Loading...

Popular Free Commercial Categories Tasks Blog

CybersecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS

LEGAL

Terms of services Privacy policy

Github

Explore 43 curated tools and resources

Search by name, description, or purpose... (⌘+K)

Home
Tasks
Github

PINNED

Promoted • 6 tools

Commercial

Data Protection

Commercial

Network Security

Commercial

Consulting

Commercial

Application Security

Commercial

Cloud Security

Commercial

Application Security

Want your tool featured here?

Get maximum visibility with pinned placement

LATEST ADDITIONS

Flyingduck
A security analysis platform that combines SAST, SCA, SBOM generation and AI-assisted remediation to detect and fix vulnerabilities during the software development lifecycle.
0
Commercial
Application Security
Application Security
Static Analysis
Devsecops
Ci Cd
Vulnerability Detection
Dependency Scanning
Sbom
Ai
Security Automation
Github
Flyingduck
A security analysis platform that combines SAST, SCA, SBOM generation and AI-assisted remediation to detect and fix vulnerabilities during the software development lifecycle.
0
Commercial
Application Security
Application Security
Static Analysis
Devsecops
+7
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
0
Commercial
Application Security
Application Security
Github
Code Security
Static Analysis
Security Automation
Devsecops
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
0
Commercial
Application Security
Application Security
Github
Code Security
+3
Amplify
An automated code remediation tool that integrates with source control platforms to automatically fix security vulnerabilities in code through AI-driven analysis and one-click implementations.
0
Commercial
Application Security
Application Security
Automation
Security Automation
Github
Gitlab
Ai
Vulnerability Management
Code Security
Devsecops
Security Analysis
Amplify
An automated code remediation tool that integrates with source control platforms to automatically fix security vulnerabilities in code through AI-driven analysis and one-click implementations.
0
Commercial
Application Security
Application Security
Automation
Security Automation
+7
Octoscan
Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.
0
Free
Application Security
Github
Ci Cd
Static Analysis
Vulnerability Scanning
Workflow
Security Automation
Octoscan
Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.
0
Free
Application Security
Github
Ci Cd
Static Analysis
+3
GitHub Actions Attack Diagram
A visual guide that maps attack vectors and exploitation techniques for identifying vulnerabilities in GitHub Actions configurations and CI/CD pipelines.
0
Free
Offensive Security
Ci Cd
Github
Attack Paths
Red Team
Vulnerability Research
Devops
Devsecops
Offensive Security
Educational
Framework
GitHub Actions Attack Diagram
A visual guide that maps attack vectors and exploitation techniques for identifying vulnerabilities in GitHub Actions configurations and CI/CD pipelines.
0
Free
Offensive Security
Ci Cd
Github
Attack Paths
+7
StepSecurity
StepSecurity is a platform that enhances GitHub Actions security by providing network egress control, risk discovery, action replacement, and security best practices orchestration.
0
Commercial
Application Security
1 reviews
Ci Cd
Github
Devsecops
Security Automation
Cloud Security
Vulnerability Management
StepSecurity
StepSecurity is a platform that enhances GitHub Actions security by providing network egress control, risk discovery, action replacement, and security best practices orchestration.
0
Commercial
Application Security
Ci Cd
Github
Devsecops
+3
gitGraber
Monitor GitHub for sensitive data
0
Free
Data Protection
Infosec
Security Audit
Data Protection
Sensitive Data
Github
Real Time Monitoring
gitGraber
Monitor GitHub for sensitive data
0
Free
Data Protection
Infosec
Security Audit
Data Protection
+3
Webanalyze
An automated tool for identifying technologies used on websites with mass scanning capabilities, based on the Wappalyzer detection engine.
0
Free
Application Security
Web Security
Reconnaissance
Scanner
Automation
Mass Scanning
Fingerprinting
Web Application Security
Cli Tool
Github
Webanalyze
An automated tool for identifying technologies used on websites with mass scanning capabilities, based on the Wappalyzer detection engine.
0
Free
Application Security
