ONsec-Lab / SecLists
SecLists is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
☆11Updated 10 years ago
Alternatives and similar repositories for SecLists:
Users that are interested in SecLists are comparing it to the libraries listed below
- Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)☆39Updated 8 years ago
- Burp plugin to do random fuzzing of HTTP requests☆33Updated 7 years ago
- ☆22Updated 9 years ago
- Generates Flash based CORS CSRF Proof of Concepts that can be sent directly to clients☆14Updated 11 years ago
- Simple socket-based gateway to the Burp Collaborator☆33Updated 8 years ago
- Python Implementation of a .NET Padding Oracle Assessment Tool☆30Updated 9 years ago
- ActionScript Proof of Concept to perform cross-domain reads☆16Updated 11 years ago
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Updated 11 years ago
- [DEPRECATED] Hiccup is a framework that allows the Burp Suite (a web application security testing tool, http://portswigger.net/burp/) to …☆42Updated 6 years ago
- Updated version of SWFIntruder☆26Updated 8 years ago
- Axis2 RPC Shell☆15Updated 9 years ago
- REST/JSON interface to Burp Suite☆33Updated 4 years ago
- XXE OOB Exploitation Toolset for Automation☆63Updated 11 years ago
- cve-2014-0130 rails directory traversal vuln☆18Updated 7 years ago
- Study about HQL injection exploitation.☆49Updated 8 years ago
- Modified version of ActiveScan++ Burp Suite extension☆31Updated 8 years ago
- Some exploits for ZeroNights 0x03☆37Updated 9 years ago
- Repository aimed to compile scripts and tools that can be used during penetration tests to assess the security of different flash related…☆10Updated 10 years ago
- Penetration Testing Tools Developed by AppSec Consulting.☆48Updated 6 years ago
- Tainted PhantomJS☆53Updated 9 years ago
- Spray SMB with hashes, Then psexec☆32Updated 5 years ago
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Updated 6 years ago
- Files from Zeronights presentation.☆28Updated 12 years ago
- CVE-2017-10271 WEBLOGIC RCE (TESTED)☆37Updated 7 years ago
- PHDAYS |||☆17Updated 11 years ago
- Juniper backdoor☆13Updated 9 years ago
- OWASP Skanda - SSRF Exploitation Framework☆37Updated 11 years ago
- Burp scanner plugin based on Vulners.com vulnerability database☆26Updated 7 years ago
- Projects and POCs☆59Updated 10 years ago
- Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).☆14Updated last year