danielmiessler/SecLists
1
0
Fork 0
mirror of https://github.com/danielmiessler/SecLists.git synced 2024-10-26 10:10:08 +03:00
Code Issues Projects Releases Wiki Activity
1,029 Commits 1 Branch 26 Tags 2.2 GiB
ac068e75b5
Commit Graph

1029 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
m4p0
ac068e75b5 Added Zyxel default username and password based on CVE-2020-29583 and CVE-2016-10401 2021-01-05 09:08:32 +01:00
g0tmi1k
9f4d672e98
Merge pull request #517 from righettod/master 
Add path to a common ManageEngine endpoint

Source: https://righettod.eu/#4-vulns
 2020-11-11 12:00:53 +00:00
g0tmi1k
ac861e371d
Merge pull request #509 from ArgentEnergy/spring-boot-redis 
Spring Boot Redis paths.
 2020-11-06 11:51:25 +00:00
g0tmi1k
e6333a39d6
Merge pull request #537 from g0tmi1k/misc 
dos2unix
 2020-11-04 11:46:58 +00:00
g0t mi1k
d4ebb09709 dos2unix 2020-11-04 11:45:59 +00:00
g0tmi1k
7d7b9f70e9
Merge pull request #536 from g0tmi1k/misc 
dos2unix
 2020-11-04 00:01:12 +00:00
g0t mi1k
50ec8b1dc6 dos2unix 2020-11-03 23:57:08 +00:00
g0tmi1k
12513fd8ad
Merge pull request #518 from clem9669/patch-5 
Adding nextcloud & owncloud to common.txt

Source: https://help.dreamhost.com/hc/en-us/articles/235545207-Step-by-step-guide-to-deploy-Nextcloud-on-DreamCompute
 2020-11-03 22:00:16 +00:00
g0tmi1k
2c64f30675
Merge pull request #513 from vulf/vulf/add_webshells_list 
Added a list of popular web shells

The list includes the filenames of webshells in https://github.com/xl7dev/WebShell , https://github.com/TheBinitGhimire/Web-Shells and FuzzDB.
 2020-11-03 14:11:05 +00:00
g0tmi1k
d21b80c755
Merge pull request #535 from Floppynator/patch-1 
Update email-top-100-domains.txt
 2020-11-03 12:16:28 +00:00
g0tmi1k
31d0f3f90b
Merge pull request #534 from shelld3v/patch-5 
Added Donald Trump leaked passwords (2016 + 2020)
 2020-11-03 12:12:44 +00:00
Chris H
08925a1fae
Update email-top-100-domains.txt 
added missing mail domain
 2020-11-03 13:06:10 +01:00
shelld3v
7f8c28c6e0
Added Donald Trump leaked passwords (2016 + 2020) 2020-11-03 18:55:07 +07:00
g0tmi1k
c0b6a73bb9
Merge pull request #533 from g0tmi1k/misc 
2020.4 Release
 2020-11-03 11:54:26 +00:00
g0t mi1k
4006e184ba Update CONTRIBUTORS 2020-11-03 11:53:17 +00:00
g0t mi1k
59a8f512af Add Magento webshells 2020-11-03 11:51:54 +00:00
g0t mi1k
75f5d656c1 Add Invisible control characters 2020-11-03 11:51:18 +00:00
g0tmi1k
6d164b9672
Merge pull request #527 from soufianetahiri/master 
Added actuator default paths and created new XSS fuzzing list

Source: https://docs.spring.io/spring-boot/docs/1.5.x/reference/html/production-ready-endpoints.html
 2020-11-03 11:39:11 +00:00
g0tmi1k
449d7a84cd
Merge pull request #528 from drwetter/patch-4 
Add CMS login

https://processwire.com/docs/security/admin/
 2020-11-02 21:12:18 +00:00
g0tmi1k
cea2a72bae
Merge pull request #506 from LabanSkollerDefensify/patch-1 
Add NDES and SCEP URLs

/certsrv/mscep/mscep.dll: https://docs.microsoft.com/en-us/mem/intune/protect/certificates-scep-configure
/certsrv/mscep_admin: https://social.technet.microsoft.com/wiki/contents/articles/9063.active-directory-certificate-services-ad-cs-network-device-enrollment-service-ndes.aspx
 2020-11-02 21:11:53 +00:00
g0tmi1k
a6c94e1798
Merge pull request #526 from m4p0/master 
Added default usernames for SAP
 2020-11-02 21:00:11 +00:00
g0tmi1k
d2fdef60e8
Merge pull request #525 from n3k00n3/master 
Adding passwords found on public leak from Nord.
 2020-11-02 20:59:44 +00:00
g0tmi1k
953255cc39
Merge pull request #523 from MusicGivesMeLife/master 
BiblePass Project
 2020-11-02 20:58:57 +00:00
g0tmi1k
fe2aa9e7b0
Merge pull request #521 from realArcherL/master 
Slight correction with version numbers from earlier PR also added new endpoints
 2020-11-02 20:57:49 +00:00
g0tmi1k
2ce45ec6b8
Merge pull request #512 from aayushsonu/master 
Update names.txt
 2020-11-02 19:07:19 +00:00
g0tmi1k
c2e6ced5fa
Merge pull request #505 from device33/patch-1 
Update apache.txt

