Take it like a gift

Gobuster
Gobuster

Directory/File, DNS and VHost busting tool written in Go.

OAUTHScan
OAUTHScan

Burp Suite Extension useful to verify OAUTHv2 and OpenID security.

archerysec
archerysec

Automate your application security orchestration and correlation (ASOC).

Aranea
Aranea

OSINT tool used for web crawling or examining JavaScript files for likely useful data.

AzureGoat
AzureGoat

A damn vulnerable Azure infrastructure.

AWSBucketDump
AWSBucketDump

Security Tool to Look For Interesting Files in S3 Buckets.

bettercap
bettercap

The Swiss Army knife for WiFi, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

AWSloot
AWSloot

Pull secrets from an AWS environment.

BugBountyScanner
BugBountyScanner

A Bash script and Docker image for Bug Bounty reconnaissance, intended for headless use.

xssor2
xssor2

Hack with JavaScript.

big-list-of-naughty-strings
big-list-of-naughty-strings

A list of strings which have a high probability of causing issues when used as user-input data.

s3tk
s3tk

A security toolkit for Amazon S3.

B-XSSRF
B-XSSRF

Toolkit to detect and keep track on Blind XSS, XXE & SSRF.

WPSpider
WPSpider

A centralized dashboard for running and scheduling WordPress scans powered by WPScan utility.

ysoserial.net
ysoserial.net

Deserialization payload generator for a variety of .NET formatters.