Web Security
Reconnaissance
Scanner
+6
GitRob
A reconnaissance tool for GitHub organizations
0
Free
Digital Forensics
Github
Reconnaissance
Osint
Infosec
Security Tool
GitRob
A reconnaissance tool for GitHub organizations
0
Free
Digital Forensics
Github
Reconnaissance
Osint
+2
Secret Bridge
Secret Bridge monitors GitHub repositories to detect and alert on leaked secrets and sensitive data exposure.
0
Free
Data Protection
Secret Detection
Github
Data Protection
Secret Management
Monitoring
Automation
Security Monitoring
Sensitive Data
Devsecops
Security Scanning
Secret Bridge
Secret Bridge monitors GitHub repositories to detect and alert on leaked secrets and sensitive data exposure.
0
Free
Data Protection
Secret Detection
Github
Data Protection
+7
GitGot
A tool for identifying sensitive secrets in public GitHub repositories
0
Free
Malware Analysis
Github
Secret Detection
Security Risks
Vulnerability Detection
GitGot
A tool for identifying sensitive secrets in public GitHub repositories
0
Free
Malware Analysis
Github
Secret Detection
Security Risks
+1
ParamPamPam
ParamPamPam is an open-source tool that detects and exploits web application vulnerabilities using fuzzing, SQL injection, and XSS techniques.
0
Free
Application Security
Web App Security
Vulnerability Scanner
Sql Injection
Xss
Fuzzing
Penetration Testing
Open Source
Github
Web Security
Exploitation
ParamPamPam
ParamPamPam is an open-source tool that detects and exploits web application vulnerabilities using fuzzing, SQL injection, and XSS techniques.
0
Free
Application Security
Web App Security
Vulnerability Scanner
Sql Injection
+7
Ayehu Custom Activities Contribution Guide
A contribution guide that provides guidelines and instructions for developers to contribute custom activities to the Ayehu IT automation platform through GitHub pull requests.
0
Free
Resources
Resources
Automation
Github
Open Source
Development
Community
Workflow
Documentation
Ayehu Custom Activities Contribution Guide
A contribution guide that provides guidelines and instructions for developers to contribute custom activities to the Ayehu IT automation platform through GitHub pull requests.
0
Free
Resources
Resources
Automation
Github
+5
Allstar
Allstar is a GitHub App that continuously monitors repositories and organizations for security policy violations, creating alerts when best practices are not followed.
0
Free
Application Security
Application Security
Github
Security Monitoring
Policy
Compliance
Automation
Open Source
Security Best Practices
Alerting
Devsecops
Allstar
Allstar is a GitHub App that continuously monitors repositories and organizations for security policy violations, creating alerts when best practices are not followed.
0
Free
Application Security
Application Security
Github
Security Monitoring
+7
Gato
A tool for enumerating and attacking GitHub Actions pipelines
0
Free
Offensive Security
Github
Security Research
Penetration Testing
Gato
A tool for enumerating and attacking GitHub Actions pipelines
0
Free
Offensive Security
Github
Security Research
Penetration Testing
MalShare.com
A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.
0
Free
Threat Management
Malware
Repository
Community Driven
Security
Github
MalShare.com
A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.
0
Free
Threat Management
Malware
Repository
Community Driven
+2
GitMiner
A powerful tool for searching and scraping data from GitHub
0
Free
Data Protection
Github
Search
Scraping
Data Mining
Csv
Json
GitMiner
A powerful tool for searching and scraping data from GitHub
0
Free
Data Protection
Github
Search
Scraping
+3
Contribution Guidelines
Standardized contribution guidelines for maintaining quality cybersecurity tool repositories and community-curated lists.
0
Free
Resources
Resources
Community
Open Source
Github
Repository
Best Practices
Community Driven
Collaboration
Contribution Guidelines
Standardized contribution guidelines for maintaining quality cybersecurity tool repositories and community-curated lists.
0
Free
Resources
Resources
Community
Open Source
+5
CloudSploit by Aqua
CloudSploit by Aqua is an open-source multi-cloud security scanning tool that detects security risks and compliance issues across AWS, Azure, GCP, OCI, and GitHub platforms.
0
Free
Cloud Security
Cloud Security
Aws
Azure
Gcp
Oracle
Github
