This is just a list of repositories I tend to find useful or interesting... Not sure how well sorting will work out...
- https://github.com/swisskyrepo/PayloadsAllTheThings
- https://www.ired.team/
- https://github.com/danielmiessler/SecLists
- https://gtfobins.github.io/
- https://lolbas-project.github.io/
- https://github.com/trimstray/the-book-of-secret-knowledge
- https://github.com/xapax/security
- LinkedIn Intel - https://github.com/vysecurity/LinkedInt
- WeakestLink (LinkedIn) - https://github.com/shellfarmer/WeakestLink
- Gather Contacts (Google) - https://github.com/clr2of8/GatherContacts
- https://github.com/rvrsh3ll/eavesarp (Watches ARP for inter-IP communication)
- https://github.com/mzfr/gtfo (Located GTFO/LOLBAS binaries on disk)
- PXE CLient - https://github.com/Meatballs1/PXEClient
- RustScan - https://github.com/RustScan/RustScan
- https://github.com/BloodHoundAD/BloodHound
- https://github.com/BloodHoundAD/SharpHound3
- https://github.com/fox-it/BloodHound.py
- Bloodhound Import (direct import into Neo4j) - https://github.com/fox-it/bloodhound-import
- Cypheroth (Awesome bloodhound query repo) - https://github.com/seajaysec/cypheroth
- "Custom Queries" (another bloodhound query repo) - https://github.com/awsmhacks/awsmBloodhoundCustomQueries
- Cheat Sheet - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
- PywerView (Python version of PowerView) - https://github.com/the-useless-one/pywerview
- Grouper2 - https://github.com/l0ss/Grouper2
- ALCPwn (connects to Neo4j and executes changes) https://github.com/fox-it/aclpwn.py
- https://github.com/gentilkiwi/mimikatz
- https://github.com/gentilkiwi/kekeo
- Invoke-UpdateMimikatzScript.ps1 - https://gist.github.com/ihack4falafel/8b41d810d79cb16a4b1bca5ff6600b17
- https://github.com/ropnop/kerbrute
- Kerbeos Attack Cheatsheet - https://gist.github.com/TarlogicSecurity/2f221924fef8c14a1d8e29f3cb5c5c4a
- https://github.com/GhostPack/SharpDump
- SharPersist (persistence automation) - https://github.com/fireeye/SharPersist
- https://github.com/rasta-mouse/MiscTools
- Watson (looks for missing patches) - https://github.com/rasta-mouse/Watson
- CertEXP (Extracts exportable certificates) - https://github.com/mubix/certexp
- Internal Monologue (steal creds w/o admin) - https://github.com/eladshamir/Internal-Monologue
- ProcessInjection - https://github.com/ZeroPointSecurity/ProcessInjection
- ConfuserEx - https://github.com/mkaring/ConfuserEx
- https://github.com/Illuminopi/RCEvil.NET
- YSoSerial.net - https://github.com/pwntester/ysoserial.net
- PowerSploit DEV branch - https://github.com/PowerShellMafia/PowerSploit/tree/dev
- PowerUpSQL - https://github.com/NetSPI/PowerUpSQL
- PowerMAD - https://github.com/Kevin-Robertson/Powermad
- Inveigh - https://github.com/Kevin-Robertson/Inveigh
- Spooler bug PS1 Exploit / Original PoC - https://github.com/leechristensen/SpoolSample
- DAMP - Remote registry exploitation - https://github.com/HarmJ0y/DAMP
- LethalHTA (DCOM to load HTA remotely) - https://github.com/codewhitesec/LethalHTA
- Excel4DCOM (DCOM to load Excel 4 macro) - https://github.com/outflanknl/Excel4-DCOM
- LSASSY (Remotely dump LSASS memory) - https://github.com/Hackndo/lsassy
- Change-LockScreen - https://github.com/nccgroup/Change-Lockscreen
- RunAsTI (TrustedInstaller) - https://github.com/jschicht/RunAsTI