source: https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/html/development_guide/sect-apache_mod_cluster-manager_application
 2020-11-02 19:06:07 +00:00
Dirk Wetter
f7577f68cb
Add CMS login 
Processwire is a CMS which I recently encountered during a pentest. /processwire is the login (compare /typo3 or /wp-login.php)
 2020-10-23 13:14:04 +02:00
Soufiane Tahiri
a100ade82e
Create XSS-Fuzzing 
High rate hit XSS payloads
 2020-10-23 10:56:16 +02:00
Soufiane Tahiri
a8e73cb425
Added actuator default paths 
Added actuator paths
 2020-10-23 10:51:19 +02:00
mapo
c9f5aedbc2 Added default usernames for SAP 2020-10-20 18:34:32 +02:00
Fernando Pinheiro
16593c1287 remove equal pass 2020-10-14 15:19:57 -03:00
Fernando Pinheiro
f139e0774f Adding passwords from PUBLIC leak 2020-10-14 15:15:22 -03:00
MusicGivesMeLife
2047e272cf
BiblePass Project 2020-10-06 00:58:51 -04:00
realArcherL
2d9b4effe7
Corrected the v3 repetition and added new ones. 
api and /graph
 2020-10-03 16:13:08 +05:30
realArcherL
56843de14a
Merge pull request #1 from danielmiessler/master 
Updating fork
 2020-10-03 16:08:52 +05:30
clem9669
6150a902f3
Adding nextcloud & owncloud to common.txt 
Nextcloud & ownCloud are two famous software for creating and using file hosting service.
PS: this adding might also be done on bigger discovery list because none of big list contains them
 2020-10-02 08:30:11 +00:00
Dominique RIGHETTO
fee58c17da
Add path to a common ManageEngine endpoint 
Add path to a endpoint often exposed to anonymous user by ManageEngine products.
See https://www.manageengine.com/
 2020-10-02 08:32:34 +02:00
vulf
84e78e898a Added a list of popular web shells 2020-10-01 19:34:44 +05:30
aayushsonu
cb1658be59
Update names.txt 2020-10-01 16:49:24 +05:30
ArgentEnergy
505a333e9f Spring Boot Redis paths. Discloses details of Redis version, amount of keys in each database, memory size, etc.... 2020-09-25 20:01:00 -03:00
Laban Sköllermark
940dc91637
Add NDES and SCEP URLs 
Microsoft Network Device Enrollment Service (NDES) is used to enroll
devices such as Cisco routers and iPhones with a device certificate
issued by Active Directory Certificate Services (ADCS) Certification
Authority (CA) via the Simple Certificate Enrollment Protocol (SCEP).

Add the following URLs:

* /certsrv/mscep_admin - admin page of Network Device Enrollment Service
  (NDES)
* /certsrv/mscep/mscep.dll - Simple Certificate Enrollment Protocol
  (SCEP) server endpoint
 2020-09-23 14:49:24 +02:00
device33
c126de81ab
Update apache.txt 
add mod_cluster-manager
 2020-09-23 10:55:23 +02:00
g0tmi1k
d5271820d0
Merge pull request #503 from Paradoxis/master 
Removed destructive SQL statements
 2020-09-17 14:16:24 +01:00
Luke Paris
52f1658a0c
Removed destructive SQL statements 
Those two lines are downright irresponsible, someone is going to use this list to fuzz a web application and accidentally nuke a production database.
 2020-09-17 15:02:40 +02:00
g0tmi1k
ca6bf04c05
Merge pull request #465 from dee-see/patch-1 
Add new Swagger UI path
 2020-09-16 07:30:38 +01:00
g0tmi1k
e4e65c3510
Merge pull request #478 from LethargicLeprechaun/master 
10-million-password-list-top-1000000.txt Corrections
 2020-09-16 07:30:17 +01:00
g0tmi1k
f1f3750803
Merge pull request #480 from haxxinen/patch-1 
Create quick-SQLi.txt
 2020-09-16 07:29:18 +01:00
g0tmi1k
3e29513e3b
Merge pull request #484 from realArcherL/patch-1 
Updated with more keywords and version numbers

- Source: https://youtu.be/NPDp7GHmMa0
 2020-09-16 07:28:58 +01:00
g0tmi1k
924c558fd8
Merge pull request #485 from drwetter/patch-4 
Create german_misc.txt
 2020-09-16 07:28:31 +01:00
g0tmi1k
fbe21a0c99
Merge pull request #492 from drwetter/fix_germanpw.txt 
Fix and extend German word list

Source: https://gist.github.com/MarvinJWendt/2f4f4154b8ae218600eb091a5706b5f4
 2020-09-16 07:27:37 +01:00