Loading...

Popular Free Commercial Categories Tasks Blog

CybersecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS

LEGAL

Terms of services Privacy policy

Vulnerability

Explore 21 curated tools and resources

Search by name, description, or purpose... (⌘+K)

Home
Tasks
Vulnerability

PINNED

Promoted • 6 tools

Commercial

Data Protection

Commercial

Network Security

Commercial

Consulting

Commercial

Application Security

Commercial

Cloud Security

Commercial

Application Security

Want your tool featured here?

Get maximum visibility with pinned placement

LATEST ADDITIONS

findom-xss
A fast and simple DOM based XSS vulnerability scanner
0
Free
Malware Analysis
Xss
Scanner
Vulnerability
Proof Of Concept
findom-xss
A fast and simple DOM based XSS vulnerability scanner
0
Free
Malware Analysis
Xss
Scanner
Vulnerability
+1
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
0
Free
Malware Analysis
Java
Deserialization
Vulnerability
Exploit
Payload
Security Research
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
0
Free
Malware Analysis
Java
Deserialization
Vulnerability
+3
LinkFinder
A Python script that finds endpoints in JavaScript files to identify potential security vulnerabilities.
0
Free
Malware Analysis
Javascript
Security
Vulnerability
Endpoint
LinkFinder
A Python script that finds endpoints in JavaScript files to identify potential security vulnerabilities.
0
Free
Malware Analysis
Javascript
Security
Vulnerability
+1
xxexploiter
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
0
Free
Malware Analysis
Xxe
Exploit
Xml
Vulnerability
Penetration Testing
Educational
xxexploiter
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
0
Free
Malware Analysis
Xxe
Exploit
Xml
+3
jwt-key-id-injector
A simple Python script to test for a hypothetical JWT vulnerability
0
Free
Malware Analysis
Jwt
Vulnerability
Proof Of Concept
Security Testing
jwt-key-id-injector
A simple Python script to test for a hypothetical JWT vulnerability
0
Free
Malware Analysis
Jwt
Vulnerability
Proof Of Concept
+1
Kako
A project providing honeypots for embedded device vulnerabilities with support for AWS integration and JSON output.
0
Free
Honeypots
Honeypot
Vulnerability
Payload
Simulation
Kako
A project providing honeypots for embedded device vulnerabilities with support for AWS integration and JSON output.
0
Free
Honeypots
Honeypot
Vulnerability
Payload
+1
HackSys Extreme Vulnerable Driver (HEVD)
A Windows kernel driver intentionally designed with various vulnerabilities to help security researchers practice kernel exploitation techniques.
0
Free
Offensive Security
Windows
Kernel
Vulnerability
Educational
Exploit Development
Windows Security
Exploitation
Security Research
Training
Vulnerable App
Pentesting
Offensive Security
HackSys Extreme Vulnerable Driver (HEVD)
A Windows kernel driver intentionally designed with various vulnerabilities to help security researchers practice kernel exploitation techniques.
0
Free
Offensive Security
Windows
Kernel
Vulnerability
+9
Secure Coding Guidelines for Java SE
Guidelines for secure coding in Java SE to avoid bugs that could weaken security and open holes in Java's security features.
0
Free
Application Security
Java
Security
Bug Bounty
Vulnerability
Secure Coding Guidelines for Java SE
Guidelines for secure coding in Java SE to avoid bugs that could weaken security and open holes in Java's security features.
0
Free
Application Security
Java
Security
Bug Bounty
+1
Docker Layer 2 ICC Bug
A Docker security vulnerability where disabling inter-container communication (ICC) fails to block raw ethernet frames, allowing unexpected data transfer between containers via raw sockets.
0
Free
Cloud Security
Docker
Container Security
Vulnerability
Network Security
Docker Security
Containers
Networking
Security Vulnerability
Bypass
Misconfiguration
Docker Layer 2 ICC Bug
A Docker security vulnerability where disabling inter-container communication (ICC) fails to block raw ethernet frames, allowing unexpected data transfer between containers via raw sockets.
0
Free
Cloud Security
Docker
Container Security
Vulnerability
+7
pac-resolver
Pac-resolver, a popular NPM package with 3 million weekly downloads, has a severe remote code execution flaw.
0
Free
Vulnerability Management
Nodejs
Proxy
Vulnerability
Security
pac-resolver
Pac-resolver, a popular NPM package with 3 million weekly downloads, has a severe remote code execution flaw.
0
Free
Vulnerability Management
Nodejs
Proxy
Vulnerability
+1
Haaukins
Haaukins is an automated virtualization platform that provides hands-on cybersecurity education through capture the flag exercises in controlled vulnerable environments.
