Useful tools

https://github.com/wpscanteam/wpscan

https://github.com/nmap/nmap

https://github.com/stefanoj3/dirstalk

https://salsa.debian.org/pkg-security-team/dirb

https://gitlab.com/kalilinux/packages/dirbuster

https://github.com/OJ/gobuster

https://github.com/stamparm/DSSS

https://github.com/sqlmapproject/sqlmap

https://github.com/aboul3la/Sublist3r

https://github.com/m4ll0k/takeover

https://github.com/jaeles-project/gospider

https://github.com/projectdiscovery/nuclei

https://github.com/projectdiscovery/nuclei-templates

https://github.com/projectdiscovery/proxify

https://github.com/m4ll0k/SecretFinder

https://github.com/dstotijn/hetty

https://github.com/jaeles-project/jaeles

https://github.com/michenriksen/aquatone

https://github.com/intrigueio/intrigue-core

https://github.com/shmilylty/OneForAll

https://github.com/nahamsec/lazyrecon

https://github.com/six2dez/reconftw

https://github.com/yogeshojha/rengine

https://github.com/edoardottt/scilla

https://github.com/assetnote/kiterunner

https://github.com/tomnomnom/assetfinder

https://github.com/maurosoria/dirsearch

https://github.com/s0md3v/Arjun

https://github.com/GerbenJavado/LinkFinder

https://github.com/s0md3v/Parth

https://github.com/devanshbatham/ParamSpider

https://github.com/RustScan/RustScan

https://github.com/003random/getJS

https://github.com/blackcrw/wprecon

https://github.com/s0md3v/Striker

https://github.com/Arachni/arachni

https://github.com/sullo/nikto

https://github.com/gchq/CyberChef

https://github.com/hahwul/jwt-hack

https://github.com/lmammino/jwt-cracker

https://github.com/brendan-rius/c-jwt-cracker

https://github.com/n00py/WPForce

https://gitlab.com/kalilinux/packages/apache-users

https://www.geeksforgeeks.org/dotdotpwn-directory-traversal-fuzzer-tool-in-linux/

https://github.com/FortyNorthSecurity/EyeWitness

https://github.com/epi052/feroxbuster

https://github.com/1N3/IntruderPayloads

https://github.com/OWASP/joomscan

https://github.com/nabla-c0d3/sslyze

https://chrome.google.com/webstore/detail/dotgit/pampamgoihgcedonnphgehgondkhikel?hl=en

https://chrome.google.com/webstore/detail/cookie-editor/hlkenndednhfkekhgcdicdfddnkalmdm

https://chrome.google.com/webstore/detail/bulk-url-opener/kgnfciolbjojfdbbelbdbhhocjmhenep

https://chrome.google.com/webstore/detail/trufflehog/bafhdnhjnlcdbjcdcnafhdcphhnfnhjc

https://chrome.google.com/webstore/detail/hack-tools/cmbndhnoonmghfofefkcccljbkdpamhi

https://github.com/yeswehack/PwnFox

https://github.com/Gallopsled/pwntools

https://github.com/xmendez/wfuzz

https://scottc130.medium.com/how-to-use-wfuzz-to-fuzz-web-applications-8594c11d59d1

https://github.com/Screetsec/Sudomy

https://github.com/LasCC/Hack-Tools

https://chrome.google.com/webstore/detail/hack-tools/cmbndhnoonmghfofefkcccljbkdpamhi

https://github.com/redhuntlabs/HTTPLoot

https://github.com/KINGSABRI/jwtear

https://github.com/wireghoul/dotdotpwn

https://github.com/Anteste/WebMap

https://github.com/zhzyker/dismap

https://github.com/GamehunterKaan/AutoPWN-Suite

https://github.com/xnl-h4ck3r/xnLinkFinder

https://github.com/blark/aiodnsbrute

https://github.com/Z4nzu/hackingtool

https://github.com/m3n0sd0n4ld/GooFuzz

https://github.com/liamg/scout

https://www.sjoerdlangkemper.nl/2016/09/28/attacking-jwt-authentication/

https://github.com/ambionics/phpggc

https://github.com/frohoff/ysoserial

https://github.com/qazbnm456/awesome-web-security (Xxx)

