danielmiessler/SecLists
1
0
Fork 0
mirror of https://github.com/danielmiessler/SecLists.git synced 2024-09-11 10:55:33 +03:00
Code Issues Projects Releases Wiki Activity
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and m
153 Commits 1 Branch 26 Tags 2 GiB
PHP 52.8%
Python 15.5%
Classic ASP 11.7%
Shell 7.1%
Perl 3.8%
Other 9.1%
232ce766d9
Go to file
Daniel Miessler 232ce766d9 Moar structure.
2015-08-04 11:20:14 -07:00
Discovery Moar structure. 2015-08-04 11:20:14 -07:00
Fuzzing Moar directory motionz. 2015-08-04 10:53:50 -07:00
IOCs added some DNS prefixes 2014-02-19 22:41:44 +00:00
Miscellaneous Updating project structure. 2015-08-04 10:38:59 -07:00
Passwords Updating project structure. 2015-08-04 10:34:44 -07:00
Pattern_Matching Moar structure. 2015-08-04 11:20:14 -07:00
Payloads Moar structure. 2015-08-04 11:20:14 -07:00
Usernames Remove outdated family names 2014-10-03 19:30:56 +01:00
.gitignore Moar structure. 2015-08-04 11:20:14 -07:00
README.md Updated readme with attribution clarification. 2015-08-04 10:57:26 -07:00

README.md

About

SecLists is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more. The goal is to enable a security tester to pull this repo onto a new testing box and have access to every type of list that may be needed.

This project is maintained by Daniel Miessler and Jason Haddix.

Contributing

If you have any ideas for things we should include, please use one of the following methods to submit them:

  1. Fork the project and send us pull requests
  2. Send us links through this project, and we'll go and parse them and incorporate them
  3. Email daniel.miessler@owasp.org or jason.haddix@owasp.org with content to add

An effort is made to give attribution for these lists whenever possible, and if you are a list owner or know who the original author/curator is, please let us know so we can give proper credit.

Attribution

  • Ron Bowes of SkullSecurity for collaborating and including all his lists here
  • Clarkson University for their research that led to the Clarkson list
  • All the authors listed in the XSS with context doc, which was found on pastebin and added to by us
  • Ferruh Mavitina for the begginings of the LFI Fuzz list
  • Adam Muntner and for the FuzzDB content, including all authors from the FuzzDB project
  • Kevin Johnson for laudnaum shells
  • RSnake for fierce hostname list
  • Charlie Campbell for Spanish word list, numerous other contributions
  • Rob Fuller for the IZMY list
  • shipCod3 for an SSH user/pass list
  • Steve Crapo for doing splitting work on a number of large lists
  • Thanks to Blessen Thomas for recommending Mario's/cure53's XSS vectors

::