SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
☆15Apr 5, 2019Updated 6 years ago
Alternatives and similar repositories for SecLists
Users that are interested in SecLists are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Metasploit Framework☆11Apr 18, 2019Updated 6 years ago
- Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren…☆16Feb 27, 2018Updated 8 years ago
- E-mails, subdomains and names Harvester - OSINT☆13Feb 26, 2018Updated 8 years ago
- A swiss army knife for pentesting Windows/Active Directory environments☆14May 29, 2018Updated 7 years ago
- ☆19Apr 29, 2015Updated 10 years ago
- Find wifi channel with least interference☆54Jul 21, 2019Updated 6 years ago
- Template for asynchronously controlling meterpreter sessions☆13Jun 19, 2018Updated 7 years ago
- MS17-010☆12Oct 25, 2017Updated 8 years ago
- Catch IMAP/POP passwords and see incoming and outgoing messages☆16Sep 15, 2013Updated 12 years ago
- Sniffs an interface/pcap file and concatenates fragmented packet loads☆22Feb 26, 2015Updated 11 years ago
- Search google for shellshock vulnerable sites☆27Oct 10, 2014Updated 11 years ago
- USBdriveby exploits the trust of USB devices by emulating an HID keyboard and mouse, installing a firewall-evading backdoor, and reroutin…☆10Dec 23, 2014Updated 11 years ago
- New Honeypot Version: 1.2! This pH7CMS module is a simple but effective honeypot fake Admin CP for the security of your website. Honey…☆12Aug 3, 2018Updated 7 years ago
- .Net library to create Maltego transformations.☆17Feb 11, 2025Updated last year
- Obtain handshakes from networks out of your range!☆27Sep 20, 2021Updated 4 years ago
- Standalone, local-runnable binaries of popular linux distributions☆10Dec 15, 2021Updated 4 years ago
- Rust-based password mutator for brute force attacks☆13Mar 21, 2025Updated last year
- Find data about you or an individual from various online public records☆30May 26, 2017Updated 8 years ago
- Run server code on a remote host without installing anything on the server. (git import of danderson's hg repo)☆31Jun 25, 2012Updated 13 years ago
- This extension redacts potentially sensitive header and parameter values from requests using Shannon Entropy analysis.☆13Dec 29, 2020Updated 5 years ago
- Async'ly gather unique usernames thru null SMB sessions and bruteforce them with 2 passwords☆51Oct 24, 2017Updated 8 years ago
- A curated list of websites which do not load any obtrusive 3rd party content☆11Dec 7, 2021Updated 4 years ago
- Use shodan API to find Pi-hole IP and steal [blacklist]☆20Aug 12, 2019Updated 6 years ago
- ☆16Sep 1, 2017Updated 8 years ago
- Prints the IPs on your local network that're sending the most packets☆155Jul 20, 2021Updated 4 years ago
- A list of useful payloads and bypass for Web Application Security and Pentest/CTF☆12May 21, 2024Updated last year
- A tiny batch script for downloading all ableton live packs.☆11Jun 23, 2021Updated 4 years ago
- A Pictorial Book of Tor Hidden Services.☆26Dec 1, 2017Updated 8 years ago
- Interview questions to screen offensive (red team/pentest) candidates�☆12Apr 7, 2017Updated 8 years ago
- Fresh HQ Combo List For Cracking☆10Sep 13, 2021Updated 4 years ago
- html5 port of earf (software terrain renderer)☆21Feb 21, 2014Updated 12 years ago
- 🎮 Magisk module all-in-one tweak for gaming experience.☆10Feb 8, 2022Updated 4 years ago
- Custom pentesting tools☆16Dec 11, 2019Updated 6 years ago
- Wi-Fi based covert channel that hides information in hand crafted acknowledgement frames imitating additional channel effects that can be…☆26Apr 1, 2018Updated 7 years ago
- Show your Instagram profile on your website. 🌈☆27Jan 13, 2022Updated 4 years ago
- Схемы asn.1 из приказа минкомсвязи России 573 от 29.10.2018☆11May 19, 2019Updated 6 years ago
- Public API client for GETTR, a "non-bias [sic] social network," designed for data archival and analysis.☆13Jun 21, 2022Updated 3 years ago
- A full-fledged msfrpc library for Metasploit framework.☆13Aug 5, 2017Updated 8 years ago
- Messing Apple devices on the network with CVE-2018-4407 (heap overflow in bad packet handling)☆25Dec 4, 2018Updated 7 years ago