- OWASP Favicon DB: https://wiki.owasp.org/index.php/OWASP_favicon_database
- Find Sites Tech Stack: https://www.wappalyzer.com/
- Fuff, Fast Fuzzer: https://github.com/ffuf/ffuf
- Command Injection Cheatsheet: https://github.com/payloadbox/command-injection-payload-list
- File Format Magic Numbers: https://en.wikipedia.org/wiki/List_of_file_signatures
- List of MiME Media Types: https://www.iana.org/assignments/media-types/media-types.xhtml
This is a GitHub Infoshare that lists a ton of useful burp suite extensions https://github.com/snoopysecurity/awesome-burp-extensions
- URL Gatherer: https://github.com/hakluke/hakrawler
- Find attack surfaces: https://github.com/michenriksen/aquatone
- Http probe: https://github.com/tomnomnom/httprobe
- Check valid sites httpx: https://github.com/projectdiscovery/httpx
- Asset Discovery: [https://github.com/OWASP/Amass]
- Site Rep and info: https://urlscan.io/