ONsec-Lab / SecLists
SecLists is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
☆11Updated 10 years ago
Alternatives and similar repositories for SecLists:
Users that are interested in SecLists are comparing it to the libraries listed below
- Python Implementation of a .NET Padding Oracle Assessment Tool☆30Updated 9 years ago
- Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)☆38Updated 9 years ago
- Burp plugin to do random fuzzing of HTTP requests☆33Updated 8 years ago
- XXE OOB Exploitation Toolset for Automation☆63Updated 11 years ago
- REST/JSON interface to Burp Suite☆33Updated 4 years ago
- Basic gui to run and display nmap scan results. Just a POC so far.☆31Updated 11 years ago
- ISR-sqlget It's a blind SQL injection tool developed in Perl.☆14Updated 12 years ago
- Updated version of SWFIntruder☆26Updated 8 years ago
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Updated 11 years ago
- PHDAYS |||☆17Updated 11 years ago
- Spray SMB with hashes, Then psexec☆32Updated 5 years ago
- This module is used to exploit startup script execution through Windows Group Policy settings when configured to run off of a remote SMB …☆22Updated 5 years ago
- Generates Flash based CORS CSRF Proof of Concepts that can be sent directly to clients☆14Updated 11 years ago
- ActionScript Proof of Concept to perform cross-domain reads☆16Updated 11 years ago
- Python object interface to requests/responses recorded by Burp Suite☆36Updated 5 years ago
- Faraday Continuous Scanning☆34Updated 8 years ago
- Projects and POCs☆60Updated 10 years ago
- ☆23Updated 10 years ago
- Burp extension that checks for interesting and security headers☆43Updated 4 years ago
- Penetration Testing Tools Developed by AppSec Consulting.☆48Updated 6 years ago
- Automating SQL injection using Burp Proxy Logs and SQLMap☆27Updated 12 years ago
- Juniper backdoor☆13Updated 9 years ago
- Burp plugin which supports in finding privilege escalation vulnerabilities☆40Updated 3 years ago
- An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match☆42Updated 12 years ago
- Scan web server for known webshell names and responses☆50Updated 8 years ago
- [DEPRECATED] Hiccup is a framework that allows the Burp Suite (a web application security testing tool, http://portswigger.net/burp/) to …☆42Updated 6 years ago
- Axis2 RPC Shell☆15Updated 9 years ago
- BurpSuite extension to assist with Automated Forced Browsing/Endpoint Enumeration☆23Updated 7 years ago
- Demo server for testing Java deserialization payloads☆15Updated 8 years ago
- PHP Source Code Analyzer written in Perl (taint checking)☆18Updated 4 years ago