Compliance
Security Scanning
Open Source
Vulnerability Scanner
CloudSploit by Aqua
CloudSploit by Aqua is an open-source multi-cloud security scanning tool that detects security risks and compliance issues across AWS, Azure, GCP, OCI, and GitHub platforms.
0
Free
Cloud Security
Cloud Security
Aws
Azure
+7
tiq-test
A data visualization and statistical analysis tool for measuring the quality and effectiveness of threat intelligence indicator feeds through various analytical tests.
0
Free
Threat Management
Threat Intelligence
Data Visualization
Statistics
Analysis
Threat Intel
Cti
Data Analysis
Open Source
Github
Conference
tiq-test
A data visualization and statistical analysis tool for measuring the quality and effectiveness of threat intelligence indicator feeds through various analytical tests.
0
Free
Threat Management
Threat Intelligence
Data Visualization
Statistics
+7
Scumblr
Scumblr is a web-based security automation platform that performs periodic data source synchronization and security analysis to help organizations proactively identify and track security issues.
0
Free
Security Operations
Security Operations
Automation
Security Automation
Monitoring
Github
Dns
Static Analysis
Security Monitoring
Workflow Automation
Web
Scumblr
Scumblr is a web-based security automation platform that performs periodic data source synchronization and security analysis to help organizations proactively identify and track security issues.
0
Free
Security Operations
Security Operations
Automation
Security Automation
+7
github-search
A collection of CLI tools and API utilities for searching and filtering GitHub repositories by various criteria including keywords, users, organizations, and repository attributes.
0
Free
Resources
Github
Repository
Search Engine
Cli
Api
Open Source
Command Line Tool
Nodejs
Npm
Resources
github-search
A collection of CLI tools and API utilities for searching and filtering GitHub repositories by various criteria including keywords, users, organizations, and repository attributes.
0
Free
Resources
Github
Repository
Search Engine
+7
README
A standard README template file that provides basic structure for documenting Ruby applications and software projects.
0
Free
Miscellaneous
Ruby
Documentation
Development
Open Source
Github
Repository
Resources
README
A standard README template file that provides basic structure for documenting Ruby applications and software projects.
0
Free
Miscellaneous
Ruby
Documentation
Development
+4
Crypto 101: the book
An open-source introductory book about cryptography that provides educational content on fundamental cryptographic concepts and principles.
0
Free
Resources
Educational
Cryptography
Open Source
Learning
Resources
Github
Repository
Training
Security Education
Crypto 101: the book
An open-source introductory book about cryptography that provides educational content on fundamental cryptographic concepts and principles.
0
Free
Resources
Educational
Cryptography
Open Source
+6
OWASP Testing Checklist v4 Markdown
Markdown version of OWASP Testing Checklist v4 for various platforms.
0
Free
Resources
Owasp
Gitlab
Github
Jira
OWASP Testing Checklist v4 Markdown
Markdown version of OWASP Testing Checklist v4 for various platforms.
0
Free
Resources
Owasp
Gitlab
Github
+1
CTF Write-ups 2013
A community-maintained archive of CTF write-ups and source files from cybersecurity competitions held in 2013.
0
Free
Write-ups
Ctf
Ctf Writeups
Ctf Solutions
Archive
Community Driven
Educational
Cybersecurity
Repository
Github
Open Source
CTF Write-ups 2013
A community-maintained archive of CTF write-ups and source files from cybersecurity competitions held in 2013.
0
Free
Write-ups
Ctf
Ctf Writeups
Ctf Solutions
+7
bounty-targets-data
A repository providing hourly-updated data dumps of bug bounty platform scopes from major platforms like HackerOne, Bugcrowd, and Intigriti for security researchers.
0
Free
Offensive Security
Bug Bounty
Reconnaissance
Recon
Automation
Security Research
Open Source
Repository
Github
Offensive Security
bounty-targets-data
A repository providing hourly-updated data dumps of bug bounty platform scopes from major platforms like HackerOne, Bugcrowd, and Intigriti for security researchers.
0
Free
Offensive Security
Bug Bounty
Reconnaissance
Recon
+6
Detection and Response Pipeline