0
Free
Resources
Educational
Ctf
Virtualization
Docker
Golang
Vulnerability
Learning
Security Education
Capture The Flag
Training
Haaukins
Haaukins is an automated virtualization platform that provides hands-on cybersecurity education through capture the flag exercises in controlled vulnerable environments.
0
Free
Resources
Educational
Ctf
Virtualization
+7
Dirty COW
A local privilege escalation vulnerability in the Linux kernel known for its catchy name and potential damages.
0
Free
Vulnerability Management
Linux
Kernel
Privilege Escalation
Vulnerability
Dirty COW
A local privilege escalation vulnerability in the Linux kernel known for its catchy name and potential damages.
0
Free
Vulnerability Management
Linux
Kernel
Privilege Escalation
+1
CVE
The CVE Program catalogs publicly disclosed cybersecurity vulnerabilities.
0
Free
Vulnerability Management
Cve
Vulnerability
Cybersecurity
Vulnerability Management
Security Research
CVE
The CVE Program catalogs publicly disclosed cybersecurity vulnerabilities.
0
Free
Vulnerability Management
Cve
Vulnerability
Cybersecurity
+2
exploit_me
A deliberately vulnerable ARM/ARM64 application with 14 different vulnerability levels designed for CTF-style exploitation training and education.
0
Free
Offensive Security
Ctf
Educational
Exploitation
Arm
Vulnerability
Training
Binary Exploitation
Rop
Offensive Security
exploit_me
A deliberately vulnerable ARM/ARM64 application with 14 different vulnerability levels designed for CTF-style exploitation training and education.
0
Free
Offensive Security
Ctf
Educational
Exploitation
+6
CyberOwl
CyberOwl aggregates and summarizes daily security advisories from multiple CERT organizations and threat intelligence sources into consolidated reports.
0
Free
Threat Management
Threat Intelligence
Security Advisories
Vulnerability Management
Threat Analysis
Cti
Security Information
Threat Data
Cybersecurity
Vulnerability
Security Monitoring
CyberOwl
CyberOwl aggregates and summarizes daily security advisories from multiple CERT organizations and threat intelligence sources into consolidated reports.
0
Free
Threat Management
Threat Intelligence
Security Advisories
Vulnerability Management
+7
Java-Deserialization-Cheat-Sheet
A cheat sheet for pentesters and researchers about deserialization vulnerabilities in various Java (JVM) serialization libraries.
0
Free
Resources
Java
Deserialization
Vulnerability
Pentesting
Research
Java-Deserialization-Cheat-Sheet
A cheat sheet for pentesters and researchers about deserialization vulnerabilities in various Java (JVM) serialization libraries.
0
Free
Resources
Java
Deserialization
Vulnerability
+2
Damn Vulnerable iOS App (DVIA)
iOS application for testing iOS penetration testing skills in a legal environment.
0
Free
Vulnerability Management
Appsec
Ios
Penetration Testing
Vulnerability
Mobile Security
Damn Vulnerable iOS App (DVIA)
iOS application for testing iOS penetration testing skills in a legal environment.
0
Free
Vulnerability Management
Appsec
Ios
Penetration Testing
+2
NoPP
Protect against Prototype Pollution vulnerabilities in your application by freezing JavaScript objects.
0
Free
Miscellaneous
Javascript
Security
Vulnerability
NoPP
Protect against Prototype Pollution vulnerabilities in your application by freezing JavaScript objects.
0
Free
Miscellaneous
Javascript
Security
Vulnerability
0day.today Exploit Database
A comprehensive database of exploits and vulnerabilities for researchers and professionals
0
Free
Vulnerability Management
Exploit
Vulnerability
Database
Security
Research
0day.today Exploit Database
A comprehensive database of exploits and vulnerabilities for researchers and professionals
0
Free
Vulnerability Management
Exploit
Vulnerability
Database
+2
The Absurdly Underestimated Dangers of CSV Injection
A blog post discussing the often overlooked dangers of CSV injection in applications.
0
Free
Offensive Security
Csv
Injection
Vulnerability
Security
Web App Security
Appsec
The Absurdly Underestimated Dangers of CSV Injection
A blog post discussing the often overlooked dangers of CSV injection in applications.
0
Free
Offensive Security
Csv
Injection
Vulnerability
+3
OWASP API Security Top 10
A community website for API security news, vulnerabilities, and best practices
0
Free
Vulnerability Management
Security
Newsletter
Vulnerability
Breach
Compliance
Best Practices
OWASP API Security Top 10
A community website for API security news, vulnerabilities, and best practices
0
Free
Vulnerability Management
Security
Newsletter
Vulnerability
+3

1