Hackers are exploiting misconfigured web applications used for security testing to breach Fortune 500 companies. An investigation revealed that over 1,900 vulnerable applications were exposed, allowing attackers to deploy crypto miners and webshells. Many of these apps used default credentials and lacked proper security measures.

This article introduces a curated list of hacking tools suitable for hackers, pentesters, and security researchers. Users can easily clone the repository and update it with simple commands. Contributions to the list are welcome.