I use 1Password password manager for saving all my passwords, various other credentials and private notes and it has been a lifesaver thus far. Having a unique password for all my accounts and using 2FA wherever available means I should be quite safe in case any of my accounts gets breached or the password gets leaked.
Lynis - Security auditing and hardening tool, for UNIX-based systems.
SeKey - Use Touch ID / Secure Enclave for SSH Authentication.
SOPS - Editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault and PGP.
ClusterFuzz - Scalable fuzzing infrastructure which finds security and stability issues in software.
RAMBleed - Reading Bits in Memory Without Accessing Them.
Sliver - General purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS.
Infosec_Reference - Information Security Reference That Doesn't Suck.
Messaging Layer Security (MLS) - Security layer for encrypting messages in groups of size two to many.
Molasses - Rust implementation of the Message Layer Security group messaging protocol.
mkcert - Simple zero-config tool to make locally trusted development certificates with any names you'd like.
Boulder - ACME-based CA, written in Go.
HoneyTrap - Extensible and opensource system for running, monitoring and managing honeypots.
Flan Scan - Lightweight network vulnerability scanner.
Hardenize - Meet the new standard for network and security configuration monitoring.
american fuzzy lop - Security-oriented fuzzer.
Pwnagotchi - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.
camo - HTTP proxy to route images through SSL. Making insecure assets look secure.
Vault - Tool for secrets management, encryption as a service, and privileged access management.