Useful tools
https://github.com/wpscanteam/wpscan
https://github.com/stefanoj3/dirstalk
https://salsa.debian.org/pkg-security-team/dirb
https://gitlab.com/kalilinux/packages/dirbuster
https://github.com/OJ/gobuster
https://github.com/stamparm/DSSS
https://github.com/sqlmapproject/sqlmap
https://github.com/aboul3la/Sublist3r
https://github.com/m4ll0k/takeover
https://github.com/jaeles-project/gospider
https://github.com/projectdiscovery/nuclei
https://github.com/projectdiscovery/nuclei-templates
https://github.com/projectdiscovery/proxify
https://github.com/m4ll0k/SecretFinder
https://github.com/dstotijn/hetty
https://github.com/jaeles-project/jaeles
https://github.com/michenriksen/aquatone
https://github.com/intrigueio/intrigue-core
https://github.com/shmilylty/OneForAll
https://github.com/nahamsec/lazyrecon
https://github.com/six2dez/reconftw
https://github.com/yogeshojha/rengine
https://github.com/edoardottt/scilla
https://github.com/assetnote/kiterunner
https://github.com/tomnomnom/assetfinder
https://github.com/maurosoria/dirsearch
https://github.com/s0md3v/Arjun
https://github.com/GerbenJavado/LinkFinder
https://github.com/s0md3v/Parth
https://github.com/devanshbatham/ParamSpider
https://github.com/RustScan/RustScan
https://github.com/003random/getJS
https://github.com/blackcrw/wprecon
https://github.com/s0md3v/Striker
https://github.com/Arachni/arachni
https://github.com/sullo/nikto
https://github.com/gchq/CyberChef
https://github.com/hahwul/jwt-hack
https://github.com/lmammino/jwt-cracker
https://github.com/brendan-rius/c-jwt-cracker
https://github.com/n00py/WPForce
https://gitlab.com/kalilinux/packages/apache-users
https://www.geeksforgeeks.org/dotdotpwn-directory-traversal-fuzzer-tool-in-linux/
https://github.com/FortyNorthSecurity/EyeWitness
https://github.com/epi052/feroxbuster
https://github.com/1N3/IntruderPayloads
https://github.com/OWASP/joomscan
https://github.com/nabla-c0d3/sslyze
https://chrome.google.com/webstore/detail/dotgit/pampamgoihgcedonnphgehgondkhikel?hl=en
https://chrome.google.com/webstore/detail/cookie-editor/hlkenndednhfkekhgcdicdfddnkalmdm
https://chrome.google.com/webstore/detail/bulk-url-opener/kgnfciolbjojfdbbelbdbhhocjmhenep
https://chrome.google.com/webstore/detail/trufflehog/bafhdnhjnlcdbjcdcnafhdcphhnfnhjc
https://chrome.google.com/webstore/detail/hack-tools/cmbndhnoonmghfofefkcccljbkdpamhi
https://github.com/yeswehack/PwnFox
https://github.com/Gallopsled/pwntools
https://github.com/xmendez/wfuzz
https://scottc130.medium.com/how-to-use-wfuzz-to-fuzz-web-applications-8594c11d59d1
https://github.com/Screetsec/Sudomy
https://github.com/LasCC/Hack-Tools
https://chrome.google.com/webstore/detail/hack-tools/cmbndhnoonmghfofefkcccljbkdpamhi
https://github.com/redhuntlabs/HTTPLoot
https://github.com/KINGSABRI/jwtear
https://github.com/wireghoul/dotdotpwn
https://github.com/Anteste/WebMap
https://github.com/zhzyker/dismap
https://github.com/GamehunterKaan/AutoPWN-Suite
https://github.com/xnl-h4ck3r/xnLinkFinder
https://github.com/blark/aiodnsbrute
https://github.com/Z4nzu/hackingtool
https://github.com/m3n0sd0n4ld/GooFuzz
https://github.com/liamg/scout
https://www.sjoerdlangkemper.nl/2016/09/28/attacking-jwt-authentication/
https://github.com/ambionics/phpggc
https://github.com/frohoff/ysoserial
