SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
☆17Feb 10, 2016Updated 10 years ago
Alternatives and similar repositories for SecLists
Users that are interested in SecLists are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A script that parses nmap.xml output, identifies all SSL services and automatically performs an sslscan of each service☆14Jul 2, 2025Updated 11 months ago
- It checks how secure the program you made is and shows how vulnerable your program is.☆20Apr 20, 2017Updated 9 years ago
- Generates Flash based CORS CSRF Proof of Concepts that can be sent directly to clients☆14Jul 3, 2013Updated 12 years ago
- Image size issues plugin for Burp Suite☆95Jun 27, 2018Updated 8 years ago
- Repository aimed to compile scripts and tools that can be used during penetration tests to assess the security of different flash related…☆10Jan 5, 2015Updated 11 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A tool for automated MITM attacks on SSL connections.☆22May 18, 2012Updated 14 years ago
- The PDF Metadata Burp Extension provides an additional passive Scanner check for metadata in PDF files.☆11Jan 10, 2017Updated 9 years ago
- Analyzes open source bug trackers for interesting vulnerabilities☆23Feb 3, 2015Updated 11 years ago
- ☆13May 28, 2013Updated 13 years ago
- Automatically parse and tabulate Nessus findings into OpenDocument tables☆11Dec 15, 2015Updated 10 years ago
- Burp extension to increment a parameter in each active scan request☆13Jul 16, 2025Updated 11 months ago
- Custom stagers with python encrypting proxy☆40May 25, 2015Updated 11 years ago
- Simple proxy designed to intercept and modify connections on the transport level. This means you can also modify TLS raw bytes.☆17Dec 13, 2021Updated 4 years ago
- Working Rsh Client With Bind/Reverse Shell☆19Sep 15, 2015Updated 10 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Decrypt MITM SSL RDP and save to pcap☆53May 1, 2014Updated 12 years ago
- Tools for NTDS.dit☆17Apr 26, 2018Updated 8 years ago
- Application Security Vulnerability Periodic Table☆14Aug 25, 2014Updated 11 years ago
- morphHTA - Morphing Cobalt Strike's evil.HTA☆11Jun 3, 2017Updated 9 years ago
- Vulnerable Grails application☆43Jun 12, 2015Updated 11 years ago
- ☆37Feb 12, 2018Updated 8 years ago
- Local privilege escalation scripts and tools☆17Aug 4, 2016Updated 9 years ago
- event shipper for Carbon Black Defense notifications☆10Feb 25, 2023Updated 3 years ago
- Comprehensive parsing script for grepable Nmap output files. Provides a summary table, split hosts files, and URLs for web and SMB hosts.☆19Apr 17, 2020Updated 6 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A CUI Struts2 Vulnerability Exploit☆16Jul 29, 2016Updated 9 years ago
- Windows Offline Common Password Hash Checker☆29Aug 9, 2016Updated 9 years ago
- Tiny payload for transfer via LOKI - Provides high speed Virtual Channel two way file transfer capabilities☆27Feb 23, 2015Updated 11 years ago
- ☆64Feb 12, 2022Updated 4 years ago
- A scoreboard for Security CTF events☆37Dec 11, 2012Updated 13 years ago
- A tool to analyse JMX API security level.☆44Jul 23, 2014Updated 11 years ago
- An automated SMB relay exploitation script.☆153Oct 11, 2016Updated 9 years ago
- Just another tool to screenshot web servers☆16Feb 8, 2023Updated 3 years ago
- Yet another cross compiling reverse/bind payload generator written in Go.☆12Sep 22, 2021Updated 4 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Speeds up the extraction of password hashes from ntds.dit files. For use with the ntdsxtract project or the dshash script☆26Feb 1, 2024Updated 2 years ago
- A security scanner for Wordpress blogging engine☆32May 11, 2016Updated 10 years ago
- Clickjacking Proof-of-Concept Exploit☆26Oct 1, 2020Updated 5 years ago
- A command line tool that sends its input data to a running procmon instance.☆16Feb 24, 2017Updated 9 years ago
- Networking exploration in golang to build a security enhanced version of netcat☆10Feb 20, 2018Updated 8 years ago
- A websocket proxy☆54Nov 13, 2017Updated 8 years ago
- RSSGen 是一个使用 Python/Nodejs 语言编写并运 行于 Leancloud 平台的简单应用。该应用允许用户通过编写规则来抓取网站的内容并生成一个 RSS☆14Mar 8, 2018Updated 8 years ago