https://github.com/rastating/wordpress-exploit-framework

https://github.com/daffainfo/AllAboutBugBounty (XXX)

https://github.com/daffainfo/apiguesser/

https://github.com/projectdiscovery/naabu

https://github.com/daffainfo/Oneliner-Bugbounty (XXX)

https://github.com/enaqx/awesome-pentest

https://redtm.com/web-pentest/website-enumeration-techniques/

https://github.com/zidansec/CloudPeler

https://github.com/eldraco/domain_analyzer

https://github.com/capt-meelo/MassMap

https://github.com/capt-meelo/LazyRecon

https://github.com/thewhiteh4t/FinalRecon

https://github.com/payloadbox/directory-payload-list

https://github.com/0xInfection/TIDoS-Framework

https://github.com/flipkart-incubator/astra

https://github.com/v4d1/Dome

https://github.com/d4rckh/vaf

https://www.kitploit.com/2022/07/webview2-cookie-stealer-attacking-with.html

https://github.com/scipag/vulscan

https://github.com/laluka/bypass-url-parser

https://github.com/xm1k3/cent

https://hakin9.org/hacktools-the-all-in-one-red-team-extension-for-web-pentester/

https://github.com/andresriancho/w3af

https://www.kali.org/tools/skipfish/

https://code.google.com/archive/p/cms-explorer/

https://wapiti-scanner.github.io/

https://github.com/Ekultek/WhatWaf

https://github.com/oppsec/juumla

https://github.com/qtc-de/remote-method-guesser

https://github.com/chrislockard/api_wordlist

https://github.com/stark0de/nginxpwner

GitHub - hakluke/hakoriginfinder: Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!GitHub

https://github.com/hashishrajan/cloud-security-vulnerabilities

https://github.com/hktalent/scan4all

https://github.com/pikpikcu/Pentest-Tools-Framework

https://github.com/dionach/CMSmap

https://github.com/vesche/scanless

https://github.com/pikpikcu/XRCross

https://github.com/akabe1/OAUTHScan

https://github.com/dwisiswant0/ppfuzz

https://github.com/kitabisa/ssb

https://github.com/0xlittleboy/subdomz

https://github.com/trickest/mksub

https://github.com/michelin/ChopChop

https://github.com/hktalent/go4Hacker

https://github.com/hahwul/authz0

https://github.com/Tuhinshubhra/CMSeeK

https://github.com/sting8k/BurpSuite_403Bypasser

https://github.com/lobuhi/byp4xx

https://github.com/laluka/bypass-url-parser

https://github.com/junegunn/fzf

https://github.com/arismelachroinos/lscript

https://github.com/projectdiscovery/subfinder

https://github.com/TheRook/subbrute

https://github.com/guelfoweb/knock

https://github.com/darkoperator/dnsrecon

https://github.com/Findomain/Findomain

https://github.com/evilsocket/dnssearch

https://medium.com/@xsanjay/find-ssrf-lfi-xss-using-httpx-waybackurls-gf-gau-qsreplace-f4f589c7ee4c

https://github.com/A3h1nt/Dnsrr

https://labs.detectify.com/2021/09/30/10-types-web-vulnerabilities-often-missed/

https://h.43z.one/ipconverter/ (ip obfuscator)

https://github.com/shellfire-dev/shellfire

https://github.com/ultrasecurity/webkiller

https://github.com/mishakorzik/AllHackingTools

https://github.com/tamimhasan404/Open-Source-Nuclei-Templates-Downloader

https://github.com/hahwul/WebHackersWeapons

https://github.com/punk-security/dnsReaper

https://github.com/1N3/BlackWidow (cool)

https://github.com/infoslack/awesome-web-hacking

https://github.com/tuhin1729/Bug-Bounty-Methodology

https://github.com/Th0h0/autossrf

https://github.com/hahwul/deadfinder

https://github.com/octetsplicer/LAZYPARIAH

https://github.com/husnainfareed/Awesome-Ethical-Hacking-Resources