive Security
Ssrf
Fuzzer
Exploitation
+1
LinkFinder
A Python script that finds endpoints in JavaScript files to identify potential security vulnerabilities.
0
Free
Malware Analysis
Javascript
Security
Vulnerability
Endpoint
LinkFinder
A Python script that finds endpoints in JavaScript files to identify potential security vulnerabilities.
0
Free
Malware Analysis
Javascript
Security
Vulnerability
+1
Razzer
A Kernel fuzzer focusing on race bugs
0
Free
Digital Forensics
Fuzzing
Security Testing
Razzer
A Kernel fuzzer focusing on race bugs
0
Free
Digital Forensics
Fuzzing
Security Testing
sentrySSRF
A tool to search for Sentry config on a page or in JavaScript files and check for blind SSRF
0
Free
Network Security
Javascript
Ssrf
sentrySSRF
A tool to search for Sentry config on a page or in JavaScript files and check for blind SSRF
0
Free
Network Security
Javascript
Ssrf
Param Miner
A tool for identifying and extracting parameters from HTTP requests and responses
0
Free
Application Security
Appsec
Http
Security Testing
Vulnerability Assessment
Param Miner
A tool for identifying and extracting parameters from HTTP requests and responses
0
Free
Application Security
Appsec
Http
Security Testing
+1
xssValidator
A Burp intruder extender for automating and validating XSS vulnerabilities
0
Free
Malware Analysis
Appsec
Xss
Automation
Vulnerability Scanning
xssValidator
A Burp intruder extender for automating and validating XSS vulnerabilities
0
Free
Malware Analysis
Appsec
Xss
Automation
+1
Git-Vuln-Finder
A tool that uses NLP and ML to identify potential software vulnerabilities from git commit messages
0
Free
Vulnerability Management
Vulnerability Detection
Machine Learning
Natural Language Processing
Open Source
Git
Software Security
Git-Vuln-Finder
A tool that uses NLP and ML to identify potential software vulnerabilities from git commit messages
0
Free
Vulnerability Management
Vulnerability Detection
Machine Learning
Natural Language Processing
+3
CORStest
A simple CORS misconfiguration scanner
0
Free
Network Security
Appsec
Cors
Web App Security
CORStest
A simple CORS misconfiguration scanner
0
Free
Network Security
Appsec
Cors
Web App Security
autoSubTakeover
A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.
0
Free
Honeypots
Dns
Subdomain Takeover
autoSubTakeover
A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.
0
Free
Honeypots
Dns
Subdomain Takeover
Naabu
A fast and reliable port scanner for attack surface discovery
0
Free
Network Security
Go
Bug Bounty
Pentest
Naabu
A fast and reliable port scanner for attack surface discovery
0
Free
Network Security
Go
Bug Bounty
Pentest
CloudScraper
CloudScraper is a tool for enumerating cloud resources, including S3 Buckets, Azure Blobs, and Digital Ocean Storage Space.
0
Free
Cloud Security
Cloud Security
Cloud Compliance
Cloud Native
CloudScraper
CloudScraper is a tool for enumerating cloud resources, including S3 Buckets, Azure Blobs, and Digital Ocean Storage Space.
0
Free
Cloud Security
Cloud Security
Cloud Compliance
Cloud Native
xsshunter_client
A correlated injection proxy tool for XSS Hunter
0
Free
Honeypots
xsshunter_client
A correlated injection proxy tool for XSS Hunter
0
Free
Honeypots
Oralyzer
Open Redirection Analyzer
0
Free
Application Security
Appsec
Vulnerability Scanning
Web App Security
Security Research
Devsecops
Oralyzer
Open Redirection Analyzer
0
Free
Application Security
Appsec
Vulnerability Scanning
Web App Security
+2
bugcrowd-levelup-subdomain-enumeration
A repository containing material from a talk on sub-domain enumeration techniques
0
Free
Digital Forensics
Bug Bounty
Dns
Domain Enumeration
bugcrowd-levelup-subdomain-enumeration
A repository containing material from a talk on sub-domain enumeration techniques
0
Free
Digital Forensics
Bug Bounty
Dns
Domain Enumeration
s3reverse
Converts the format of various S3 buckets for bug bounty and security testing.
0
Free
Cloud Security
Aws
Aws Config
Aws Security
S3
Security Testing
Bug Bounty
s3reverse
Converts the format of various S3 buckets for bug bounty and security testing.
0
Free
Cloud Security
Aws
Aws Config
Aws Security
+3

Previous
5
6
7
8
9
110
Next