A compilation of suggested tools for each component in a detection and response pipeline, with real-world examples, to design effective threat detection and response pipelines.
0
Free
Security Operations
Devsecops
Ci Cd
Github
Gitlab
Detection and Response Pipeline
A compilation of suggested tools for each component in a detection and response pipeline, with real-world examples, to design effective threat detection and response pipelines.
0
Free
Security Operations
Devsecops
Ci Cd
Github
+1
InvisibilityCloak
InvisibilityCloak is a proof-of-concept C# code obfuscation toolkit designed for red teaming and penetration testing to conceal post-exploitation tools from detection.
0
Free
Offensive Security
Obfuscation
Csharp
Red Team
Penetration Testing
Post Exploitation
Offensive Security
Open Source
Proof Of Concept
Evasion
Github
InvisibilityCloak
InvisibilityCloak is a proof-of-concept C# code obfuscation toolkit designed for red teaming and penetration testing to conceal post-exploitation tools from detection.
0
Free
Offensive Security
Obfuscation
Csharp
Red Team
+7
Darkarmour
Darkarmour is an open-source Windows antivirus evasion framework that enables security professionals to bypass antivirus detection through customizable obfuscation and anti-analysis techniques.
0
Free
Offensive Security
Evasion
Antivirus
Windows
Obfuscation
Penetration Testing
Security Research
Anti Forensics
Open Source
Mit License
Github
Darkarmour
Darkarmour is an open-source Windows antivirus evasion framework that enables security professionals to bypass antivirus detection through customizable obfuscation and anti-analysis techniques.
0
Free
Offensive Security
Evasion
Antivirus
Windows
+7
iam-lint
A GitHub action that lints AWS IAM policy documents to identify security issues and misconfigurations with configurable severity levels and custom rules.
0
Free
Cloud Security
Aws
Iam
Cloud Security
Aws Security
Static Analysis
Security Scanning
Ci Cd
Github
Automation
Compliance
iam-lint
A GitHub action that lints AWS IAM policy documents to identify security issues and misconfigurations with configurable severity levels and custom rules.
0
Free
Cloud Security
Aws
Iam
Cloud Security
+7
is-website-vulnerable
A command-line tool that scans websites to detect publicly known security vulnerabilities in frontend JavaScript libraries using Snyk's vulnerability database.
0
Free
Application Security
Application Security
Vulnerability Scanning
Javascript
Web Security
Cli
Docker
Github
Vulnerability Detection
Library
is-website-vulnerable
A command-line tool that scans websites to detect publicly known security vulnerabilities in frontend JavaScript libraries using Snyk's vulnerability database.
0
Free
Application Security
Application Security
Vulnerability Scanning
Javascript
+6
CTF Write-ups Repository (2014)
A collaborative repository of CTF write-ups and source files from 2014 competitions that allows community contributions to address scattered documentation issues.
0
Free
Write-ups
Ctf
Ctf Writeups
Ctf Solutions
Educational
Community Driven
Github
Repository
Learning
Capture The Flag
Security Education
CTF Write-ups Repository (2014)
A collaborative repository of CTF write-ups and source files from 2014 competitions that allows community contributions to address scattered documentation issues.
0
Free
Write-ups
Ctf
Ctf Writeups
Ctf Solutions
+7
RedGuard
RedGuard is a C2 front flow control tool that helps evade detection by security systems through traffic filtering and redirection capabilities.
0
Free
Offensive Security
C2
Command And Control
Red Team
Penetration Testing
Evasion
Offensive Security
Traffic Filtering
Proxy
Open Source
Github
RedGuard
RedGuard is a C2 front flow control tool that helps evade detection by security systems through traffic filtering and redirection capabilities.
0
Free
Offensive Security
C2
Command And Control
Red Team
+7
CTF Write-ups Repository (2016)
A collaborative repository containing CTF competition write-ups and source files from 2016, providing accessible solutions and educational resources for cybersecurity challenges.
0
Free
Write-ups
Ctf
Ctf Writeups
Ctf Solutions
Educational
Cybersecurity
Learning
Community Driven
Repository
Github
Security Education
CTF Write-ups Repository (2016)