https://github.com/qazbnm456/awesome-web-security (Xxx)
https://github.com/rastating/wordpress-exploit-framework
https://github.com/daffainfo/AllAboutBugBounty (XXX)
https://github.com/daffainfo/apiguesser/
https://github.com/projectdiscovery/naabu
https://github.com/daffainfo/Oneliner-Bugbounty (XXX)
https://github.com/enaqx/awesome-pentest
https://redtm.com/web-pentest/website-enumeration-techniques/
https://github.com/zidansec/CloudPeler
https://github.com/eldraco/domain_analyzer
https://github.com/capt-meelo/MassMap
https://github.com/capt-meelo/LazyRecon
https://github.com/thewhiteh4t/FinalRecon
https://github.com/payloadbox/directory-payload-list
https://github.com/0xInfection/TIDoS-Framework
https://github.com/flipkart-incubator/astra
https://www.kitploit.com/2022/07/webview2-cookie-stealer-attacking-with.html
https://github.com/scipag/vulscan
https://github.com/laluka/bypass-url-parser
https://hakin9.org/hacktools-the-all-in-one-red-team-extension-for-web-pentester/
https://github.com/andresriancho/w3af
https://www.kali.org/tools/skipfish/
https://code.google.com/archive/p/cms-explorer/
https://wapiti-scanner.github.io/
https://github.com/Ekultek/WhatWaf
https://github.com/oppsec/juumla
https://github.com/qtc-de/remote-method-guesser
https://github.com/chrislockard/api_wordlist
https://github.com/stark0de/nginxpwner
https://github.com/hashishrajan/cloud-security-vulnerabilities
https://github.com/hktalent/scan4all
https://github.com/pikpikcu/Pentest-Tools-Framework
https://github.com/dionach/CMSmap
https://github.com/vesche/scanless
https://github.com/pikpikcu/XRCross
https://github.com/akabe1/OAUTHScan
https://github.com/dwisiswant0/ppfuzz
https://github.com/kitabisa/ssb
https://github.com/0xlittleboy/subdomz
https://github.com/trickest/mksub
https://github.com/michelin/ChopChop
https://github.com/hktalent/go4Hacker
https://github.com/hahwul/authz0
https://github.com/Tuhinshubhra/CMSeeK
https://github.com/sting8k/BurpSuite_403Bypasser
https://github.com/lobuhi/byp4xx
https://github.com/laluka/bypass-url-parser
https://github.com/junegunn/fzf
https://github.com/arismelachroinos/lscript
https://github.com/projectdiscovery/subfinder
https://github.com/TheRook/subbrute
https://github.com/guelfoweb/knock
https://github.com/darkoperator/dnsrecon
https://github.com/Findomain/Findomain
https://github.com/evilsocket/dnssearch
https://medium.com/@xsanjay/find-ssrf-lfi-xss-using-httpx-waybackurls-gf-gau-qsreplace-f4f589c7ee4c
https://github.com/A3h1nt/Dnsrr
https://labs.detectify.com/2021/09/30/10-types-web-vulnerabilities-often-missed/
https://h.43z.one/ipconverter/ (ip obfuscator)
https://github.com/shellfire-dev/shellfire
https://github.com/ultrasecurity/webkiller
https://github.com/mishakorzik/AllHackingTools
https://github.com/tamimhasan404/Open-Source-Nuclei-Templates-Downloader
https://github.com/hahwul/WebHackersWeapons
https://github.com/punk-security/dnsReaper
https://github.com/1N3/BlackWidow (cool)
https://github.com/infoslack/awesome-web-hacking
https://github.com/tuhin1729/Bug-Bounty-Methodology
https://github.com/Th0h0/autossrf
https://github.com/hahwul/deadfinder
https://github.com/octetsplicer/LAZYPARIAH
https://github.com/husnainfareed/Awesome-Ethical-Hacking-Resources
Last updated