This is just a list of repositories I tend to find useful or interesting... Not sure how well sorting will work out...
- https://github.com/swisskyrepo/PayloadsAllTheThings
- https://www.ired.team/
- https://github.com/danielmiessler/SecLists
- https://gtfobins.github.io/
- https://lolbas-project.github.io/
- https://github.com/trimstray/the-book-of-secret-knowledge
- https://github.com/xapax/security
- https://github.com/xrkk/awesome-cyber-security
- https://github.com/Spacial/csirt
- https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki
- https://rmusser.net/docs/index.html
- https://dmcxblue.gitbook.io/red-team-notes-2-0/
- LinkedIn Intel - https://github.com/vysecurity/LinkedInt
- WeakestLink (LinkedIn) - https://github.com/shellfarmer/WeakestLink
- Gather Contacts (Google) - https://github.com/clr2of8/GatherContacts
- https://github.com/rvrsh3ll/eavesarp (Watches ARP for inter-IP communication)
- https://github.com/mzfr/gtfo (Located GTFO/LOLBAS binaries on disk)
- PXE CLient - https://github.com/Meatballs1/PXEClient
- RustScan - https://github.com/RustScan/RustScan
- https://github.com/BloodHoundAD/BloodHound
- https://github.com/BloodHoundAD/SharpHound3
- https://github.com/fox-it/BloodHound.py
- Bloodhound Import (direct import into Neo4j) - https://github.com/fox-it/bloodhound-import
- Cypheroth (Awesome bloodhound query repo) - https://github.com/seajaysec/cypheroth
- "Custom Queries" (another bloodhound query repo) - https://github.com/awsmhacks/awsmBloodhoundCustomQueries
- "Custom Queries" (another bloodhound query repo - more updated) - https://github.com/hausec/Bloodhound-Custom-Queries
- Cheat Sheet - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
- PywerView (Python version of PowerView) - https://github.com/the-useless-one/pywerview
- ADModule (Import ActiveDirectory module without installing RSAT) - https://github.com/samratashok/ADModule
- MSLDAP - https://github.com/skelsec/msldap
- Grouper2 - https://github.com/l0ss/Grouper2
- SharpGPO - https://github.com/Dliv3/sharpgpo
- SharpGPOAbuse - https://github.com/FSecureLABS/SharpGPOAbuse
- ALCPwn (connects to Neo4j and executes changes) https://github.com/fox-it/aclpwn.py
- https://github.com/gentilkiwi/mimikatz
- https://github.com/gentilkiwi/kekeo
- Invoke-UpdateMimikatzScript.ps1 - https://gist.github.com/ihack4falafel/8b41d810d79cb16a4b1bca5ff6600b17
- SMBMap - https://github.com/ShawnDEvans/smbmap
- Snaffler - https://github.com/SnaffCon/Snaffler
- https://github.com/ropnop/kerbrute
- Kerbeos Attack Cheatsheet - https://gist.github.com/TarlogicSecurity/2f221924fef8c14a1d8e29f3cb5c5c4a
- https://github.com/GhostPack/SharpDump
- SharPersist (persistence automation) - https://github.com/fireeye/SharPersist
- https://github.com/rasta-mouse/MiscTools
- Watson (looks for missing patches) - https://github.com/rasta-mouse/Watson
- CertEXP (Extracts exportable certificates) - https://github.com/mubix/certexp
- Internal Monologue (steal creds w/o admin) - https://github.com/eladshamir/Internal-Monologue
- ProcessInjection - https://github.com/ZeroPointSecurity/ProcessInjection
- ConfuserEx - https://github.com/mkaring/ConfuserEx
- De4dot - https://github.com/0xd4d/de4dot
- De4dot with ConfuserEx deobfuscation - https://github.com/ViRb3/de4dot-cex
- https://github.com/Illuminopi/RCEvil.NET
- YSoSerial.net - https://github.com/pwntester/ysoserial.net
- PowerSploit DEV branch - https://github.com/PowerShellMafia/PowerSploit/tree/dev
- PowerUpSQL - https://github.com/NetSPI/PowerUpSQL
- PowerMAD - https://github.com/Kevin-Robertson/Powermad
- Inveigh - https://github.com/Kevin-Robertson/Inveigh
- Spooler bug PS1 Exploit / Original PoC - https://github.com/leechristensen/SpoolSample
- DAMP - Remote registry exploitation - https://github.com/HarmJ0y/DAMP
- LethalHTA (DCOM to load HTA remotely) - https://github.com/codewhitesec/LethalHTA
- Excel4DCOM (DCOM to load Excel 4 macro) - https://github.com/outflanknl/Excel4-DCOM
- LSASSY (Remotely dump LSASS memory) - https://github.com/Hackndo/lsassy
- IOXIDResolver (identifies host with multiple interfaces w/o auth) - https://github.com/mubix/IOXIDResolver
- Change-LockScreen - https://github.com/nccgroup/Change-Lockscreen
- RunAsTI (TrustedInstaller) - https://github.com/jschicht/RunAsTI
- CEFDebug - https://github.com/taviso/cefdebug
- Tokenvator - https://github.com/0xbadjuju/Tokenvator
- WSUSpect (doesn't work on Win10) - https://github.com/ctxis/wsuspect-proxy
- WSUSpendu - https://github.com/AlsidOfficial/WSUSpendu
- SeBackupPrivilege - https://github.com/giuliano108/SeBackupPrivilege
- Whisker - https://github.com/eladshamir/Whisker
- PyWhisker (Python version of Whisker) https://github.com/ShutdownRepo/pywhisker
- These attacks require Windows 2016 functional level to have the
msDs-KeyCredentialLinkobject attribute.