A collaborative repository containing CTF competition write-ups and source files from 2016, providing accessible solutions and educational resources for cybersecurity challenges.
0
Free
Write-ups
Ctf
Ctf Writeups
Ctf Solutions
+7
Blackhat Conference Presentation Slides
A repository providing centralized access to presentation slides from major cybersecurity conferences including Black Hat, Offensivecon, and REcon events.
0
Free
Resources
Resources
Conference
Security Education
Cybersecurity
Learning
Security Research
Security Professionals
Archive
Repository
Github
Blackhat Conference Presentation Slides
A repository providing centralized access to presentation slides from major cybersecurity conferences including Black Hat, Offensivecon, and REcon events.
0
Free
Resources
Resources
Conference
Security Education
+7
Splunk SOAR Community Playbooks
Repository of default playbooks and custom functions for Splunk SOAR instances with content migration to Splunk's GitHub.
0
Free
Security Operations
Splunk
Soar
Playbooks
Community
Github
Splunk SOAR Community Playbooks
Repository of default playbooks and custom functions for Splunk SOAR instances with content migration to Splunk's GitHub.
0
Free
Security Operations
Splunk
Soar
Playbooks
+2
June's Sophisticated npm Attack Attributed to North Korea
A sophisticated npm attack attributed to North Korean threat actors, targeting technology firms and their employees.
0
Free
Threat Management
Npm
Malware
Social Engineering
Github
June's Sophisticated npm Attack Attributed to North Korea
A sophisticated npm attack attributed to North Korean threat actors, targeting technology firms and their employees.
0
Free
Threat Management
Npm
Malware
Social Engineering
+1
shhgit
A secrets detection tool that scans GitHub, GitLab, and Bitbucket repositories to identify API keys, access tokens, and other sensitive information in source code.
0
Free
Application Security
Application Security
Secret Detection
Git
Github
Api
Source Code Analysis
Devsecops
Security Scanning
Pattern Matching
Appsec
shhgit
A secrets detection tool that scans GitHub, GitLab, and Bitbucket repositories to identify API keys, access tokens, and other sensitive information in source code.
0
Free
Application Security
Application Security
Secret Detection
Git
+7
GitHub
GitHub is a web-based platform that provides Git version control hosting and collaborative software development tools for managing code repositories and projects.
0
Free
Resources
Git
Repository
Open Source
Collaboration
Development
Github
Community
Ci Cd
Automation
Resources
GitHub
GitHub is a web-based platform that provides Git version control hosting and collaborative software development tools for managing code repositories and projects.
0
Free
Resources
Git
Repository
Open Source
+7
Protestware Open-Source Projects List
A curated list documenting open-source projects that incorporate political protests in their software, ranging from messages to conditional malware.
0
Free
Resources
Resources
Open Source
Security Awareness
Repository
Github
Malware
Security Risks
Community
Security Information
Threat Research
Protestware Open-Source Projects List
A curated list documenting open-source projects that incorporate political protests in their software, ranging from messages to conditional malware.
0
Free
Resources
Resources
Open Source
Security Awareness
+7
Splunk SOAR Connectors
Migrated Splunk SOAR Connectors to new GitHub organization for better organization and management.
0
Free
Security Operations
Splunk
Soar
Github
Splunk SOAR Connectors
Migrated Splunk SOAR Connectors to new GitHub organization for better organization and management.
0
Free
Security Operations
Splunk
Soar
Github
LunaTrace
LunaTrace is an open source supply chain security tool that monitors software dependencies for vulnerabilities and integrates with GitHub to notify developers of security issues before deployment.
0
Free
Application Security
Application Security
Dependency Scanning
Vulnerability Management
Supply Chain Security
Open Source
Github
Cve
Dependency Management
Appsec
Security Scanning
LunaTrace
LunaTrace is an open source supply chain security tool that monitors software dependencies for vulnerabilities and integrates with GitHub to notify developers of security issues before deployment.
0
Free
Application Security
Application Security
Dependency Scanning
Vulnerability Management
+7

Previous
1
2