- CEFDebug - https://github.com/taviso/cefdebug
- Tokenvator - https://github.com/0xbadjuju/Tokenvator
- WSUSpect (doesn't work on Win10) - https://github.com/ctxis/wsuspect-proxy
- WSUSpendu - https://github.com/AlsidOfficial/WSUSpendu
- SeBackupPrivilege - https://github.com/giuliano108/SeBackupPrivilege
- Pinjectra - https://github.com/SafeBreach-Labs/pinjectra
- Kernel Exploits (3+ year old repo) https://github.com/lucyoa/kernel-exploits
- NFSpy (exploiting/mounting NFS) - https://github.com/bonsaiviking/NfSpy
- Metasploit - https://github.com/rapid7/metasploit-framework
- Empire 2- https://github.com/BC-SECURITY/Empire
- Covenant - https://github.com/cobbr/Covenant
- PoshC2 - https://github.com/nettitude/PoshC2
- Sliver - https://github.com/BishopFox/sliver
- Merlin - https://github.com/Ne0nd0g/merlin
- Koadic C3 - https://github.com/zerosum0x0/koadic
- SilentTrinity - https://github.com/byt3bl33d3r/SILENTTRINITY
- DNS Ftp (Download file over DNS) - https://github.com/breenmachine/dnsftp
- API key usage / hacks - https://github.com/streaak/keyhacks
- Jenkins PWN - https://github.com/gquere/pwn_jenkins
- CORStest (CORS scanner) - https://github.com/RUB-NDS/CORStest
- ABPTTS - https://github.com/nccgroup/ABPTTS
- Hashcat - https://github.com/hashcat
- John the Ripper - https://github.com/magnumripper/JohnTheRipper
- OneRuleToRuleThemAll - https://github.com/NotSoSecure/password_cracking_rules
- WordSmith - https://github.com/skahwah/wordsmith
- PwDB-Public - https://github.com/FlameOfIgnis/Pwdb-Public
- PurpleSpray - https://github.com/mvelazc0/PurpleSpray
- KerBrute - https://github.com/TarlogicSecurity/kerbrute
- Patator - https://github.com/lanjelot/patator
- Run shellcode (Windows or Unix via hex command line arg) - https://github.com/brimstone/go-shellcode
- Hershell - https://github.com/lesnuages/hershell
- DuffleBag (Search public EBS for secrets) - https://github.com/BishopFox/dufflebag
- UhOh356 - https://github.com/Raikia/UhOh365
- MSOLSpray - https://github.com/dafthack/MSOLSpray
- Master of Servers (Puppet, Cheff, Ansible exploitation) - https://github.com/master-of-servers/mose
- Chrome Password Dumper - https://github.com/roflsandwich/Chrome-Password-Dumper
- Browser Exploitation list - https://github.com/Escapingbug/awesome-browser-exploit
- https://github.com/UndeadSec/SocialFish
- Fudge (auto-download embedded files) - https://github.com/dale-ruane/fudge
- Wifi Phisher - https://github.com/wifiphisher/wifiphisher
- EAP Hammer - https://github.com/s0lst1c3/eaphammer
- Gralwer (git) - https://github.com/jregele/grawler (ShmooCon 2018)
- GitGot - https://github.com/BishopFox/GitGot
- Blacklist3r - https://github.com/NotSoSecure/Blacklist3r (ASP Machine Keys - DotNet Deserialization)
- Finding and exploiting Kubernetes - https://github.com/averonesis/kubolt
- Defeating BIOS passwords - https://github.com/skysafe/reblog/tree/master/0000-defeating-a-laptops-bios-password
- ThreatHunter's playbooks - https://github.com/hunters-forge/ThreatHunter-Playbook/
- BlueSPAWN - https://github.com/ION28/BLUESPAWN
- DetectionLab - https://github.com/clong/DetectionLab
- Mini-Internet using LXC - https://github.com/flesueur/mi-lxc
- Squalr - https://github.com/Squalr/Squalr
- Physical Docs - https://github.com/trustedsec/physical-docs