Take it like a gift

Cross-site scripting cheat sheet
Cross-site scripting cheat sheet

PortSwigger XSS cheat sheet that contains many vectors that can help you bypass WAFs and filters.

SweetPotato
SweetPotato

A collection of various Windows privilege escalation techniques from service accounts to SYSTEM.

WinPwn
WinPwn

Automation for internal Windows pentest / AD-Security.

t14m4t
t14m4t

Automated brute-forcing attack tool.

Linux Exploit Suggester
Linux Exploit Suggester

Based on operating system release number.

TEx
TEx

Telegram Explorer created to help researchers, investigators and law enforcement agent.

sqli-labs
sqli-labs

SQLI labs to test error based, blind boolean based, time based.

PrivacyNet
PrivacyNet

Allow users to route Internet traffic through Tor and hide their real IP address.

safecopy
safecopy

Burp Extension for copying requests safely.

WebScarab
WebScarab

Framework for analysing applications that communicate using the HTTP and HTTPS protocols.

Linpmem
Linpmem

The Linux memory acquisition tool.

LinkFinder
LinkFinder

A python script that finds endpoints in JavaScript files.

TokenTactics
TokenTactics

Azure JWT token manipulation toolset.

SQLiDetector
SQLiDetector

Helps you to detect SQL injection "Error based" by sending multiple requests.

Whispers
Whispers

Identify hardcoded secrets in static structured text.