- PKINIT Tools - https://github.com/dirkjanm/PKINITtools
- Kernel Exploits (3+ year old repo) https://github.com/lucyoa/kernel-exploits
- NFSpy (exploiting/mounting NFS) - https://github.com/bonsaiviking/NfSpy
- Metasploit - https://github.com/rapid7/metasploit-framework
- Empire 2- https://github.com/BC-SECURITY/Empire
- Covenant - https://github.com/cobbr/Covenant
- PoshC2 - https://github.com/nettitude/PoshC2
- Sliver - https://github.com/BishopFox/sliver
- Sliver Scripting - https://github.com/moloch--/sliver-script
- Merlin - https://github.com/Ne0nd0g/merlin
- Koadic C3 - https://github.com/zerosum0x0/koadic
- SilentTrinity - https://github.com/byt3bl33d3r/SILENTTRINITY
- https://github.com/killswitch-GUI/CobaltStrike-ToolKit
- https://github.com/dcsync/pycobalt
- DNS Ftp (Download file over DNS) - https://github.com/breenmachine/dnsftp
- API key usage / hacks - https://github.com/streaak/keyhacks
- Jenkins PWN - https://github.com/gquere/pwn_jenkins
- CORStest (CORS scanner) - https://github.com/RUB-NDS/CORStest
- GAU (Gather All Links) - https://github.com/lc/gau
- GoWitness - https://github.com/sensepost/gowitness
- Hashcat - https://github.com/hashcat
- John the Ripper - https://github.com/magnumripper/JohnTheRipper
- OneRuleToRuleThemAll - https://github.com/NotSoSecure/password_cracking_rules
- Microsoft mask is really effective - https://github.com/xfox64x/Hashcat-Stuffs
- WordSmith - https://github.com/skahwah/wordsmith
- PwDB-Public - https://github.com/FlameOfIgnis/Pwdb-Public
- PurpleSpray - https://github.com/mvelazc0/PurpleSpray
- KerBrute - https://github.com/TarlogicSecurity/kerbrute
- Run shellcode (Windows or Unix via hex command line arg) - https://github.com/brimstone/go-shellcode
- Hershell - https://github.com/lesnuages/hershell
- DuffleBag (Search public EBS for secrets) - https://github.com/BishopFox/dufflebag
- UhOh356 - https://github.com/Raikia/UhOh365
- MSOLSpray - https://github.com/dafthack/MSOLSpray
- ROADtools - https://github.com/dirkjanm/ROADtools
- Master of Servers (Puppet, Cheff, Ansible exploitation) - https://github.com/master-of-servers/mose
- Chrome Password Dumper - https://github.com/roflsandwich/Chrome-Password-Dumper
- Browser Exploitation list - https://github.com/Escapingbug/awesome-browser-exploit
- Chrome Cookie stealer via Remote Debugging port - https://github.com/slyd0g/WhiteChocolateMacademiaNut
- BrowserPass (Steals Firefox and IE creds, but needs a lot of DLLs) - https://github.com/jabiel/BrowserPass
- https://github.com/UndeadSec/SocialFish
- Fudge (auto-download embedded files) - https://github.com/dale-ruane/fudge
- Wifi Phisher - https://github.com/wifiphisher/wifiphisher
- EAP Hammer - https://github.com/s0lst1c3/eaphammer
- Gralwer (git) - https://github.com/jregele/grawler (ShmooCon 2018)
- GitGot - https://github.com/BishopFox/GitGot
- Blacklist3r - https://github.com/NotSoSecure/Blacklist3r (ASP Machine Keys - DotNet Deserialization)
- Finding and exploiting Kubernetes - https://github.com/averonesis/kubolt
- Defeating BIOS passwords - https://github.com/skysafe/reblog/tree/master/0000-defeating-a-laptops-bios-password
- Routopsy (attack dynamic routing protocols) - https://github.com/sensepost/routopsy
- ThreatHunter's playbooks - https://github.com/hunters-forge/ThreatHunter-Playbook/
- BlueSPAWN - https://github.com/ION28/BLUESPAWN
- PeaceMaker - https://github.com/D4stiny/PeaceMaker
- OSCtrl (OSQuery open source management tool) - https://github.com/jmpsec/osctrl
- DetectionLab - https://github.com/clong/DetectionLab
- DynamicLabs - https://github.com/ctxis/DynamicLabs
- Mini-Internet using LXC - https://github.com/flesueur/mi-lxc
- Microsoft's Defend the Flag - https://github.com/microsoft/DefendTheFlag/
- Leonidas by @fsecurelabs https://github.com/fsecurelabs/leonidas
- Physical Docs - https://github.com/trustedsec/physical-docs
- Modern Binary Exploiration - https://github.com/RPISEC/MBE